Changeset 103511 in vbox

Timestamp:

Feb 22, 2024 1:16:10 AM (9 months ago)

Author:

vboxsync

Message:

DIS: Added vex group 13 and redid some or the vex prefix decoding.

Location:

trunk/src/VBox/Disassembler

Files:

• DisasmCore-x86-amd64.cpp (modified) (9 diffs)
• DisasmFormatYasm.cpp (modified) (2 diffs)
• DisasmInternal-x86-amd64.h (modified) (2 diffs)
• DisasmTables-x86-amd64.cpp (modified) (4 diffs)
• testcase/tstDisasm-1A.asm (modified) (3 diffs)

trunk/src/VBox/Disassembler/DisasmCore-x86-amd64.cpp

@@ -39 +39 @@
 #include <iprt/string.h>
 #include <iprt/stdarg.h>
+#include <iprt/x86.h>
 #include "DisasmInternal-x86-amd64.h"
 
@@ -966 +967 @@
      * encoding of the MOD field in the MODR/M byte.
      */
-    if (pOp->fOpType & DISOPTYPE_X86_MOD_FIXED_11)
+    if (!(pOp->fOpType & DISOPTYPE_X86_MOD_FIXED_11))
+    { /* likely */ }
+    else
         pDis->x86.ModRM.Bits.Mod = 3;
 
@@ -974 +977 @@
 
         /* REX.R extends the Reg field. */
-        pDis->x86.ModRM.Bits.Reg |= ((!!(pDis->x86.fRexPrefix & DISPREFIX_REX_FLAGS_R)) << 3);
+        pDis->x86.ModRM.Bits.Reg |= (!!(pDis->x86.fRexPrefix & DISPREFIX_REX_FLAGS_R)) << 3;
 
         /* REX.B extends the Rm field if there is no SIB byte nor a 32 bits displacement */
+#if 1
+        if (   pDis->x86.ModRM.Bits.Mod == 3 /* The register mode has neither SIB nor disp32. */
+            || (   pDis->x86.ModRM.Bits.Rm != 4      /* SIB */
+                && (   pDis->x86.ModRM.Bits.Mod != 0 /* disp32/PCREL is mod=0 rm=5 */
+                    || pDis->x86.ModRM.Bits.Rm  != 5)))
+#else
         if (!(    pDis->x86.ModRM.Bits.Mod != 3
               &&  pDis->x86.ModRM.Bits.Rm  == 4)
@@ -982 +991 @@
             !(    pDis->x86.ModRM.Bits.Mod == 0
               &&  pDis->x86.ModRM.Bits.Rm  == 5))
-        {
-            pDis->x86.ModRM.Bits.Rm |= ((!!(pDis->x86.fRexPrefix & DISPREFIX_REX_FLAGS_B)) << 3);
-        }
+#endif
+            pDis->x86.ModRM.Bits.Rm |= (!!(pDis->x86.fRexPrefix & DISPREFIX_REX_FLAGS_B)) << 3;
     }
     offInstr = QueryModRM(offInstr, pOp, pDis, pParam);
@@ -1644 +1652 @@
 
         case OP_PARM_B: // Always OP_PARM_By. Change if it is not so.
-            if (pDis->x86.bVexWFlag && pDis->uCpuMode == DISCPUMODE_64BIT)
+            if ((pDis->x86.bVexByte2 & DISPREFIX_VEX_F_W) && pDis->uCpuMode == DISCPUMODE_64BIT)
                 pParam->fUse |= DISUSE_REG_GEN64;
             else
@@ -2099 +2107 @@
     uint8_t modrm = disReadByte(pDis, offInstr);
     uint8_t reg   = MODRM_REG(modrm);
-    if (pDis->x86.fPrefix & DISPREFIX_OPSIZE)
-        reg += 8;   /* 2nd table */
-
-    pOp = &g_aMapX86_Group13[reg];
+    if (!(pDis->x86.fPrefix & DISPREFIX_VEX))
+    {
+        if (pDis->x86.fPrefix & DISPREFIX_OPSIZE)
+            reg += 8;   /* 2nd table */
+        pOp = &g_aMapX86_Group13[reg];
+    }
+    else
+        pOp = &g_aMapX86_VGroup13[(pDis->x86.bVexByte2 & DISPREFIX_VEX_F_PP_MASK) == DISPREFIX_VEX_F_PP_66 ? reg + 8 : reg];
 
     return disParseInstruction(offInstr, pOp, pDis);
@@ -2172 +2184 @@
     RT_NOREF_PV(pOp); RT_NOREF_PV(pParam);
 
-    uint8_t byte = disReadByte(pDis, offInstr++);
-    pDis->x86.bOpCode = disReadByte(pDis, offInstr++);
-
-    pDis->x86.bVexDestReg = VEX_2B2INT(byte);
-
-    // VEX.R (equivalent to REX.R)
-    if (pDis->uCpuMode == DISCPUMODE_64BIT && !(byte & 0x80))
-    {
-        /* REX prefix byte */
-        pDis->x86.fPrefix   |= DISPREFIX_REX;
-        pDis->x86.fRexPrefix = DISPREFIX_REX_FLAGS_R;
-    }
-
-    PCDISOPMAPDESC const pRange    = g_aapVexOpcodesMapRanges[byte & 3][1];
+    uint8_t const bVexByte = disReadByte(pDis, offInstr++);
+    if (pDis->uCpuMode == DISCPUMODE_64BIT)
+    {
+        // VEX.~R => REX.R
+        if (!(bVexByte & 0x80))
+        {
+            pDis->x86.fPrefix   |= DISPREFIX_REX;
+            pDis->x86.fRexPrefix = DISPREFIX_REX_FLAGS_R;
+        }
+    }
+    else if ((bVexByte & X86_MODRM_MOD_MASK) != (X86_MOD_REG << X86_MODRM_MOD_SHIFT))
+        return disParseInstruction(offInstr - 1, &g_OpcodeLDS, pDis); /* LDS r,mem */
+
+    /* VEX2.byte1 is the same as VEX3.byte2 with the exception of the 7th bit (~R vs W). */
+    pDis->x86.bVexByte2   = bVexByte & (DISPREFIX_VEX_F_PP_MASK | DISPREFIX_VEX_F_L | DISPREFIX_VEX_F_VVVV);
+    pDis->x86.bVexDestReg = VEX_2B2INT(bVexByte);
+    pDis->x86.bOpCode     = disReadByte(pDis, offInstr++);
+    pDis->x86.fPrefix    |= DISPREFIX_VEX;
+
+    PCDISOPMAPDESC const pRange    = g_aapVexOpcodesMapRanges[bVexByte & 3][1];
     unsigned  const      idxOpcode = pDis->x86.bOpCode - pRange->idxFirst;
     PCDISOPCODE          pOpCode;
@@ -2201 +2219 @@
     RT_NOREF_PV(pOp); RT_NOREF_PV(pParam);
 
-    uint8_t byte1 = disReadByte(pDis, offInstr++);
-    uint8_t byte2 = disReadByte(pDis, offInstr++);
-    pDis->x86.bOpCode = disReadByte(pDis, offInstr++);
-    pDis->x86.bVexDestReg = VEX_2B2INT(byte2); /** @todo r=bird: why on earth ~vvvv + L; this is obfuscation non-sense. Either split the shit up or just store byte2 raw here! */
-
-    // VEX.W
-    pDis->x86.bVexWFlag = !!(byte2 & 0x80); /** @todo r=bird: why a whole byte for this one flag? x86.bVexWFlag and bVexDestReg makes little sense. */
+    uint8_t const bVexByte1 = disReadByte(pDis, offInstr++);
+    if (pDis->uCpuMode == DISCPUMODE_64BIT)
+    {
+        // VEX.~R~X~B => REX.RXB
+        pDis->x86.fRexPrefix |= (bVexByte1 >> 5) ^ 7;
+        if (pDis->x86.fRexPrefix)
+            pDis->x86.fPrefix |= DISPREFIX_REX;
+    }
+    else if ((bVexByte1 & X86_MODRM_MOD_MASK) != (X86_MOD_REG << X86_MODRM_MOD_SHIFT))
+        return disParseInstruction(offInstr - 1, &g_OpcodeLES, pDis); /* LES r,mem */
+
+    uint8_t const bVexByte2 = disReadByte(pDis, offInstr++);
+    pDis->x86.fPrefix    |= DISPREFIX_VEX;
+    pDis->x86.bVexByte2   = bVexByte2;
+    pDis->x86.bOpCode     = disReadByte(pDis, offInstr++);
+    pDis->x86.bVexDestReg = VEX_2B2INT(bVexByte2); /** @todo r=bird: why on earth ~vvvv + L; this is obfuscation non-sense. Either split the shit up or just store bVexByte2 raw here! */
 
     /* Hack alert! Assume VEX.W rules over any 66h prefix and that no VEX
        encoded instructions ever uses the regular x86.uOpMode w/o VEX.W. */
-    pDis->x86.uOpMode = (byte2 & 0x80) && pDis->uCpuMode == DISCPUMODE_64BIT ? DISCPUMODE_64BIT : DISCPUMODE_32BIT;
-
-    // VEX.~R~X~B => REX.RXB
-    if (pDis->uCpuMode == DISCPUMODE_64BIT)
-    {
-        pDis->x86.fRexPrefix |= (byte1 >> 5) ^ 7;
-        if (pDis->x86.fRexPrefix)
-            pDis->x86.fPrefix |= DISPREFIX_REX;
-    }
+    pDis->x86.uOpMode = (bVexByte2 & 0x80) && pDis->uCpuMode == DISCPUMODE_64BIT ? DISCPUMODE_64BIT : DISCPUMODE_32BIT;
 
     PCDISOPCODE pOpCode;
-    uint8_t const idxVexMap = byte1 & 0x1f;
-    if (idxVexMap < RT_ELEMENTS(g_aapVexOpcodesMapRanges[byte2 & 3]))
-    {
-        PCDISOPMAPDESC const pRange    = g_aapVexOpcodesMapRanges[byte2 & 3][idxVexMap];
+    uint8_t const idxVexMap = bVexByte1 & 0x1f;
+    if (idxVexMap < RT_ELEMENTS(g_aapVexOpcodesMapRanges[bVexByte2 & 3]))
+    {
+        PCDISOPMAPDESC const pRange    = g_aapVexOpcodesMapRanges[bVexByte2 & 3][idxVexMap];
         unsigned  const      idxOpcode = pDis->x86.bOpCode - pRange->idxFirst;
         if (idxOpcode < pRange->cOpcodes)
@@ -2419 +2438 @@
         }
 
-        /* Check if this is a VEX prefix. Not for 32-bit mode. */
-        if (pDis->uCpuMode != DISCPUMODE_64BIT
-            && (enmOpcode == OP_LES || enmOpcode == OP_LDS)
-            && (disReadByte(pDis, offInstr) & 0xc0) == 0xc0)
-        {
-            paOneByteMap = g_aOneByteMapX64;
-        }
-
         /* first opcode byte. */
         pDis->x86.bOpCode  = bCode;

trunk/src/VBox/Disassembler/DisasmFormatYasm.cpp

@@ -640 +640 @@
                         char *pszFmtDst = szTmpFmt;
                         if (pszSpace == NULL) pszSpace = strchr(pszDelim, 0);
-                        if (   (*pszFmt == '#' && !pDis->x86.bVexWFlag) /** @todo check this*/
+                        if (   (*pszFmt == '#' && !(pDis->x86.bVexByte2 & DISPREFIX_VEX_F_W)) /** @todo check this*/
                             || (*pszFmt == '@' && !VEXREG_IS256B(pDis->x86.bVexDestReg))
                             || (*pszFmt == '&' && (   DISUSE_IS_EFFECTIVE_ADDR(pDis->Param1.fUse)
@@ -723 +723 @@
                             case DISCPUMODE_16BIT: if (OP_PARM_VSUBTYPE(pParam->x86.fParam) != OP_PARM_y) PUT_SZ("word "); break; \
                             case DISCPUMODE_32BIT: \
-                                if (pDis->pCurInstr->uOpcode != OP_GATHER || pDis->x86.bVexWFlag) { PUT_SZ("dword "); break; } \
+                                if (pDis->pCurInstr->uOpcode != OP_GATHER || (pDis->x86.bVexByte2 & DISPREFIX_VEX_F_W)) \
+                                { PUT_SZ("dword "); break; } \
                                 RT_FALL_THRU(); \
                             case DISCPUMODE_64BIT: PUT_SZ("qword "); break; \

trunk/src/VBox/Disassembler/DisasmInternal-x86-amd64.h

@@ -131 +131 @@
 extern const DISOPCODE g_aOneByteMapX64[256];
 extern const DISOPCODE g_aTwoByteMapX86[256];
+extern const DISOPCODE g_OpcodeLES;
+extern const DISOPCODE g_OpcodeLDS;
 
 /** Two byte opcode map with prefix 0x66 */
@@ -198 +200 @@
 extern const DISOPCODE g_aMapX86_Group12[8*2];
 extern const DISOPCODE g_aMapX86_Group13[8*2];
+extern const DISOPCODE g_aMapX86_VGroup13[8*2];
 extern const DISOPCODE g_aMapX86_Group14[8*2];
 extern const DISOPCODE g_aMapX86_Group15_mem[8];

trunk/src/VBox/Disassembler/DisasmTables-x86-amd64.cpp

@@ -321 +321 @@
     OP("retn %Iw",           IDX_ParseImmUshort, 0,                 0,          OP_RETN,        OP_PARM_Iw,      OP_PARM_NONE,   OP_PARM_NONE,   DISOPTYPE_CONTROLFLOW | DISOPTYPE_UNCOND_CONTROLFLOW | DISOPTYPE_X86_FORCED_64_OP_SIZE),
     OP("retn",               0,                  0,                 0,          OP_RETN,        OP_PARM_NONE,    OP_PARM_NONE,   OP_PARM_NONE,   DISOPTYPE_CONTROLFLOW | DISOPTYPE_UNCOND_CONTROLFLOW | DISOPTYPE_X86_FORCED_64_OP_SIZE),
-    OP("les %Gv,%Mp",        IDX_ParseModRM,     IDX_UseModRM,      0,          OP_LES,         OP_PARM_Gv,      OP_PARM_Mp,     OP_PARM_NONE,   DISOPTYPE_HARMLESS | DISOPTYPE_X86_INVALID_64),
-    OP("lds %Gv,%Mp",        IDX_ParseModRM,     IDX_UseModRM,      0,          OP_LDS,         OP_PARM_Gv,      OP_PARM_Mp,     OP_PARM_NONE,   DISOPTYPE_HARMLESS | DISOPTYPE_X86_INVALID_64 | DISOPTYPE_RRM_DANGEROUS),
+    OP("vex3b/les %Gv,%Mp",  IDX_ParseVex3b,     0,                 0,          OP_VEX3B,       OP_PARM_NONE,    OP_PARM_NONE,   OP_PARM_NONE,   DISOPTYPE_HARMLESS),
+    OP("vex2b/lds %Gv,%Mp",  IDX_ParseVex2b,     0,                 0,          OP_VEX2B,       OP_PARM_NONE,    OP_PARM_NONE,   OP_PARM_NONE,   DISOPTYPE_HARMLESS),
     /** @todo these two are actually group11 */
     OP("mov %Eb,%Ib",        IDX_ParseModRM,     IDX_ParseImmByte,  0,          OP_MOV,         OP_PARM_Eb,      OP_PARM_Ib,     OP_PARM_NONE,   DISOPTYPE_HARMLESS),
@@ -394 +394 @@
 };
 
+const DISOPCODE g_OpcodeLES =
+    OP("les %Gv,%Mp",        IDX_ParseModRM,     IDX_UseModRM,      0,          OP_LES,         OP_PARM_Gv,      OP_PARM_Mp,     OP_PARM_NONE,   DISOPTYPE_HARMLESS | DISOPTYPE_X86_INVALID_64);
+const DISOPCODE g_OpcodeLDS =
+    OP("lds %Gv,%Mp",        IDX_ParseModRM,     IDX_UseModRM,      0,          OP_LDS,         OP_PARM_Gv,      OP_PARM_Mp,     OP_PARM_NONE,   DISOPTYPE_HARMLESS | DISOPTYPE_X86_INVALID_64 | DISOPTYPE_RRM_DANGEROUS);
 
 const DISOPCODE g_aTwoByteMapX86[256] =
@@ -3190 +3194 @@
 };
 
+/* vex map1 0x72 */
+const DISOPCODE g_aMapX86_VGroup13[8*2] =
+{
+    /* 0   format string,                   parse param #1,     parse param #2,     parse param #3,     parse param #4,     opcode,             param #1,     param #2,     param #3,     param #4,     flags */
+    /* No prefix */
+    INVALID_OPCODE_MOD_RM(0x00),
+    INVALID_OPCODE_MOD_RM(0x01),
+    INVALID_OPCODE_MOD_RM(0x02),
+    INVALID_OPCODE_MOD_RM(0x03),
+    INVALID_OPCODE_MOD_RM(0x04),
+    INVALID_OPCODE_MOD_RM(0x05),
+    INVALID_OPCODE_MOD_RM(0x06),
+    INVALID_OPCODE_MOD_RM(0x07),
+
+    /* Group 13 with prefix 0x66 */
+    INVALID_OPCODE_MOD_RM(0x08),
+    INVALID_OPCODE_MOD_RM(0x09),
+    OPVEX("vpsrld %Hx,%Ux,%Ib",             IDX_ParseVexDest,   IDX_ParseModRM,     IDX_ParseImmByte,   0,                  OP_VPSRLD,          OP_PARM_Hx,   OP_PARM_Ux,    OP_PARM_Ib,  OP_PARM_NONE, DISOPTYPE_HARMLESS),
+    INVALID_OPCODE_MOD_RM(0x0b),
+    OPVEX("vpsrad %Hx,%Ux,%Ib",             IDX_ParseVexDest,   IDX_ParseModRM,     IDX_ParseImmByte,   0,                  OP_VPSRAD,          OP_PARM_Hx,   OP_PARM_Ux,    OP_PARM_Ib,  OP_PARM_NONE, DISOPTYPE_HARMLESS),
+    INVALID_OPCODE_MOD_RM(0x0d),
+    OPVEX("vpslld %Hx,%Ux,%Ib",             IDX_ParseVexDest,   IDX_ParseModRM,     IDX_ParseImmByte,   0,                  OP_VPSLLD,          OP_PARM_Hx,   OP_PARM_Ux,    OP_PARM_Ib,  OP_PARM_NONE, DISOPTYPE_HARMLESS),
+    INVALID_OPCODE_MOD_RM(0x0f),
+    /*     format string,                   parse param #1,     parse param #2,     parse param #3,     parse param #4,     opcode,             param #1,     param #2,     param #3,     param #4,     flags */
+};
+
 /* 0xF 0x73 */
 const DISOPCODE g_aMapX86_Group14[8*2] =
@@ -3461 +3491 @@
     OPVEX("vpshufd %Vx,%Wx,%Ib",            IDX_ParseModRM,     IDX_UseModRM,    IDX_ParseImmByte,      0,                  OP_VPSHUFD,         OP_PARM_Vx,   OP_PARM_Wx,   OP_PARM_Ib,   OP_PARM_NONE, DISOPTYPE_HARMLESS),
     INVALID_OPCODE,
-    INVALID_OPCODE,
+    OP("vgroup13",                          IDX_ParseGrp13,                0,                   0,                          OP_GRP13,           OP_PARM_NONE, OP_PARM_NONE, OP_PARM_NONE, DISOPTYPE_HARMLESS),
     INVALID_OPCODE,
     OPVEX("vpcmpeqb %Vx,%Hx,%Wx",           IDX_ParseModRM,     IDX_ParseVexDest,   IDX_UseModRM,       0,                  OP_VPCMPEQB,        OP_PARM_Vx,   OP_PARM_Hx,   OP_PARM_Wx,   OP_PARM_NONE, DISOPTYPE_HARMLESS),

trunk/src/VBox/Disassembler/testcase/tstDisasm-1A.asm

@@ -164 +164 @@
         paddd       xmm1, xmm3
 
+        lds eax, [ebx]
+        les ebp, [esp]
 %if __YASM_VERSION_ID__ >= 001030000h ; Old yasm doesn't support the instructions below
         adcx        eax, ebx
@@ -181 +183 @@
         vgatherqps xmm0,dword [eax+xmm0*2],xmm0
         vgatherqpd xmm0,qword [eax+xmm0*2],xmm0
+        vpsrld      ymm5, ymm1, 009h
+        vpslld      ymm0, ymm7, 01ah
 %endif
 
@@ -386 +390 @@
         vpmovsxbw  ymm4,[0x100]
         vgatherqpd xmm0,qword [rbx+xmm11*2],xmm2
+
+        vpsrld      ymm5, ymm1, 009h
+        vpsrld      ymm8, ymm12, 011h
+        vpslld      ymm0, ymm7, 01ah
 %endif