target-i386: key sfence availability on CPUID_SSE, not CPUID_SSE2

sfence was introduced before lfence and mfence. This fixes Linux 2.4's measurement of checksumming speeds for the pIII_sse algorithm: md: linear personality registered as nr 1 md: raid0 personality registered as nr 2 md: raid1 personality registered as nr 3 md: raid5 personality registered as nr 4 raid5: measuring checksumming speed 8regs : 384.400 MB/sec 32regs : 259.200 MB/sec invalid operand: 0000 CPU: 0 EIP: 0010:[<c0240b2a>] Not tainted EFLAGS: 00000246 eax: c15d8000 ebx: 00000000 ecx: 00000000 edx: c15d5000 esi: 8005003b edi: 00000004 ebp: 00000000 esp: c15bdf50 ds: 0018 es: 0018 ss: 0018 Process swapper (pid: 1, stackpage=c15bd000) Stack: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000206 c0241c6c 00001000 c15d4000 c15d7000 c15d4000 c15d4000 Call Trace: [<c0241c6c>] [<c0105000>] [<c0241db4>] [<c010503b>] [<c0105000>] [<c0107416>] [<c0105030>] Code: 0f ae f8 0f 10 04 24 0f 10 4c 24 10 0f 10 54 24 20 0f 10 5c <0>Kernel panic: Attempted to kill init! Reported-by: Stefan Weil <sw@weilnetz.de> Fixes: 121f315788 Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-16 11:11:29 +02:00 · 2016-05-16 11:11:29 +02:00 · 14cb949a3e
parent 5919e0328b
commit 14cb949a3e
1 changed files with 5 additions and 0 deletions
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@ -8008,6 +8008,11 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
            }
            /* fallthru */
        case 0xf9 ... 0xff: /* sfence */
+            if (!(s->cpuid_features & CPUID_SSE)
+                || (prefixes & PREFIX_LOCK)) {
+                goto illegal_op;
+            }
+            break;
        case 0xe8 ... 0xef: /* lfence */
        case 0xf0 ... 0xf7: /* mfence */
            if (!(s->cpuid_features & CPUID_SSE2)