[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 17/36] target/i386: Fix decoding of certain BMI instructions
From: |
Paolo Bonzini |
Subject: |
[PULL 17/36] target/i386: Fix decoding of certain BMI instructions |
Date: |
Fri, 29 Jan 2021 12:17:55 +0100 |
From: David Greenaway <dgreenaway@google.com>
This patch fixes a translation bug for a subset of x86 BMI instructions
such as the following:
c4 e2 f9 f7 c0 shlxq %rax, %rax, %rax
Currently, these incorrectly generate an undefined instruction exception
when SSE is disabled via CR4, while instructions like "shrxq" work fine.
The problem appears to be related to BMI instructions encoded using VEX
and with a mandatory prefix of "0x66" (data). Instructions with this
data prefix (such as shlxq) are currently rejected. Instructions with
other mandatory prefixes (such as shrxq) translate as expected.
This patch removes the incorrect check in "gen_sse" that causes the
exception to be generated. For the non-BMI cases, the check is
redundant: prefixes are already checked at line 3696.
Buglink: https://bugs.launchpad.net/qemu/+bug/1748296
Signed-off-by: David Greenaway <dgreenaway@google.com>
Message-Id: <20210114063958.1508050-1-dgreenaway@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 6a4c31f933..af1faf9342 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -3075,7 +3075,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s,
int b,
}
if (is_xmm
&& !(s->flags & HF_OSFXSR_MASK)
- && ((b != 0x38 && b != 0x3a) || (s->prefix & PREFIX_DATA))) {
+ && (b != 0x38 && b != 0x3a)) {
goto unknown_op;
}
if (b == 0x0e) {
--
2.29.2
- [PULL 08/36] target/i386: do not set LM for 32-bit emulation "-cpu host/max", (continued)
- [PULL 08/36] target/i386: do not set LM for 32-bit emulation "-cpu host/max", Paolo Bonzini, 2021/01/29
- [PULL 09/36] machine: add missing doc for memory-backend option, Paolo Bonzini, 2021/01/29
- [PULL 03/36] docs/fuzz: fix pre-meson path, Paolo Bonzini, 2021/01/29
- [PULL 06/36] docs/fuzz: add some information about OSS-Fuzz, Paolo Bonzini, 2021/01/29
- [PULL 07/36] fuzz: add virtio-9p configurations for fuzzing, Paolo Bonzini, 2021/01/29
- [PULL 10/36] meson: accept either shared or static libraries if --disable-static, Paolo Bonzini, 2021/01/29
- [PULL 12/36] x86/cpu: Populate SVM CPUID feature bits, Paolo Bonzini, 2021/01/29
- [PULL 16/36] event_notifier: handle initialization failure better, Paolo Bonzini, 2021/01/29
- [PULL 14/36] docs: don't install corresponding man page if guest agent is disabled, Paolo Bonzini, 2021/01/29
- [PULL 11/36] meson: honor --enable-rbd if cc.links test fails, Paolo Bonzini, 2021/01/29
- [PULL 17/36] target/i386: Fix decoding of certain BMI instructions,
Paolo Bonzini <=
- [PULL 13/36] fuzz: fix wrong index in clear_bits, Paolo Bonzini, 2021/01/29
- [PULL 18/36] target/i86: implement PKS, Paolo Bonzini, 2021/01/29
- [PULL 15/36] virtio-scsi: don't uninitialize queues that we didn't initialize, Paolo Bonzini, 2021/01/29
- [PULL 22/36] meson: Warn when TCI is selected but TCG backend is available, Paolo Bonzini, 2021/01/29
- [PULL 19/36] configure: Fix --enable-tcg-interpreter, Paolo Bonzini, 2021/01/29
- [PULL 20/36] configure: Improve TCI feature description, Paolo Bonzini, 2021/01/29
- [PULL 21/36] meson: Explicit TCG backend used, Paolo Bonzini, 2021/01/29
- [PULL 26/36] pc-bios/meson: Only install EDK2 blob firmwares with system emulation, Paolo Bonzini, 2021/01/29
- [PULL 24/36] build-sys: make libslirp a meson subproject, Paolo Bonzini, 2021/01/29
- [PULL 25/36] tests/meson: Only build softfloat objects if TCG is selected, Paolo Bonzini, 2021/01/29