Changeset 105125 in vbox for trunk/src/VBox/VMM

Timestamp:

Jul 3, 2024 8:07:48 PM (7 months ago)

Author:

vboxsync

Message:

VMM/IEM,ValKit/bs3-cpu-weird-1: Fixed popf mistreatment of the new TF bit generally and the calculation of the VIF flags in VME+v86 mode; extended bs3-cpu-weird-1 with popf testcase. bugref:10715

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/IEMAllCImpl.cpp (modified) (1 diff)
• include/IEMInline.h (modified) (4 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp

@@ -819 +819 @@
                 return rcStrict;
 
-            /** @todo Is the popf VME \#GP(0) delivered after updating RSP+RIP
-             *        or before? */
-            if (    (   (u16Value & X86_EFL_IF)
-                     && (fEflOld  & X86_EFL_VIP))
-                ||  (u16Value & X86_EFL_TF) )
+            if (   (   (u16Value & X86_EFL_IF)
+                    && (fEflOld  & X86_EFL_VIP))
+                || (u16Value & X86_EFL_TF) )
                 return iemRaiseGeneralProtectionFault0(pVCpu);
 
-            fEflNew = u16Value | (fEflOld & UINT32_C(0xffff0000) & ~X86_EFL_VIF);
-            fEflNew |= (fEflNew & X86_EFL_IF) << (19 - 9);
-            fEflNew &=   X86_EFL_POPF_BITS & ~(X86_EFL_IOPL | X86_EFL_IF);
-            fEflNew |= ~(X86_EFL_POPF_BITS & ~(X86_EFL_IOPL | X86_EFL_IF)) & fEflOld;
+            fEflNew = X86_EFL_RA1_MASK
+                    | (u16Value & ~(X86_EFL_IF | X86_EFL_IOPL | X86_EFL_RAZ_MASK))
+                    | (fEflOld & (UINT32_C(0xffff0000) | X86_EFL_IF | X86_EFL_IOPL) & ~(X86_EFL_VIF | X86_EFL_RF))
+                    | ((uint32_t)(u16Value & X86_EFL_IF) << (X86_EFL_VIF_BIT - X86_EFL_IF_BIT));
 
             pVCpu->cpum.GstCtx.rsp = TmpRsp.u;

trunk/src/VBox/VMM/include/IEMInline.h

@@ -2098 +2098 @@
  *              Stacks}
  */
+template<uint32_t const a_fTF = X86_EFL_TF>
 static VBOXSTRICTRC iemFinishInstructionWithFlagsSet(PVMCPUCC pVCpu, int rcNormal) RT_NOEXCEPT
 {
@@ -2103 +2104 @@
      * Normally we're just here to clear RF and/or interrupt shadow bits.
      */
-    if (RT_LIKELY((pVCpu->cpum.GstCtx.eflags.uBoth & (X86_EFL_TF | CPUMCTX_DBG_HIT_DRX_MASK | CPUMCTX_DBG_DBGF_MASK)) == 0))
+    if (RT_LIKELY((pVCpu->cpum.GstCtx.eflags.uBoth & (a_fTF | CPUMCTX_DBG_HIT_DRX_MASK | CPUMCTX_DBG_DBGF_MASK)) == 0))
         pVCpu->cpum.GstCtx.eflags.uBoth &= ~(X86_EFL_RF | CPUMCTX_INHIBIT_SHADOW);
     else
@@ -2111 +2112 @@
          */
         VBOXSTRICTRC rcStrict;
-        if (pVCpu->cpum.GstCtx.eflags.uBoth & (X86_EFL_TF | CPUMCTX_DBG_HIT_DRX_MASK))
+        if (pVCpu->cpum.GstCtx.eflags.uBoth & (a_fTF | CPUMCTX_DBG_HIT_DRX_MASK))
         {
             IEM_CTX_IMPORT_RET(pVCpu, CPUMCTX_EXTRN_DR6);
             pVCpu->cpum.GstCtx.dr[6] &= ~X86_DR6_B_MASK;
-            if (pVCpu->cpum.GstCtx.eflags.uBoth & X86_EFL_TF)
+            if (pVCpu->cpum.GstCtx.eflags.uBoth & a_fTF)
                 pVCpu->cpum.GstCtx.dr[6] |= X86_DR6_BS;
             pVCpu->cpum.GstCtx.dr[6] |= (pVCpu->cpum.GstCtx.eflags.uBoth & CPUMCTX_DBG_HIT_DRX_MASK_NONSILENT)
@@ -2862 +2863 @@
     iemRegAddToRip(pVCpu, cbInstr);
     if (!(fEflOld & X86_EFL_TF))
-        return iemRegFinishClearingRF(pVCpu, VINF_SUCCESS);
+    {
+        /* Specialized iemRegFinishClearingRF edition here that doesn't check X86_EFL_TF. */
+        AssertCompile(CPUMCTX_INHIBIT_SHADOW < UINT32_MAX);
+        if (RT_LIKELY(!(  pVCpu->cpum.GstCtx.eflags.uBoth
+                        & (X86_EFL_RF | CPUMCTX_INHIBIT_SHADOW | CPUMCTX_DBG_HIT_DRX_MASK | CPUMCTX_DBG_DBGF_MASK)) ))
+            return VINF_SUCCESS;
+        return iemFinishInstructionWithFlagsSet<0 /*a_fTF*/>(pVCpu, VINF_SUCCESS); /* TF=0, so ignore it.  */
+    }
     return iemFinishInstructionWithTfSet(pVCpu);
 }