From fedeb0f93e53b691d03ab5854561048e8a60d438 Mon Sep 17 00:00:00 2001 From: "Emilio G. Cota" Date: Tue, 27 Feb 2018 23:00:32 -0500 Subject: [PATCH] target-i386: emulate LOCK'ed NOT using atomic helper Backports commit 2a5fe8ae145ef7a3ab480922116d27efcc97b85d from qemu --- qemu/target-i386/translate.c | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/qemu/target-i386/translate.c b/qemu/target-i386/translate.c index 75f88c85..a424a434 100644 --- a/qemu/target-i386/translate.c +++ b/qemu/target-i386/translate.c @@ -5324,10 +5324,15 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, rm = (modrm & 7) | REX_B(s); op = (modrm >> 3) & 7; if (mod != 3) { - if (op == 0) + if (op == 0) { s->rip_offset = insn_const_size(ot); + } gen_lea_modrm(env, s, modrm); - gen_op_ld_v(s, ot, cpu_T0, cpu_A0); + /* For those below that handle locked memory, don't load here. */ + if (!(s->prefix & PREFIX_LOCK) + || op != 2) { + gen_op_ld_v(s, ot, cpu_T0, cpu_A0); + } } else { gen_op_mov_v_reg(tcg_ctx, ot, cpu_T0, rm); } @@ -5340,11 +5345,20 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s, set_cc_op(s, CC_OP_LOGICB + ot); break; case 2: /* not */ - tcg_gen_not_tl(tcg_ctx, cpu_T0, cpu_T0); - if (mod != 3) { - gen_op_st_v(s, ot, cpu_T0, cpu_A0); + if (s->prefix & PREFIX_LOCK) { + if (mod == 3) { + goto illegal_op; + } + tcg_gen_movi_tl(tcg_ctx, cpu_T0, ~0); + tcg_gen_atomic_xor_fetch_tl(tcg_ctx, cpu_T0, cpu_A0, cpu_T0, + s->mem_index, ot | MO_LE); } else { - gen_op_mov_reg_v(tcg_ctx, ot, rm, cpu_T0); + tcg_gen_not_tl(tcg_ctx, cpu_T0, cpu_T0); + if (mod != 3) { + gen_op_st_v(s, ot, cpu_T0, cpu_A0); + } else { + gen_op_mov_reg_v(tcg_ctx, ot, rm, cpu_T0); + } } break; case 3: /* neg */