From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:33869)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1bACF4-0008CC-MV
	for qemu-devel@nongnu.org; Tue, 07 Jun 2016 04:20:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1bACF0-0003a1-EQ
	for qemu-devel@nongnu.org; Tue, 07 Jun 2016 04:20:06 -0400
Received: from mail-wm0-x241.google.com ([2a00:1450:400c:c09::241]:34263)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1bACF0-0003Zq-84
	for qemu-devel@nongnu.org; Tue, 07 Jun 2016 04:20:02 -0400
Received: by mail-wm0-x241.google.com with SMTP id n184so22087224wmn.1
	for <qemu-devel@nongnu.org>; Tue, 07 Jun 2016 01:20:01 -0700 (PDT)
Sender: Paolo Bonzini <paolo.bonzini@gmail.com>
References: <875.280801165168$1465286930@news.gmane.org>
From: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <85433aee-e2f1-1b29-ca7e-d2056da39a0d@redhat.com>
Date: Tue, 7 Jun 2016 10:19:55 +0200
MIME-Version: 1.0
In-Reply-To: <875.280801165168$1465286930@news.gmane.org>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 8bit
Subject: Re: [Qemu-devel] [PATCH] target-i386: fix iret emulation correctness
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: poletaev <Dmitry.Poletaev@ispras.ru>, qemu-devel@nongnu.org
Cc: Pavel.Dovgaluk@ispras.ru



On 07/06/2016 10:07, poletaev wrote:
> diff --git a/target-i386/translate.c b/target-i386/translate.c
> index f010022..c409baf 100644
> --- a/target-i386/translate.c
> +++ b/target-i386/translate.c
> @@ -6319,6 +6319,7 @@ static target_ulong disas_insn(CPUX86State *env,
> DisasContext *s,
>              set_cc_op(s, CC_OP_EFLAGS);
>          } else if (s->vm86) {
>              if (s->iopl != 3) {
> +                gen_helper_reset_nmi_blocking(cpu_env);
>                  gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);

I am afraid that the solution is more complicated.  The exception will
be handled before the NMI, while the opposite should be done according
to the manual.

So, first, you need to move HF2_NMI_MASK from hflags2 to hflags, so that
different NMI masking states cause the guest code to be retranslated.
Second, an IRET with HF_NMI_MASK set can be translated to _only_ the
reset of NMI mask followed by end of basic block.  An IRET without
HF_NMI_MASK instead can be translated the same way as now.

Paolo

> 
>              } else {
> 
>                  gen_helper_iret_real(cpu_env, tcg_const_i32(dflag - 1));
>