[gem5-dev] Change in gem5/gem5[develop]: arch-x86: Fixed M5InternalError when decoding certain bytes

Tue, 07 Sep 2021 07:37:10 -0700

Eduardo José Gómez Hernández has uploaded this change for review. ( https://gem5-review.googlesource.com/c/public/gem5/+/49990 ) 

Change subject: arch-x86: Fixed M5InternalError when decoding certain bytes
......................................................................

arch-x86: Fixed M5InternalError when decoding certain bytes

0F38 is the two bytes prefixes to decode a three-byte opcode.
To prevent error, the two_bytes_opcode decoder will complain
if it tries to decode 38 as the opcode, because it is a prefix.
The decoder, will treat 38 as a prefix, preventing it to
end in the two_byte_opcode decoder.

However, using the VEX prefix is possible to reach this
forbidden state.

The set of bytes C4 01 01 38 00 will trigger the mentioned
M5InternalError.

The previous instruction is not valid, but it could be
decoded from an speculative path. In its place, a UD2
instructtion should be emitted.

Change-Id: I6b7c4b3593dd8e6e8ac99aaf306b8feeb7784b56
---
M src/arch/x86/decoder.cc
1 file changed, 10 insertions(+), 0 deletions(-)



diff --git a/src/arch/x86/decoder.cc b/src/arch/x86/decoder.cc
index 015a504..3020b1d 100644
--- a/src/arch/x86/decoder.cc
+++ b/src/arch/x86/decoder.cc
@@ -362,6 +362,16 @@

     switch (emi.opcode.type) {
       case TwoByteOpcode:
+       // Decoding garbage could lead in invalid instructions
+        // that will never commit. This prevent certain 3 VEX opcodes
+        // from reaching the decoder 'panic' of decoding 3 opcode
+        // instructions using the 2 opcode decoder.
+        if (emi.opcode.op == 0x38 || emi.opcode.op == 0x3A) {
+            DPRINTF(Decoder, "Found VEX opcode redirecting to " \
+                    "TwoByteOpcode a reserved opcode for ThreeByteOpcode. "
+                    "Now, it will be converted into UD2.\n");
+            emi.opcode.op = 0x39;
+        }
         return processOpcode(ImmediateTypeTwoByte, UsesModRMTwoByte);
       case ThreeByte0F38Opcode:
         return processOpcode(ImmediateTypeThreeByte0F38,

--
To view, visit https://gem5-review.googlesource.com/c/public/gem5/+/49990

To unsubscribe, or for help writing mail filters, visit  
https://gem5-review.googlesource.com/settings


Gerrit-Project: public/gem5
Gerrit-Branch: develop
Gerrit-Change-Id: I6b7c4b3593dd8e6e8ac99aaf306b8feeb7784b56
Gerrit-Change-Number: 49990
Gerrit-PatchSet: 1
Gerrit-Owner: Eduardo José Gómez Hernández <eduardojose.go...@um.es>
Gerrit-MessageType: newchange

_______________________________________________
gem5-dev mailing list -- gem5-dev@gem5.org
To unsubscribe send an email to gem5-dev-le...@gem5.org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s





















					Reply via email to