[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RISU PATCH v3 04/18] risugen_x86_constraints: add modu
|
From: |
Jan Bobek |
|
Subject: |
Re: [Qemu-devel] [RISU PATCH v3 04/18] risugen_x86_constraints: add module |
|
Date: |
Sun, 14 Jul 2019 18:39:20 -0400 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 |
On 7/12/19 10:24 AM, Richard Henderson wrote:
> On 7/12/19 12:32 AM, Jan Bobek wrote:
>> +sub vex($%)
>> +{
>> + my ($insn, %vex) = @_;
>> + my $regidw = $is_x86_64 ? 4 : 3;
>> +
>> + # There is no point in randomizing other VEX fields, since
>> + # VEX.R/.X/.B are encoded automatically by risugen_x86_asm, and
>> + # VEX.M/.P are opcodes.
>> + $vex{l} = randint(width => 1) ? 256 : 128 unless defined $vex{l};
>
> VEX.L is sort-of opcode-like as well. It certainly differentiates AVX1 vs
> AVX2, and so probably should be constrained somehow. I can't think of what's
> the best way to do that at the moment, since our existing --xstate=foo isn't
> right.
>
> Perhaps just a FIXME comment for now?
So, the instructions that use VEX.L specify it in the !constraints
block in the config file. Originally, I thought some instructions are
supposed to ignore it (denoted by LIG in the Intel manual -- it's the
scalar instructions like ADDSS), so it might be worth randomizing.
However, when I later read the manual pages of some of these
instructions, it said they are supposed to be encoded with VEX.L=0
anyway. I didn't check every single one of them, but right now they
are all encoded with VEX.L=0, so I suppose this line can be removed
and we can rely on the caller (the !constraints block) to always
specify it.
>> +sub modrm_($%)
>> +{
>> + my ($insn, %args) = @_;
>> + my $regidw = $is_x86_64 ? 4 : 3;
>> +
>> + my %modrm = ();
>> + if (defined $args{reg}) {
>> + # This makes the config file syntax a bit more accommodating
>> + # in cases where MODRM.REG is an opcode extension field.
>> + $modrm{reg} = $args{reg};
>> + } else {
>> + $modrm{reg} = randint(width => $regidw);
>> + }
>> +
>> + # There is also a displacement-only form, but we don't know
>> + # absolute address of the memblock, so we cannot test it.
>
> 32-bit mode has displacement-only, aka absolute; 64-bit replaces that with
> rip-relative. But agreed that the first is impossible to test and the second
> is difficult.
>
>> +sub modrm($%)
>> +{
>> + my ($insn, %args) = @_;
>> + modrm_($insn, indexk => 'index', %args);
>> +}
>
> How are you avoiding %rsp as index?
> I saw you die for that in the previous patch...
See write_mem_getoffset in risugen_x86.pm. I felt there's a better
place for it there, since that's when we actually need to write to it,
so the problem is more exposed.
-Jan
>
> r~
>
signature.asc
Description: OpenPGP digital signature
- [Qemu-devel] [RISU PATCH v3 11/18] x86.risu: add SSE instructions, (continued)
- [Qemu-devel] [RISU PATCH v3 11/18] x86.risu: add SSE instructions, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 01/18] risugen_common: add helper functions insnv, randint, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 07/18] risugen: allow all byte-aligned instructions, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 02/18] risugen_common: split eval_with_fields into extract_fields and eval_block, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 04/18] risugen_x86_constraints: add module, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 15/18] x86.risu: add SSE4.1 and SSE4.2 instructions, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 03/18] risugen_x86_asm: add module, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 14/18] x86.risu: add SSSE3 instructions, Jan Bobek, 2019/07/11
- [Qemu-devel] [RISU PATCH v3 12/18] x86.risu: add SSE2 instructions, Jan Bobek, 2019/07/11