From: Richard Henderson <richard.henderson@linaro.org>
To: Paolo Bonzini <pbonzini@redhat.com>, qemu-devel@nongnu.org
Subject: Re: [PATCH 07/22] target/i386: reimplement check for validity of LOCK prefix
Date: Fri, 29 Dec 2023 08:55:29 +1100 [thread overview]
Message-ID: <c8b251cc-0936-446e-9129-d3ba487f01ec@linaro.org> (raw)
In-Reply-To: <20231222181603.174137-8-pbonzini@redhat.com>
On 12/23/23 05:15, Paolo Bonzini wrote:
> The previous check erroneously allowed CMP to be modified with LOCK.
> Instead, tag explicitly the instructions that do support LOCK.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/decode-new.c.inc | 17 ++++++++++-------
> target/i386/tcg/decode-new.h | 3 +++
> target/i386/tcg/emit.c.inc | 5 -----
> 3 files changed, 13 insertions(+), 12 deletions(-)
It's hard to see how this fits together, because there don't seem to be any uses of
X86_SPECIAL_{Locked,HasLock} yet.
But the illegal test in disas_insn_new looks more plausibly correct than the one in
decode_modrm, so
Acked-by: Richard Henderson <richard.henderson@linaro.org>
r~
>
> diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
> index 232c6a45c96..5eb2e9d0224 100644
> --- a/target/i386/tcg/decode-new.c.inc
> +++ b/target/i386/tcg/decode-new.c.inc
> @@ -151,6 +151,7 @@
>
> #define cpuid(feat) .cpuid = X86_FEAT_##feat,
> #define xchg .special = X86_SPECIAL_Locked,
> +#define lock .special = X86_SPECIAL_HasLock,
> #define mmx .special = X86_SPECIAL_MMX,
> #define zext0 .special = X86_SPECIAL_ZExtOp0,
> #define zext2 .special = X86_SPECIAL_ZExtOp2,
> @@ -1103,10 +1104,6 @@ static int decode_modrm(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
> {
> int modrm = get_modrm(s, env);
> if ((modrm >> 6) == 3) {
> - if (s->prefix & PREFIX_LOCK) {
> - decode->e.gen = gen_illegal;
> - return 0xff;
> - }
> op->n = (modrm & 7);
> if (type != X86_TYPE_Q && type != X86_TYPE_N) {
> op->n |= REX_B(s);
> @@ -1881,6 +1878,9 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
> if (decode.op[0].has_ea) {
> s->prefix |= PREFIX_LOCK;
> }
> + decode.e.special = X86_SPECIAL_HasLock;
> + /* fallthrough */
> + case X86_SPECIAL_HasLock:
> break;
>
> case X86_SPECIAL_ZExtOp0:
> @@ -1909,6 +1909,12 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
> break;
> }
>
> + if (s->prefix & PREFIX_LOCK) {
> + if (decode.e.special != X86_SPECIAL_HasLock || !decode.op[0].has_ea) {
> + goto illegal_op;
> + }
> + }
> +
> if (!validate_vex(s, &decode)) {
> return;
> }
> @@ -1952,9 +1958,6 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
> gen_load_ea(s, &decode.mem, decode.e.vex_class == 12);
> }
> if (s->prefix & PREFIX_LOCK) {
> - if (decode.op[0].unit != X86_OP_INT || !decode.op[0].has_ea) {
> - goto illegal_op;
> - }
> gen_load(s, &decode, 2, s->T1);
> decode.e.gen(s, env, &decode);
> } else {
> diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
> index e6c904a3192..611bfddd957 100644
> --- a/target/i386/tcg/decode-new.h
> +++ b/target/i386/tcg/decode-new.h
> @@ -158,6 +158,9 @@ typedef enum X86InsnCheck {
> typedef enum X86InsnSpecial {
> X86_SPECIAL_None,
>
> + /* Accepts LOCK prefix; LOCKed operations do not load or writeback operand 0 */
> + X86_SPECIAL_HasLock,
> +
> /* Always locked if it has a memory operand (XCHG) */
> X86_SPECIAL_Locked,
>
> diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
> index d444d83e534..98c4c9569ef 100644
> --- a/target/i386/tcg/emit.c.inc
> +++ b/target/i386/tcg/emit.c.inc
> @@ -55,11 +55,6 @@ static void gen_NM_exception(DisasContext *s)
> gen_exception(s, EXCP07_PREX);
> }
>
> -static void gen_illegal(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
> -{
> - gen_illegal_opcode(s);
> -}
> -
> static void gen_load_ea(DisasContext *s, AddressParts *mem, bool is_vsib)
> {
> TCGv ea = gen_lea_modrm_1(s, *mem, is_vsib);
next prev parent reply other threads:[~2023-12-28 21:56 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-22 18:15 [PATCH 00/22] target/i386: first part of TCG changes for 9.0 Paolo Bonzini
2023-12-22 18:15 ` [PATCH 01/22] target/i386: optimize computation of JL and JLE from flags Paolo Bonzini
2023-12-28 20:53 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 02/22] target/i386: speedup JO/SETO after MUL or IMUL Paolo Bonzini
2023-12-28 20:56 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 03/22] target/i386: remove unnecessary arguments from raise_interrupt Paolo Bonzini
2023-12-28 20:58 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 04/22] target/i386: remove unnecessary truncations Paolo Bonzini
2023-12-28 21:13 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 05/22] target/i386: clean up cpu_cc_compute_all Paolo Bonzini
2023-12-28 21:27 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 06/22] target/i386: document more deviations from the manual Paolo Bonzini
2023-12-28 21:34 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 07/22] target/i386: reimplement check for validity of LOCK prefix Paolo Bonzini
2023-12-28 21:55 ` Richard Henderson [this message]
2023-12-22 18:15 ` [PATCH 08/22] target/i386: avoid trunc and ext for MULX and RORX Paolo Bonzini
2023-12-28 21:50 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 09/22] target/i386: rename zext0/zext2 and make them closer to the manual Paolo Bonzini
2023-12-28 22:04 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 10/22] target/i386: add X86_SPECIALs for MOVSX and MOVZX Paolo Bonzini
2023-12-28 22:08 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 11/22] target/i386: do not decode string source/destination into decode->mem Paolo Bonzini
2023-12-28 22:09 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 12/22] target/i386: do not clobber A0 in POP translation Paolo Bonzini
2023-12-22 18:15 ` [PATCH 13/22] target/i386: do not clobber T0 on string operations Paolo Bonzini
2023-12-28 22:11 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 14/22] target/i386: split eflags computation out of gen_compute_eflags Paolo Bonzini
2023-12-28 22:13 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 15/22] target/i386: do not use s->tmp4 for push Paolo Bonzini
2023-12-28 22:14 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 16/22] target/i386: do not use s->tmp0 for jumps on ECX ==/!= 0 Paolo Bonzini
2023-12-28 22:15 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 17/22] target/i386: extract gen_far_call/jmp, reordering temporaries Paolo Bonzini
2023-12-28 22:25 ` Richard Henderson
2023-12-22 18:15 ` [PATCH 18/22] target/i386: prepare for implementation of STOS/SCAS in new decoder Paolo Bonzini
2023-12-28 22:27 ` Richard Henderson
2023-12-22 18:16 ` [PATCH 19/22] target/i386: move operand load and writeback out of gen_cmovcc1 Paolo Bonzini
2023-12-28 22:29 ` Richard Henderson
2023-12-22 18:16 ` [PATCH 20/22] target/i386: adjust decoding of J operand Paolo Bonzini
2023-12-22 18:16 ` [PATCH 21/22] target/i386: introduce flags writeback mechanism Paolo Bonzini
2023-12-28 22:46 ` Richard Henderson
2023-12-22 18:16 ` [PATCH 22/22] target/i386: implement CMPccXADD Paolo Bonzini
2023-12-28 23:04 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c8b251cc-0936-446e-9129-d3ba487f01ec@linaro.org \
--to=richard.henderson@linaro.org \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).