Changeset 40086 in vbox for trunk/src/VBox/VMM

Timestamp:

Feb 13, 2012 12:58:44 AM (13 years ago)

Author:

vboxsync

Message:

More FPU instruction stubs and attempts at figuring out what the reserved opcodes does.

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/IEMAllInstructions.cpp.h (modified) (10 diffs)
• testcase/tstX86-1A.asm (modified) (7 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAllInstructions.cpp.h

@@ -10368 +10368 @@
 
 
-/** Opcode 0xd9 /0 stN */
+/** Opcode 0xd9 !11/2 mem32real */
+FNIEMOP_STUB_1(iemOp_fst_m32r, uint8_t, bRm);
+
+/** Opcode 0xd9 !11/3 */
+FNIEMOP_STUB_1(iemOp_fstp_m32r, uint8_t, bRm);
+
+/** Opcode 0xd9 !11/4 */
+FNIEMOP_STUB_1(iemOp_fldenv, uint8_t, bRm);
+
+/** Opcode 0xd9 !11/5 */
+FNIEMOP_STUB_1(iemOp_fldcw, uint8_t, bRm);
+
+/** Opcode 0xd9 !11/6 */
+FNIEMOP_STUB_1(iemOp_fstenv, uint8_t, bRm);
+
+/** Opcode 0xd9 !11/7 */
+FNIEMOP_STUB_1(iemOp_fstcw, uint8_t, bRm);
+
+/** Opcode 0xd9 0xc9, 0xd9 0xd8-0xdf, ++?.  */
+FNIEMOP_DEF(iemOp_fnop)
+{
+    /* Note! This updates the FPU instruction pointer but leaves the opcode alone. */
+    RTAssertMsg1(NULL, __LINE__, __FILE__, __FUNCTION__);
+    iemOpStubMsg2(pIemCpu);
+    RTAssertPanic();
+    return VERR_IEM_INSTR_NOT_IMPLEMENTED;
+}
+
+/** Opcode 0xd9 11/0 stN */
 FNIEMOP_STUB_1(iemOp_fld_stN, uint8_t, bRm);
 
-/** Opcode 0xd9 /2 mem32real */
-FNIEMOP_STUB_1(iemOp_fst_m32r, uint8_t, bRm);
-
-/** Opcode 0xd9 /3 stN */
+/** Opcode 0xd9 11/3 stN */
 FNIEMOP_STUB_1(iemOp_fxch_stN, uint8_t, bRm);
 
-/** Opcode 0xd9 /3 */
-FNIEMOP_STUB_1(iemOp_fstp_m32r, uint8_t, bRm);
-
-/** Opcode 0xd9 /4 */
-FNIEMOP_STUB_1(iemOp_fldenv, uint8_t, bRm);
-
-/** Opcode 0xd9 /5 */
-FNIEMOP_STUB_1(iemOp_fldcw, uint8_t, bRm);
-
-/** Opcode 0xd9 /6 */
-FNIEMOP_STUB_1(iemOp_fstenv, uint8_t, bRm);
-
-/** Opcode 0xd9 /7 */
-FNIEMOP_STUB_1(iemOp_fstcw, uint8_t, bRm);
-
-/** Opcode 0xd9 0xc9, 0xd9 0xd8-0xdf.  */
-FNIEMOP_STUB(iemOp_fnop);
+/** Opcode 0xd9 11/4, 0xdd 11/2. */
+FNIEMOP_STUB_1(iemOp_fstp_stN, uint8_t, bRm);
 
 /** Opcode 0xd9 0xe0. */
@@ -10530 +10540 @@
                     return FNIEMOP_CALL(iemOp_fnop);
                 return IEMOP_RAISE_INVALID_OPCODE();
-            case 3:
-                return FNIEMOP_CALL(iemOp_fnop); /* AMD says reserved; tests on intel indicates FNOP. */
+            case 3: return FNIEMOP_CALL_1(iemOp_fstp_stN, bRm); /* Reserved. Intel behavior seems to be FSTP ST(i) though. */
             case 4:
             case 5:
@@ -10830 +10839 @@
             case 0: return FNIEMOP_CALL_1(iemOp_fadd_stN_st0,  bRm);
             case 1: return FNIEMOP_CALL_1(iemOp_fmul_stN_st0,  bRm);
-            case 2: return FNIEMOP_CALL(iemOp_fnop);
-            case 3: return FNIEMOP_CALL(iemOp_fnop);
+            case 2: return FNIEMOP_CALL_1(iemOp_fcom_stN,      bRm); /* Marked reserved, intel behavior is that of FCOM ST(i). */
+            case 3: return FNIEMOP_CALL_1(iemOp_fcomp_stN,     bRm); /* Marked reserved, intel behavior is that of FCOMP ST(i). */
             case 4: return FNIEMOP_CALL_1(iemOp_fsubr_stN_st0, bRm);
             case 5: return FNIEMOP_CALL_1(iemOp_fsub_stN_st0,  bRm);
@@ -10879 +10888 @@
 
 /** Opcode 0xdd 11/0. */
-FNIEMOP_STUB_1(iemOp_ffree_stN,  uint8_t, bRm);
+FNIEMOP_STUB_1(iemOp_ffree_stN,   uint8_t, bRm);
 
 /** Opcode 0xdd 11/1. */
-FNIEMOP_STUB_1(iemOp_fst_stN,    uint8_t, bRm);
-
-/** Opcode 0xdd 11/2. */
-FNIEMOP_STUB_1(iemOp_fstp_stN,   uint8_t, bRm);
+FNIEMOP_STUB_1(iemOp_fst_stN,     uint8_t, bRm);
 
 /** Opcode 0xdd 11/3. */
-FNIEMOP_STUB_1(iemOp_fucom_stN,  uint8_t, bRm);
+FNIEMOP_STUB_1(iemOp_fucom_stN_st0, uint8_t, bRm);
 
 /** Opcode 0xdd 11/4. */
-FNIEMOP_STUB_1(iemOp_fucomp_stN, uint8_t, bRm);
+FNIEMOP_STUB_1(iemOp_fucomp_stN,  uint8_t, bRm);
 
 /** Opcode 0xdd. */
 FNIEMOP_DEF(iemOp_EscF5)
 {
+    pIemCpu->offFpuOpcode = pIemCpu->offOpcode - 1;
     uint8_t bRm; IEM_OPCODE_GET_NEXT_U8(&bRm);
     if ((bRm & X86_MODRM_MOD_MASK) == (3 << X86_MODRM_MOD_SHIFT))
@@ -10901 +10908 @@
         switch ((bRm >> X86_MODRM_REG_SHIFT) & X86_MODRM_REG_SMASK)
         {
-            case 0: return FNIEMOP_CALL_1(iemOp_ffree_stN, bRm);
+            case 0: return FNIEMOP_CALL_1(iemOp_ffree_stN,   bRm);
             case 1: return FNIEMOP_CALL(  iemOp_fnop);
-            case 2: return FNIEMOP_CALL_1(iemOp_fst_stN, bRm);
-            case 3: return FNIEMOP_CALL_1(iemOp_fstp_stN, bRm);
-            case 4: return FNIEMOP_CALL_1(iemOp_fucom_stN, bRm);
-            case 5: return FNIEMOP_CALL_1(iemOp_fucomp_stN, bRm);
+            case 2: return FNIEMOP_CALL_1(iemOp_fst_stN,     bRm);
+            case 3: return FNIEMOP_CALL_1(iemOp_fstp_stN,    bRm);
+            case 4: return FNIEMOP_CALL_1(iemOp_fucom_stN_st0,bRm);
+            case 5: return FNIEMOP_CALL_1(iemOp_fucomp_stN,  bRm);
             case 6: return IEMOP_RAISE_INVALID_OPCODE();
             case 7: return IEMOP_RAISE_INVALID_OPCODE();
@@ -10930 +10937 @@
 
 
+/** Opcode 0xde 11/0. */
+FNIEMOP_STUB_1(iemOp_faddp_stN_st0, uint8_t, bRm);
+
+/** Opcode 0xde 11/0. */
+FNIEMOP_STUB_1(iemOp_fmulp_stN_st0, uint8_t, bRm);
+
 /** Opcode 0xde 0xd9. */
 FNIEMOP_STUB(iemOp_fcompp);
 
+/** Opcode 0xde 11/4. */
+FNIEMOP_STUB_1(iemOp_fsubrp_stN_st0, uint8_t, bRm);
+
+/** Opcode 0xde 11/5. */
+FNIEMOP_STUB_1(iemOp_fsubp_stN_st0, uint8_t, bRm);
+
+/** Opcode 0xde 11/6. */
+FNIEMOP_STUB_1(iemOp_fdivrp_stN_st0, uint8_t, bRm);
+
+/** Opcode 0xde 11/7. */
+FNIEMOP_STUB_1(iemOp_fdivp_stN_st0, uint8_t, bRm);
+
+/** Opcode 0xde !11/0. */
+FNIEMOP_STUB_1(iemOp_fiadd_m16i,  uint8_t, bRm);
+
+/** Opcode 0xde !11/1. */
+FNIEMOP_STUB_1(iemOp_fimul_m16i,  uint8_t, bRm);
+
+/** Opcode 0xde !11/2. */
+FNIEMOP_STUB_1(iemOp_ficom_m16i,  uint8_t, bRm);
+
+/** Opcode 0xde !11/3. */
+FNIEMOP_STUB_1(iemOp_ficomp_m16i, uint8_t, bRm);
+
+/** Opcode 0xde !11/4. */
+FNIEMOP_STUB_1(iemOp_fisub_m16i,  uint8_t, bRm);
+
+/** Opcode 0xde !11/5. */
+FNIEMOP_STUB_1(iemOp_fisubr_m16i, uint8_t, bRm);
+
+/** Opcode 0xde !11/6. */
+FNIEMOP_STUB_1(iemOp_fidiv_m16i,  uint8_t, bRm);
+
+/** Opcode 0xde !11/7. */
+FNIEMOP_STUB_1(iemOp_fidivr_m16i, uint8_t, bRm);
+
+
 /** Opcode 0xde. */
 FNIEMOP_DEF(iemOp_EscF6)
 {
+    pIemCpu->offFpuOpcode = pIemCpu->offOpcode - 1;
     uint8_t bRm; IEM_OPCODE_GET_NEXT_U8(&bRm);
     if ((bRm & X86_MODRM_MOD_MASK) == (3 << X86_MODRM_MOD_SHIFT))
     {
-        switch (bRm & 0xf8)
+        switch ((bRm >> X86_MODRM_REG_SHIFT) & X86_MODRM_REG_SMASK)
         {
-            case 0xc0: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fiaddp
-            case 0xc8: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fimulp
-            case 0xd0: return IEMOP_RAISE_INVALID_OPCODE();
-            case 0xd8:
-                switch (bRm)
-                {
-                    case 0xd9:  return FNIEMOP_CALL(iemOp_fcompp);
-                    default:    return IEMOP_RAISE_INVALID_OPCODE();
-                }
-            case 0xe0: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fsubrp
-            case 0xe8: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fsubp
-            case 0xf0: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fdivrp
-            case 0xf8: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fdivp
+            case 0: return FNIEMOP_CALL_1(iemOp_faddp_stN_st0, bRm);
+            case 1: return FNIEMOP_CALL_1(iemOp_fmulp_stN_st0, bRm);
+            case 2: return FNIEMOP_CALL(iemOp_fnop);
+            case 3: if (bRm == 0xd9)
+                        return FNIEMOP_CALL(iemOp_fcompp);
+                    return IEMOP_RAISE_INVALID_OPCODE();
+            case 4: return FNIEMOP_CALL_1(iemOp_fsubrp_stN_st0, bRm);
+            case 5: return FNIEMOP_CALL_1(iemOp_fsubp_stN_st0, bRm);
+            case 6: return FNIEMOP_CALL_1(iemOp_fdivrp_stN_st0, bRm);
+            case 7: return FNIEMOP_CALL_1(iemOp_fdivp_stN_st0, bRm);
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }
@@ -10959 +11007 @@
     else
     {
-#if 0
         switch ((bRm >> X86_MODRM_REG_SHIFT) & X86_MODRM_REG_SMASK)
         {
-            case 0: return FNIEMOP_CALL_1(iemOp_fiadd_w,  bRm);
-            case 1: return FNIEMOP_CALL_1(iemOp_fimul_w,  bRm);
-            case 2: return FNIEMOP_CALL_1(iemOp_ficom_w,  bRm);
-            case 3: return FNIEMOP_CALL_1(iemOp_ficomp_w, bRm);
-            case 4: return FNIEMOP_CALL_1(iemOp_fisub_w,  bRm);
-            case 5: return FNIEMOP_CALL_1(iemOp_fisubr_w, bRm);
-            case 6: return FNIEMOP_CALL_1(iemOp_fidiv_w,  bRm);
-            case 7: return FNIEMOP_CALL_1(iemOp_fidivr_w, bRm);
+            case 0: return FNIEMOP_CALL_1(iemOp_fiadd_m16i,  bRm);
+            case 1: return FNIEMOP_CALL_1(iemOp_fimul_m16i,  bRm);
+            case 2: return FNIEMOP_CALL_1(iemOp_ficom_m16i,  bRm);
+            case 3: return FNIEMOP_CALL_1(iemOp_ficomp_m16i, bRm);
+            case 4: return FNIEMOP_CALL_1(iemOp_fisub_m16i,  bRm);
+            case 5: return FNIEMOP_CALL_1(iemOp_fisubr_m16i, bRm);
+            case 6: return FNIEMOP_CALL_1(iemOp_fidiv_m16i,  bRm);
+            case 7: return FNIEMOP_CALL_1(iemOp_fidivr_m16i, bRm);
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }
-#endif
-        AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED);
-    }
-}
+    }
+}
+
+
+/** Opcode 0xdf 11/0. */
+FNIEMOP_STUB_1(iemOp_ffreep_stN, uint8_t, bRm);
 
 
@@ -10995 +11044 @@
 
 
+/** Opcode 0xdf 11/5. */
+FNIEMOP_STUB_1(iemOp_fucomip_st0_stN, uint8_t, bRm);
+
+/** Opcode 0xdf 11/6. */
+FNIEMOP_STUB_1(iemOp_fcomip_st0_stN,  uint8_t, bRm);
+
+/** Opcode 0xdf !11/0. */
+FNIEMOP_STUB_1(iemOp_fild_m16i,   uint8_t, bRm);
+
+/** Opcode 0xdf !11/1. */
+FNIEMOP_STUB_1(iemOp_fisttp_m16i, uint8_t, bRm);
+
+/** Opcode 0xdf !11/2. */
+FNIEMOP_STUB_1(iemOp_fist_m16i,   uint8_t, bRm);
+
+/** Opcode 0xdf !11/3. */
+FNIEMOP_STUB_1(iemOp_fistp_m16i,  uint8_t, bRm);
+
+/** Opcode 0xdf !11/4. */
+FNIEMOP_STUB_1(iemOp_fbld_m80d,   uint8_t, bRm);
+
+/** Opcode 0xdf !11/5. */
+FNIEMOP_STUB_1(iemOp_fild_m64i,   uint8_t, bRm);
+
+/** Opcode 0xdf !11/6. */
+FNIEMOP_STUB_1(iemOp_fbstp_m80d,  uint8_t, bRm);
+
+/** Opcode 0xdf !11/7. */
+FNIEMOP_STUB_1(iemOp_fistp_m64i,  uint8_t, bRm);
+
+
 /** Opcode 0xdf. */
 FNIEMOP_DEF(iemOp_EscF7)
@@ -11001 +11081 @@
     if ((bRm & X86_MODRM_MOD_MASK) == (3 << X86_MODRM_MOD_SHIFT))
     {
-        switch (bRm & 0xf8)
+        switch ((bRm >> X86_MODRM_REG_SHIFT) & X86_MODRM_REG_SMASK)
         {
-            case 0xc0: return IEMOP_RAISE_INVALID_OPCODE();
-            case 0xc8: return IEMOP_RAISE_INVALID_OPCODE();
-            case 0xd0: return IEMOP_RAISE_INVALID_OPCODE();
-            case 0xd8: return IEMOP_RAISE_INVALID_OPCODE();
-            case 0xe0:
-                switch (bRm)
-                {
-                    case 0xe0: return FNIEMOP_CALL(iemOp_fnstsw_ax);
-                    default:   return IEMOP_RAISE_INVALID_OPCODE();
-                }
-            case 0xe8: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fucomip
-            case 0xf0: AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED); // fcomip
-            case 0xf8: return IEMOP_RAISE_INVALID_OPCODE();
+            case 0: return FNIEMOP_CALL_1(iemOp_ffreep_stN, bRm); /* ffree + pop afterwards, since forever according to AMD. */
+            case 1: return FNIEMOP_CALL(iemOp_fnop);
+            case 2: return FNIEMOP_CALL(iemOp_fnop);
+            case 3: return FNIEMOP_CALL(iemOp_fnop);
+            case 4: if (bRm == 0xe0)
+                        return FNIEMOP_CALL(iemOp_fnstsw_ax);
+                    return IEMOP_RAISE_INVALID_OPCODE();
+            case 5: return FNIEMOP_CALL_1(iemOp_fucomip_st0_stN, bRm);
+            case 6: return FNIEMOP_CALL_1(iemOp_fcomip_st0_stN,  bRm);
+            case 7: return IEMOP_RAISE_INVALID_OPCODE();
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }
@@ -11021 +11098 @@
     else
     {
-        AssertFailedReturn(VERR_IEM_INSTR_NOT_IMPLEMENTED);
+        switch ((bRm >> X86_MODRM_REG_SHIFT) & X86_MODRM_REG_SMASK)
+        {
+            case 0: return FNIEMOP_CALL_1(iemOp_fild_m16i,   bRm);
+            case 1: return FNIEMOP_CALL_1(iemOp_fisttp_m16i, bRm);
+            case 2: return FNIEMOP_CALL_1(iemOp_fist_m16i,   bRm);
+            case 3: return FNIEMOP_CALL_1(iemOp_fistp_m16i,  bRm);
+            case 4: return FNIEMOP_CALL_1(iemOp_fbld_m80d,   bRm);
+            case 5: return FNIEMOP_CALL_1(iemOp_fild_m64i,   bRm);
+            case 6: return FNIEMOP_CALL_1(iemOp_fbstp_m80d,  bRm);
+            case 7: return FNIEMOP_CALL_1(iemOp_fistp_m64i,  bRm);
+            IEM_NOT_REACHED_DEFAULT_CASE_RET();
+        }
     }
 }

trunk/src/VBox/VMM/testcase/tstX86-1A.asm

@@ -1354 +1354 @@
 
 
+;;
+; Tests an reserved FPU encoding, checking that it does not affect the FPU or
+; CPU state in any way.
+;
+; @uses stack
+%macro FpuNopEncoding 1+
+        fnclex
+        call    SetFSW_C0_thru_C3
+
+        push    xBP
+        mov     xBP, xSP
+        sub     xSP, 1024
+        and     xSP, ~0fh
+        call    SaveFPUAndGRegsToStack
+        %1
+        call    CompareFPUAndGRegsOnStack
+        leave
+
+        jz      %%ok
+        add     eax, __LINE__
+        jmp     .return
+%%ok:
+%endmacro
+
+;;
+; Used for marking encodings which has a meaning other than FNOP and
+; needs investigating.
+%macro FpuUnknownEncoding 1+
+        %1
+%endmacro
+
+
+;;
+; Saves the FPU and general registers to the stack area right next to the
+; return address.
+;
+; The required area size is 512 + 80h = 640.
+;
+; @uses Nothing, except stack.
+;
+SaveFPUAndGRegsToStack:
+        ; Must clear the FXSAVE area.
+        pushf
+        push    xCX
+        push    xAX
+        push    xDI
+
+        lea     xDI, [xSP + xS * 5]
+        mov     xCX, 512 / 4
+        mov     eax, 0cccccccch
+        cld
+        rep stosd
+
+        pop     xDI
+        pop     xAX
+        pop     xCX
+        popf
+
+        ; Save the FPU state.
+        fxsave  [xSP + xS]
+
+        ; Save GRegs (80h bytes).
+%ifdef RT_ARCH_AMD64
+        mov     [xSP + 512 + xS + 000h], xAX
+        mov     [xSP + 512 + xS + 008h], xBX
+        mov     [xSP + 512 + xS + 010h], xCX
+        mov     [xSP + 512 + xS + 018h], xDX
+        mov     [xSP + 512 + xS + 020h], xDI
+        mov     [xSP + 512 + xS + 028h], xSI
+        mov     [xSP + 512 + xS + 030h], xBP
+        mov     [xSP + 512 + xS + 038h], r8
+        mov     [xSP + 512 + xS + 040h], r9
+        mov     [xSP + 512 + xS + 048h], r10
+        mov     [xSP + 512 + xS + 050h], r11
+        mov     [xSP + 512 + xS + 058h], r12
+        mov     [xSP + 512 + xS + 060h], r13
+        mov     [xSP + 512 + xS + 068h], r14
+        mov     [xSP + 512 + xS + 070h], r15
+        pushf
+        pop     rax
+        mov     [xSP + 512 + xS + 078h], rax
+        mov     rax, [xSP + 512 + xS + 000h]
+%else
+        mov     [xSP + 512 + xS + 000h], eax
+        mov     [xSP + 512 + xS + 004h], eax
+        mov     [xSP + 512 + xS + 008h], ebx
+        mov     [xSP + 512 + xS + 00ch], ebx
+        mov     [xSP + 512 + xS + 010h], ecx
+        mov     [xSP + 512 + xS + 014h], ecx
+        mov     [xSP + 512 + xS + 018h], edx
+        mov     [xSP + 512 + xS + 01ch], edx
+        mov     [xSP + 512 + xS + 020h], edi
+        mov     [xSP + 512 + xS + 024h], edi
+        mov     [xSP + 512 + xS + 028h], esi
+        mov     [xSP + 512 + xS + 02ch], esi
+        mov     [xSP + 512 + xS + 030h], ebp
+        mov     [xSP + 512 + xS + 034h], ebp
+        mov     [xSP + 512 + xS + 038h], eax
+        mov     [xSP + 512 + xS + 03ch], eax
+        mov     [xSP + 512 + xS + 040h], eax
+        mov     [xSP + 512 + xS + 044h], eax
+        mov     [xSP + 512 + xS + 048h], eax
+        mov     [xSP + 512 + xS + 04ch], eax
+        mov     [xSP + 512 + xS + 050h], eax
+        mov     [xSP + 512 + xS + 054h], eax
+        mov     [xSP + 512 + xS + 058h], eax
+        mov     [xSP + 512 + xS + 05ch], eax
+        mov     [xSP + 512 + xS + 060h], eax
+        mov     [xSP + 512 + xS + 064h], eax
+        mov     [xSP + 512 + xS + 068h], eax
+        mov     [xSP + 512 + xS + 06ch], eax
+        mov     [xSP + 512 + xS + 070h], eax
+        mov     [xSP + 512 + xS + 074h], eax
+        pushf
+        pop     eax
+        mov     [xSP + 512 + xS + 078h], eax
+        mov     [xSP + 512 + xS + 07ch], eax
+        mov     eax, [xSP + 512 + xS + 000h]
+%endif
+        ret
+
+;;
+; Compares the current FPU and general registers to that found in the stack
+; area prior to the return address.
+;
+; @uses     Stack, flags and eax/rax.
+; @returns  eax is zero on success, eax is 1000000 * offset on failure.
+;           ZF reflects the eax value to save a couple of instructions...
+;
+CompareFPUAndGRegsOnStack:
+        lea     xSP, [xSP - (1024 - xS)]
+        call    SaveFPUAndGRegsToStack
+
+        push    xSI
+        push    xDI
+        push    xCX
+
+        mov     xCX, 640
+        lea     xSI, [xSP + xS*3]
+        lea     xDI, [xSI + 1024]
+
+        mov     dword [xSI + 0x8], 0    ; ignore FPUIP
+        mov     dword [xDI + 0x8], 0    ; ignore FPUIP
+
+        cld
+        repe cmpsb
+        je      .ok
+
+        ;int3
+        lea     xAX, [xSP + xS*3]
+        xchg    xAX, xSI
+        sub     xAX, xSI
+
+        push    xDX
+        mov     xDX, 1000000
+        mul     xDX
+        pop     xDX
+        jmp     .return
+.ok:
+        xor     eax, eax
+.return:
+        pop     xCX
+        pop     xDI
+        pop     xSI
+        lea     xSP, [xSP + (1024 - xS)]
+        or      eax, eax
+        ret
+
+
+SetFSW_C0_thru_C3:
+        sub     xSP, 20h
+        fstenv  [xSP]
+        or      word [xSP + 4], X86_FSW_C0 | X86_FSW_C1 | X86_FSW_C2 | X86_FSW_C3
+        fldenv  [xSP]
+        add     xSP, 20h
+        ret
+
 
 ;;
@@ -1365 +1542 @@
         fld qword REF(.r64V1)
         fld tword REF(.r80V1)
+        fld qword REF(.r64V1)
+        fld dword REF(.r32V1)
+        fld qword REF(.r64V1)
+
+        ; Test the nop check.
+        FpuNopEncoding fnop
+
+;FpuNopEncoding db 0dch, 0d8h
+;int3
+;db 0dch, 0d0h
+;        fld dword REF(.r32V1)
+;        fld dword REF(.r32D0)
+;int3
+;db 0dch, 0d9h ; fnop?
+;int3
+
 
         ; the 0xd9 block
@@ -1383 +1576 @@
         ShouldTrap X86_XCPT_UD, db 0d9h, 0d6h
         ShouldTrap X86_XCPT_UD, db 0d9h, 0d7h
-        db 0d9h, 0d8h ; fnop?
-        db 0d9h, 0d9h ; fnop?
-        db 0d9h, 0dah ; fnop?
-        db 0d9h, 0dbh ; fnop?
-        db 0d9h, 0dch ; fnop?
-        db 0d9h, 0ddh ; fnop?
-        db 0d9h, 0deh ; fnop?
-        db 0d9h, 0dfh ; fnop?
+        ;FpuUnknownEncoding db 0d9h, 0d8h ; fstp st(0),st(0)?
+        ;FpuUnknownEncoding db 0d9h, 0d9h ; fstp st(1),st(0)?
+        ;FpuUnknownEncoding db 0d9h, 0dah ; fstp st(2),st(0)?
+        ;FpuUnknownEncoding db 0d9h, 0dbh ; fstp st(3),st(0)?
+        ;FpuUnknownEncoding db 0d9h, 0dch ; fstp st(4),st(0)?
+        ;FpuUnknownEncoding db 0d9h, 0ddh ; fstp st(5),st(0)?
+        ;FpuUnknownEncoding db 0d9h, 0deh ; fstp st(6),st(0)?
+        ;FpuUnknownEncoding db 0d9h, 0dfh ; fstp st(7),st(0)?
         ShouldTrap X86_XCPT_UD, db 0d9h, 0e2h
         ShouldTrap X86_XCPT_UD, db 0d9h, 0e3h
@@ -1433 +1626 @@
 
         ; the 0xdb block
-        db 0dbh, 0e0h ; fneni
-        db 0dbh, 0e1h ; fndisi
-        db 0dbh, 0e4h ; fnsetpm
+        FpuNopEncoding db 0dbh, 0e0h ; fneni
+        FpuNopEncoding db 0dbh, 0e1h ; fndisi
+        FpuNopEncoding db 0dbh, 0e4h ; fnsetpm
         ShouldTrap X86_XCPT_UD, db 0dbh, 0e5h
         ShouldTrap X86_XCPT_UD, db 0dbh, 0e6h
@@ -1453 +1646 @@
 
         ; the 0xdc block
-        db 0dbh, 0d0h ; fnop?
-        db 0dbh, 0d1h ; fnop?
-        db 0dbh, 0d2h ; fnop?
-        db 0dbh, 0d3h ; fnop?
-        db 0dbh, 0d4h ; fnop?
-        db 0dbh, 0d5h ; fnop?
-        db 0dbh, 0d6h ; fnop?
-        db 0dbh, 0d7h ; fnop?
-        db 0dbh, 0d8h ; fnop?
-        db 0dbh, 0d9h ; fnop?
-        db 0dbh, 0dah ; fnop?
-        db 0dbh, 0dbh ; fnop?
-        db 0dbh, 0dch ; fnop?
-        db 0dbh, 0ddh ; fnop?
-        db 0dbh, 0deh ; fnop?
-        db 0dbh, 0dfh ; fnop?
+        ;FpuNopEncoding db 0dch, 0d0h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d1h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d2h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d3h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d4h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d5h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d6h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d7h ; fcom?
+        ;FpuNopEncoding db 0dch, 0d8h ; fcomp?
+        ;FpuNopEncoding db 0dch, 0d9h ; fcomp?
+        ;FpuNopEncoding db 0dch, 0dah ; fcomp?
+        ;FpuNopEncoding db 0dch, 0dbh ; fcomp?
+        ;FpuNopEncoding db 0dch, 0dch ; fcomp?
+        ;FpuNopEncoding db 0dch, 0ddh ; fcomp?
+        ;FpuNopEncoding db 0dch, 0deh ; fcomp?
+        ;FpuNopEncoding db 0dch, 0dfh ; fcomp?
 
         ; the 0xdd block
-        db 0ddh, 0c0h ; fnop?
-        db 0ddh, 0c1h ; fnop?
-        db 0ddh, 0c2h ; fnop?
-        db 0ddh, 0c3h ; fnop?
-        db 0ddh, 0c4h ; fnop?
-        db 0ddh, 0c5h ; fnop?
-        db 0ddh, 0c6h ; fnop?
-        db 0ddh, 0c7h ; fnop?
+        FpuNopEncoding db 0ddh, 0c8h ; fnop?
+        FpuUnknownEncoding db 0ddh, 0c9h ; fnop?
+        FpuUnknownEncoding db 0ddh, 0cah ; fnop?
+        FpuUnknownEncoding db 0ddh, 0cbh ; fnop?
+        FpuUnknownEncoding db 0ddh, 0cch ; fnop?
+        FpuUnknownEncoding db 0ddh, 0cdh ; fnop?
+        FpuUnknownEncoding db 0ddh, 0ceh ; fnop?
+        FpuUnknownEncoding db 0ddh, 0cfh ; fnop?
         ShouldTrap X86_XCPT_UD, db 0ddh, 0f0h
         ShouldTrap X86_XCPT_UD, db 0ddh, 0f1h
@@ -1498 +1691 @@
         ShouldTrap X86_XCPT_UD, db 0ddh, 02fh
 
+        ; the 0xde block
+        FpuUnknownEncoding db 0deh, 0d0h ; fnop?
+        FpuUnknownEncoding db 0deh, 0d1h ; fnop?
+        FpuUnknownEncoding db 0deh, 0d2h ; fnop?
+        FpuUnknownEncoding db 0deh, 0d3h ; fnop?
+        FpuUnknownEncoding db 0deh, 0d4h ; fnop?
+        FpuUnknownEncoding db 0deh, 0d5h ; fnop?
+        FpuUnknownEncoding db 0deh, 0d6h ; fnop?
+        FpuUnknownEncoding db 0deh, 0d7h ; fnop?
+        ShouldTrap X86_XCPT_UD, db 0deh, 0d8h
+        ShouldTrap X86_XCPT_UD, db 0deh, 0dah
+        ShouldTrap X86_XCPT_UD, db 0deh, 0dbh
+        ShouldTrap X86_XCPT_UD, db 0deh, 0dch
+        ShouldTrap X86_XCPT_UD, db 0deh, 0ddh
+        ShouldTrap X86_XCPT_UD, db 0deh, 0deh
+        ShouldTrap X86_XCPT_UD, db 0deh, 0dfh
+
+        ; the 0xdf block
+        FpuUnknownEncoding db 0dfh, 0c8h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0c9h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0cah ; fnop?
+        FpuUnknownEncoding db 0dfh, 0cbh ; fnop?
+        FpuUnknownEncoding db 0dfh, 0cch ; fnop?
+        FpuUnknownEncoding db 0dfh, 0cdh ; fnop?
+        FpuUnknownEncoding db 0dfh, 0ceh ; fnop?
+        FpuUnknownEncoding db 0dfh, 0cfh ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d0h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d1h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d2h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d3h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d4h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d5h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d6h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d7h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d8h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0d9h ; fnop?
+        FpuUnknownEncoding db 0dfh, 0dah ; fnop?
+        FpuUnknownEncoding db 0dfh, 0dbh ; fnop?
+        FpuUnknownEncoding db 0dfh, 0dch ; fnop?
+        FpuUnknownEncoding db 0dfh, 0ddh ; fnop?
+        FpuUnknownEncoding db 0dfh, 0deh ; fnop?
+        FpuUnknownEncoding db 0dfh, 0dfh ; fnop?
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0e1h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0e2h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0e3h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0e4h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0e5h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0e6h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0e7h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0f8h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0f9h
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0fah
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0fbh
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0fch
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0fdh
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0feh
+        ShouldTrap X86_XCPT_UD, db 0dfh, 0ffh
+
 
 .success:
@@ -1508 +1759 @@
 .r64V1: dq 6.4
 .r80V1: dt 8.0
+
+; Denormal numbers.
+.r32D0: dd 0200000h
 
 ENDPROC     x861_Test5