Changeset 66457 in vbox

Timestamp:

Apr 6, 2017 10:44:30 AM (8 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

114437

Message:

IEM: Limited xsave and xrstor implemention. Implemented vstmxcsr.

Location:

trunk

Files:

• include/VBox/disopcode.h (modified) (2 diffs)
• src/VBox/VMM/VMMAll/IEMAll.cpp (modified) (4 diffs)
• src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h (modified) (2 diffs)
• src/VBox/VMM/VMMAll/IEMAllInstructionsOneByte.cpp.h (modified) (3 diffs)
• src/VBox/VMM/VMMAll/IEMAllInstructionsPython.py (modified) (3 diffs)
• src/VBox/VMM/VMMAll/IEMAllInstructionsTwoByte0f.cpp.h (modified) (7 diffs)
• src/VBox/VMM/testcase/tstIEMCheckMc.cpp (modified) (1 diff)
• src/VBox/ValidationKit/bootsectors/bs3-cpu-generated-1-template.c (modified) (14 diffs)
• src/VBox/ValidationKit/bootsectors/bs3-cpu-generated-1.h (modified) (1 diff)

trunk/include/VBox/disopcode.h

@@ -724 +724 @@
     OP_LDMXCSR,
     OP_STMXCSR,
+    OP_XSAVE,
+    OP_XRSTOR,
     OP_LFENCE,
     OP_MFENCE,
@@ -1067 +1069 @@
 #define OP_PARM_MdRO            OP_PARM_Md              /**< Annotates read only memory byte operand. */
 #define OP_PARM_MdWO            OP_PARM_Md              /**< Annotates write only memory byte operand. */
+#define OP_PARM_MRO             OP_PARM_M               /**< Annotates read only memory of variable operand size (xrstor). */
+#define OP_PARM_MRW             OP_PARM_M               /**< Annotates read-write memory of variable operand size (xsave). */
 
 /** @} */

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -8448 +8448 @@
      * Check the input and figure out which mapping entry to use.
      */
-    Assert(cbMem <= 64 || cbMem == 512 || cbMem == 108 || cbMem == 104 || cbMem == 94); /* 512 is the max! */
+    Assert(cbMem <= 64 || cbMem == 512 || cbMem == 256 || cbMem == 108 || cbMem == 104 || cbMem == 94); /* 512 is the max! */
     Assert(~(fAccess & ~(IEM_ACCESS_TYPE_MASK | IEM_ACCESS_WHAT_MASK)));
     Assert(pVCpu->iem.s.cActiveMappings < RT_ELEMENTS(pVCpu->iem.s.aMemMappings));
@@ -11752 +11752 @@
     do \
     { \
-        if (IEM_IS_REAL_OR_V86_MODE(pVCpu)) \
-            return IEMOP_RAISE_INVALID_OPCODE(); \
+        if (!IEM_IS_REAL_OR_V86_MODE(pVCpu)) { /* likely */ } \
+        else return IEMOP_RAISE_INVALID_OPCODE(); \
     } while (0)
 
@@ -11839 +11839 @@
             return IEMOP_RAISE_INVALID_LOCK_PREFIX(); \
     } while (0)
+
 #define IEMOP_HLP_DECODED_NL_1(a_uDisOpNo, a_fIemOpFlags, a_uDisParam0, a_fDisOpType) \
     do \
@@ -11875 +11876 @@
     } while (0)
 
+
+/**
+ * Done decoding VEX.
+ * Raises \#UD exception if rex, rep, opsize or lock prefixes are present, or if
+ * we're in real or v8086 mode.
+ */
+#define IEMOP_HLP_DONE_VEX_DECODING() \
+    do \
+    { \
+        if (RT_LIKELY(   !(  pVCpu->iem.s.fPrefixes \
+                           & (IEM_OP_PRF_LOCK | IEM_OP_PRF_SIZE_OP | IEM_OP_PRF_REPZ | IEM_OP_PRF_REPNZ | IEM_OP_PRF_REX)) \
+                      && !IEM_IS_REAL_OR_V86_MODE(pVCpu) )) \
+        { /* likely */ } \
+        else \
+            return IEMOP_RAISE_INVALID_OPCODE(); \
+    } while (0)
+
+/**
+ * Done decoding VEX, no V, no L.
+ * Raises \#UD exception if rex, rep, opsize or lock prefixes are present, if
+ * we're in real or v8086 mode, if VEX.V!=0xf, or if VEX.L!=0.
+ */
+#define IEMOP_HLP_DONE_VEX_DECODING_L_ZERO_NO_VVV() \
+    do \
+    { \
+        if (RT_LIKELY(   !(  pVCpu->iem.s.fPrefixes \
+                           & (IEM_OP_PRF_LOCK | IEM_OP_PRF_SIZE_OP | IEM_OP_PRF_REPZ | IEM_OP_PRF_REPNZ | IEM_OP_PRF_REX)) \
+                      && pVCpu->iem.s.uVexLength == 0 \
+                      && pVCpu->iem.s.uVex3rdReg == 0 \
+                      && !IEM_IS_REAL_OR_V86_MODE(pVCpu))) \
+        { /* likely */ } \
+        else \
+            return IEMOP_RAISE_INVALID_OPCODE(); \
+    } while (0)
 
 /**

trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h

@@ -7056 +7056 @@
 
 /**
+ * Implements 'XSAVE'.
+ *
+ * @param   iEffSeg         The effective segment.
+ * @param   GCPtrEff        The address of the image.
+ * @param   enmEffOpSize    The operand size (only REX.W really matters).
+ */
+IEM_CIMPL_DEF_3(iemCImpl_xsave, uint8_t, iEffSeg, RTGCPTR, GCPtrEff, IEMMODE, enmEffOpSize)
+{
+    PCPUMCTX pCtx = IEM_GET_CTX(pVCpu);
+
+    /*
+     * Raise exceptions.
+     */
+    if (!(pCtx->cr4 & X86_CR4_OSXSAVE))
+        return iemRaiseUndefinedOpcode(pVCpu);
+    if (pCtx->cr0 & X86_CR0_TS)
+        return iemRaiseDeviceNotAvailable(pVCpu);
+    if (GCPtrEff & 63)
+    {
+        /** @todo CPU/VM detection possible! \#AC might not be signal for
+         * all/any misalignment sizes, intel says its an implementation detail. */
+        if (   (pCtx->cr0 & X86_CR0_AM)
+            && pCtx->eflags.Bits.u1AC
+            && pVCpu->iem.s.uCpl == 3)
+            return iemRaiseAlignmentCheckException(pVCpu);
+        return iemRaiseGeneralProtectionFault0(pVCpu);
+    }
+
+    /*
+     * Calc the requested mask
+     */
+    uint64_t const fReqComponents = RT_MAKE_U64(pCtx->eax, pCtx->edx) & pCtx->aXcr[0];
+    AssertLogRelReturn(!(fReqComponents & ~(XSAVE_C_X87 | XSAVE_C_SSE | XSAVE_C_YMM)), VERR_IEM_ASPECT_NOT_IMPLEMENTED);
+    uint64_t const fXInUse        = pCtx->aXcr[0];
+
+/** @todo figure out the exact protocol for the memory access.  Currently we
+ *        just need this crap to work halfways to make it possible to test
+ *        AVX instructions. */
+/** @todo figure out the XINUSE and XMODIFIED   */
+
+    /*
+     * Access the x87 memory state.
+     */
+    /* The x87+SSE state.  */
+    void *pvMem512;
+    VBOXSTRICTRC rcStrict = iemMemMap(pVCpu, &pvMem512, 512, iEffSeg, GCPtrEff, IEM_ACCESS_DATA_W | IEM_ACCESS_PARTIAL_WRITE);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+    PX86FXSTATE  pDst = (PX86FXSTATE)pvMem512;
+    PCX86FXSTATE pSrc = &pCtx->CTX_SUFF(pXState)->x87;
+
+    /* The header.  */
+    PX86XSAVEHDR pHdr;
+    rcStrict = iemMemMap(pVCpu, (void **)&pHdr, sizeof(&pHdr), iEffSeg, GCPtrEff + 512, IEM_ACCESS_DATA_RW);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    /*
+     * Store the X87 state.
+     */
+    if (fReqComponents & XSAVE_C_X87)
+    {
+        /* common for all formats */
+        pDst->FCW    = pSrc->FCW;
+        pDst->FSW    = pSrc->FSW;
+        pDst->FTW    = pSrc->FTW & UINT16_C(0xff);
+        pDst->FOP    = pSrc->FOP;
+        pDst->FPUIP  = pSrc->FPUIP;
+        pDst->CS     = pSrc->CS;
+        pDst->FPUDP  = pSrc->FPUDP;
+        pDst->DS     = pSrc->DS;
+        if (enmEffOpSize == IEMMODE_64BIT)
+        {
+            /* Save upper 16-bits of FPUIP (IP:CS:Rsvd1) and FPUDP (DP:DS:Rsvd2). */
+            pDst->Rsrvd1 = pSrc->Rsrvd1;
+            pDst->Rsrvd2 = pSrc->Rsrvd2;
+            pDst->au32RsrvdForSoftware[0] = 0;
+        }
+        else
+        {
+            pDst->Rsrvd1 = 0;
+            pDst->Rsrvd2 = 0;
+            pDst->au32RsrvdForSoftware[0] = X86_FXSTATE_RSVD_32BIT_MAGIC;
+        }
+        for (uint32_t i = 0; i < RT_ELEMENTS(pDst->aRegs); i++)
+        {
+            /** @todo Testcase: What actually happens to the 6 reserved bytes? I'm clearing
+             *        them for now... */
+            pDst->aRegs[i].au32[0] = pSrc->aRegs[i].au32[0];
+            pDst->aRegs[i].au32[1] = pSrc->aRegs[i].au32[1];
+            pDst->aRegs[i].au32[2] = pSrc->aRegs[i].au32[2] & UINT32_C(0xffff);
+            pDst->aRegs[i].au32[3] = 0;
+        }
+
+    }
+
+    if (fReqComponents & (XSAVE_C_SSE | XSAVE_C_YMM))
+    {
+        pDst->MXCSR         = pSrc->MXCSR;
+        pDst->MXCSR_MASK    = CPUMGetGuestMxCsrMask(pVCpu->CTX_SUFF(pVM));
+    }
+
+    if (fReqComponents & XSAVE_C_SSE)
+    {
+        /* XMM registers. */
+        uint32_t cXmmRegs = enmEffOpSize == IEMMODE_64BIT ? 16 : 8;
+        for (uint32_t i = 0; i < cXmmRegs; i++)
+            pDst->aXMM[i] = pSrc->aXMM[i];
+        /** @todo Testcase: What happens to the reserved XMM registers? Untouched,
+         *        right? */
+    }
+
+    /* Commit the x87 state bits. (probably wrong) */
+    rcStrict = iemMemCommitAndUnmap(pVCpu, pvMem512, IEM_ACCESS_DATA_W | IEM_ACCESS_PARTIAL_WRITE);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    /*
+     * Store AVX state.
+     */
+    if (fReqComponents & XSAVE_C_YMM)
+    {
+        /** @todo testcase: xsave64 vs xsave32 wrt XSAVE_C_YMM. */
+        AssertLogRelReturn(pCtx->aoffXState[XSAVE_C_YMM_BIT] != UINT16_MAX, VERR_IEM_IPE_9);
+        PCX86XSAVEYMMHI pCompSrc = CPUMCTX_XSAVE_C_PTR(pCtx, XSAVE_C_YMM_BIT, PCX86XSAVEYMMHI);
+        PX86XSAVEYMMHI  pCompDst;
+        rcStrict = iemMemMap(pVCpu, (void **)&pCompDst, sizeof(*pCompDst), iEffSeg, GCPtrEff + pCtx->aoffXState[XSAVE_C_YMM_BIT],
+                             IEM_ACCESS_DATA_W | IEM_ACCESS_PARTIAL_WRITE);
+        if (rcStrict != VINF_SUCCESS)
+            return rcStrict;
+
+        uint32_t cXmmRegs = enmEffOpSize == IEMMODE_64BIT ? 16 : 8;
+        for (uint32_t i = 0; i < cXmmRegs; i++)
+            pCompDst->aYmmHi[i] = pCompSrc->aYmmHi[i];
+
+        rcStrict = iemMemCommitAndUnmap(pVCpu, pCompDst, IEM_ACCESS_DATA_W | IEM_ACCESS_PARTIAL_WRITE);
+        if (rcStrict != VINF_SUCCESS)
+            return rcStrict;
+    }
+
+    /*
+     * Update the header.
+     */
+    pHdr->bmXState = (pHdr->bmXState & ~fReqComponents)
+                   | (fReqComponents & fXInUse);
+
+    rcStrict = iemMemCommitAndUnmap(pVCpu, pHdr, IEM_ACCESS_DATA_RW);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    iemRegAddToRipAndClearRF(pVCpu, cbInstr);
+    return VINF_SUCCESS;
+}
+
+
+/**
+ * Implements 'XRSTOR'.
+ *
+ * @param   iEffSeg         The effective segment.
+ * @param   GCPtrEff        The address of the image.
+ * @param   enmEffOpSize    The operand size (only REX.W really matters).
+ */
+IEM_CIMPL_DEF_3(iemCImpl_xrstor, uint8_t, iEffSeg, RTGCPTR, GCPtrEff, IEMMODE, enmEffOpSize)
+{
+    PCPUMCTX pCtx = IEM_GET_CTX(pVCpu);
+
+    /*
+     * Raise exceptions.
+     */
+    if (!(pCtx->cr4 & X86_CR4_OSXSAVE))
+        return iemRaiseUndefinedOpcode(pVCpu);
+    if (pCtx->cr0 & X86_CR0_TS)
+        return iemRaiseDeviceNotAvailable(pVCpu);
+    if (GCPtrEff & 63)
+    {
+        /** @todo CPU/VM detection possible! \#AC might not be signal for
+         * all/any misalignment sizes, intel says its an implementation detail. */
+        if (   (pCtx->cr0 & X86_CR0_AM)
+            && pCtx->eflags.Bits.u1AC
+            && pVCpu->iem.s.uCpl == 3)
+            return iemRaiseAlignmentCheckException(pVCpu);
+        return iemRaiseGeneralProtectionFault0(pVCpu);
+    }
+
+/** @todo figure out the exact protocol for the memory access.  Currently we
+ *        just need this crap to work halfways to make it possible to test
+ *        AVX instructions. */
+/** @todo figure out the XINUSE and XMODIFIED   */
+
+    /*
+     * Access the x87 memory state.
+     */
+    /* The x87+SSE state.  */
+    void *pvMem512;
+    VBOXSTRICTRC rcStrict = iemMemMap(pVCpu, &pvMem512, 512, iEffSeg, GCPtrEff, IEM_ACCESS_DATA_R);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+    PCX86FXSTATE pSrc = (PCX86FXSTATE)pvMem512;
+    PX86FXSTATE  pDst = &pCtx->CTX_SUFF(pXState)->x87;
+
+    /*
+     * Calc the requested mask
+     */
+    PX86XSAVEHDR  pHdrDst = &pCtx->CTX_SUFF(pXState)->Hdr;
+    PCX86XSAVEHDR pHdrSrc;
+    rcStrict = iemMemMap(pVCpu, (void **)&pHdrSrc, sizeof(&pHdrSrc), iEffSeg, GCPtrEff + 512, IEM_ACCESS_DATA_R);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    uint64_t const fReqComponents = RT_MAKE_U64(pCtx->eax, pCtx->edx) & pCtx->aXcr[0];
+    AssertLogRelReturn(!(fReqComponents & ~(XSAVE_C_X87 | XSAVE_C_SSE | XSAVE_C_YMM)), VERR_IEM_ASPECT_NOT_IMPLEMENTED);
+    //uint64_t const fXInUse        = pCtx->aXcr[0];
+    uint64_t const fRstorMask     = pHdrSrc->bmXState;
+    uint64_t const fCompMask      = pHdrSrc->bmXComp;
+
+    AssertLogRelReturn(!(fCompMask & XSAVE_C_X), VERR_IEM_ASPECT_NOT_IMPLEMENTED);
+
+    uint32_t const cXmmRegs = enmEffOpSize == IEMMODE_64BIT ? 16 : 8;
+
+    /* We won't need this any longer. */
+    rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)pHdrSrc, IEM_ACCESS_DATA_R);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    /*
+     * Store the X87 state.
+     */
+    if (fReqComponents & XSAVE_C_X87)
+    {
+        if (fRstorMask & XSAVE_C_X87)
+        {
+            pDst->FCW    = pSrc->FCW;
+            pDst->FSW    = pSrc->FSW;
+            pDst->FTW    = pSrc->FTW & UINT16_C(0xff);
+            pDst->FOP    = pSrc->FOP;
+            pDst->FPUIP  = pSrc->FPUIP;
+            pDst->CS     = pSrc->CS;
+            pDst->FPUDP  = pSrc->FPUDP;
+            pDst->DS     = pSrc->DS;
+            if (enmEffOpSize == IEMMODE_64BIT)
+            {
+                /* Save upper 16-bits of FPUIP (IP:CS:Rsvd1) and FPUDP (DP:DS:Rsvd2). */
+                pDst->Rsrvd1 = pSrc->Rsrvd1;
+                pDst->Rsrvd2 = pSrc->Rsrvd2;
+            }
+            else
+            {
+                pDst->Rsrvd1 = 0;
+                pDst->Rsrvd2 = 0;
+            }
+            for (uint32_t i = 0; i < RT_ELEMENTS(pDst->aRegs); i++)
+            {
+                pDst->aRegs[i].au32[0] = pSrc->aRegs[i].au32[0];
+                pDst->aRegs[i].au32[1] = pSrc->aRegs[i].au32[1];
+                pDst->aRegs[i].au32[2] = pSrc->aRegs[i].au32[2] & UINT32_C(0xffff);
+                pDst->aRegs[i].au32[3] = 0;
+            }
+        }
+        else
+        {
+            pDst->FCW   = 0x37f;
+            pDst->FSW   = 0;
+            pDst->FTW   = 0x00;         /* 0 - empty. */
+            pDst->FPUDP = 0;
+            pDst->DS    = 0; //??
+            pDst->Rsrvd2= 0;
+            pDst->FPUIP = 0;
+            pDst->CS    = 0; //??
+            pDst->Rsrvd1= 0;
+            pDst->FOP   = 0;
+            for (uint32_t i = 0; i < RT_ELEMENTS(pSrc->aRegs); i++)
+            {
+                pDst->aRegs[i].au32[0] = 0;
+                pDst->aRegs[i].au32[1] = 0;
+                pDst->aRegs[i].au32[2] = 0;
+                pDst->aRegs[i].au32[3] = 0;
+            }
+        }
+        pHdrDst->bmXState |= XSAVE_C_X87; /* playing safe for now */
+    }
+
+    /* MXCSR */
+    if (fReqComponents & (XSAVE_C_SSE | XSAVE_C_YMM))
+    {
+        if (fRstorMask & (XSAVE_C_SSE | XSAVE_C_YMM))
+            pDst->MXCSR = pSrc->MXCSR;
+        else
+            pDst->MXCSR = 0x1f80;
+    }
+
+    /* XMM registers. */
+    if (fReqComponents & XSAVE_C_SSE)
+    {
+        if (fRstorMask & XSAVE_C_SSE)
+        {
+            for (uint32_t i = 0; i < cXmmRegs; i++)
+                pDst->aXMM[i] = pSrc->aXMM[i];
+            /** @todo Testcase: What happens to the reserved XMM registers? Untouched,
+             *        right? */
+        }
+        else
+        {
+            for (uint32_t i = 0; i < cXmmRegs; i++)
+            {
+                pDst->aXMM[i].au64[0] = 0;
+                pDst->aXMM[i].au64[1] = 0;
+            }
+        }
+        pHdrDst->bmXState |= XSAVE_C_SSE; /* playing safe for now */
+    }
+
+    /* Unmap the x87 state bits (so we've don't run out of mapping). */
+    rcStrict = iemMemCommitAndUnmap(pVCpu, pvMem512, IEM_ACCESS_DATA_R);
+    if (rcStrict != VINF_SUCCESS)
+        return rcStrict;
+
+    /*
+     * Restore AVX state.
+     */
+    if (fReqComponents & XSAVE_C_YMM)
+    {
+        AssertLogRelReturn(pCtx->aoffXState[XSAVE_C_YMM_BIT] != UINT16_MAX, VERR_IEM_IPE_9);
+        PX86XSAVEYMMHI  pCompDst = CPUMCTX_XSAVE_C_PTR(pCtx, XSAVE_C_YMM_BIT, PX86XSAVEYMMHI);
+
+        if (fRstorMask & XSAVE_C_YMM)
+        {
+            /** @todo testcase: xsave64 vs xsave32 wrt XSAVE_C_YMM. */
+            PCX86XSAVEYMMHI pCompSrc;
+            rcStrict = iemMemMap(pVCpu, (void **)&pCompSrc, sizeof(*pCompDst),
+                                 iEffSeg, GCPtrEff + pCtx->aoffXState[XSAVE_C_YMM_BIT], IEM_ACCESS_DATA_R);
+            if (rcStrict != VINF_SUCCESS)
+                return rcStrict;
+
+            for (uint32_t i = 0; i < cXmmRegs; i++)
+            {
+                pCompDst->aYmmHi[i].au64[0] = pCompSrc->aYmmHi[i].au64[0];
+                pCompDst->aYmmHi[i].au64[1] = pCompSrc->aYmmHi[i].au64[1];
+            }
+
+            rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)pCompSrc, IEM_ACCESS_DATA_R);
+            if (rcStrict != VINF_SUCCESS)
+                return rcStrict;
+        }
+        else
+        {
+            for (uint32_t i = 0; i < cXmmRegs; i++)
+            {
+                pCompDst->aYmmHi[i].au64[0] = 0;
+                pCompDst->aYmmHi[i].au64[1] = 0;
+            }
+        }
+        pHdrDst->bmXState |= XSAVE_C_YMM; /* playing safe for now */
+    }
+
+    iemRegAddToRipAndClearRF(pVCpu, cbInstr);
+    return VINF_SUCCESS;
+}
+
+
+
+
+/**
  * Implements 'STMXCSR'.
  *
@@ -7069 +7431 @@
     if (   !(pCtx->cr0 & X86_CR0_EM)
         && (pCtx->cr4 & X86_CR4_OSFXSR))
+    {
+        if (!(pCtx->cr0 & X86_CR0_TS))
+        {
+            /*
+             * Do the job.
+             */
+            VBOXSTRICTRC rcStrict = iemMemStoreDataU32(pVCpu, iEffSeg, GCPtrEff, pCtx->CTX_SUFF(pXState)->x87.MXCSR);
+            if (rcStrict == VINF_SUCCESS)
+            {
+                iemRegAddToRipAndClearRF(pVCpu, cbInstr);
+                return VINF_SUCCESS;
+            }
+            return rcStrict;
+        }
+        return iemRaiseDeviceNotAvailable(pVCpu);
+    }
+    return iemRaiseUndefinedOpcode(pVCpu);
+}
+
+
+/**
+ * Implements 'VSTMXCSR'.
+ *
+ * @param   GCPtrEff        The address of the image.
+ */
+IEM_CIMPL_DEF_2(iemCImpl_vstmxcsr, uint8_t, iEffSeg, RTGCPTR, GCPtrEff)
+{
+    PCPUMCTX pCtx = IEM_GET_CTX(pVCpu);
+
+    /*
+     * Raise exceptions.
+     */
+    if (   (   !IEM_IS_GUEST_CPU_AMD(pVCpu)
+            ? (pCtx->aXcr[0] & (XSAVE_C_SSE | XSAVE_C_YMM)) == (XSAVE_C_SSE | XSAVE_C_YMM)
+            : !(pCtx->cr0 & X86_CR0_EM)) /* AMD Jaguar CPU (f0x16,m0,s1) behaviour */
+        && (pCtx->cr4 & X86_CR4_OSXSAVE))
     {
         if (!(pCtx->cr0 & X86_CR0_TS))

trunk/src/VBox/VMM/VMMAll/IEMAllInstructionsOneByte.cpp.h

@@ -6179 +6179 @@
        outside of 64-bit mode.  VEX is not available in real or v86 mode. */
     uint8_t bRm; IEM_OPCODE_GET_NEXT_U8(&bRm);
-    if (pVCpu->iem.s.enmCpuMode != IEMMODE_64BIT)
-    {
-        if ((bRm & X86_MODRM_MOD_MASK) != (3 << X86_MODRM_MOD_SHIFT))
+    if (   pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT
+        || (bRm & X86_MODRM_MOD_MASK) == (3 << X86_MODRM_MOD_SHIFT) )
+    {
+        IEMOP_MNEMONIC(vex3_prefix, "vex3");
+        if (IEM_GET_GUEST_CPU_FEATURES(pVCpu)->fAvx)
         {
-            IEMOP_MNEMONIC(les_Gv_Mp, "les Gv,Mp");
-            return FNIEMOP_CALL_2(iemOpCommonLoadSRegAndGreg, X86_SREG_ES, bRm);
-        }
-        IEMOP_HLP_NO_REAL_OR_V86_MODE();
-    }
-
-    IEMOP_MNEMONIC(vex3_prefix, "vex3");
-    if (IEM_GET_GUEST_CPU_FEATURES(pVCpu)->fAvx)
-    {
-        /** @todo Test when exctly the VEX conformance checks kick in during
-         * instruction decoding and fetching (using \#PF). */
-        uint8_t bVex2;   IEM_OPCODE_GET_NEXT_U8(&bVex2);
-        uint8_t bOpcode; IEM_OPCODE_GET_NEXT_U8(&bOpcode);
-        if (   (  pVCpu->iem.s.fPrefixes
-                & (IEM_OP_PRF_SIZE_OP | IEM_OP_PRF_REPZ | IEM_OP_PRF_REPNZ | IEM_OP_PRF_LOCK | IEM_OP_PRF_REX))
-            == 0)
-        {
+            /* Note! The real mode, v8086 mode and invalid prefix checks are
+                     done once the instruction is fully decoded. */
+            uint8_t bVex2;   IEM_OPCODE_GET_NEXT_U8(&bVex2);
+            uint8_t bOpcode; IEM_OPCODE_GET_NEXT_U8(&bOpcode);
             pVCpu->iem.s.fPrefixes |= IEM_OP_PRF_VEX;
             if (bVex2 & 0x80 /* VEX.W */)
@@ -6230 +6219 @@
             }
         }
-        else
-            Log(("VEX3: Invalid prefix mix!\n"));
-    }
-    else
         Log(("VEX3: AVX support disabled!\n"));
-    return IEMOP_RAISE_INVALID_OPCODE();
+        return IEMOP_RAISE_INVALID_OPCODE();
+    }
+
+    IEMOP_MNEMONIC(les_Gv_Mp, "les Gv,Mp");
+    return FNIEMOP_CALL_2(iemOpCommonLoadSRegAndGreg, X86_SREG_ES, bRm);
 }
 
@@ -6257 +6246 @@
         if (IEM_GET_GUEST_CPU_FEATURES(pVCpu)->fAvx)
         {
+            /* Note! The real mode, v8086 mode and invalid prefix checks are
+                     done once the instruction is fully decoded. */
             uint8_t bOpcode; IEM_OPCODE_GET_NEXT_U8(&bOpcode);
-            if (   (  pVCpu->iem.s.fPrefixes
-                    & (IEM_OP_PRF_SIZE_OP | IEM_OP_PRF_REPZ | IEM_OP_PRF_REPNZ | IEM_OP_PRF_LOCK | IEM_OP_PRF_REX))
-                == 0)
-            {
-                pVCpu->iem.s.fPrefixes |= IEM_OP_PRF_VEX;
-                pVCpu->iem.s.uRexReg    = ~bRm >> (7 - 3);
-                pVCpu->iem.s.uVex3rdReg = (~bRm >> 3) & 0xf;
-                pVCpu->iem.s.uVexLength = (bRm >> 2) & 1;
-                pVCpu->iem.s.idxPrefix  = bRm & 0x3;
-
-                return FNIEMOP_CALL(g_apfnVexMap1[(uintptr_t)bOpcode * 4 + pVCpu->iem.s.idxPrefix]);
-            }
-
-            Log(("VEX2: Invalid prefix mix!\n"));
+            pVCpu->iem.s.fPrefixes |= IEM_OP_PRF_VEX;
+            pVCpu->iem.s.uRexReg    = ~bRm >> (7 - 3);
+            pVCpu->iem.s.uVex3rdReg = (~bRm >> 3) & 0xf;
+            pVCpu->iem.s.uVexLength = (bRm >> 2) & 1;
+            pVCpu->iem.s.idxPrefix  = bRm & 0x3;
+
+            return FNIEMOP_CALL(g_apfnVexMap1[(uintptr_t)bOpcode * 4 + pVCpu->iem.s.idxPrefix]);
         }
-        else
-            Log(("VEX2: AVX support disabled!\n"));
-
-        /* @todo does intel completely decode the sequence with SIB/disp before \#UD? */
+
+        /** @todo does intel completely decode the sequence with SIB/disp before \#UD? */
+        Log(("VEX2: AVX support disabled!\n"));
         return IEMOP_RAISE_INVALID_OPCODE();
     }

trunk/src/VBox/VMM/VMMAll/IEMAllInstructionsPython.py

@@ -233 +233 @@
     'MdWO': ( 'IDX_UseModRM',       'rm',     '%Md',  'Md',      ),
     'Mq':   ( 'IDX_UseModRM',       'rm',     '%Mq',  'Mq',      ),
+    'MRO':  ( 'IDX_UseModRM',       'rm',     '%M',   'M',      ),
+    'MRW':  ( 'IDX_UseModRM',       'rm',     '%M',   'M',      ),
 
     # ModR/M.reg
@@ -1128 +1130 @@
         # paging on/off
         'paging': {
-            'on': 'paging_on',
-            'off': 'paging_off',
+            'on':       'paging_on',
+            'off':      'paging_off',
+        },
+        # CPU vendor
+        'vendor': {
+            'amd':      'vendor_amd',
+            'intel':    'vendor_intel',
+            'via':      'vendor_via',
         },
     };
@@ -1154 +1162 @@
         'paging':       'paging==on',
         '!paging':      'paging==off',
+        'amd':          'vendor==amd',
+        '!amd':         'vendor!=amd',
+        'intel':        'vendor==intel',
+        '!intel':       'vendor!=intel',
+        'via':          'vendor==via',
+        '!via':         'vendor!=via',
     };
 

trunk/src/VBox/VMM/VMMAll/IEMAllInstructionsTwoByte0f.cpp.h

@@ -5832 +5832 @@
  * @opcpuid     sse
  * @opgroup     og_sse_mxcsrsm
+ * @opxcpttype  5
  * @optest      op1=0      -> mxcsr=0
  * @optest      op1=0x2083 -> mxcsr=0x2083
@@ -5869 +5870 @@
  * @opcpuid     sse
  * @opgroup     og_sse_mxcsrsm
+ * @opxcpttype  5
  * @optest      mxcsr=0      -> op1=0
  * @optest      mxcsr=0x2083 -> op1=0x2083
@@ -5905 +5907 @@
  * @opcpuid     avx
  * @opgroup     og_avx_mxcsrsm
+ * @opxcpttype  5
  * @optest      mxcsr=0      -> op1=0
  * @optest      mxcsr=0x2083 -> op1=0x2083
  * @optest      mxcsr=0x2084 cr0|=ts -> value.xcpt=0x7
- * @optest      mxcsr=0x2085 cr0|=em -> op1=0x2085
+ * @optest      !amd / mxcsr=0x2085 cr0|=em -> op1=0x2085
+ * @optest       amd / mxcsr=0x2085 cr0|=em -> value.xcpt=0x6
  * @optest      mxcsr=0x2086 cr0|=mp -> op1=0x2086
  * @optest      mxcsr=0x2087 cr4&~=osfxsr -> op1=0x2087
- * @optest      mxcsr=0x2088 cr0|=ts,em -> value.xcpt=0x7
- * @optest      mxcsr=0x2089 cr0|=em cr4&~=osfxsr -> op1=0x2089
- * @optest      mxcsr=0x208a cr0|=ts,em cr4&~=osfxsr -> value.xcpt=0x7
- * @optest      mxcsr=0x208b cr0|=ts,em,mp cr4&~=osfxsr -> value.xcpt=0x7
- * @optest      mxcsr=0x208c xcr0&~=all_avx -> value.xcpt=0x6
- * @optest      mxcsr=0x208d xcr0&~=all_avx_sse -> value.xcpt=0x6
- * @optest      mxcsr=0x208e xcr0&~=all_avx cr0|=ts -> value.xcpt=0x6
  * @optest      mxcsr=0x208f cr4&~=osxsave -> value.xcpt=0x6
+ * @optest      mxcsr=0x2087 cr4&~=osfxsr,osxsave -> value.xcpt=0x6
+ * @optest      !amd / mxcsr=0x2088 cr0|=ts,em -> value.xcpt=0x7
+ * @optest      amd  / mxcsr=0x2088 cr0|=ts,em -> value.xcpt=0x6
+ * @optest      !amd / mxcsr=0x2089 cr0|=em cr4&~=osfxsr -> op1=0x2089
+ * @optest      amd  / mxcsr=0x2089 cr0|=em cr4&~=osfxsr -> value.xcpt=0x6
+ * @optest      !amd / mxcsr=0x208a cr0|=ts,em cr4&~=osfxsr -> value.xcpt=0x7
+ * @optest      amd  / mxcsr=0x208a cr0|=ts,em cr4&~=osfxsr -> value.xcpt=0x6
+ * @optest      !amd / mxcsr=0x208b cr0|=ts,em,mp cr4&~=osfxsr -> value.xcpt=0x7
+ * @optest      amd  / mxcsr=0x208b cr0|=ts,em,mp cr4&~=osfxsr -> value.xcpt=0x6
+ * @optest      !amd / mxcsr=0x208c xcr0&~=all_avx -> value.xcpt=0x6
+ * @optest      amd  / mxcsr=0x208c xcr0&~=all_avx -> op1=0x208c
+ * @optest      !amd / mxcsr=0x208d xcr0&~=all_avx_sse -> value.xcpt=0x6
+ * @optest      amd  / mxcsr=0x208d xcr0&~=all_avx_sse -> op1=0x208d
+ * @optest      !amd / mxcsr=0x208e xcr0&~=all_avx cr0|=ts -> value.xcpt=0x6
+ * @optest      amd  / mxcsr=0x208e xcr0&~=all_avx cr0|=ts -> value.xcpt=0x7
  * @optest      mxcsr=0x2082 cr0|=ts cr4&~=osxsave -> value.xcpt=0x6
  * @optest      mxcsr=0x2081 xcr0&~=all_avx cr0|=ts cr4&~=osxsave
  *              -> value.xcpt=0x6
+ * @remarks     AMD Jaguar CPU (f0x16,m0,s1) \#UD when CR0.EM is set.  It also
+ *              doesn't seem to check XCR0[2:1] != 11b.  This does not match the
+ *              APMv4 rev 3.17 page 509.
+ * @todo        Test this instruction on AMD Ryzen.
  * @oponlytest
  */
@@ -5934 +5950 @@
     IEM_MC_ARG(RTGCPTR,         GCPtrEff,                                1);
     IEM_MC_CALC_RM_EFF_ADDR(GCPtrEff, bRm, 0);
-    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
+    IEMOP_HLP_DONE_VEX_DECODING_L_ZERO_NO_VVV();
     IEM_MC_ACTUALIZE_SSE_STATE_FOR_READ();
     IEM_MC_ASSIGN(iEffSeg, pVCpu->iem.s.iEffSeg);
-    IEM_MC_CALL_CIMPL_2(iemCImpl_stmxcsr, iEffSeg, GCPtrEff);
+    IEM_MC_CALL_CIMPL_2(iemCImpl_vstmxcsr, iEffSeg, GCPtrEff);
     IEM_MC_END();
     return VINF_SUCCESS;
@@ -5943 +5959 @@
 
 
-/** Opcode 0x0f 0xae mem/4. */
-FNIEMOP_UD_STUB_1(iemOp_Grp15_xsave,    uint8_t, bRm);
-
-/** Opcode 0x0f 0xae mem/5. */
-FNIEMOP_UD_STUB_1(iemOp_Grp15_xrstor,   uint8_t, bRm);
+/**
+ * @opmaps      vexgrp15
+ * @opcode      !11/4
+ * @oppfx       none
+ * @opcpuid     xsave
+ * @opgroup     og_system
+ * @opxcpttype  none
+ */
+FNIEMOP_DEF_1(iemOp_Grp15_xsave,    uint8_t, bRm)
+{
+    IEMOP_MNEMONIC1(M_MEM, XSAVE, xsave, MRW, DISOPTYPE_HARMLESS, 0);
+    if (!IEM_GET_GUEST_CPU_FEATURES(pVCpu)->fXSaveRstor)
+        return IEMOP_RAISE_INVALID_OPCODE();
+
+    IEM_MC_BEGIN(3, 0);
+    IEM_MC_ARG(uint8_t,         iEffSeg,                                 0);
+    IEM_MC_ARG(RTGCPTR,         GCPtrEff,                                1);
+    IEM_MC_ARG_CONST(IEMMODE,   enmEffOpSize,/*=*/pVCpu->iem.s.enmEffOpSize, 2);
+    IEM_MC_CALC_RM_EFF_ADDR(GCPtrEff, bRm, 0);
+    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
+    IEM_MC_ACTUALIZE_FPU_STATE_FOR_READ();
+    IEM_MC_ASSIGN(iEffSeg, pVCpu->iem.s.iEffSeg);
+    IEM_MC_CALL_CIMPL_3(iemCImpl_xsave, iEffSeg, GCPtrEff, enmEffOpSize);
+    IEM_MC_END();
+    return VINF_SUCCESS;
+}
+
+
+/**
+ * @opmaps      vexgrp15
+ * @opcode      !11/5
+ * @oppfx       none
+ * @opcpuid     xsave
+ * @opgroup     og_system
+ * @opxcpttype  none
+ */
+FNIEMOP_DEF_1(iemOp_Grp15_xrstor,   uint8_t, bRm)
+{
+    IEMOP_MNEMONIC1(M_MEM, XRSTOR, xrstor, MRO, DISOPTYPE_HARMLESS, 0);
+    if (!IEM_GET_GUEST_CPU_FEATURES(pVCpu)->fXSaveRstor)
+        return IEMOP_RAISE_INVALID_OPCODE();
+
+    IEM_MC_BEGIN(3, 0);
+    IEM_MC_ARG(uint8_t,         iEffSeg,                                 0);
+    IEM_MC_ARG(RTGCPTR,         GCPtrEff,                                1);
+    IEM_MC_ARG_CONST(IEMMODE,   enmEffOpSize,/*=*/pVCpu->iem.s.enmEffOpSize, 2);
+    IEM_MC_CALC_RM_EFF_ADDR(GCPtrEff, bRm, 0);
+    IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
+    IEM_MC_ACTUALIZE_FPU_STATE_FOR_READ();
+    IEM_MC_ASSIGN(iEffSeg, pVCpu->iem.s.iEffSeg);
+    IEM_MC_CALL_CIMPL_3(iemCImpl_xrstor, iEffSeg, GCPtrEff, enmEffOpSize);
+    IEM_MC_END();
+    return VINF_SUCCESS;
+}
 
 /** Opcode 0x0f 0xae mem/6. */
@@ -8725 +8790 @@
     /* 0x8e */  IEMOP_X4(iemOp_InvalidNeedRM),
     /* 0x8f */  IEMOP_X4(iemOp_InvalidNeedRM),
-                IEMOP_X4(iemOp_InvalidNeedRM),
+
     /* 0x90 */  IEMOP_X4(iemOp_InvalidNeedRM),
     /* 0x91 */  IEMOP_X4(iemOp_InvalidNeedRM),
@@ -8845 +8910 @@
     /* 0xff */  IEMOP_X4(iemOp_ud0),
 };
-AssertCompile(RT_ELEMENTS(g_apfnTwoByteMap) == 1024);
+AssertCompile(RT_ELEMENTS(g_apfnVexMap1) == 1024);
 /** @}  */
 

trunk/src/VBox/VMM/testcase/tstIEMCheckMc.cpp

@@ -119 +119 @@
 #define IEMOP_HLP_DEFAULT_64BIT_OP_SIZE()                   do { } while (0)
 #define IEMOP_HLP_CLEAR_REX_NOT_BEFORE_OPCODE(a_szPrf)      do { } while (0)
-#define IEMOP_HLP_DONE_DECODING()                           do { } while (0)
+#define IEMOP_HLP_DONE_VEX_DECODING_L_ZERO_NO_VVV()         do { } while (0)
 #define IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX()            do { } while (0)
 #define IEMOP_HLP_DONE_DECODING_NO_LOCK_REPZ_OR_REPNZ_PREFIXES()                                    do { } while (0)
+#define IEMOP_HLP_DONE_DECODING()                           do { } while (0)
+#define IEMOP_HLP_DONE_VEX_DECODING()                       do { } while (0)
+
 #define IEMOP_HLP_DECODED_NL_1(a_uDisOpNo, a_fIemOpFlags, a_uDisParam0, a_fDisOpType)               do { } while (0)
 #define IEMOP_HLP_DECODED_NL_2(a_uDisOpNo, a_fIemOpFlags, a_uDisParam0, a_uDisParam1, a_fDisOpType) do { } while (0)

trunk/src/VBox/ValidationKit/bootsectors/bs3-cpu-generated-1-template.c

@@ -98 +98 @@
 } BS3CG1OPLOC;
 
+
 /**
  * The state.
@@ -151 +152 @@
     /** Target mode (g_bBs3CurrentMode).  */
     uint8_t                 bMode;
+    /** The CPU vendor (BS3CPUVENDOR). */
+    uint8_t                 bCpuVendor;
     /** First ring being tested. */
     uint8_t                 iFirstRing;
@@ -166 +169 @@
     uint8_t                 offCurImm;
     /** Buffer for assembling the current instruction. */
-    uint8_t                 abCurInstr[24];
+    uint8_t                 abCurInstr[23];
 
     /** Set if the encoding can't be tested in the same ring as this test code.
@@ -2467 +2470 @@
             CASE_PRED(BS3CG1PRED_PAGING_ON,  BS3_MODE_IS_PAGED(pThis->bMode));
             CASE_PRED(BS3CG1PRED_PAGING_OFF, !BS3_MODE_IS_PAGED(pThis->bMode));
+            CASE_PRED(BS3CG1PRED_VENDOR_AMD,   pThis->bCpuVendor == BS3CPUVENDOR_AMD);
+            CASE_PRED(BS3CG1PRED_VENDOR_INTEL, pThis->bCpuVendor == BS3CPUVENDOR_INTEL);
+            CASE_PRED(BS3CG1PRED_VENDOR_VIA,   pThis->bCpuVendor == BS3CPUVENDOR_VIA);
 
 #undef CASE_PRED
@@ -2905 +2911 @@
  *
  * @returns true if successful, false if not.
- * @param   pThis               The state.
- * @param   bTestXcptExpected   The exception causing the test code to stop
- *                              executing.
- * @param   iEncoding           For error reporting.
+ * @param   pThis                   The state.
+ * @param   bTestXcptExpected       The exception causing the test code to stop
+ *                                  executing.
+ * @param   fInvalidEncodingPgFault Set if we've cut the instruction a byte
+ *                                  short and is expecting a \#PF on the page
+ *                                  boundrary rather than a \#UD.  Only set if
+ *                                  fInvalidEncoding is also set.
+ * @param   iEncoding               For error reporting.
  */
-static bool BS3_NEAR_CODE Bs3Cg1CheckResult(PBS3CG1STATE pThis, uint8_t bTestXcptExpected, unsigned iEncoding)
+static bool BS3_NEAR_CODE Bs3Cg1CheckResult(PBS3CG1STATE pThis, uint8_t bTestXcptExpected,
+                                            bool fInvalidEncodingPgFault,  unsigned iEncoding)
 {
     unsigned iOperand;
@@ -2937 +2948 @@
     {
         cbAdjustPc = 0;
-        bExpectedXcpt = X86_XCPT_UD;
+        if (!fInvalidEncodingPgFault)
+            bExpectedXcpt = X86_XCPT_UD;
+        else
+        {
+            bExpectedXcpt = X86_XCPT_PF;
+            pThis->Ctx.cr2.u = pThis->uCodePgFlat + X86_PAGE_SIZE;
+        }
     }
     if (RT_LIKELY(   pThis->TrapFrame.bXcpt     == bExpectedXcpt
@@ -2958 +2975 @@
                 if (pThis->aOperands[iOperand].enmLocation == BS3CG1OPLOC_MEM_RW)
                 {
-                    BS3PTRUNION PtrUnion;
-                    PtrUnion.pb = &pThis->pbDataPg[X86_PAGE_SIZE - pThis->aOperands[iOperand].off];
-                    switch (pThis->aOperands[iOperand].cbOp)
+                    if (pThis->aOperands[iOperand].off)
                     {
-                        case 1:
-                            if (*PtrUnion.pu8 == pThis->MemOp.ab[0])
-                                continue;
-                            Bs3TestFailedF("op%u: Wrote %#04RX8, expected %#04RX8", iOperand, *PtrUnion.pu8, pThis->MemOp.ab[0]);
-                            break;
-                        case 2:
-                            if (*PtrUnion.pu16 == pThis->MemOp.au16[0])
-                                continue;
-                            Bs3TestFailedF("op%u: Wrote %#06RX16, expected %#06RX16",
-                                           iOperand, *PtrUnion.pu16, pThis->MemOp.au16[0]);
-                            break;
-                        case 4:
-                            if (*PtrUnion.pu32 == pThis->MemOp.au32[0])
-                                continue;
-                            Bs3TestFailedF("op%u: Wrote %#010RX32, expected %#010RX32",
-                                           iOperand, *PtrUnion.pu32, pThis->MemOp.au32[0]);
-                            break;
-                        case 8:
-                            if (*PtrUnion.pu64 == pThis->MemOp.au64[0])
-                                continue;
-                            Bs3TestFailedF("op%u: Wrote %#018RX64, expected %#018RX64",
-                                           iOperand, *PtrUnion.pu64, pThis->MemOp.au64[0]);
-                            break;
-                        default:
-                            if (Bs3MemCmp(PtrUnion.pb, pThis->MemOp.ab, pThis->aOperands[iOperand].cbOp) == 0)
-                                continue;
-                            Bs3TestFailedF("op%u: Wrote %.*Rhxs, expected %.*Rhxs",
-                                           iOperand,
-                                           pThis->aOperands[iOperand].cbOp, PtrUnion.pb,
-                                           pThis->aOperands[iOperand].cbOp, pThis->MemOp.ab);
-                            break;
+                        BS3PTRUNION PtrUnion;
+                        PtrUnion.pb = &pThis->pbDataPg[X86_PAGE_SIZE - pThis->aOperands[iOperand].off];
+                        switch (pThis->aOperands[iOperand].cbOp)
+                        {
+                            case 1:
+                                if (*PtrUnion.pu8 == pThis->MemOp.ab[0])
+                                    continue;
+                                Bs3TestFailedF("op%u: Wrote %#04RX8, expected %#04RX8",
+                                               iOperand, *PtrUnion.pu8, pThis->MemOp.ab[0]);
+                                break;
+                            case 2:
+                                if (*PtrUnion.pu16 == pThis->MemOp.au16[0])
+                                    continue;
+                                Bs3TestFailedF("op%u: Wrote %#06RX16, expected %#06RX16",
+                                               iOperand, *PtrUnion.pu16, pThis->MemOp.au16[0]);
+                                break;
+                            case 4:
+                                if (*PtrUnion.pu32 == pThis->MemOp.au32[0])
+                                    continue;
+                                Bs3TestFailedF("op%u: Wrote %#010RX32, expected %#010RX32",
+                                               iOperand, *PtrUnion.pu32, pThis->MemOp.au32[0]);
+                                break;
+                            case 8:
+                                if (*PtrUnion.pu64 == pThis->MemOp.au64[0])
+                                    continue;
+                                Bs3TestFailedF("op%u: Wrote %#018RX64, expected %#018RX64",
+                                               iOperand, *PtrUnion.pu64, pThis->MemOp.au64[0]);
+                                break;
+                            default:
+                                if (Bs3MemCmp(PtrUnion.pb, pThis->MemOp.ab, pThis->aOperands[iOperand].cbOp) == 0)
+                                    continue;
+                                Bs3TestFailedF("op%u: Wrote %.*Rhxs, expected %.*Rhxs",
+                                               iOperand,
+                                               pThis->aOperands[iOperand].cbOp, PtrUnion.pb,
+                                               pThis->aOperands[iOperand].cbOp, pThis->MemOp.ab);
+                                break;
+                        }
                     }
+                    else
+                        Bs3TestFailedF("op%u: off is zero\n", iOperand);
                     fOkay = false;
                 }
@@ -3056 +3079 @@
          * Report failure.
          */
-        Bs3TestFailedF("%RU32[%u]: encoding#%u: %.*Rhxs",
-                       pThis->iInstr, pThis->iTest, iEncoding, pThis->cbCurInstr, pThis->abCurInstr);
+        Bs3TestFailedF("ins#%RU32/test#%u: encoding #%u: %.*Rhxs%s",
+                       pThis->iInstr, pThis->iTest, iEncoding, pThis->cbCurInstr, pThis->abCurInstr,
+                       fInvalidEncodingPgFault ? " (cut short)" : "");
     }
     else
-        Bs3TestFailedF("%RU32[%u]: bXcpt=%#x expected %#x; rip=%RX64 expected %RX64; encoding#%u: %.*Rhxs",
+        Bs3TestFailedF("ins#%RU32/test#%u: bXcpt=%#x expected %#x; rip=%RX64 expected %RX64; encoding#%u: %.*Rhxs%s",
                        pThis->iInstr, pThis->iTest,
                        pThis->TrapFrame.bXcpt, bExpectedXcpt,
                        pThis->TrapFrame.Ctx.rip.u, pThis->Ctx.rip.u + cbAdjustPc,
-                       iEncoding, pThis->cbCurInstr, pThis->abCurInstr);
+                       iEncoding, pThis->cbCurInstr, pThis->abCurInstr, fInvalidEncodingPgFault ? " (cut short)" : "");
     Bs3TestPrintf("cpl=%u cbOperands=%u\n", pThis->uCpl, pThis->cbOperand);
 
@@ -3117 +3141 @@
             case BS3CG1OPLOC_MEM:
             case BS3CG1OPLOC_MEM_RW:
-                PtrUnion.pb = &pThis->pbDataPg[X86_PAGE_SIZE - pThis->aOperands[iOperand].off];
-                switch (pThis->aOperands[iOperand].cbOp)
+                if (pThis->aOperands[iOperand].off)
                 {
-                    case 1: Bs3TestPrintf("op%u: result mem08: %#04RX8\n", iOperand, *PtrUnion.pu8); break;
-                    case 2: Bs3TestPrintf("op%u: result mem16: %#06RX16\n", iOperand, *PtrUnion.pu16); break;
-                    case 4: Bs3TestPrintf("op%u: result mem32: %#010RX32\n", iOperand, *PtrUnion.pu32); break;
-                    case 8: Bs3TestPrintf("op%u: result mem64: %#018RX64\n", iOperand, *PtrUnion.pu64); break;
-                    default:
-                        Bs3TestPrintf("op%u: result mem%u: %.*Rhxs\n", iOperand, pThis->aOperands[iOperand].cbOp * 8,
-                                      pThis->aOperands[iOperand].cbOp, PtrUnion.pb);
-                        break;
-                }
-                if (pThis->aOperands[iOperand].enmLocation == BS3CG1OPLOC_MEM_RW)
-                {
-                    PtrUnion.pb = pThis->MemOp.ab;
+                    PtrUnion.pb = &pThis->pbDataPg[X86_PAGE_SIZE - pThis->aOperands[iOperand].off];
                     switch (pThis->aOperands[iOperand].cbOp)
                     {
-                        case 1: Bs3TestPrintf("op%u: expect mem08: %#04RX8\n", iOperand, *PtrUnion.pu8); break;
-                        case 2: Bs3TestPrintf("op%u: expect mem16: %#06RX16\n", iOperand, *PtrUnion.pu16); break;
-                        case 4: Bs3TestPrintf("op%u: expect mem32: %#010RX32\n", iOperand, *PtrUnion.pu32); break;
-                        case 8: Bs3TestPrintf("op%u: expect mem64: %#018RX64\n", iOperand, *PtrUnion.pu64); break;
+                        case 1: Bs3TestPrintf("op%u: result mem08: %#04RX8\n", iOperand, *PtrUnion.pu8); break;
+                        case 2: Bs3TestPrintf("op%u: result mem16: %#06RX16\n", iOperand, *PtrUnion.pu16); break;
+                        case 4: Bs3TestPrintf("op%u: result mem32: %#010RX32\n", iOperand, *PtrUnion.pu32); break;
+                        case 8: Bs3TestPrintf("op%u: result mem64: %#018RX64\n", iOperand, *PtrUnion.pu64); break;
                         default:
-                            Bs3TestPrintf("op%u: expect mem%u: %.*Rhxs\n", iOperand, pThis->aOperands[iOperand].cbOp * 8,
+                            Bs3TestPrintf("op%u: result mem%u: %.*Rhxs\n", iOperand, pThis->aOperands[iOperand].cbOp * 8,
                                           pThis->aOperands[iOperand].cbOp, PtrUnion.pb);
                             break;
                     }
+                    if (pThis->aOperands[iOperand].enmLocation == BS3CG1OPLOC_MEM_RW)
+                    {
+                        PtrUnion.pb = pThis->MemOp.ab;
+                        switch (pThis->aOperands[iOperand].cbOp)
+                        {
+                            case 1: Bs3TestPrintf("op%u: expect mem08: %#04RX8\n", iOperand, *PtrUnion.pu8); break;
+                            case 2: Bs3TestPrintf("op%u: expect mem16: %#06RX16\n", iOperand, *PtrUnion.pu16); break;
+                            case 4: Bs3TestPrintf("op%u: expect mem32: %#010RX32\n", iOperand, *PtrUnion.pu32); break;
+                            case 8: Bs3TestPrintf("op%u: expect mem64: %#018RX64\n", iOperand, *PtrUnion.pu64); break;
+                            default:
+                                Bs3TestPrintf("op%u: expect mem%u: %.*Rhxs\n", iOperand, pThis->aOperands[iOperand].cbOp * 8,
+                                              pThis->aOperands[iOperand].cbOp, PtrUnion.pb);
+                                break;
+                        }
+                    }
                 }
+                else
+                    Bs3TestPrintf("op%u: mem%u: zero off value!!\n", iOperand, pThis->aOperands[iOperand].cbOp * 8);
                 break;
         }
@@ -3153 +3182 @@
     Bs3TestPrintf("-- Expected context:\n");
     Bs3RegCtxPrint(&pThis->Ctx);
+    if (pThis->fWorkExtCtx)
+        Bs3TestPrintf("xcr0=%RX64\n", pThis->pExtCtx->fXcr0Saved);
     Bs3TestPrintf("-- Actual context:\n");
     Bs3TrapPrintFrame(&pThis->TrapFrame);
+    if (pThis->fWorkExtCtx)
+        Bs3TestPrintf("xcr0=%RX64\n", pThis->pResultExtCtx->fXcr0Saved);
     Bs3TestPrintf("\n");
     return false;
@@ -3215 +3248 @@
     pThis->pszMode            = Bs3GetModeName(bMode);
     pThis->pszModeShort       = Bs3GetModeNameShortLower(bMode);
+    pThis->bCpuVendor         = Bs3GetCpuVendor();
     pThis->pchMnemonic        = g_achBs3Cg1Mnemonics;
     pThis->pabOperands        = g_abBs3Cg1Operands;
@@ -3566 +3600 @@
                                 pThis->Ctx.rflags.u32 &= ~X86_EFL_RF;
                                 pThis->Ctx.rflags.u32 |= pThis->TrapFrame.Ctx.rflags.u32 & X86_EFL_RF;
-                                pThis->bValueXcpt      = UINT8_MAX;
+                                pThis->bValueXcpt      = UINT8_MAX; //???
                                 if (   pThis->fInvalidEncoding
                                     || pThis->bAlignmentXcpt != UINT8_MAX
@@ -3574 +3608 @@
                                                                 &pThis->TrapFrame.Ctx, NULL /*pbCode*/))
                                 {
-                                    Bs3Cg1CheckResult(pThis, bTestXcptExpected, iEncoding);
+                                    Bs3Cg1CheckResult(pThis, bTestXcptExpected, false /*fInvalidEncodingPgFault*/, iEncoding);
+                                }
+
+                                /*
+                                 * If this is an invalid encoding or instruction, check that we
+                                 * get a page fault when shortening it by one byte.
+                                 * (Since we didn't execute the output context modifier, we don't
+                                 * need to re-initialize the start context.)
+                                 */
+                                if (   pThis->fInvalidEncoding
+                                    && BS3_MODE_IS_PAGED(pThis->bMode)
+                                    && pThis->cbCurInstr)
+                                {
+                                    pbCode  += 1;
+                                    offCode += 1;
+                                    pThis->Ctx.rip.u = pThis->CodePgRip + offCode;
+                                    Bs3MemCpy(pbCode, pThis->abCurInstr, pThis->cbCurInstr - 1);
+
+                                    /* Run the instruction. */
+                                    BS3CG1_DPRINTF(("dbg:  Running test #%u (cut short #PF)\n", pThis->iTest));
+                                    //Bs3RegCtxPrint(&pThis->Ctx);
+                                    if (pThis->fWorkExtCtx)
+                                        Bs3ExtCtxRestore(pThis->pExtCtx);
+                                    Bs3TrapSetJmpAndRestore(&pThis->Ctx, &pThis->TrapFrame);
+                                    if (pThis->fWorkExtCtx)
+                                        Bs3ExtCtxSave(pThis->pResultExtCtx);
+                                    BS3CG1_DPRINTF(("dbg:  bXcpt=%#x rip=%RX64 -> %RX64 (cut short #PF)\n",
+                                                    pThis->TrapFrame.bXcpt, pThis->Ctx.rip.u, pThis->TrapFrame.Ctx.rip.u));
+
+                                    /* Check it */
+                                    pThis->Ctx.rflags.u32 &= ~X86_EFL_RF;
+                                    pThis->Ctx.rflags.u32 |= pThis->TrapFrame.Ctx.rflags.u32 & X86_EFL_RF;
+                                    Bs3Cg1CheckResult(pThis, X86_XCPT_PF, true /*fInvalidEncodingPgFault*/, iEncoding);
                                 }
                             }
@@ -3614 +3680 @@
 #if 0
     /* (for debugging) */
-    if (bMode >= BS3_MODE_PE16)
+    if (bMode != BS3_MODE_PPV86)
         return BS3TESTDOMODE_SKIPPED;
 #endif

trunk/src/VBox/ValidationKit/bootsectors/bs3-cpu-generated-1.h

@@ -575 +575 @@
 typedef enum BS3CG1PRED
 {
-     BS3CG1PRED_INVALID = 0,
-
-     /* Operand size. */
-     BS3CG1PRED_SIZE_O16,
-     BS3CG1PRED_SIZE_O32,
-     BS3CG1PRED_SIZE_O64,
-     /* Execution ring. */
-     BS3CG1PRED_RING_0,
-     BS3CG1PRED_RING_1,
-     BS3CG1PRED_RING_2,
-     BS3CG1PRED_RING_3,
-     BS3CG1PRED_RING_0_THRU_2,
-     BS3CG1PRED_RING_1_THRU_3,
-     /* Basic code mode. */
-     BS3CG1PRED_CODE_64BIT,
-     BS3CG1PRED_CODE_32BIT,
-     BS3CG1PRED_CODE_16BIT,
-     /* CPU modes. */
-     BS3CG1PRED_MODE_REAL,
-     BS3CG1PRED_MODE_PROT,
-     BS3CG1PRED_MODE_LONG,
-     BS3CG1PRED_MODE_V86,
-     BS3CG1PRED_MODE_SMM,
-     BS3CG1PRED_MODE_VMX,
-     BS3CG1PRED_MODE_SVM,
-     /* Paging on/off */
-     BS3CG1PRED_PAGING_ON,
-     BS3CG1PRED_PAGING_OFF,
-
-     BS3CG1PRED_END
+    BS3CG1PRED_INVALID = 0,
+
+    /* Operand size. */
+    BS3CG1PRED_SIZE_O16,
+    BS3CG1PRED_SIZE_O32,
+    BS3CG1PRED_SIZE_O64,
+    /* Execution ring. */
+    BS3CG1PRED_RING_0,
+    BS3CG1PRED_RING_1,
+    BS3CG1PRED_RING_2,
+    BS3CG1PRED_RING_3,
+    BS3CG1PRED_RING_0_THRU_2,
+    BS3CG1PRED_RING_1_THRU_3,
+    /* Basic code mode. */
+    BS3CG1PRED_CODE_64BIT,
+    BS3CG1PRED_CODE_32BIT,
+    BS3CG1PRED_CODE_16BIT,
+    /* CPU modes. */
+    BS3CG1PRED_MODE_REAL,
+    BS3CG1PRED_MODE_PROT,
+    BS3CG1PRED_MODE_LONG,
+    BS3CG1PRED_MODE_V86,
+    BS3CG1PRED_MODE_SMM,
+    BS3CG1PRED_MODE_VMX,
+    BS3CG1PRED_MODE_SVM,
+    /* Paging on/off */
+    BS3CG1PRED_PAGING_ON,
+    BS3CG1PRED_PAGING_OFF,
+    /* CPU Vendors. */
+    BS3CG1PRED_VENDOR_AMD,
+    BS3CG1PRED_VENDOR_INTEL,
+    BS3CG1PRED_VENDOR_VIA,
+
+    BS3CG1PRED_END
 } BS3CG1PRED;