Mailing List Archive

[PATCH] x86emul: fix PINSRW and adjust other {,V}PINSR*
The use of simd_packed_int together with no further update to op_bytes
has lead to wrong signaling of #GP(0) for PINSRW without a 16-byte
aligned memory operand. Use simd_none instead and override it after
general decoding with simd_other, like is done for the B/D/Q siblings.

While benign, for consistency also use DstImplicit instead of DstReg
in x86_decode_twobyte().

PINSR{B,D,Q} also had a stray (redundant) get_fpu() invocation, which
gets dropped.

For further consistency also
- use src.bytes instead of op_bytes in relevant memcpy() invocations,
- avoid the pointless updating of op_bytes (all we care about later is
that the value be less than 16).

Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -362,7 +362,7 @@ static const struct twobyte_table {
[0xc1] = { DstMem|SrcReg|ModRM },
[0xc2] = { DstImplicit|SrcImmByte|ModRM, simd_any_fp, d8s_vl },
[0xc3] = { DstMem|SrcReg|ModRM|Mov },
- [0xc4] = { DstReg|SrcImmByte|ModRM, simd_packed_int, 1 },
+ [0xc4] = { DstImplicit|SrcImmByte|ModRM, simd_none, 1 },
[0xc5] = { DstReg|SrcImmByte|ModRM|Mov },
[0xc6] = { DstImplicit|SrcImmByte|ModRM, simd_packed_fp, d8s_vl },
[0xc7] = { ImplicitOps|ModRM },
@@ -2786,7 +2786,7 @@ x86_decode_twobyte(
/* fall through */
case X86EMUL_OPC_VEX_66(0, 0xc4): /* vpinsrw */
case X86EMUL_OPC_EVEX_66(0, 0xc4): /* vpinsrw */
- state->desc = DstReg | SrcMem16;
+ state->desc = DstImplicit | SrcMem16;
break;

case 0xf0:
@@ -8589,6 +8589,7 @@ x86_emulate(
generate_exception_if(vex.l, EXC_UD);
memcpy(mmvalp, &src.val, 2);
ea.type = OP_MEM;
+ state->simd_size = simd_other;
goto simd_0f_int_imm8;

#ifndef X86EMUL_NO_SIMD
@@ -8603,9 +8604,8 @@ x86_emulate(
host_and_vcpu_must_have(avx512bw);
if ( !mode_64bit() )
evex.w = 0;
- memcpy(mmvalp, &src.val, op_bytes);
+ memcpy(mmvalp, &src.val, src.bytes);
ea.type = OP_MEM;
- op_bytes = src.bytes;
d = SrcMem16; /* Fake for the common SIMD code below. */
state->simd_size = simd_other;
goto avx512f_imm8_no_sae;
@@ -10774,10 +10774,8 @@ x86_emulate(
case X86EMUL_OPC_66(0x0f3a, 0x20): /* pinsrb $imm8,r32/m8,xmm */
case X86EMUL_OPC_66(0x0f3a, 0x22): /* pinsr{d,q} $imm8,r/m,xmm */
host_and_vcpu_must_have(sse4_1);
- get_fpu(X86EMUL_FPU_xmm);
- memcpy(mmvalp, &src.val, op_bytes);
+ memcpy(mmvalp, &src.val, src.bytes);
ea.type = OP_MEM;
- op_bytes = src.bytes;
d = SrcMem16; /* Fake for the common SIMD code below. */
state->simd_size = simd_other;
goto simd_0f3a_common;
@@ -10787,9 +10785,8 @@ x86_emulate(
generate_exception_if(vex.l, EXC_UD);
if ( !mode_64bit() )
vex.w = 0;
- memcpy(mmvalp, &src.val, op_bytes);
+ memcpy(mmvalp, &src.val, src.bytes);
ea.type = OP_MEM;
- op_bytes = src.bytes;
d = SrcMem16; /* Fake for the common SIMD code below. */
state->simd_size = simd_other;
goto simd_0f_int_imm8;