On 6/20/26 20:25, Andrey Polivoda wrote:
According to Table A-6 in Volume 3 of AMD64 Architecture Programmer's Manual, opcodes F6 and F7 (opcode extensions group 3) with ModRM's reg field values of 0 and 1 can be used to encode a TEST instruction.Although Intel 64 and IA-32 Architectures Software Developer's Manual leaves the cell 1 of opcode extensions group 3 blank in the opcode table (Table A-6, Volume 2D), the instruction in a group 3 with reg field of ModRM byte set to 1 actually behaves like TEST instruction on Intel CPUs. Currently, QEMU decodes group 3 instruction as TEST only if reg field of ModRM byte is 0. When the reg field is 1, QEMU raises a #UD exception. This behavior does not match real Intel and AMD hardware. This patch fixes this issue by duplicating the existing [0x00] and [0x08] X86_OP_ENTRYrr(AND, ...) entries into slots [0x01] and [0x09] in the opcodes_grp3 table. Fixes: d7c41a60d0c5 ("target/i386: move C0-FF opcodes to new decoder (except for x87)") Resolves: https://gitlab.com/qemu-project/qemu/-/work_items/3580 Signed-off-by: Andrey Polivoda <[email protected]> Cc: [email protected] Cc: Paolo Bonzini <[email protected]> Cc: Richard Henderson <[email protected]> ---
Reviewed-by: Richard Henderson <[email protected]> AMD 24594—Rev. 3.36—March 2024 Table A-6 concurs that both /0 and /1 are TEST. r~
