Changeset 40174 in vbox for trunk/src

Timestamp:

Feb 18, 2012 9:19:07 PM (13 years ago)

Author:

vboxsync

Message:

checked out some todos.

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/IEMAll.cpp (modified) (2 diffs)
• VMMAll/IEMAllInstructions.cpp.h (modified) (11 diffs)
• testcase/tstIEMCheckMc.cpp (modified) (1 diff)
• testcase/tstX86-1.cpp (modified) (2 diffs)
• testcase/tstX86-1A.asm (modified) (7 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -6113 +6113 @@
 
 /** The instruction allows no lock prefixing (in this encoding), throw #UD if
- * lock prefixed. */
+ * lock prefixed.
+ * @deprecated  IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX */
 #define IEMOP_HLP_NO_LOCK_PREFIX() \
     do \
@@ -6138 +6139 @@
     } while (0)
 
+/**
+ * Done decoding.
+ */
+#define IEMOP_HLP_DONE_DECODING() \
+    do \
+    { \
+        /*nothing for now, maybe later... */ \
+    } while (0)
+
+/**
+ * Done decoding, raise \#UD exception if lock prefix present.
+ */
+#define IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX() \
+    do \
+    { \
+        if (pIemCpu->fPrefixes & IEM_OP_PRF_LOCK) \
+            return IEMOP_RAISE_INVALID_LOCK_PREFIX(); \
+    } while (0)
 
 

trunk/src/VBox/VMM/VMMAll/IEMAllInstructions.cpp.h

@@ -1074 +1074 @@
         pIemCpu->enmEffOpSize = pIemCpu->enmDefOpSize = IEMMODE_32BIT;
 
-    /** @todo Verify that the the invalid lock sequence exception (\#UD) is raised
-     *        before the privilege level violation (\#GP). */
     uint8_t bRm; IEM_OPCODE_GET_NEXT_U8(&bRm);
     uint8_t iCrReg = ((bRm >> X86_MODRM_REG_SHIFT) & X86_MODRM_REG_SMASK) | pIemCpu->uRexReg;
@@ -1082 +1080 @@
         /* The lock prefix can be used to encode CR8 accesses on some CPUs. */
         if (!IEM_IS_AMD_CPUID_FEATURE_PRESENT_ECX(X86_CPUID_AMD_FEATURE_ECX_CR8L))
-            return IEMOP_RAISE_INVALID_LOCK_PREFIX();
+            return IEMOP_RAISE_INVALID_LOCK_PREFIX(); /* #UD takes precedence over #GP(), see test. */
         iCrReg |= 8;
     }
@@ -1092 +1090 @@
             return IEMOP_RAISE_INVALID_OPCODE();
     }
+    IEMOP_HLP_DONE_DECODING();
 
     return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_mov_Rd_Cd, (X86_MODRM_RM_MASK & bRm) | pIemCpu->uRexB, iCrReg);
@@ -1121 +1120 @@
         pIemCpu->enmEffOpSize = pIemCpu->enmDefOpSize = IEMMODE_32BIT;
 
-    /** @todo Verify that the the invalid lock sequence exception (\#UD) is raised
-     *        before the privilege level violation (\#GP). */
     uint8_t bRm; IEM_OPCODE_GET_NEXT_U8(&bRm);
     uint8_t iCrReg = ((bRm >> X86_MODRM_REG_SHIFT) & X86_MODRM_REG_SMASK) | pIemCpu->uRexReg;
@@ -1129 +1126 @@
         /* The lock prefix can be used to encode CR8 accesses on some CPUs. */
         if (!IEM_IS_AMD_CPUID_FEATURE_PRESENT_ECX(X86_CPUID_AMD_FEATURE_ECX_CR8L))
-            return IEMOP_RAISE_INVALID_LOCK_PREFIX();
+            return IEMOP_RAISE_INVALID_LOCK_PREFIX(); /* #UD takes precedence over #GP(), see test. */
         iCrReg |= 8;
     }
@@ -1139 +1136 @@
             return IEMOP_RAISE_INVALID_OPCODE();
     }
+    IEMOP_HLP_DONE_DECODING();
 
     return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_mov_Cd_Rd, iCrReg, (X86_MODRM_RM_MASK & bRm) | pIemCpu->uRexB);
@@ -1149 +1147 @@
     IEMOP_MNEMONIC("mov Dd,Rd");
     uint8_t bRm; IEM_OPCODE_GET_NEXT_U8(&bRm);
-    IEMOP_HLP_NO_LOCK_PREFIX();
+    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
     if (pIemCpu->fPrefixes & IEM_OP_PRF_REX_R)
         return IEMOP_RAISE_INVALID_OPCODE();
@@ -1162 +1160 @@
 {
     IEMOP_MNEMONIC("mov Rd,Td");
-/** @todo Is the invalid opcode raise before parsing any R/M byte? */
+    /* The RM byte is not considered, see testcase. */
     return IEMOP_RAISE_INVALID_OPCODE();
 }
-
 
 
@@ -1172 +1169 @@
 {
     IEMOP_MNEMONIC("mov Td,Rd");
+    /* The RM byte is not considered, see testcase. */
     return IEMOP_RAISE_INVALID_OPCODE();
 }
@@ -12581 +12579 @@
     /* Registers? How?? */
     if ((bRm & X86_MODRM_MOD_MASK) == (3 << X86_MODRM_MOD_SHIFT))
-    {
-        /** @todo How the heck does a 'callf eax' work? Probably just have to
-         *        search the docs... */
-        AssertFailedReturn(VERR_IEM_ASPECT_NOT_IMPLEMENTED);
-    }
+        return IEMOP_RAISE_INVALID_OPCODE(); /* callf eax is not legal */
 
     /* Far pointer loaded from memory. */
@@ -12730 +12724 @@
        implementation. */
     if ((bRm & X86_MODRM_MOD_MASK) == (3 << X86_MODRM_MOD_SHIFT))
-    {
-        /** @todo How the heck does a 'callf eax' work? Probably just have to
-         *        search the docs... */
-        AssertFailedReturn(VERR_IEM_ASPECT_NOT_IMPLEMENTED);
-    }
+        return IEMOP_RAISE_INVALID_OPCODE(); /* jmpf eax is not legal */
 
     /* Far pointer loaded from memory. */

trunk/src/VBox/VMM/testcase/tstIEMCheckMc.cpp

@@ -91 +91 @@
 #define IEMOP_HLP_NO_64BIT()                                do { } while (0)
 #define IEMOP_HLP_DEFAULT_64BIT_OP_SIZE()                   do { } while (0)
+#define IEMOP_HLP_DONE_DECODING()                           do { } while (0)
+#define IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX()            do { } while (0)
 #define IEMOP_RAISE_DIVIDE_ERROR()                          VERR_TRPM_ACTIVE_TRAP
 #define IEMOP_RAISE_INVALID_OPCODE()                        VERR_TRPM_ACTIVE_TRAP

trunk/src/VBox/VMM/testcase/tstX86-1.cpp

@@ -72 +72 @@
 DECLASM(int32_t) x861_Test5(void);
 DECLASM(int32_t) x861_Test6(void);
+DECLASM(int32_t) x861_Test7(void);
 DECLASM(int32_t) x861_TestFPUInstr1(void);
 
@@ -241 +242 @@
         if (rc != 0)
             RTTestFailed(hTest, "x861_Test4 -> %d", rc);
-
+#endif
+
+        RTTestSub(hTest, "Odd encodings and odd ends");
+        rc = x861_Test5();
+        if (rc != 0)
+            RTTestFailed(hTest, "x861_Test5 -> %d", rc);
+
+#if 0
         RTTestSub(hTest, "Odd floating point encodings");
-        rc = x861_Test5();
+        rc = x861_Test6();
         if (rc != 0)
             RTTestFailed(hTest, "x861_Test5 -> %d", rc);
 
         RTTestSub(hTest, "Floating point exceptions ++");
-        rc = x861_Test6();
+        rc = x861_Test7();
         if (rc != 0)
             RTTestFailed(hTest, "x861_Test6 -> %d", rc);
-#endif
 
         rc = x861_TestFPUInstr1();
         if (rc != 0)
             RTTestFailed(hTest, "x861_TestFPUInstr1 -> %d", rc);
+#endif
     }
 

trunk/src/VBox/VMM/testcase/tstX86-1A.asm

@@ -180 +180 @@
 iend
 BEGINCODE
+%%resume:
+%endmacro
+
+;;
+; Macro for recording a trapping instruction in the exec page.
+;
+; @uses     xAX, xDX
+; @param        1       The trap number.
+; @param        2       The offset into the exec page.
+%macro ShouldTrapExecPage 2
+        lea     xDX, [REF(NAME(g_aTrapInfoExecPage))]
+        lea     xAX, [REF(%%resume)]
+        mov     byte [xDX + TRAPINFO.cbInstr],  PAGE_SIZE - (%2)
+        mov     byte [xDX + TRAPINFO.u8TrapNo], %1
+        mov     [xDX + TRAPINFO.uResumePC],     xAX
+        mov     xAX, [REF_EXTERN(g_pbEfExecPage)]
+        lea     xAX, [xAX + (%2)]
+        mov     [xDX + TRAPINFO.uTrapPC],       xAX
+        jmp     xAX
 %%resume:
 %endmacro
@@ -1706 +1725 @@
         ret
 ENDPROC     x861_Test4
+
+
+;;
+; Tests various odd/weird/bad encodings.
+;
+BEGINPROC   x861_Test5
+        SAVE_ALL_PROLOGUE
+        call    x861_ClearRegisters
+
+%if 0
+        ; callf eax...
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011000b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011001b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011010b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011011b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011100b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011101b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011110b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11011111b
+
+        ; jmpf eax...
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101000b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101001b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101010b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101011b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101100b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101101b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101110b
+        ShouldTrap X86_XCPT_UD, db 0xff, 11101111b
+
+        ; #GP(0) vs #UD.
+        ShouldTrap X86_XCPT_GP, mov xAX, cr0
+        ShouldTrap X86_XCPT_UD, lock mov xAX, cr0
+        ShouldTrap X86_XCPT_GP, mov cr0, xAX
+        ShouldTrap X86_XCPT_UD, lock mov cr0, xAX
+        ShouldTrap X86_XCPT_UD, db 0x0f, 0x20,11001000b ; mov xAX, cr1
+        ShouldTrap X86_XCPT_UD, db 0x0f, 0x20,11101000b ; mov xAX, cr5
+        ShouldTrap X86_XCPT_UD, db 0x0f, 0x20,11110000b ; mov xAX, cr6
+        ShouldTrap X86_XCPT_UD, db 0x0f, 0x20,11111000b ; mov xAX, cr7
+        ShouldTrap X86_XCPT_GP, mov xAX, dr7
+        ShouldTrap X86_XCPT_UD, lock mov xAX, dr7
+
+        ; The MOD is ignored by MOV CRx,GReg and MOV GReg,CRx
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x20,00000000b ; mov xAX, cr0
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x20,01000000b ; mov xAX, cr0
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x20,10000000b ; mov xAX, cr0
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x20,11000000b ; mov xAX, cr0
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x22,00000000b ; mov cr0, xAX
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x22,01000000b ; mov cr0, xAX
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x22,10000000b ; mov cr0, xAX
+        ShouldTrap X86_XCPT_GP, db 0x0f, 0x22,11000000b ; mov cr0, xAX
+%endif
+
+        ; mov eax, tr0, 0x0f 0x24
+        ShouldTrap X86_XCPT_UD, db 0x0f, 0x24, 0xc0     ; mov xAX, tr1
+
+        mov     xAX, [REF_EXTERN(g_pbEfExecPage)]
+        add     xAX, PAGE_SIZE - 3
+        mov     byte [xAX    ], 0x0f
+        mov     byte [xAX + 1], 0x24
+        mov     byte [xAX + 2], 0xc0
+        ShouldTrapExecPage X86_XCPT_UD, PAGE_SIZE - 3
+
+        mov     xAX, [REF_EXTERN(g_pbEfExecPage)]
+        add     xAX, PAGE_SIZE - 2
+        mov     byte [xAX    ], 0x0f
+        mov     byte [xAX + 1], 0x24
+        ShouldTrapExecPage X86_XCPT_UD, PAGE_SIZE - 2
+
+.success:
+        xor     eax, eax
+.return:
+        SAVE_ALL_EPILOGUE
+        ret
+ENDPROC     x861_Test5
 
 
@@ -1955 +2049 @@
 ; Tests some odd floating point instruction encodings.
 ;
-BEGINPROC   x861_Test5
+BEGINPROC   x861_Test6
         SAVE_ALL_PROLOGUE
 
@@ -2167 +2261 @@
         ret
 
-ENDPROC     x861_Test5
+ENDPROC     x861_Test6
 
 
@@ -2175 +2269 @@
 ;
 ;
-BEGINPROC   x861_Test6
+BEGINPROC   x861_Test7
         SAVE_ALL_PROLOGUE
         sub     xSP, 2048
@@ -2292 +2386 @@
         SAVE_ALL_EPILOGUE
         ret
-ENDPROC     x861_Test6
+ENDPROC     x861_Test7
 
 
@@ -2854 +2948 @@
 ; Terminate the trap info array with a NIL entry.
 BEGINDATA
+GLOBALNAME g_aTrapInfoExecPage
+istruc TRAPINFO
+        at TRAPINFO.uTrapPC,    RTCCPTR_DEF     1
+        at TRAPINFO.uResumePC,  RTCCPTR_DEF     1
+        at TRAPINFO.u8TrapNo,   db              16
+        at TRAPINFO.cbInstr,    db              3
+iend
 GLOBALNAME g_aTrapInfoEnd
 istruc TRAPINFO