@@ -99,6 +99,7 @@ typedef struct DisasContext {
int prefix;
TCGMemOp aflag;
TCGMemOp dflag;
+ target_ulong pc_start;
target_ulong pc; /* pc = eip + cs_base */
int is_jmp; /* 1 = means jump (stop translation), 2 means CPU
static state change (stop translation) */
@@ -2368,6 +2369,30 @@ static void gen_exception(DisasContext *s, int trapno, target_ulong cur_eip)
s->is_jmp = DISAS_TB_JUMP;
}
+/* Generate #UD for the current instruction. The assumption here is that
+ the instruction is known, but it isn't allowed in the current cpu mode. */
+static void gen_illegal_opcode(DisasContext *s)
+{
+ gen_exception(s, EXCP06_ILLOP, s->pc_start - s->cs_base);
+}
+
+/* Similarly, except that the assumption here is that we don't decode
+ the instruction at all -- either a missing opcode, an unimplemented
+ feature, or just a bogus instruction stream. */
+static void gen_unknown_opcode(CPUX86State *env, DisasContext *s)
+{
+ gen_illegal_opcode(s);
+
+ if (qemu_loglevel_mask(LOG_UNIMP)) {
+ target_ulong pc = s->pc_start, end = s->pc;
+ qemu_log("ILLOPC: " TARGET_FMT_lx ":", pc);
+ for (; pc < end; ++pc) {
+ qemu_log(" %02x", cpu_ldub_code(env, pc));
+ }
+ qemu_log("\n");
+ }
+}
+
/* an interrupt is different from an exception because of the
privilege checks */
static void gen_interrupt(DisasContext *s, int intno,
@@ -2887,7 +2912,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
b1 = 0;
sse_fn_epp = sse_op_table1[b][b1];
if (!sse_fn_epp) {
- goto illegal_op;
+ goto unknown_op;
}
if ((b <= 0x5f && b >= 0x10) || b == 0xc6 || b == 0xc2) {
is_xmm = 1;
@@ -2906,15 +2931,19 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
}
if (s->flags & HF_EM_MASK) {
illegal_op:
- gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
+ gen_illegal_opcode(s);
return;
}
- if (is_xmm && !(s->flags & HF_OSFXSR_MASK))
- if ((b != 0x38 && b != 0x3a) || (s->prefix & PREFIX_DATA))
- goto illegal_op;
+ if (is_xmm
+ && !(s->flags & HF_OSFXSR_MASK)
+ && ((b != 0x38 && b != 0x3a) || (s->prefix & PREFIX_DATA))) {
+ goto unknown_op;
+ }
if (b == 0x0e) {
- if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
- goto illegal_op;
+ if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW)) {
+ /* If we were fully decoding this we might use illegal_op. */
+ goto unknown_op;
+ }
/* femms */
gen_helper_emms(cpu_env);
return;
@@ -2939,8 +2968,9 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
b |= (b1 << 8);
switch(b) {
case 0x0e7: /* movntq */
- if (mod == 3)
+ if (mod == 3) {
goto illegal_op;
+ }
gen_lea_modrm(env, s, modrm);
gen_stq_env_A0(s, offsetof(CPUX86State, fpregs[reg].mmx));
break;
@@ -3266,7 +3296,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
case 0x172:
case 0x173:
if (b1 >= 2) {
- goto illegal_op;
+ goto unknown_op;
}
val = cpu_ldub_code(env, s->pc++);
if (is_xmm) {
@@ -3285,7 +3315,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
sse_fn_epp = sse_op_table2[((b - 1) & 3) * 8 +
(((modrm >> 3)) & 7)][b1];
if (!sse_fn_epp) {
- goto illegal_op;
+ goto unknown_op;
}
if (is_xmm) {
rm = (modrm & 7) | REX_B(s);
@@ -3509,12 +3539,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
reg = ((modrm >> 3) & 7) | rex_r;
mod = (modrm >> 6) & 3;
if (b1 >= 2) {
- goto illegal_op;
+ goto unknown_op;
}
sse_fn_epp = sse_op_table6[b].op[b1];
if (!sse_fn_epp) {
- goto illegal_op;
+ goto unknown_op;
}
if (!(s->cpuid_ext_features & sse_op_table6[b].ext_mask))
goto illegal_op;
@@ -3564,7 +3594,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
}
}
if (sse_fn_epp == SSE_SPECIAL) {
- goto illegal_op;
+ goto unknown_op;
}
tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
@@ -3932,12 +3962,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -3949,12 +3979,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
reg = ((modrm >> 3) & 7) | rex_r;
mod = (modrm >> 6) & 3;
if (b1 >= 2) {
- goto illegal_op;
+ goto unknown_op;
}
sse_fn_eppi = sse_op_table7[b].op[b1];
if (!sse_fn_eppi) {
- goto illegal_op;
+ goto unknown_op;
}
if (!(s->cpuid_ext_features & sse_op_table7[b].ext_mask))
goto illegal_op;
@@ -4156,12 +4186,14 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
default:
- goto illegal_op;
+ unknown_op:
+ gen_unknown_opcode(env, s);
+ return;
}
} else {
/* generic MMX or SSE operation */
@@ -4237,11 +4269,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
}
switch(b) {
case 0x0f: /* 3DNow! data insns */
- if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
- goto illegal_op;
val = cpu_ldub_code(env, s->pc++);
sse_fn_epp = sse_op_table5[val];
if (!sse_fn_epp) {
+ goto unknown_op;
+ }
+ if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW)) {
goto illegal_op;
}
tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
@@ -4261,7 +4294,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
/* compare insns */
val = cpu_ldub_code(env, s->pc++);
if (val >= 8)
- goto illegal_op;
+ goto unknown_op;
sse_fn_epp = sse_op_table4[val][b1];
tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
@@ -4306,7 +4339,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
target_ulong next_eip, tval;
int rex_w, rex_r;
- s->pc = pc_start;
+ s->pc_start = s->pc = pc_start;
prefixes = 0;
s->override = -1;
rex_w = -1;
@@ -4419,7 +4452,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
b = 0x13a;
break;
default: /* Reserved for future use. */
- goto illegal_op;
+ goto unknown_op;
}
}
s->vex_v = (~vex3 >> 3) & 0xf;
@@ -4769,7 +4802,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -4782,7 +4815,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
rm = (modrm & 7) | REX_B(s);
op = (modrm >> 3) & 7;
if (op >= 2 && b == 0xfe) {
- goto illegal_op;
+ goto unknown_op;
}
if (CODE64(s)) {
if (op == 2 || op == 4) {
@@ -4875,7 +4908,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_push_v(s, cpu_T0);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -5744,7 +5777,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fpop(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
} else {
/* register float ops */
@@ -5768,7 +5801,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fwait(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x0c: /* grp d9/4 */
@@ -5787,7 +5820,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fxam_ST0(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x0d: /* grp d9/5 */
@@ -5822,7 +5855,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fldz_ST0(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
}
break;
@@ -5922,7 +5955,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fpop(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x1c:
@@ -5940,7 +5973,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
case 4: /* fsetpm (287 only, just do nop here) */
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x1d: /* fucomi */
@@ -5992,7 +6025,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fpop(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x38: /* ffreep sti, undocumented op */
@@ -6007,7 +6040,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_op_mov_reg_v(MO_16, R_EAX, cpu_T0);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x3d: /* fucomip */
@@ -6053,7 +6086,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
}
break;
@@ -6524,7 +6557,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
val = cpu_ldub_code(env, s->pc++);
tcg_gen_movi_tl(cpu_T1, val);
if (op < 4)
- goto illegal_op;
+ goto unknown_op;
op -= 4;
goto bt_op;
case 0x1a3: /* bt Gv, Ev */
@@ -7035,7 +7068,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
set_cc_op(s, CC_OP_EFLAGS);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -7349,7 +7382,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -7718,7 +7751,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
}
break;
@@ -7940,7 +7973,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
}
- goto illegal_op;
+ goto unknown_op;
case 0xf8: /* sfence / pcommit */
if (prefixes & PREFIX_DATA) {
@@ -7962,7 +7995,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -8018,7 +8051,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_sse(env, s, b, pc_start, rex_r);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
/* lock generation */
if (s->prefix & PREFIX_LOCK)
@@ -8028,7 +8061,13 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
if (s->prefix & PREFIX_LOCK)
gen_helper_unlock();
/* XXX: ensure that no lock was generated */
- gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
+ gen_illegal_opcode(s);
+ return s->pc;
+ unknown_op:
+ if (s->prefix & PREFIX_LOCK)
+ gen_helper_unlock();
+ /* XXX: ensure that no lock was generated */
+ gen_unknown_opcode(env, s);
return s->pc;
}
We discriminate here between opcodes that are illegal in the current cpu mode or with illegal arguments (such as modrm.mod == 3) and encodings that are unknown (such as an unimplemented isa extension). Signed-off-by: Richard Henderson <rth@twiddle.net> --- target-i386/translate.c | 127 +++++++++++++++++++++++++++++++----------------- 1 file changed, 83 insertions(+), 44 deletions(-)