yuzu/unicorn
1
0
Fork 0
mirror of https://github.com/yuzu-emu/unicorn.git synced 2025-03-28 18:07:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

target/i386: Generate #UD when applying LOCK to a register destination

Browse source 
Fixes a TCG crash due to attempting the atomic operation without
having set up the address first. This does not attempt to fix
all of the other missing checks for LOCK.

Fixes: a7cee522f35
Fixes: https://bugs.launchpad.net/qemu/+bug/1803160

Backports commit e84fcd7f662a0d8198703f6f89416d7ac2c32767 from qemu
This commit is contained in:
Richard Henderson 2018-12-01 20:10:46 -05:00 committed by Lioncash
parent 9b5f4d32ba
commit 2af9cf7113
No known key found for this signature in database
GPG key ID: 4E3C3CC1031BA9C7
1 changed files with 22 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
qemu/target/i386/translate.c
View file

@ -1426,6 +1426,23 @@ static void gen_helper_fp_arith_STN_ST0(DisasContext *s, int op, int opreg)
}
}
static void gen_exception(DisasContext *s, int trapno, target_ulong cur_eip)
{
TCGContext *tcg_ctx = s->uc->tcg_ctx;
gen_update_cc_op(s);
gen_jmp_im(s, cur_eip);
gen_helper_raise_exception(tcg_ctx, tcg_ctx->cpu_env, tcg_const_i32(tcg_ctx, trapno));
s->base.is_jmp = DISAS_NORETURN;
}
/* Generate #UD for the current instruction. The assumption here is that
the instruction is known, but it isn't allowed in the current cpu mode. */
static void gen_illegal_opcode(DisasContext *s)
{
gen_exception(s, EXCP06_ILLOP, s->pc_start - s->cs_base);
}
/* if d == OR_TMP0, it means memory operand (address in A0) */
static void gen_op(DisasContext *s, int op, TCGMemOp ot, int d)
{
@ -1434,6 +1451,11 @@ static void gen_op(DisasContext *s, int op, TCGMemOp ot, int d)
TCGv cpu_cc_src = tcg_ctx->cpu_cc_src;
if (d != OR_TMP0) {
if (s->prefix & PREFIX_LOCK) {
/* Lock prefix when destination is not memory. */
gen_illegal_opcode(s);
return;
}
gen_op_mov_v_reg(s, ot, s->T0, d);
} else if (!(s->prefix & PREFIX_LOCK)) {
gen_op_ld_v(s, ot, s->T0, s->A0);
@ -2690,23 +2712,6 @@ static void gen_leave(DisasContext *s)
gen_op_mov_reg_v(s, a_ot, R_ESP, s->T1);
}
static void gen_exception(DisasContext *s, int trapno, target_ulong cur_eip)
{
TCGContext *tcg_ctx = s->uc->tcg_ctx;
gen_update_cc_op(s);
gen_jmp_im(s, cur_eip);
gen_helper_raise_exception(tcg_ctx, tcg_ctx->cpu_env, tcg_const_i32(tcg_ctx, trapno));
s->base.is_jmp = DISAS_NORETURN;
}
/* Generate #UD for the current instruction. The assumption here is that
the instruction is known, but it isn't allowed in the current cpu mode. */
static void gen_illegal_opcode(DisasContext *s)
{
gen_exception(s, EXCP06_ILLOP, s->pc_start - s->cs_base);
}
/* Similarly, except that the assumption here is that we don't decode
the instruction at all -- either a missing opcode, an unimplemented
feature, or just a bogus instruction stream. */