set shadow stack busy should fail if address in the token is above 4GB while in compatibility mode

Stanislav Shwartsman · Stanislav Shwartsman · commit 9aed76eda4d2 · 2026-02-12T08:59:04.000+02:00
diff --git a/bochs/cpu/access2.cc b/bochs/cpu/access2.cc
@@ -1235,7 +1235,8 @@ bool BX_CPP_AttrRegparmN(4) BX_CPU_C::shadow_stack_lock_cmpxchg8b(bx_address off
 
 bool BX_CPP_AttrRegparmN(2) BX_CPU_C::shadow_stack_atomic_set_busy(bx_address offset, unsigned curr_pl)
 {
-  return shadow_stack_lock_cmpxchg8b(offset, curr_pl, offset | 0x1, offset);
+  // set busy fail if address in the token is above 4GB while in compatibility mode
+  return shadow_stack_lock_cmpxchg8b(offset, curr_pl, offset | 0x1, long64_mode() ? offset : GET32L(offset));
 }
 
 bool BX_CPP_AttrRegparmN(2) BX_CPU_C::shadow_stack_atomic_clear_busy(bx_address offset, unsigned curr_pl)

Original file line number	Diff line number	Diff line change
`@@ -1235,7 +1235,8 @@ bool BX_CPP_AttrRegparmN(4) BX_CPU_C::shadow_stack_lock_cmpxchg8b(bx_address off`
`1235`	`1235`
`1236`	`1236`	`bool BX_CPP_AttrRegparmN(2) BX_CPU_C::shadow_stack_atomic_set_busy(bx_address offset, unsigned curr_pl)`
`1237`	`1237`	`{`
`1238`		`- return shadow_stack_lock_cmpxchg8b(offset, curr_pl, offset \| 0x1, offset);`
	`1238`	`+ // set busy fail if address in the token is above 4GB while in compatibility mode`
	`1239`	`+ return shadow_stack_lock_cmpxchg8b(offset, curr_pl, offset \| 0x1, long64_mode() ? offset : GET32L(offset));`
`1239`	`1240`	`}`
`1240`	`1241`
`1241`	`1242`	`bool BX_CPP_AttrRegparmN(2) BX_CPU_C::shadow_stack_atomic_clear_busy(bx_address offset, unsigned curr_pl)`