VirtualBox

Changeset 97334 in vbox for trunk/src/VBox/VMM


Ignore:
Timestamp:
Oct 28, 2022 2:17:25 PM (2 years ago)
Author:
vboxsync
svn:sync-xref-src-repo-rev:
154331
Message:

VMM/IEM: Address issues in iemRegAddToRipAndClearRF wrt wrap-around.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/VMM/include/IEMInline.h

    r97289 r97334  
    15631563}
    15641564
    1565 
     1565#if 0 /* unused and buggy */
    15661566/**
    15671567 * Updates the RIP/EIP/IP to point to the next instruction.
     
    15931593    }
    15941594}
    1595 
     1595#endif
    15961596
    15971597#if 0
     
    16061606}
    16071607#endif
    1608 
    1609 
    16101608
    16111609/**
     
    16181616DECLINLINE(void) iemRegAddToRipAndClearRF(PVMCPUCC pVCpu, uint8_t cbInstr)
    16191617{
    1620     /* Clear RF and interrupt shadowing: */
     1618    /*
     1619     * Advance RIP.
     1620     *
     1621     * When we're targetting 8086/8, 80186/8 or 80286 mode the updates are 16-bit,
     1622     * while in all other modes except LM64 the updates are 32-bit.  This means
     1623     * we need to watch for both 32-bit and 16-bit "carry" situations, i.e.
     1624     * 4GB and 64KB rollovers, and decide whether anything needs masking.
     1625     *
     1626     * See PC wrap around tests in bs3-cpu-weird-1.
     1627     */
     1628    uint64_t const uRipPrev = pVCpu->cpum.GstCtx.rip;
     1629    uint64_t const uRipNext = uRipPrev + cbInstr;
     1630    if (RT_LIKELY(   !((uRipNext ^ uRipPrev) & (RT_BIT_64(32) | RT_BIT_64(16)))
     1631                  || CPUMIsGuestIn64BitCodeEx(&pVCpu->cpum.GstCtx)))
     1632        pVCpu->cpum.GstCtx.rip = uRipNext;
     1633    else if (IEM_GET_TARGET_CPU(pVCpu) >= IEMTARGETCPU_386)
     1634        pVCpu->cpum.GstCtx.rip = (uint32_t)uRipNext;
     1635    else
     1636        pVCpu->cpum.GstCtx.rip = (uint16_t)uRipNext;
     1637
     1638    /*
     1639     * Clear RF and interrupt shadowing.
     1640     */
    16211641    AssertCompile(CPUMCTX_INHIBIT_SHADOW < UINT32_MAX);
    16221642    pVCpu->cpum.GstCtx.eflags.uBoth &= ~(X86_EFL_RF | CPUMCTX_INHIBIT_SHADOW);
    1623 
    1624     /* Update RIP: */
    1625 #if ARCH_BITS >= 64
    1626     AssertCompile(IEMMODE_16BIT == 0 && IEMMODE_32BIT == 1 && IEMMODE_64BIT == 2);
    1627     static uint64_t const s_aRipMasks[] = { UINT64_C(0xffffffff), UINT64_C(0xffffffff), UINT64_MAX };
    1628     Assert(pVCpu->cpum.GstCtx.rip <= s_aRipMasks[(unsigned)pVCpu->iem.s.enmCpuMode]);
    1629     pVCpu->cpum.GstCtx.rip = (pVCpu->cpum.GstCtx.rip + cbInstr) & s_aRipMasks[(unsigned)pVCpu->iem.s.enmCpuMode];
    1630 #else
    1631     if (pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT)
    1632         pVCpu->cpum.GstCtx.rip += cbInstr;
    1633     else
    1634         pVCpu->cpum.GstCtx.eip += cbInstr;
    1635 #endif
    16361643}
    16371644
Note: See TracChangeset for help on using the changeset viewer.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette