[PATCH 2/6] Disable pseudo prefix {rex2} for illegal instructions.
Cui, Lili
lili.cui@intel.com
Thu Sep 21 10:11:37 GMT 2023
All opcodes listed map0 0x4*/0x7*/0xa* and map0 0x3*/0x8*
are reserved under REX2 and triggers #UD when prefixed with REX2
gas/ChangeLog:
* config/tc-i386.c (match_template): Handle check_EgprOperands when
instruction has no operand.
* testsuite/gas/i386/x86-64-pseudos-bad.l: Add rex2 illegal test cases.
* testsuite/gas/i386/x86-64-pseudos-bad.s: Ditto.
* testsuite/gas/i386/x86-64-pseudos.d: Delete illegal test case.
* testsuite/gas/i386/x86-64-pseudos.s: Ditto.
opcodes/ChangeLog:
* i386-opc.tbl: Add No_egpr to rex2 illegal instructions.
* i386-tbl.h: Regenerated.
---
gas/config/tc-i386.c | 2 +-
gas/testsuite/gas/i386/x86-64-pseudos-bad.l | 36 +++++++++++
gas/testsuite/gas/i386/x86-64-pseudos-bad.s | 42 +++++++++++++
gas/testsuite/gas/i386/x86-64-pseudos.d | 1 -
gas/testsuite/gas/i386/x86-64-pseudos.s | 1 -
opcodes/i386-opc.tbl | 70 ++++++++++-----------
6 files changed, 114 insertions(+), 38 deletions(-)
diff --git a/gas/config/tc-i386.c b/gas/config/tc-i386.c
index 8bdd386ed47..ad427ff54c3 100644
--- a/gas/config/tc-i386.c
+++ b/gas/config/tc-i386.c
@@ -7316,7 +7316,7 @@ match_template (char mnem_suffix)
/* Do not verify operands when there are none. */
if (!t->operands)
{
- if (VEX_check_encoding (t))
+ if (VEX_check_encoding (t) || check_EgprOperands (t))
{
specific_error = progress (i.error);
continue;
diff --git a/gas/testsuite/gas/i386/x86-64-pseudos-bad.l b/gas/testsuite/gas/i386/x86-64-pseudos-bad.l
index 3f9f67fcf4b..7b45a326e65 100644
--- a/gas/testsuite/gas/i386/x86-64-pseudos-bad.l
+++ b/gas/testsuite/gas/i386/x86-64-pseudos-bad.l
@@ -4,3 +4,39 @@
.*:5: Error: .*`vmovaps'.*
.*:6: Error: .*`vmovaps'.*
.*:7: Error: .*`rorx'.*
+.*:10: Error: .*`mov'.*
+.*:11: Error: .*`movabs'.*
+.*:12: Error: .*`cmps'.*
+.*:13: Error: .*`lods'.*
+.*:14: Error: .*`lods'.*
+.*:15: Error: .*`lods'.*
+.*:16: Error: .*`movsb'.*
+.*:17: Error: .*`movsb'.*
+.*:18: Error: .*`scas'.*
+.*:19: Error: .*`scas'.*
+.*:20: Error: .*`scas'.*
+.*:21: Error: .*`stos'.*
+.*:22: Error: .*`stos'.*
+.*:23: Error: .*`stos'.*
+.*:26: Error: .*`jo'.*
+.*:27: Error: .*`jno'.*
+.*:28: Error: .*`jb'.*
+.*:29: Error: .*`jae'.*
+.*:30: Error: .*`je'.*
+.*:31: Error: .*`jne'.*
+.*:32: Error: .*`jbe'.*
+.*:33: Error: .*`ja'.*
+.*:34: Error: .*`js'.*
+.*:35: Error: .*`jns'.*
+.*:36: Error: .*`jp'.*
+.*:37: Error: .*`jnp'.*
+.*:38: Error: .*`jl'.*
+.*:39: Error: .*`jge'.*
+.*:40: Error: .*`jle'.*
+.*:41: Error: .*`jg'.*
+.*:44: Error: .*`wrmsr'.*
+.*:45: Error: .*`rdtsc'.*
+.*:46: Error: .*`rdmsr'.*
+.*:47: Error: .*`sysenter'.*
+.*:48: Error: .*`sysexit'.*
+.*:49: Error: .*`rdpmc'.*
diff --git a/gas/testsuite/gas/i386/x86-64-pseudos-bad.s b/gas/testsuite/gas/i386/x86-64-pseudos-bad.s
index 3b923593a6a..2f9ea8315e8 100644
--- a/gas/testsuite/gas/i386/x86-64-pseudos-bad.s
+++ b/gas/testsuite/gas/i386/x86-64-pseudos-bad.s
@@ -5,3 +5,45 @@ pseudos:
{rex} vmovaps %xmm7,%xmm2
{rex} vmovaps %xmm17,%xmm2
{rex} rorx $7,%eax,%ebx
+
+ #All opcodes in the row 0xa* prefixed REX2 are illegal.
+ {rex2} mov 0x90909090,%al
+ {rex2} movabs 0x1,%al
+ {rex2} cmpsb %es:(%edi),%ds:(%esi)
+ {rex2} lodsb
+ {rex2} lods %ds:(%esi),%al
+ {rex2} lodsb (%esi)
+ {rex2} movsb
+ {rex2} movsb (%esi), (%edi)
+ {rex2} scasl
+ {rex2} scas %es:(%edi),%eax
+ {rex2} scasb (%edi)
+ {rex2} stosb
+ {rex2} stosb (%edi)
+ {rex2} stos %eax,%es:(%edi)
+
+ #All opcodes in the row 0x7* prefixed REX2 are illegal.
+ {rex2} jo .+2-0x70
+ {rex2} jno .+2-0x70
+ {rex2} jb .+2-0x70
+ {rex2} jae .+2-0x70
+ {rex2} je .+2-0x70
+ {rex2} jne .+2-0x70
+ {rex2} jbe .+2-0x70
+ {rex2} ja .+2-0x70
+ {rex2} js .+2-0x70
+ {rex2} jns .+2-0x70
+ {rex2} jp .+2-0x70
+ {rex2} jnp .+2-0x70
+ {rex2} jl .+2-0x70
+ {rex2} jge .+2-0x70
+ {rex2} jle .+2-0x70
+ {rex2} jg .+2-0x70
+
+ #All opcodes in the row 0xf3* prefixed REX2 are illegal.
+ {rex2} wrmsr
+ {rex2} rdtsc
+ {rex2} rdmsr
+ {rex2} sysenter
+ {rex2} sysexitl
+ {rex2} rdpmc
diff --git a/gas/testsuite/gas/i386/x86-64-pseudos.d b/gas/testsuite/gas/i386/x86-64-pseudos.d
index f6257c01792..3764a71a43f 100644
--- a/gas/testsuite/gas/i386/x86-64-pseudos.d
+++ b/gas/testsuite/gas/i386/x86-64-pseudos.d
@@ -448,7 +448,6 @@ Disassembly of section .text:
+[a-f0-9]+: 41 0f 38 01 00 phaddw \(%r8\),%mm0
+[a-f0-9]+: 88 c4 mov %al,%ah
+[a-f0-9]+: d5 00 d3 e0 {rex2} shl %cl,%eax
- +[a-f0-9]+: d5 00 a0 01 00 00 00 00 00 00 00 {rex2} movabs 0x1,%al
+[a-f0-9]+: d5 00 38 ca {rex2} cmp %cl,%dl
+[a-f0-9]+: d5 00 b3 01 {rex2} mov \$(0x)?1,%bl
+[a-f0-9]+: d5 00 89 c3 {rex2} mov %eax,%ebx
diff --git a/gas/testsuite/gas/i386/x86-64-pseudos.s b/gas/testsuite/gas/i386/x86-64-pseudos.s
index 9f756e5ba04..e3b39834e05 100644
--- a/gas/testsuite/gas/i386/x86-64-pseudos.s
+++ b/gas/testsuite/gas/i386/x86-64-pseudos.s
@@ -405,7 +405,6 @@ _start:
{rex} phaddw (%r8),%mm0
{rex2} mov %al,%ah
{rex2} shl %cl, %eax
- {rex2} movabs 1, %al
{rex2} cmp %cl, %dl
{rex2} mov $1, %bl
{rex2} movl %eax,%ebx
diff --git a/opcodes/i386-opc.tbl b/opcodes/i386-opc.tbl
index 4d1b6742060..b6452ef7f53 100644
--- a/opcodes/i386-opc.tbl
+++ b/opcodes/i386-opc.tbl
@@ -162,7 +162,7 @@
// Move instructions.
mov, 0xa0, No64, D|W|CheckOperandSize|No_sSuf|No_qSuf, { Disp16|Disp32|Unspecified|Byte|Word|Dword, Acc|Byte|Word|Dword }
mov, 0xa0, x64, D|W|CheckOperandSize|No_sSuf|No_egpr, { Disp64|Unspecified|Byte|Word|Dword|Qword, Acc|Byte|Word|Dword|Qword }
-movabs, 0xa0, x64, D|W|CheckOperandSize|No_sSuf, { Disp64|Unspecified|Byte|Word|Dword|Qword, Acc|Byte|Word|Dword|Qword }
+movabs, 0xa0, x64, D|W|CheckOperandSize|No_sSuf|No_egpr, { Disp64|Unspecified|Byte|Word|Dword|Qword, Acc|Byte|Word|Dword|Qword }
mov, 0x88, 0, D|W|CheckOperandSize|Modrm|No_sSuf|HLEPrefixRelease, { Reg8|Reg16|Reg32|Reg64, Reg8|Reg16|Reg32|Reg64|Byte|Word|Dword|Qword|Unspecified|BaseIndex }
// In the 64bit mode the short form mov immediate is redefined to have
// 64bit value.
@@ -339,7 +339,7 @@ cmp, 0x3c, 0, W|No_sSuf, { Imm8|Imm16|Imm32|Imm32S, Acc|Byte|Word|Dword|Qword }
cmp, 0x80/7, 0, W|Modrm|No_sSuf, { Imm8|Imm16|Imm32|Imm32S, Reg8|Reg16|Reg32|Reg64|Byte|Word|Dword|Qword|Unspecified|BaseIndex }
test, 0x84, 0, D|W|C|CheckOperandSize|Modrm|No_sSuf, { Reg8|Reg16|Reg32|Reg64, Reg8|Reg16|Reg32|Reg64|Unspecified|BaseIndex }
-test, 0xa8, 0, W|No_sSuf|Optimize, { Imm8|Imm16|Imm32|Imm32S, Acc|Byte|Word|Dword|Qword }
+test, 0xa8, 0, W|No_sSuf|Optimize|No_egpr, { Imm8|Imm16|Imm32|Imm32S, Acc|Byte|Word|Dword|Qword }
test, 0xf6/0, 0, W|Modrm|No_sSuf|Optimize, { Imm8|Imm16|Imm32|Imm32S, Reg8|Reg16|Reg32|Reg64|Byte|Word|Dword|Qword|Unspecified|BaseIndex }
and, 0x20, 0, D|W|CheckOperandSize|Modrm|No_sSuf|HLEPrefixLock|Optimize, { Reg8|Reg16|Reg32|Reg64, Reg8|Reg16|Reg32|Reg64|Byte|Word|Dword|Qword|Unspecified|BaseIndex }
@@ -646,7 +646,7 @@ leave, 0xc9, x64, DefaultSize|No_bSuf|No_lSuf|No_sSuf|NoRex64, {}
s:8, ns:9, p:a, pe:a, np:b, po:b, l:c, nge:c, nl:d, ge:d, le:e, ng:e, nle:f, g:f>
// Conditional jumps.
-j<cc>, 0x7<cc:opc>, 0, Jump|NoSuf|BNDPrefixOk, { Disp8|Disp16|Disp32 }
+j<cc>, 0x7<cc:opc>, 0, Jump|NoSuf|BNDPrefixOk|No_egpr, { Disp8|Disp16|Disp32 }
// jcxz vs. jecxz is chosen on the basis of the address size prefix.
jcxz, 0xe3, No64, JumpByte|Size16|NoSuf, { Disp8 }
@@ -672,36 +672,36 @@ loopne, 0xe0, x64, JumpByte|No_bSuf|No_wSuf|No_sSuf|NoRex64, { Disp8 }
set<cc>, 0xf9<cc:opc>/0, i386, Modrm|No_wSuf|No_lSuf|No_sSuf|No_qSuf, { Reg8|Byte|Unspecified|BaseIndex }
// String manipulation.
-cmps, 0xa6, 0, W|No_sSuf|RepPrefixOk, {}
-cmps, 0xa6, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-scmp, 0xa6, 0, W|No_sSuf|RepPrefixOk, {}
-scmp, 0xa6, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+cmps, 0xa6, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+cmps, 0xa6, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+scmp, 0xa6, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+scmp, 0xa6, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
ins, 0x6c, i186, W|No_sSuf|No_qSuf|RepPrefixOk, {}
ins, 0x6c, i186, W|No_sSuf|No_qSuf|IsStringEsOp1|RepPrefixOk, { InOutPortReg, Byte|Word|Dword|Unspecified|BaseIndex }
outs, 0x6e, i186, W|No_sSuf|No_qSuf|RepPrefixOk, {}
outs, 0x6e, i186, W|No_sSuf|No_qSuf|IsString|RepPrefixOk, { Byte|Word|Dword|Unspecified|BaseIndex, InOutPortReg }
-lods, 0xac, 0, W|No_sSuf|RepPrefixOk, {}
-lods, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-lods, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
-slod, 0xac, 0, W|No_sSuf|RepPrefixOk, {}
-slod, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-slod, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
-movs, 0xa4, 0, W|No_sSuf|RepPrefixOk, {}
-movs, 0xa4, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-smov, 0xa4, 0, W|No_sSuf|RepPrefixOk, {}
-smov, 0xa4, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-scas, 0xae, 0, W|No_sSuf|RepPrefixOk, {}
-scas, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-scas, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
-ssca, 0xae, 0, W|No_sSuf|RepPrefixOk, {}
-ssca, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-ssca, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
-stos, 0xaa, 0, W|No_sSuf|RepPrefixOk, {}
-stos, 0xaa, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-stos, 0xaa, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk, { Acc|Byte|Word|Dword|Qword, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-ssto, 0xaa, 0, W|No_sSuf|RepPrefixOk, {}
-ssto, 0xaa, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
-ssto, 0xaa, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk, { Acc|Byte|Word|Dword|Qword, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+lods, 0xac, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+lods, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+lods, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
+slod, 0xac, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+slod, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+slod, 0xac, 0, W|No_sSuf|IsString|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
+movs, 0xa4, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+movs, 0xa4, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+smov, 0xa4, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+smov, 0xa4, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+scas, 0xae, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+scas, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+scas, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
+ssca, 0xae, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+ssca, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+ssca, 0xae, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex, Acc|Byte|Word|Dword|Qword }
+stos, 0xaa, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+stos, 0xaa, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+stos, 0xaa, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk|No_egpr, { Acc|Byte|Word|Dword|Qword, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+ssto, 0xaa, 0, W|No_sSuf|RepPrefixOk|No_egpr, {}
+ssto, 0xaa, 0, W|No_sSuf|IsStringEsOp0|RepPrefixOk|No_egpr, { Byte|Word|Dword|Qword|Unspecified|BaseIndex }
+ssto, 0xaa, 0, W|No_sSuf|IsStringEsOp1|RepPrefixOk|No_egpr, { Acc|Byte|Word|Dword|Qword, Byte|Word|Dword|Qword|Unspecified|BaseIndex }
xlat, 0xd7, 0, No_wSuf|No_lSuf|No_sSuf|No_qSuf, {}
xlat, 0xd7, 0, No_wSuf|No_lSuf|No_sSuf|No_qSuf|IsString, { Byte|Unspecified|BaseIndex }
@@ -1075,21 +1075,21 @@ invlpg, 0xf01/7, i486, Modrm|Anysize|IgnoreSize|NoSuf, { BaseIndex }
cpuid, 0xfa2, i486, NoSuf, {}
// Pentium extensions.
-wrmsr, 0xf30, i586, NoSuf, {}
-rdtsc, 0xf31, i586, NoSuf, {}
-rdmsr, 0xf32, i586, NoSuf, {}
+wrmsr, 0xf30, i586, NoSuf|No_egpr, {}
+rdtsc, 0xf31, i586, NoSuf|No_egpr, {}
+rdmsr, 0xf32, i586, NoSuf|No_egpr, {}
cmpxchg8b, 0xfc7/1, i586, Modrm|No_bSuf|No_wSuf|No_lSuf|No_sSuf|NoRex64|HLEPrefixLock, { Qword|Unspecified|BaseIndex }
// Pentium II/Pentium Pro extensions.
-sysenter, 0xf34, x64, Intel64Only|NoSuf, {}
+sysenter, 0xf34, x64, Intel64Only|NoSuf|No_egpr, {}
sysenter, 0xf34, i686|No64, NoSuf, {}
-sysexit, 0xf35, x64, Intel64Only|No_bSuf|No_wSuf|No_sSuf, {}
+sysexit, 0xf35, x64, Intel64Only|No_bSuf|No_wSuf|No_sSuf|No_egpr, {}
sysexit, 0xf35, i686|No64, NoSuf, {}
fxsave, 0xfae/0, FXSR, Modrm|No_bSuf|No_wSuf|No_lSuf|No_sSuf, { Unspecified|BaseIndex }
fxsave64, 0xfae/0, FXSR|x64, Modrm|NoSuf|Size64, { Unspecified|BaseIndex }
fxrstor, 0xfae/1, FXSR, Modrm|No_bSuf|No_wSuf|No_lSuf|No_sSuf, { Unspecified|BaseIndex }
fxrstor64, 0xfae/1, FXSR|x64, Modrm|NoSuf|Size64, { Unspecified|BaseIndex }
-rdpmc, 0xf33, i686, NoSuf, {}
+rdpmc, 0xf33, i686, NoSuf|No_egpr, {}
// official undefined instr.
ud2, 0xf0b, i186, NoSuf, {}
// alias for ud2
--
2.25.1
More information about the Binutils
mailing list