From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: Richard Henderson <richard.henderson@linaro.org>
Subject: [PULL 08/46] target/i386: reimplement check for validity of LOCK prefix
Date: Sun, 31 Dec 2023 09:44:24 +0100 [thread overview]
Message-ID: <20231231084502.235366-9-pbonzini@redhat.com> (raw)
In-Reply-To: <20231231084502.235366-1-pbonzini@redhat.com>
The previous check erroneously allowed CMP to be modified with LOCK.
Instead, tag explicitly the instructions that do support LOCK.
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 17 ++++++++++-------
target/i386/tcg/decode-new.h | 3 +++
target/i386/tcg/emit.c.inc | 5 -----
3 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 232c6a45c96..5eb2e9d0224 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -151,6 +151,7 @@
#define cpuid(feat) .cpuid = X86_FEAT_##feat,
#define xchg .special = X86_SPECIAL_Locked,
+#define lock .special = X86_SPECIAL_HasLock,
#define mmx .special = X86_SPECIAL_MMX,
#define zext0 .special = X86_SPECIAL_ZExtOp0,
#define zext2 .special = X86_SPECIAL_ZExtOp2,
@@ -1103,10 +1104,6 @@ static int decode_modrm(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
{
int modrm = get_modrm(s, env);
if ((modrm >> 6) == 3) {
- if (s->prefix & PREFIX_LOCK) {
- decode->e.gen = gen_illegal;
- return 0xff;
- }
op->n = (modrm & 7);
if (type != X86_TYPE_Q && type != X86_TYPE_N) {
op->n |= REX_B(s);
@@ -1881,6 +1878,9 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
if (decode.op[0].has_ea) {
s->prefix |= PREFIX_LOCK;
}
+ decode.e.special = X86_SPECIAL_HasLock;
+ /* fallthrough */
+ case X86_SPECIAL_HasLock:
break;
case X86_SPECIAL_ZExtOp0:
@@ -1909,6 +1909,12 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
break;
}
+ if (s->prefix & PREFIX_LOCK) {
+ if (decode.e.special != X86_SPECIAL_HasLock || !decode.op[0].has_ea) {
+ goto illegal_op;
+ }
+ }
+
if (!validate_vex(s, &decode)) {
return;
}
@@ -1952,9 +1958,6 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
gen_load_ea(s, &decode.mem, decode.e.vex_class == 12);
}
if (s->prefix & PREFIX_LOCK) {
- if (decode.op[0].unit != X86_OP_INT || !decode.op[0].has_ea) {
- goto illegal_op;
- }
gen_load(s, &decode, 2, s->T1);
decode.e.gen(s, env, &decode);
} else {
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index e6c904a3192..611bfddd957 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -158,6 +158,9 @@ typedef enum X86InsnCheck {
typedef enum X86InsnSpecial {
X86_SPECIAL_None,
+ /* Accepts LOCK prefix; LOCKed operations do not load or writeback operand 0 */
+ X86_SPECIAL_HasLock,
+
/* Always locked if it has a memory operand (XCHG) */
X86_SPECIAL_Locked,
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index d444d83e534..98c4c9569ef 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -55,11 +55,6 @@ static void gen_NM_exception(DisasContext *s)
gen_exception(s, EXCP07_PREX);
}
-static void gen_illegal(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
-{
- gen_illegal_opcode(s);
-}
-
static void gen_load_ea(DisasContext *s, AddressParts *mem, bool is_vsib)
{
TCGv ea = gen_lea_modrm_1(s, *mem, is_vsib);
--
2.43.0
next prev parent reply other threads:[~2023-12-31 8:51 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-31 8:44 [PULL 00/46] (mostly) target/i386 and meson changes for 2023-12-31 Paolo Bonzini
2023-12-31 8:44 ` [PULL 01/46] configure: use a native non-cross compiler for linux-user Paolo Bonzini
2023-12-31 8:44 ` [PULL 02/46] target/i386: optimize computation of JL and JLE from flags Paolo Bonzini
2023-12-31 8:44 ` [PULL 03/46] target/i386: speedup JO/SETO after MUL or IMUL Paolo Bonzini
2023-12-31 8:44 ` [PULL 04/46] target/i386: remove unnecessary arguments from raise_interrupt Paolo Bonzini
2023-12-31 8:44 ` [PULL 05/46] target/i386: remove unnecessary truncations Paolo Bonzini
2023-12-31 8:44 ` [PULL 06/46] target/i386: clean up cpu_cc_compute_all Paolo Bonzini
2023-12-31 8:44 ` [PULL 07/46] target/i386: document more deviations from the manual Paolo Bonzini
2023-12-31 8:44 ` Paolo Bonzini [this message]
2023-12-31 8:44 ` [PULL 09/46] target/i386: avoid trunc and ext for MULX and RORX Paolo Bonzini
2023-12-31 8:44 ` [PULL 10/46] target/i386: rename zext0/zext2 and make them closer to the manual Paolo Bonzini
2023-12-31 8:44 ` [PULL 11/46] target/i386: add X86_SPECIALs for MOVSX and MOVZX Paolo Bonzini
2023-12-31 8:44 ` [PULL 12/46] target/i386: do not decode string source/destination into decode->mem Paolo Bonzini
2023-12-31 8:44 ` [PULL 13/46] target/i386: do not clobber A0 in POP translation Paolo Bonzini
2023-12-31 8:44 ` [PULL 14/46] target/i386: do not clobber T0 on string operations Paolo Bonzini
2023-12-31 8:44 ` [PULL 15/46] target/i386: split eflags computation out of gen_compute_eflags Paolo Bonzini
2023-12-31 8:44 ` [PULL 16/46] target/i386: do not use s->tmp4 for push Paolo Bonzini
2023-12-31 8:44 ` [PULL 17/46] target/i386: do not use s->tmp0 for jumps on ECX ==/!= 0 Paolo Bonzini
2023-12-31 8:44 ` [PULL 18/46] target/i386: prepare for implementation of STOS/SCAS in new decoder Paolo Bonzini
2023-12-31 8:44 ` [PULL 19/46] target/i386: move operand load and writeback out of gen_cmovcc1 Paolo Bonzini
2023-12-31 8:44 ` [PULL 20/46] target/i386: adjust decoding of J operand Paolo Bonzini
2023-12-31 8:44 ` [PULL 21/46] target/i386: introduce flags writeback mechanism Paolo Bonzini
2023-12-31 8:44 ` [PULL 22/46] target/i386: implement CMPccXADD Paolo Bonzini
2023-12-31 8:44 ` [PULL 23/46] target/i386: the sgx_epc_get_section stub is reachable Paolo Bonzini
2023-12-31 8:44 ` [PULL 24/46] esp: check for NULL result from scsi_device_find() Paolo Bonzini
2023-12-31 8:44 ` [PULL 25/46] meson: fix type of "relocatable" option Paolo Bonzini
2023-12-31 8:44 ` [PULL 26/46] meson: remove unused variable Paolo Bonzini
2023-12-31 8:44 ` [PULL 27/46] meson: use version_compare() to compare version Paolo Bonzini
2023-12-31 8:44 ` [PULL 28/46] Makefile: clean qemu-iotests output Paolo Bonzini
2023-12-31 8:44 ` [PULL 29/46] configure: remove unnecessary subshell Paolo Bonzini
2023-12-31 8:44 ` [PULL 30/46] configure: unify again the case arms in probe_target_compiler Paolo Bonzini
2023-12-31 8:44 ` [PULL 31/46] meson: add more sections to main meson.build Paolo Bonzini
2023-12-31 8:44 ` [PULL 32/46] meson: move program checks together Paolo Bonzini
2023-12-31 8:44 ` [PULL 33/46] meson: move option validation together Paolo Bonzini
2023-12-31 8:44 ` [PULL 34/46] meson: move accelerator dependency checks together Paolo Bonzini
2023-12-31 8:44 ` [PULL 35/46] meson: keep subprojects together Paolo Bonzini
2023-12-31 8:44 ` [PULL 36/46] meson: move CFI detection code with other compiler flags Paolo Bonzini
2023-12-31 8:44 ` [PULL 37/46] meson: move config-host.h definitions together Paolo Bonzini
2023-12-31 8:44 ` [PULL 38/46] meson: move subdirs to "Collect sources" section Paolo Bonzini
2023-12-31 8:44 ` [PULL 39/46] meson: always probe u2f and canokey if the option is enabled Paolo Bonzini
2023-12-31 8:44 ` [PULL 40/46] meson: remove OS definitions from config_targetos Paolo Bonzini
2023-12-31 8:44 ` [PULL 41/46] meson: remove CONFIG_POSIX and CONFIG_WIN32 " Paolo Bonzini
2023-12-31 8:44 ` [PULL 42/46] meson: remove config_targetos Paolo Bonzini
2023-12-31 8:44 ` [PULL 43/46] meson: remove CONFIG_ALL Paolo Bonzini
2023-12-31 8:45 ` [PULL 44/46] meson: rename config_all Paolo Bonzini
2023-12-31 8:45 ` [PULL 45/46] configure, meson: rename targetos to host_os Paolo Bonzini
2023-12-31 8:45 ` [PULL 46/46] meson.build: report graphics backends separately Paolo Bonzini
2024-01-05 12:53 ` [PULL 00/46] (mostly) target/i386 and meson changes for 2023-12-31 Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231231084502.235366-9-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).