Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/806280/?format=api
{ "id": 806280, "url": "http://patchwork.ozlabs.org/api/patches/806280/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/patch/1503852052.23207.2.camel@t-online.de/", "project": { "id": 14, "url": "http://patchwork.ozlabs.org/api/projects/14/?format=api", "name": "QEMU Development", "link_name": "qemu-devel", "list_id": "qemu-devel.nongnu.org", "list_email": "qemu-devel@nongnu.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<1503852052.23207.2.camel@t-online.de>", "list_archive_url": null, "date": "2017-08-27T16:40:52", "name": "i386: fix 0x66 prefix in disassembler and translator", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "56380156a7ee8ba5bd0ed03413a832f86ba2b654", "submitter": { "id": 72236, "url": "http://patchwork.ozlabs.org/api/people/72236/?format=api", "name": "Jürgen Buchmüller", "email": "pullmoll@t-online.de" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/qemu-devel/patch/1503852052.23207.2.camel@t-online.de/mbox/", "series": [ { "id": 33, "url": "http://patchwork.ozlabs.org/api/series/33/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/list/?series=33", "date": "2017-08-27T16:40:52", "name": "i386: fix 0x66 prefix in disassembler and translator", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/33/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/806280/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/806280/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org", "Authentication-Results": "ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=<UNKNOWN>)", "Received": [ "from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xgMTx1dDHz9s8w\n\tfor <incoming@patchwork.ozlabs.org>;\n\tMon, 28 Aug 2017 03:34:40 +1000 (AEST)", "from localhost ([::1]:33453 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)\n\tid 1dm1SE-0008UG-S1\n\tfor incoming@patchwork.ozlabs.org; Sun, 27 Aug 2017 13:34:34 -0400", "from eggs.gnu.org ([2001:4830:134:3::10]:47430)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from <pullmoll@t-online.de>) id 1dm0cO-0000YL-Ng\n\tfor qemu-devel@nongnu.org; Sun, 27 Aug 2017 12:41:01 -0400", "from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from <pullmoll@t-online.de>) id 1dm0cL-0003fb-He\n\tfor qemu-devel@nongnu.org; Sun, 27 Aug 2017 12:41:00 -0400", "from mailout07.t-online.de ([194.25.134.83]:54986)\n\tby eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)\n\t(Exim 4.71) (envelope-from <pullmoll@t-online.de>)\n\tid 1dm0cL-0003ee-67\n\tfor qemu-devel@nongnu.org; Sun, 27 Aug 2017 12:40:57 -0400", "from fwd14.aul.t-online.de (fwd14.aul.t-online.de [172.20.26.242])\n\tby mailout07.t-online.de (Postfix) with SMTP id B7E1242727E6\n\tfor <qemu-devel@nongnu.org>; Sun, 27 Aug 2017 18:40:54 +0200 (CEST)", "from espresso.localdomain\n\t(bRp1+rZTwhzms6Xshlrp+cSOMiF-qiBA9q3WHlxV6NjJV13R4AgwWmSO5fgwl0fglF@[93.232.221.109])\n\tby fwd14.t-online.de\n\twith (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384 encrypted)\n\tesmtp id 1dm0cH-0wqSu00; Sun, 27 Aug 2017 18:40:53 +0200" ], "Message-ID": "<1503852052.23207.2.camel@t-online.de>", "From": "=?iso-8859-1?q?J=FCrgen_Buchm=FCller?= <pullmoll@t-online.de>", "To": "qemu-devel@nongnu.org", "Date": "Sun, 27 Aug 2017 18:40:52 +0200", "Content-Type": "text/plain; charset=\"UTF-8\"", "X-Mailer": "Evolution 3.24.5 ", "Mime-Version": "1.0", "X-ID": "bRp1+rZTwhzms6Xshlrp+cSOMiF-qiBA9q3WHlxV6NjJV13R4AgwWmSO5fgwl0fglF", "X-TOI-MSGID": "dbcb015d-caf6-4a77-bb70-294e1dd94dc5", "Content-Transfer-Encoding": "quoted-printable", "X-detected-operating-system": "by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]\n\t[fuzzy]", "X-Received-From": "194.25.134.83", "X-Mailman-Approved-At": "Sun, 27 Aug 2017 13:34:09 -0400", "Subject": "[Qemu-devel] [PATCH] i386: fix 0x66 prefix in disassembler and\n\ttranslator", "X-BeenThere": "qemu-devel@nongnu.org", "X-Mailman-Version": "2.1.21", "Precedence": "list", "List-Id": "<qemu-devel.nongnu.org>", "List-Unsubscribe": "<https://lists.nongnu.org/mailman/options/qemu-devel>,\n\t<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>", "List-Archive": "<http://lists.nongnu.org/archive/html/qemu-devel/>", "List-Post": "<mailto:qemu-devel@nongnu.org>", "List-Help": "<mailto:qemu-devel-request@nongnu.org?subject=help>", "List-Subscribe": "<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n\t<mailto:qemu-devel-request@nongnu.org?subject=subscribe>", "Errors-To": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org", "Sender": "\"Qemu-devel\"\n\t<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>" }, "content": "The opcodes 0xe8 (call) and 0xe9 (jump), when prefixed by 0x66, do not\nuse a 16 bit offset, but still 32 bits, just like conditional relative\njumps. To distinguish between conditional jumps and the unconditional\ncall/jump add a new call_jump_mode and a call_jump_flag. This\nprerevents data size changes for both, call_jump_mode and\ncond_jump_mode when using the Intel syntax.\n\nIn the translator respect data size changes only, if the CPU is not\nand Intel type. Otherwise the size of the call/jmp is always 32 bits.\n\nSee https://github.com/xoreaxeaxeax/sandsifter/blob/master/references/d\nomas_breaking_the_x86_isa_wp.pdf\nfor the details and reasoning.\n\nSigned-off-by: Jürgen Buchmüller <pullmoll@t-online.de>\n---\n disas/i386.c | 31 ++++++++++++++-------------\n target/i386/translate.c | 56 ++++++++++++++++++++++++++++++++---------\n--------\n 2 files changed, 54 insertions(+), 33 deletions(-)\n\n gen_push_v(s, cpu_T0);\n@@ -6513,16 +6522,25 @@ static target_ulong disas_insn(CPUX86State\n*env, DisasContext *s,\n }\n goto do_lcall;\n case 0xe9: /* jmp im */\n- if (dflag != MO_16) {\n- tval = (int32_t)insn_get(env, s, MO_32);\n+ if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1) {\n+ if (dflag != MO_16) {\n+ tval = (int32_t)insn_get(env, s, MO_32);\n+ } else {\n+ tval = (int16_t)insn_get(env, s, MO_16);\n+ }\n+ next_eip = s->pc - s->cs_base;\n+ tval += next_eip;\n+ if (dflag == MO_16) {\n+ tval &= 0xffff;\n+ } else if (!CODE64(s)) {\n+ tval &= 0xffffffff;\n+ }\n } else {\n- tval = (int16_t)insn_get(env, s, MO_16);\n- }\n- tval += s->pc - s->cs_base;\n- if (dflag == MO_16) {\n- tval &= 0xffff;\n- } else if (!CODE64(s)) {\n- tval &= 0xffffffff;\n+ tval = (int32_t)insn_get(env, s, MO_32);\n+ tval += s->pc - s->cs_base;\n+ if (!CODE64(s)) {\n+ tval &= 0xffffffff;\n+ }\n }\n gen_bnd_jmp(s);\n gen_jmp(s, tval);", "diff": "diff --git a/disas/i386.c b/disas/i386.c\nindex f1e376ca4a..2b18285fb8 100644\n--- a/disas/i386.c\n+++ b/disas/i386.c\n@@ -464,6 +464,7 @@ fetch_data(struct disassemble_info *info, bfd_byte\n*addr)\n #define ALr { REP_Fixup, al_reg }\n #define eAXr { REP_Fixup, eAX_reg }\n \n+#define call_jump_flag { NULL, call_jump_mode }\n #define cond_jump_flag { NULL, cond_jump_mode }\n #define loop_jcxz_flag { NULL, loop_jcxz_mode }\n \n@@ -480,17 +481,18 @@ fetch_data(struct disassemble_info *info,\nbfd_byte *addr)\n #define t_mode 6 /* ten-byte operand */\n #define x_mode 7 /* 16-byte XMM operand */\n #define m_mode 8 /* d_mode in 32bit, q_mode in 64bit mode. */\n-#define cond_jump_mode 9\n-#define loop_jcxz_mode 10\n-#define dq_mode 11 /* operand size depends on REX prefixes. */\n-#define dqw_mode 12 /* registers like dq_mode, memory like w_mode. */\n-#define f_mode 13 /* 4- or 6-byte pointer operand */\n-#define const_1_mode 14\n-#define stack_v_mode 15 /* v_mode for stack-related opcodes. */\n-#define z_mode 16 /* non-quad operand size depends on prefixes */\n-#define o_mode 17 /* 16-byte operand */\n-#define dqb_mode 18 /* registers like dq_mode, memory like b_mode. */\n-#define dqd_mode 19 /* registers like dq_mode, memory like d_mode. */\n+#define call_jump_mode 9\n+#define cond_jump_mode 10\n+#define loop_jcxz_mode 11\n+#define dq_mode 12 /* operand size depends on REX prefixes. */\n+#define dqw_mode 13 /* registers like dq_mode, memory like w_mode. */\n+#define f_mode 14 /* 4- or 6-byte pointer operand */\n+#define const_1_mode 15\n+#define stack_v_mode 16 /* v_mode for stack-related opcodes. */\n+#define z_mode 17 /* non-quad operand size depends on prefixes */\n+#define o_mode 18 /* 16-byte operand */\n+#define dqb_mode 19 /* registers like dq_mode, memory like b_mode. */\n+#define dqd_mode 20 /* registers like dq_mode, memory like d_mode. */\n \n #define es_reg 100\n #define cs_reg 101\n@@ -1007,8 +1009,8 @@ static const struct dis386 dis386[] = {\n { \"outB\",\t\t{ Ib, AL } },\n { \"outG\",\t\t{ Ib, zAX } },\n /* e8 */\n- { \"callT\",\t\t{ Jv } },\n- { \"jmpT\",\t\t{ Jv } },\n+ { \"callT\",\t\t{ Jv, XX, call_jump_flag } },\n+ { \"jmpT\",\t\t{ Jv, XX, call_jump_flag } },\n { \"Jjmp{T|}\",\t\t{ Ap } },\n { \"jmp\",\t\t{ Jb } },\n { \"inB\",\t\t{ AL, indirDX } },\n@@ -3968,7 +3970,8 @@ print_insn (bfd_vma pc, disassemble_info *info)\n if (!uses_DATA_prefix && (prefixes & PREFIX_DATA))\n {\n sizeflag ^= DFLAG;\n- if (dp->op[2].bytemode == cond_jump_mode\n+ if ((dp->op[2].bytemode == call_jump_mode\n+ || dp->op[2].bytemode == cond_jump_mode)\n \t && dp->op[0].bytemode == v_mode\n \t && !intel_syntax)\n \t{\ndiff --git a/target/i386/translate.c b/target/i386/translate.c\nindex 5fdadf98cf..a97cc9496f 100644\n--- a/target/i386/translate.c\n+++ b/target/i386/translate.c\n@@ -6480,17 +6480,26 @@ static target_ulong disas_insn(CPUX86State\n*env, DisasContext *s,\n break;\n case 0xe8: /* call im */\n {\n- if (dflag != MO_16) {\n- tval = (int32_t)insn_get(env, s, MO_32);\n+ if (env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1) {\n+ if (dflag != MO_16) {\n+ tval = (int32_t)insn_get(env, s, MO_32);\n+ } else {\n+ tval = (int16_t)insn_get(env, s, MO_16);\n+ }\n+ next_eip = s->pc - s->cs_base;\n+ tval += next_eip;\n+ if (dflag == MO_16) {\n+ tval &= 0xffff;\n+ } else if (!CODE64(s)) {\n+ tval &= 0xffffffff;\n+ }\n } else {\n- tval = (int16_t)insn_get(env, s, MO_16);\n- }\n- next_eip = s->pc - s->cs_base;\n- tval += next_eip;\n- if (dflag == MO_16) {\n- tval &= 0xffff;\n- } else if (!CODE64(s)) {\n- tval &= 0xffffffff;\n+ tval = (int32_t)insn_get(env, s, MO_32);\n+ next_eip = s->pc - s->cs_base;\n+ tval += next_eip;\n+ if (!CODE64(s)) {\n+ tval &= 0xffffffff;\n+ }\n }\n tcg_gen_movi_tl(cpu_T0, next_eip);\n", "prefixes": [] }