Changeset 62257 in vbox for trunk/src/VBox

Timestamp:

Jul 14, 2016 2:54:37 PM (9 years ago)

Author:

vboxsync

Message:

IEM: Fix missing read cleanup in retf to different level code path. Cleaned up the pop memory interface a little.

Location:

trunk/src/VBox/VMM/VMMAll

Files:

• IEMAll.cpp (modified) (3 diffs)
• IEMAllCImpl.cpp.h (modified) (10 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -9906 +9906 @@
  * @returns Strict VBox status code.
  * @param   pVCpu               The cross context virtual CPU structure of the calling thread.
- * @param   cbMem               The number of bytes to push onto the stack.
+ * @param   cbMem               The number of bytes to pop from the stack.
  * @param   ppvMem              Where to return the pointer to the stack memory.
  * @param   puNewRsp            Where to return the new RSP value.  This must be
- *                              passed unchanged to
- *                              iemMemStackPopCommitSpecial() or applied
- *                              manually if iemMemStackPopDoneSpecial() is used.
+ *                              assigned to CPUMCTX::rsp manually some time
+ *                              after iemMemStackPopDoneSpecial() has been
+ *                              called.
  */
 IEM_STATIC VBOXSTRICTRC iemMemStackPopBeginSpecial(PVMCPU pVCpu, size_t cbMem, void const **ppvMem, uint64_t *puNewRsp)
@@ -9929 +9929 @@
  * @returns Strict VBox status code.
  * @param   pVCpu               The cross context virtual CPU structure of the calling thread.
- * @param   cbMem               The number of bytes to push onto the stack.
+ * @param   cbMem               The number of bytes to pop from the stack.
  * @param   ppvMem              Where to return the pointer to the stack memory.
  * @param   puNewRsp            Where to return the new RSP value.  This must be
- *                              passed unchanged to
- *                              iemMemStackPopCommitSpecial() or applied
- *                              manually if iemMemStackPopDoneSpecial() is used.
+ *                              assigned to CPUMCTX::rsp manually some time
+ *                              after iemMemStackPopDoneSpecial() has been
+ *                              called.
  */
 IEM_STATIC VBOXSTRICTRC iemMemStackPopContinueSpecial(PVMCPU pVCpu, size_t cbMem, void const **ppvMem, uint64_t *puNewRsp)
 {
     Assert(cbMem < UINT8_MAX);
-    PCPUMCTX    pCtx     = IEM_GET_CTX(pVCpu);
+    PCPUMCTX    pCtx = IEM_GET_CTX(pVCpu);
     RTUINT64U   NewRsp;
     NewRsp.u = *puNewRsp;
@@ -9945 +9945 @@
     *puNewRsp = NewRsp.u;
     return iemMemMap(pVCpu, (void **)ppvMem, cbMem, X86_SREG_SS, GCPtrTop, IEM_ACCESS_STACK_R);
-}
-
-
-/**
- * Commits a special stack pop (started by iemMemStackPopBeginSpecial).
- *
- * This will update the rSP.
- *
- * @returns Strict VBox status code.
- * @param   pVCpu               The cross context virtual CPU structure of the calling thread.
- * @param   pvMem               The pointer returned by
- *                              iemMemStackPopBeginSpecial().
- * @param   uNewRsp             The new RSP value returned by
- *                              iemMemStackPopBeginSpecial().
- */
-IEM_STATIC VBOXSTRICTRC iemMemStackPopCommitSpecial(PVMCPU pVCpu, void const *pvMem, uint64_t uNewRsp)
-{
-    VBOXSTRICTRC rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)pvMem, IEM_ACCESS_STACK_R);
-    if (rcStrict == VINF_SUCCESS)
-        IEM_GET_CTX(pVCpu)->rsp = uNewRsp;
-    return rcStrict;
 }
 

trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h

@@ -2162 +2162 @@
         uNewCs  = uPtrFrame.pu16[4];
     }
+    rcStrict = iemMemStackPopDoneSpecial(pVCpu, uPtrFrame.pv);
+    if (RT_LIKELY(rcStrict == VINF_SUCCESS))
+    { /* extremely likely */ }
+    else
+        return rcStrict;
 
     /*
@@ -2179 +2184 @@
 
         /* commit the operation. */
-        rcStrict = iemMemStackPopCommitSpecial(pVCpu, uPtrFrame.pv, uNewRsp);
-        if (rcStrict != VINF_SUCCESS)
-            return rcStrict;
+        pCtx->rsp           = uNewRsp;
         pCtx->rip           = uNewRip;
         pCtx->cs.Sel        = uNewCs;
@@ -2266 +2269 @@
     {
         /* Read the outer stack pointer stored *after* the parameters. */
-        RTCPTRUNION uPtrStack;
-        rcStrict = iemMemStackPopContinueSpecial(pVCpu, cbPop + cbRetPtr, &uPtrStack.pv, &uNewRsp);
+        rcStrict = iemMemStackPopContinueSpecial(pVCpu, cbPop + cbRetPtr, &uPtrFrame.pv, &uNewRsp);
         if (rcStrict != VINF_SUCCESS)
             return rcStrict;
 
-        uPtrStack.pu8 += cbPop; /* Skip the parameters. */
+        uPtrFrame.pu8 += cbPop; /* Skip the parameters. */
 
         uint16_t uNewOuterSs;
@@ -2277 +2279 @@
         if (enmEffOpSize == IEMMODE_16BIT)
         {
-            uNewOuterRsp = uPtrStack.pu16[0];
-            uNewOuterSs  = uPtrStack.pu16[1];
+            uNewOuterRsp = uPtrFrame.pu16[0];
+            uNewOuterSs  = uPtrFrame.pu16[1];
         }
         else if (enmEffOpSize == IEMMODE_32BIT)
         {
-            uNewOuterRsp = uPtrStack.pu32[0];
-            uNewOuterSs  = uPtrStack.pu16[2];
+            uNewOuterRsp = uPtrFrame.pu32[0];
+            uNewOuterSs  = uPtrFrame.pu16[2];
         }
         else
         {
-            uNewOuterRsp = uPtrStack.pu64[0];
-            uNewOuterSs  = uPtrStack.pu16[4];
-        }
+            uNewOuterRsp = uPtrFrame.pu64[0];
+            uNewOuterSs  = uPtrFrame.pu16[4];
+        }
+        rcStrict = iemMemStackPopDoneSpecial(pVCpu, uPtrFrame.pv);
+        if (RT_LIKELY(rcStrict == VINF_SUCCESS))
+        { /* extremely likely */ }
+        else
+            return rcStrict;
 
         /* Check for NULL stack selector (invalid in ring-3 and non-long mode)
@@ -2411 +2418 @@
 
         /* commit */
-        rcStrict = iemMemStackPopCommitSpecial(pVCpu, uPtrFrame.pv, uNewRsp);
-        if (rcStrict != VINF_SUCCESS)
-            return rcStrict;
+        pCtx->rsp               = uNewRsp;
         if (enmEffOpSize == IEMMODE_16BIT)
             pCtx->rip           = uNewRip & UINT16_MAX; /** @todo Testcase: When exactly does this occur? With call it happens prior to the limit check according to Intel... */
@@ -2498 +2503 @@
 
         /* commit */
-        rcStrict = iemMemStackPopCommitSpecial(pVCpu, uPtrFrame.pv, uNewRsp);
-        if (rcStrict != VINF_SUCCESS)
-            return rcStrict;
+        pCtx->rsp           = uNewRsp;
         if (enmEffOpSize == IEMMODE_16BIT)
             pCtx->rip       = uNewRip & UINT16_MAX; /** @todo Testcase: When exactly does this occur? With call it happens prior to the limit check according to Intel... */
@@ -2862 +2865 @@
             uNewFlags &= ~(X86_EFL_NT | X86_EFL_IOPL);
     }
+    rcStrict = iemMemStackPopDoneSpecial(pVCpu, uFrame.pv);
+    if (RT_LIKELY(rcStrict == VINF_SUCCESS))
+    { /* extremely likely */ }
+    else
+        return rcStrict;
+
     /** @todo Check how this is supposed to work if sp=0xfffe. */
     Log7(("iemCImpl_iret_real_v8086: uNewCs=%#06x uNewRip=%#010x uNewFlags=%#x uNewRsp=%#18llx\n",
@@ -2904 +2913 @@
      * Commit the operation.
      */
-    rcStrict = iemMemStackPopCommitSpecial(pVCpu, uFrame.pv, uNewRsp);
-    if (rcStrict != VINF_SUCCESS)
-        return rcStrict;
 #ifdef DBGFTRACE_ENABLED
     RTTraceBufAddMsgF(pVCpu->CTX_SUFF(pVM)->CTX_SUFF(hTraceBuf), "iret/rm %04x:%04x -> %04x:%04x %x %04llx",
                       pCtx->cs.Sel, pCtx->eip, uNewCs, uNewEip, uNewFlags, uNewRsp);
 #endif
-
+    pCtx->rsp           = uNewRsp;
     pCtx->rip           = uNewEip;
     pCtx->cs.Sel        = uNewCs;
@@ -3123 +3129 @@
         uNewFlags  = uFrame.pu16[2];
     }
-    rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)uFrame.pv, IEM_ACCESS_STACK_R); /* don't use iemMemStackPopCommitSpecial here. */
-    if (rcStrict != VINF_SUCCESS)
+    rcStrict = iemMemStackPopDoneSpecial(pVCpu, (void *)uFrame.pv); /* don't use iemMemStackPopCommitSpecial here. */
+    if (RT_LIKELY(rcStrict == VINF_SUCCESS))
+    { /* extremely likely */ }
+    else
         return rcStrict;
     Log7(("iemCImpl_iret_prot: uNewCs=%#06x uNewEip=%#010x uNewFlags=%#x uNewRsp=%#18llx\n", uNewCs, uNewEip, uNewFlags, uNewRsp));
@@ -3520 +3528 @@
         uNewSs     = uFrame.pu16[4];
     }
-    rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)uFrame.pv, IEM_ACCESS_STACK_R); /* don't use iemMemStackPopCommitSpecial here. */
-    if (rcStrict != VINF_SUCCESS)
+    rcStrict = iemMemStackPopDoneSpecial(pVCpu, (void *)uFrame.pv); /* don't use iemMemStackPopCommitSpecial here. */
+    if (RT_LIKELY(rcStrict == VINF_SUCCESS))
+    { /* extremely like */ }
+    else
         return rcStrict;
     Log7(("iretq stack: cs:rip=%04x:%016RX64 rflags=%016RX64 ss:rsp=%04x:%016RX64\n", uNewCs, uNewRip, uNewFlags, uNewSs, uNewRsp));