Changeset 40222 in vbox

Timestamp:

Feb 22, 2012 9:14:52 PM (13 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

76399

Message:

IEM: Implemented fldcw, fldenv fnstcw and fnstenv.

Location:

trunk

Files:

• include/iprt/x86.h (modified) (2 diffs)
• src/VBox/VMM/VMMAll/IEMAll.cpp (modified) (6 diffs)
• src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h (modified) (2 diffs)
• src/VBox/VMM/VMMAll/IEMAllInstructions.cpp.h (modified) (2 diffs)

trunk/include/iprt/x86.h

@@ -2163 +2163 @@
 /** Exception Mask: Precision.  */
 #define X86_FCW_PM          RT_BIT(5)
-/** Mask all exceptions.  */
+/** Mask all exceptions, the value typically loaded (by for instance fninit).
+ * @remarks This includes reserved bit 6.  */
 #define X86_FCW_MASK_ALL    UINT16_C(0x007f)
+/** Mask all exceptions. Same as X86_FSW_XCPT_MASK. */
+#define X86_FCW_XCPT_MASK    UINT16_C(0x003f)
 /** Precision control mask. */
 #define X86_FCW_PC_MASK     UINT16_C(0x0300)
@@ -2185 +2188 @@
 /** Rounding control: Towards zero. */
 #define X86_FCW_RC_ZERO     UINT16_C(0x0c00)
+/** Bits which should be zero, apparently. */
+#define X86_FCW_ZERO_MASK   UINT16_C(0xf080)
 /** @} */
 

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -2802 +2802 @@
 
 /**
- * Gets the FPU status word.
- *
- * @returns FPU status word
- * @param   pIemCpu             The per CPU data.
- */
-static uint16_t iemFRegFetchFsw(PIEMCPU pIemCpu)
-{
-    PCPUMCTX pCtx = pIemCpu->CTX_SUFF(pCtx);
-    uint16_t u16Fsw;
-    if (iemFRegIsFxSaveFormat(pIemCpu))
-        u16Fsw = pCtx->fpu.FSW;
-    else
-    {
-        PX86FPUSTATE pFpu = (PX86FPUSTATE)&pCtx->fpu;
-        u16Fsw = pFpu->FSW;
-    }
-    return u16Fsw;
-}
-
-/**
  * Adds a 8-bit signed jump offset to RIP/EIP/IP.
  *
@@ -3325 +3305 @@
                     | ((uint16_t)(pIemCpu->abOpcode[pIemCpu->offFpuOpcode - 1] & 0x7) << 8);
     /** @todo FPU.CS and FPUIP needs to be kept seperately. */
-    pCtx->fpu.CS    = pCtx->cs;
-    pCtx->fpu.FPUIP = pCtx->rip;
+    if (IEM_IS_REAL_OR_V86_MODE(pIemCpu))
+    {
+        /** @todo Testcase: making assumptions about how FPUIP and FPUDP are handled
+         *        happens in real mode here based on the fnsave and fnstenv images. */
+        pCtx->fpu.CS    = 0;
+        pCtx->fpu.FPUIP = pCtx->eip | ((uint32_t)pCtx->cs << 4);
+    }
+    else
+    {
+        pCtx->fpu.CS    = pCtx->cs;
+        pCtx->fpu.FPUIP = pCtx->rip;
+    }
 }
 
@@ -3354 +3344 @@
     }
     /** @todo FPU.DS and FPUDP needs to be kept seperately. */
-    pCtx->fpu.DS    = sel;
-    pCtx->fpu.FPUDP = GCPtrEff;
+    if (IEM_IS_REAL_OR_V86_MODE(pIemCpu))
+    {
+        pCtx->fpu.DS    = 0;
+        pCtx->fpu.FPUDP = (uint32_t)GCPtrEff | ((uint32_t)sel << 4);
+    }
+    else
+    {
+        pCtx->fpu.DS    = sel;
+        pCtx->fpu.FPUDP = GCPtrEff;
+    }
 }
 
@@ -3833 +3831 @@
     }
     return VERR_NOT_FOUND;
+}
+
+
+/**
+ * Updates the FPU exception status after FCW is changed.
+ *
+ * @param   pCtx                The CPU context.
+ */
+static void iemFpuRecalcExceptionStatus(PCPUMCTX pCtx)
+{
+    uint16_t u16Fsw = pCtx->fpu.FSW;
+    if ((u16Fsw & X86_FSW_XCPT_MASK) & ~(pCtx->fpu.FCW & X86_FCW_XCPT_MASK))
+        u16Fsw |= X86_FSW_ES | X86_FSW_B;
+    else
+        u16Fsw &= ~(X86_FSW_ES | X86_FSW_B);
+    pCtx->fpu.FSW = u16Fsw;
+}
+
+
+/**
+ * Calculates the full FTW (FPU tag word) for use in FNSTENV and FNSAVE.
+ *
+ * @returns The full FTW.
+ * @param   pCtx                The CPU state.
+ */
+static uint16_t iemFpuCalcFullFtw(PCCPUMCTX pCtx)
+{
+    uint8_t const   u8Ftw  = (uint8_t)pCtx->fpu.FTW;
+    uint16_t        u16Ftw = 0;
+    unsigned const  iTop   = X86_FSW_TOP_GET(pCtx->fpu.FSW);
+    for (unsigned iSt = 0; iSt < 8; iSt++)
+    {
+        unsigned const iReg = (iSt + iTop) & 7;
+        if (!(u8Ftw & RT_BIT(iReg)))
+            u16Ftw |= 3 << (iReg * 2); /* empty */
+        else
+        {
+            uint16_t uTag;
+            PCRTFLOAT80U const pr80Reg = &pCtx->fpu.aRegs[iSt].r80;
+            if (pr80Reg->s.uExponent == 0x7fff)
+                uTag = 2; /* Exponent is all 1's => Special. */
+            else if (pr80Reg->s.uExponent == 0x0000)
+            {
+                if (pr80Reg->s.u64Mantissa == 0x0000)
+                    uTag = 1; /* All bits are zero => Zero. */
+                else
+                    uTag = 2; /* Must be special. */
+            }
+            else if (pr80Reg->s.u64Mantissa & RT_BIT_64(63)) /* The J bit. */
+                uTag = 0; /* Valid. */
+            else
+                uTag = 2; /* Must be special. */
+
+            u16Ftw |= uTag << (iReg * 2); /* empty */
+        }
+    }
+
+    return u16Ftw;
+}
+
+
+/**
+ * Converts a full FTW to a compressed one (for use in FLDENV and FRSTOR).
+ *
+ * @returns The compressed FTW.
+ * @param   u16FullFtw      The full FTW to convert.
+ */
+static uint16_t iemFpuCompressFtw(uint16_t u16FullFtw)
+{
+    uint8_t u8Ftw = 0;
+    for (unsigned i = 0; i < 8; i++)
+    {
+        if ((u16FullFtw & 3) != 3 /*empty*/)
+            u8Ftw |= RT_BIT(i);
+        u16FullFtw >>= 2;
+    }
+
+    return u8Ftw;
 }
 
@@ -5574 +5650 @@
 #define IEM_MC_MAYBE_RAISE_FPU_XCPT() \
     do { \
-        if (iemFRegFetchFsw(pIemCpu) & X86_FSW_ES) \
+        if ((pIemCpu)->CTX_SUFF(pCtx)->fpu.FSW & X86_FSW_ES) \
             return iemRaiseMathFault(pIemCpu); \
     } while (0)
@@ -5624 +5700 @@
 #define IEM_MC_FETCH_EFLAGS(a_EFlags)                   (a_EFlags) = (pIemCpu)->CTX_SUFF(pCtx)->eflags.u
 #define IEM_MC_FETCH_EFLAGS_U8(a_EFlags)                (a_EFlags) = (uint8_t)(pIemCpu)->CTX_SUFF(pCtx)->eflags.u
-#define IEM_MC_FETCH_FSW(a_u16Fsw)                      (a_u16Fsw) = iemFRegFetchFsw(pIemCpu)
+#define IEM_MC_FETCH_FSW(a_u16Fsw)                      (a_u16Fsw) = pIemCpu->CTX_SUFF(pCtx)->fpu.FSW
+#define IEM_MC_FETCH_FCW(a_u16Fcw)                      (a_u16Fcw) = pIemCpu->CTX_SUFF(pCtx)->fpu.FCW
 
 #define IEM_MC_STORE_GREG_U8(a_iGReg, a_u8Value)        *iemGRegRefU8(pIemCpu, (a_iGReg)) = (a_u8Value)

trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h

@@ -132 +132 @@
         iemHlpLoadNullDataSelectorProt(puSel, pHid);
 }
-
 
 /** @} */
@@ -4060 +4059 @@
 }
 
+
+/**
+ * Commmon routine for fnstenv and fnsave.
+ *
+ * @param   uPtr                Where to store the state.
+ * @param   pCtx                The CPU context.
+ */
+static void iemCImplCommonFpuStoreEnv(PIEMCPU pIemCpu, IEMMODE enmEffOpSize, RTPTRUNION uPtr, PCCPUMCTX pCtx)
+{
+    if (enmEffOpSize == IEMMODE_16BIT)
+    {
+        uPtr.pu16[0] = pCtx->fpu.FCW;
+        uPtr.pu16[1] = pCtx->fpu.FSW;
+        uPtr.pu16[2] = iemFpuCalcFullFtw(pCtx);
+        if (IEM_IS_REAL_OR_V86_MODE(pIemCpu))
+        {
+            /** @todo Testcase: How does this work when the FPUIP/CS was saved in
+             *        protected mode or long mode and we save it in real mode?  And vice
+             *        versa?  And with 32-bit operand size?  I think CPU is storing the
+             *        effective address ((CS << 4) + IP) in the offset register and not
+             *        doing any address calculations here. */
+            uPtr.pu16[3] = (uint16_t)pCtx->fpu.FPUIP;
+            uPtr.pu16[4] = ((pCtx->fpu.FPUIP >> 4) & UINT16_C(0xf000)) | pCtx->fpu.FOP;
+            uPtr.pu16[5] = (uint16_t)pCtx->fpu.FPUDP;
+            uPtr.pu16[6] = (pCtx->fpu.FPUDP  >> 4) & UINT16_C(0xf000);
+        }
+        else
+        {
+            uPtr.pu16[3] = pCtx->fpu.FPUIP;
+            uPtr.pu16[4] = pCtx->fpu.CS;
+            uPtr.pu16[5] = pCtx->fpu.FPUDP;
+            uPtr.pu16[6] = pCtx->fpu.DS;
+        }
+    }
+    else
+    {
+        /** @todo Testcase: what is stored in the "gray" areas? (figure 8-9 and 8-10) */
+        uPtr.pu16[0*2] = pCtx->fpu.FCW;
+        uPtr.pu16[1*2] = pCtx->fpu.FSW;
+        uPtr.pu16[2*2] = iemFpuCalcFullFtw(pCtx);
+        if (IEM_IS_REAL_OR_V86_MODE(pIemCpu))
+        {
+            uPtr.pu16[3*2]  = (uint16_t)pCtx->fpu.FPUIP;
+            uPtr.pu32[4]    = ((pCtx->fpu.FPUIP & UINT32_C(0xffff0000)) >> 4) | pCtx->fpu.FOP;
+            uPtr.pu16[5*2]  = (uint16_t)pCtx->fpu.FPUDP;
+            uPtr.pu32[6]    = (pCtx->fpu.FPUDP  & UINT32_C(0xffff0000)) >> 4;
+        }
+        else
+        {
+            uPtr.pu32[3]    = pCtx->fpu.FPUIP;
+            uPtr.pu16[4*2]  = pCtx->fpu.CS;
+            uPtr.pu16[4*2+1]= pCtx->fpu.FOP;
+            uPtr.pu32[5]    = pCtx->fpu.FPUDP;
+            uPtr.pu16[6*2]  = pCtx->fpu.DS;
+        }
+    }
+}
+
+
+/**
+ * Commmon routine for fnstenv and fnsave.
+ *
+ * @param   uPtr                Where to store the state.
+ * @param   pCtx                The CPU context.
+ */
+static void iemCImplCommonFpuRestoreEnv(PIEMCPU pIemCpu, IEMMODE enmEffOpSize, RTCPTRUNION uPtr, PCPUMCTX pCtx)
+{
+    if (enmEffOpSize == IEMMODE_16BIT)
+    {
+        pCtx->fpu.FCW = uPtr.pu16[0];
+        pCtx->fpu.FSW = uPtr.pu16[1];
+        pCtx->fpu.FTW = uPtr.pu16[2];
+        if (IEM_IS_REAL_OR_V86_MODE(pIemCpu))
+        {
+            pCtx->fpu.FPUIP = uPtr.pu16[3] | ((uint32_t)(uPtr.pu16[4] & UINT16_C(0xf000)) << 4);
+            pCtx->fpu.FPUDP = uPtr.pu16[5] | ((uint32_t)(uPtr.pu16[6] & UINT16_C(0xf000)) << 4);
+            pCtx->fpu.FOP   = uPtr.pu16[4] & UINT16_C(0x07ff);
+            pCtx->fpu.CS    = 0;
+            pCtx->fpu.DS    = 0;
+        }
+        else
+        {
+            pCtx->fpu.FPUIP = uPtr.pu16[3];
+            pCtx->fpu.CS    = uPtr.pu16[4];
+            pCtx->fpu.FPUDP = uPtr.pu16[5];
+            pCtx->fpu.DS    = uPtr.pu16[6];
+            /** @todo Testcase: Is FOP cleared when doing 16-bit protected mode fldenv? */
+        }
+    }
+    else
+    {
+        pCtx->fpu.FCW = uPtr.pu16[0*2];
+        pCtx->fpu.FSW = uPtr.pu16[1*2];
+        pCtx->fpu.FTW = uPtr.pu16[2*2];
+        if (IEM_IS_REAL_OR_V86_MODE(pIemCpu))
+        {
+            pCtx->fpu.FPUIP = uPtr.pu16[3*2] | ((uPtr.pu32[4] & UINT32_C(0x0ffff000)) << 4);
+            pCtx->fpu.FOP   = uPtr.pu32[4] & UINT16_C(0x07ff);
+            pCtx->fpu.FPUDP = uPtr.pu16[5*2] | ((uPtr.pu32[6] & UINT32_C(0x0ffff000)) << 4);
+            pCtx->fpu.CS    = 0;
+            pCtx->fpu.DS    = 0;
+        }
+        else
+        {
+            pCtx->fpu.FPUIP = uPtr.pu32[3];
+            pCtx->fpu.CS    = uPtr.pu16[4*2];
+            pCtx->fpu.FOP   = uPtr.pu16[4*2+1];
+            pCtx->fpu.FPUDP = uPtr.pu32[5];
+            pCtx->fpu.DS    = uPtr.pu16[6*2];
+        }
+    }
+
+    /* Make adjustments. */
+    pCtx->fpu.FTW = iemFpuCompressFtw(pCtx->fpu.FTW);
+    pCtx->fpu.FCW &= ~X86_FCW_ZERO_MASK;
+    iemFpuRecalcExceptionStatus(pCtx);
+    /** @todo Testcase: Check if ES and/or B are automatically cleared if no
+     *        exceptions are pending after loading the saved state? */
+}
+
+
+/**
+ * Implements 'FNSTENV'.
+ *
+ * @param   enmEffOpSize    The operand size (only REX.W really matters).
+ * @param   iEffSeg         The effective segment register for @a GCPtrEff.
+ * @param   GCPtrEffDst     The address of the image.
+ */
+IEM_CIMPL_DEF_3(iemCImpl_fnstenv, IEMMODE, enmEffOpSize, uint8_t, iEffSeg, RTGCPTR, GCPtrEffDst)
+{
+    PCPUMCTX     pCtx = pIemCpu->CTX_SUFF(pCtx);
+    RTPTRUNION   uPtr;
+    VBOXSTRICTRC rcStrict = iemMemMap(pIemCpu, &uPtr.pv, enmEffOpSize == IEMMODE_16BIT ? 14 : 28,
+                                      iEffSeg, GCPtrEffDst, IEM_ACCESS_DATA_W | IEM_ACCESS_PARTIAL_WRITE);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    iemCImplCommonFpuStoreEnv(pIemCpu, enmEffOpSize, uPtr, pCtx);
+
+    rcStrict = iemMemCommitAndUnmap(pIemCpu, uPtr.pv, IEM_ACCESS_DATA_W | IEM_ACCESS_PARTIAL_WRITE);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    /* Note: C0, C1, C2 and C3 are documented as undefined, we leave them untouched! */
+    iemRegAddToRip(pIemCpu, cbInstr);
+    return VINF_SUCCESS;
+}
+
+
+/**
+ * Implements 'FLDENV'.
+ *
+ * @param   enmEffOpSize    The operand size (only REX.W really matters).
+ * @param   iEffSeg         The effective segment register for @a GCPtrEff.
+ * @param   GCPtrEffSrc     The address of the image.
+ */
+IEM_CIMPL_DEF_3(iemCImpl_fldenv, IEMMODE, enmEffOpSize, uint8_t, iEffSeg, RTGCPTR, GCPtrEffSrc)
+{
+    PCPUMCTX     pCtx = pIemCpu->CTX_SUFF(pCtx);
+    RTCPTRUNION  uPtr;
+    VBOXSTRICTRC rcStrict = iemMemMap(pIemCpu, (void **)&uPtr.pv, enmEffOpSize == IEMMODE_16BIT ? 14 : 28,
+                                      iEffSeg, GCPtrEffSrc, IEM_ACCESS_DATA_R);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    iemCImplCommonFpuRestoreEnv(pIemCpu, enmEffOpSize, uPtr, pCtx);
+
+    rcStrict = iemMemCommitAndUnmap(pIemCpu, (void *)uPtr.pv, IEM_ACCESS_DATA_R);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    iemRegAddToRip(pIemCpu, cbInstr);
+    return VINF_SUCCESS;
+}
+
+
+/**
+ * Implements 'FLDCW'.
+ *
+ * @param   u16Fcw          The new FCW.
+ */
+IEM_CIMPL_DEF_1(iemCImpl_fldcw, uint16_t, u16Fcw)
+{
+    PCPUMCTX pCtx = pIemCpu->CTX_SUFF(pCtx);
+
+    /** @todo Testcase: Check what happens when trying to load X86_FCW_PC_RSVD. */
+    /** @todo Testcase: Try see what happens when trying to set undefined bits
+     *        (other than 6 and 7).  Currently ignoring them. */
+    /** @todo Testcase: Test that it raises and loweres the FPU exception bits
+     *        according to FSW. (This is was is currently implemented.) */
+    pCtx->fpu.FCW = u16Fcw & ~X86_FCW_ZERO_MASK;
+    iemFpuRecalcExceptionStatus(pCtx);
+
+    /* Note: C0, C1, C2 and C3 are documented as undefined, we leave them untouched! */
+    iemRegAddToRip(pIemCpu, cbInstr);
+    return VINF_SUCCESS;
+}
+
+
 /** @} */
 

trunk/src/VBox/VMM/VMMAll/IEMAllInstructions.cpp.h

@@ -10696 +10696 @@
 
 /** Opcode 0xd9 !11/4 */
-FNIEMOP_STUB_1(iemOp_fldenv, uint8_t, bRm);
+FNIEMOP_DEF_1(iemOp_fldenv, uint8_t, bRm)
+{
+    IEMOP_MNEMONIC("fldenv m14/28byte");
+    IEM_MC_BEGIN(3, 0);
+    IEM_MC_ARG_CONST(IEMMODE,           enmEffOpSize, /*=*/ pIemCpu->enmEffOpSize,  0);
+    IEM_MC_ARG_CONST(uint8_t,           iEffSeg,      /*=*/ pIemCpu->iEffSeg,       1);
+    IEM_MC_ARG(RTGCPTR,                 GCPtrEffSrc,                                2);
+    IEM_MC_CALC_RM_EFF_ADDR(GCPtrEffSrc, bRm);
+    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
+    IEM_MC_CALL_CIMPL_3(iemCImpl_fldenv, enmEffOpSize, iEffSeg, GCPtrEffSrc);
+    IEM_MC_END();
+    return VINF_SUCCESS;
+}
+
 
 /** Opcode 0xd9 !11/5 */
-FNIEMOP_STUB_1(iemOp_fldcw, uint8_t, bRm);
+FNIEMOP_DEF_1(iemOp_fldcw, uint8_t, bRm)
+{
+    IEMOP_MNEMONIC("fldcw m2byte");
+    IEM_MC_BEGIN(1, 1);
+    IEM_MC_LOCAL(RTGCPTR,               GCPtrEffSrc);
+    IEM_MC_ARG(uint16_t,                u16Fsw,                                     0);
+    IEM_MC_CALC_RM_EFF_ADDR(GCPtrEffSrc, bRm);
+    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
+    IEM_MC_FETCH_MEM_U16(u16Fsw, pIemCpu->iEffSeg, GCPtrEffSrc);
+    IEM_MC_CALL_CIMPL_1(iemCImpl_fldcw, u16Fsw);
+    IEM_MC_END();
+    return VINF_SUCCESS;
+}
+
 
 /** Opcode 0xd9 !11/6 */
-FNIEMOP_STUB_1(iemOp_fstenv, uint8_t, bRm);
+FNIEMOP_DEF_1(iemOp_fnstenv, uint8_t, bRm)
+{
+    IEMOP_MNEMONIC("fstenv m14/28byte");
+    IEM_MC_BEGIN(3, 0);
+    IEM_MC_ARG_CONST(IEMMODE,           enmEffOpSize, /*=*/ pIemCpu->enmEffOpSize,  0);
+    IEM_MC_ARG_CONST(uint8_t,           iEffSeg,      /*=*/ pIemCpu->iEffSeg,       1);
+    IEM_MC_ARG(RTGCPTR,                 GCPtrEffDst,                                2);
+    IEM_MC_CALC_RM_EFF_ADDR(GCPtrEffDst, bRm);
+    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
+    IEM_MC_CALL_CIMPL_3(iemCImpl_fnstenv, enmEffOpSize, iEffSeg, GCPtrEffDst);
+    IEM_MC_END();
+    return VINF_SUCCESS;
+}
+
 
 /** Opcode 0xd9 !11/7 */
-FNIEMOP_STUB_1(iemOp_fstcw, uint8_t, bRm);
+FNIEMOP_DEF_1(iemOp_fnstcw, uint8_t, bRm)
+{
+    IEMOP_MNEMONIC("fnstcw m2byte");
+    IEM_MC_BEGIN(2, 0);
+    IEM_MC_LOCAL(RTGCPTR,               GCPtrEffDst);
+    IEM_MC_LOCAL(uint16_t,              u16Fcw);
+    IEM_MC_CALC_RM_EFF_ADDR(GCPtrEffDst, bRm);
+    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
+    IEM_MC_FETCH_FSW(u16Fcw);
+    IEM_MC_STORE_MEM_U16(pIemCpu->iEffSeg, GCPtrEffDst, u16Fcw);
+    IEM_MC_ADVANCE_RIP(); /* C0-C3 are documented as undefined, we leave them unmodified. */
+    IEM_MC_END();
+    return VINF_SUCCESS;
+}
+
 
 /** Opcode 0xd9 0xc9, 0xd9 0xd8-0xdf, ++?.  */
@@ -10917 +10970 @@
             case 4: return FNIEMOP_CALL_1(iemOp_fldenv,    bRm);
             case 5: return FNIEMOP_CALL_1(iemOp_fldcw,     bRm);
-            case 6: return FNIEMOP_CALL_1(iemOp_fstenv,    bRm);
-            case 7: return FNIEMOP_CALL_1(iemOp_fstcw,     bRm);
+            case 6: return FNIEMOP_CALL_1(iemOp_fnstenv,    bRm);
+            case 7: return FNIEMOP_CALL_1(iemOp_fnstcw,     bRm);
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }