Changeset 97441 in vbox for trunk/src/VBox/VMM

Timestamp:

Nov 8, 2022 12:07:49 AM (2 years ago)

Author:

vboxsync

Message:

VMM/IEM: Single stepping for short and near jumps (relative) and corrected o16 prefix behaviour on intel CPUs in 64-bit mode (ignored). Also, #DB seems to implicitly clear, or at least not set, the resume flag (RF). bugref:9898

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/IEMAll.cpp (modified) (8 diffs)
• VMMAll/IEMAllInstructionsOneByte.cpp.h (modified) (18 diffs)
• VMMAll/IEMAllInstructionsTwoByte0f.cpp.h (modified) (16 diffs)
• include/IEMInline.h (modified) (2 diffs)
• include/IEMInternal.h (modified) (1 diff)
• include/IEMMc.h (modified) (1 diff)
• include/IEMOpHlp.h (modified) (1 diff)
• testcase/tstIEMCheckMc.cpp (modified) (1 diff)

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -3927 +3927 @@
 VBOXSTRICTRC iemRaiseDebugException(PVMCPUCC pVCpu) RT_NOEXCEPT
 {
-    /** @todo set/clear RF. */
+    /* This always clears RF (via IEM_XCPT_FLAGS_DRx_INSTR_BP). */
     pVCpu->cpum.GstCtx.dr[7] &= ~X86_DR7_GD;
-    return iemRaiseXcptOrInt(pVCpu, 0, X86_XCPT_DB, IEM_XCPT_FLAGS_T_CPU_XCPT, 0, 0);
+    return iemRaiseXcptOrInt(pVCpu, 0, X86_XCPT_DB, IEM_XCPT_FLAGS_T_CPU_XCPT | IEM_XCPT_FLAGS_DRx_INSTR_BP, 0, 0);
 }
 
@@ -4291 +4291 @@
  *
  * @param   pVCpu               The cross context virtual CPU structure of the calling thread.
+ * @param   cbInstr             Instruction size.
  * @param   offNextInstr        The offset of the next instruction.
- */
-VBOXSTRICTRC iemRegRipRelativeJumpS8(PVMCPUCC pVCpu, int8_t offNextInstr) RT_NOEXCEPT
-{
-    switch (pVCpu->iem.s.enmEffOpSize)
+ * @param   enmEffOpSize        Effective operand size.
+ */
+VBOXSTRICTRC iemRegRipRelativeJumpS8AndFinishClearingRF(PVMCPUCC pVCpu, uint8_t cbInstr, int8_t offNextInstr,
+                                                        IEMMODE enmEffOpSize) RT_NOEXCEPT
+{
+    switch (enmEffOpSize)
     {
         case IEMMODE_16BIT:
         {
-            uint16_t uNewIp = pVCpu->cpum.GstCtx.ip + offNextInstr + IEM_GET_INSTR_LEN(pVCpu);
-            if (   uNewIp > pVCpu->cpum.GstCtx.cs.u32Limit
-                && pVCpu->iem.s.enmCpuMode != IEMMODE_64BIT) /* no need to check for non-canonical. */
+            uint16_t const uNewIp = pVCpu->cpum.GstCtx.ip + cbInstr + (int16_t)offNextInstr;
+            if (RT_LIKELY(   uNewIp <= pVCpu->cpum.GstCtx.cs.u32Limit
+                          || pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT /* no CS limit checks in 64-bit mode */))
+                pVCpu->cpum.GstCtx.rip = uNewIp;
+            else
                 return iemRaiseGeneralProtectionFault0(pVCpu);
-            pVCpu->cpum.GstCtx.rip = uNewIp;
             break;
         }
@@ -4309 +4313 @@
         case IEMMODE_32BIT:
         {
+            Assert(pVCpu->iem.s.enmCpuMode != IEMMODE_64BIT);
             Assert(pVCpu->cpum.GstCtx.rip <= UINT32_MAX);
-            Assert(pVCpu->iem.s.enmCpuMode != IEMMODE_64BIT);
-
-            uint32_t uNewEip = pVCpu->cpum.GstCtx.eip + offNextInstr + IEM_GET_INSTR_LEN(pVCpu);
-            if (uNewEip > pVCpu->cpum.GstCtx.cs.u32Limit)
+
+            uint32_t const uNewEip = pVCpu->cpum.GstCtx.eip + cbInstr + (int32_t)offNextInstr;
+            if (RT_LIKELY(uNewEip <= pVCpu->cpum.GstCtx.cs.u32Limit))
+                pVCpu->cpum.GstCtx.rip = uNewEip;
+            else
                 return iemRaiseGeneralProtectionFault0(pVCpu);
-            pVCpu->cpum.GstCtx.rip = uNewEip;
             break;
         }
@@ -4323 +4328 @@
             Assert(pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT);
 
-            uint64_t uNewRip = pVCpu->cpum.GstCtx.rip + offNextInstr + IEM_GET_INSTR_LEN(pVCpu);
-            if (!IEM_IS_CANONICAL(uNewRip))
+            uint64_t const uNewRip = pVCpu->cpum.GstCtx.rip + cbInstr + (int64_t)offNextInstr;
+            if (RT_LIKELY(IEM_IS_CANONICAL(uNewRip)))
+                pVCpu->cpum.GstCtx.rip = uNewRip;
+            else
                 return iemRaiseGeneralProtectionFault0(pVCpu);
-            pVCpu->cpum.GstCtx.rip = uNewRip;
             break;
         }
@@ -4333 +4339 @@
     }
 
-    pVCpu->cpum.GstCtx.eflags.Bits.u1RF = 0;
+#ifndef IEM_WITH_CODE_TLB
+    /* Flush the prefetch buffer. */
+    pVCpu->iem.s.cbOpcode = cbInstr;
+#endif
+
+    /*
+     * Clear RF and finish the instruction (maybe raise #DB).
+     */
+    return iemRegFinishClearingRF(pVCpu);
+}
+
+
+/**
+ * Adds a 16-bit signed jump offset to RIP/EIP/IP.
+ *
+ * May raise a \#GP(0) if the new RIP is non-canonical or outside the code
+ * segment limit.
+ *
+ * @returns Strict VBox status code.
+ * @param   pVCpu               The cross context virtual CPU structure of the calling thread.
+ * @param   cbInstr             Instruction size.
+ * @param   offNextInstr        The offset of the next instruction.
+ */
+VBOXSTRICTRC iemRegRipRelativeJumpS16AndFinishClearingRF(PVMCPUCC pVCpu, uint8_t cbInstr, int16_t offNextInstr) RT_NOEXCEPT
+{
+    Assert(pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT);
+
+    uint16_t const uNewIp = pVCpu->cpum.GstCtx.ip + cbInstr + offNextInstr;
+    if (RT_LIKELY(   uNewIp <= pVCpu->cpum.GstCtx.cs.u32Limit
+                  || pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT /* no limit checking in 64-bit mode */))
+        pVCpu->cpum.GstCtx.rip = uNewIp;
+    else
+        return iemRaiseGeneralProtectionFault0(pVCpu);
 
 #ifndef IEM_WITH_CODE_TLB
@@ -4340 +4378 @@
 #endif
 
-    return VINF_SUCCESS;
-}
-
-
-/**
- * Adds a 16-bit signed jump offset to RIP/EIP/IP.
+    /*
+     * Clear RF and finish the instruction (maybe raise #DB).
+     */
+    return iemRegFinishClearingRF(pVCpu);
+}
+
+
+/**
+ * Adds a 32-bit signed jump offset to RIP/EIP/IP.
  *
  * May raise a \#GP(0) if the new RIP is non-canonical or outside the code
@@ -4354 +4395 @@
  * @param   offNextInstr        The offset of the next instruction.
  */
-VBOXSTRICTRC iemRegRipRelativeJumpS16(PVMCPUCC pVCpu, int16_t offNextInstr) RT_NOEXCEPT
-{
-    Assert(pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT);
-
-    uint16_t uNewIp = pVCpu->cpum.GstCtx.ip + offNextInstr + IEM_GET_INSTR_LEN(pVCpu);
-    if (   uNewIp > pVCpu->cpum.GstCtx.cs.u32Limit
-        && pVCpu->iem.s.enmCpuMode != IEMMODE_64BIT) /* no need to check for non-canonical. */
-        return iemRaiseGeneralProtectionFault0(pVCpu);
-    /** @todo Test 16-bit jump in 64-bit mode. possible?  */
-    pVCpu->cpum.GstCtx.rip = uNewIp;
-    pVCpu->cpum.GstCtx.eflags.Bits.u1RF = 0;
+VBOXSTRICTRC iemRegRipRelativeJumpS32AndFinishClearingRF(PVMCPUCC pVCpu, uint8_t cbInstr, int32_t offNextInstr,
+                                                         IEMMODE enmEffOpSize) RT_NOEXCEPT
+{
+    if (enmEffOpSize == IEMMODE_32BIT)
+    {
+        Assert(pVCpu->cpum.GstCtx.rip <= UINT32_MAX); Assert(pVCpu->iem.s.enmCpuMode != IEMMODE_64BIT);
+
+        uint32_t const uNewEip = pVCpu->cpum.GstCtx.eip + cbInstr + offNextInstr;
+        if (RT_LIKELY(uNewEip <= pVCpu->cpum.GstCtx.cs.u32Limit))
+            pVCpu->cpum.GstCtx.rip = uNewEip;
+        else
+            return iemRaiseGeneralProtectionFault0(pVCpu);
+    }
+    else
+    {
+        Assert(enmEffOpSize == IEMMODE_64BIT);
+
+        uint64_t const uNewRip = pVCpu->cpum.GstCtx.rip + cbInstr + (int64_t)offNextInstr;
+        if (RT_LIKELY(IEM_IS_CANONICAL(uNewRip)))
+            pVCpu->cpum.GstCtx.rip = uNewRip;
+        else
+            return iemRaiseGeneralProtectionFault0(pVCpu);
+    }
 
 #ifndef IEM_WITH_CODE_TLB
@@ -4371 +4424 @@
 #endif
 
-    return VINF_SUCCESS;
-}
-
-
-/**
- * Adds a 32-bit signed jump offset to RIP/EIP/IP.
- *
- * May raise a \#GP(0) if the new RIP is non-canonical or outside the code
- * segment limit.
- *
- * @returns Strict VBox status code.
- * @param   pVCpu               The cross context virtual CPU structure of the calling thread.
- * @param   offNextInstr        The offset of the next instruction.
- */
-VBOXSTRICTRC iemRegRipRelativeJumpS32(PVMCPUCC pVCpu, int32_t offNextInstr) RT_NOEXCEPT
-{
-    Assert(pVCpu->iem.s.enmEffOpSize != IEMMODE_16BIT);
-
-    if (pVCpu->iem.s.enmEffOpSize == IEMMODE_32BIT)
-    {
-        Assert(pVCpu->cpum.GstCtx.rip <= UINT32_MAX); Assert(pVCpu->iem.s.enmCpuMode != IEMMODE_64BIT);
-
-        uint32_t uNewEip = pVCpu->cpum.GstCtx.eip + offNextInstr + IEM_GET_INSTR_LEN(pVCpu);
-        if (uNewEip > pVCpu->cpum.GstCtx.cs.u32Limit)
-            return iemRaiseGeneralProtectionFault0(pVCpu);
-        pVCpu->cpum.GstCtx.rip = uNewEip;
-    }
-    else
-    {
-        Assert(pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT);
-
-        uint64_t uNewRip = pVCpu->cpum.GstCtx.rip + offNextInstr + IEM_GET_INSTR_LEN(pVCpu);
-        if (!IEM_IS_CANONICAL(uNewRip))
-            return iemRaiseGeneralProtectionFault0(pVCpu);
-        pVCpu->cpum.GstCtx.rip = uNewRip;
-    }
-    pVCpu->cpum.GstCtx.eflags.Bits.u1RF = 0;
-
-#ifndef IEM_WITH_CODE_TLB
-    /* Flush the prefetch buffer. */
-    pVCpu->iem.s.cbOpcode = IEM_GET_INSTR_LEN(pVCpu);
-#endif
-
-    return VINF_SUCCESS;
+    /*
+     * Clear RF and finish the instruction (maybe raise #DB).
+     */
+    return iemRegFinishClearingRF(pVCpu);
 }
 

trunk/src/VBox/VMM/VMMAll/IEMAllInstructionsOneByte.cpp.h

@@ -2800 +2800 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2820 +2820 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2839 +2839 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2859 +2859 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2879 +2879 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2899 +2899 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2919 +2919 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2939 +2939 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2959 +2959 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2979 +2979 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -2999 +2999 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -3019 +3019 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -3039 +3039 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -3059 +3059 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -3079 +3079 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -3099 +3099 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);
@@ -10505 +10505 @@
 {
     IEMOP_MNEMONIC(jmp_Jv, "jmp Jv");
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     switch (pVCpu->iem.s.enmEffOpSize)
     {
@@ -10560 +10560 @@
     int8_t i8Imm; IEM_OPCODE_GET_NEXT_S8(&i8Imm);
     IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
 
     IEM_MC_BEGIN(0, 0);

trunk/src/VBox/VMM/VMMAll/IEMAllInstructionsTwoByte0f.cpp.h

@@ -7695 +7695 @@
     IEMOP_MNEMONIC(jo_Jv, "jo  Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7730 +7730 @@
     IEMOP_MNEMONIC(jno_Jv, "jno Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7765 +7765 @@
     IEMOP_MNEMONIC(jc_Jv, "jc/jb/jnae Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7800 +7800 @@
     IEMOP_MNEMONIC(jnc_Jv, "jnc/jnb/jae Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7835 +7835 @@
     IEMOP_MNEMONIC(je_Jv, "je/jz Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7870 +7870 @@
     IEMOP_MNEMONIC(jne_Jv, "jne/jnz Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7905 +7905 @@
     IEMOP_MNEMONIC(jbe_Jv, "jbe/jna Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7940 +7940 @@
     IEMOP_MNEMONIC(ja_Jv, "jnbe/ja Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -7975 +7975 @@
     IEMOP_MNEMONIC(js_Jv, "js  Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -8010 +8010 @@
     IEMOP_MNEMONIC(jns_Jv, "jns Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -8045 +8045 @@
     IEMOP_MNEMONIC(jp_Jv, "jp  Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -8080 +8080 @@
     IEMOP_MNEMONIC(jnp_Jv, "jnp Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -8115 +8115 @@
     IEMOP_MNEMONIC(jl_Jv, "jl/jnge Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -8150 +8150 @@
     IEMOP_MNEMONIC(jge_Jv, "jnl/jge Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -8185 +8185 @@
     IEMOP_MNEMONIC(jle_Jv, "jle/jng Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {
@@ -8220 +8220 @@
     IEMOP_MNEMONIC(jg_Jv, "jnle/jg Jv");
     IEMOP_HLP_MIN_386();
-    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE();
+    IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX();
     if (pVCpu->iem.s.enmEffOpSize == IEMMODE_16BIT)
     {

trunk/src/VBox/VMM/include/IEMInline.h

@@ -1288 +1288 @@
 
 
+/**
+ * Sets the default operand size to 64-bit and recalculates the effective
+ * operand size, with intel ignoring any operand size prefix (AMD respects it).
+ *
+ * This is for the relative jumps.
+ *
+ * @param   pVCpu               The cross context virtual CPU structure of the calling thread.
+ */
+DECLINLINE(void) iemRecalEffOpSize64DefaultAndIntelIgnoresOpSizePrefix(PVMCPUCC pVCpu)
+{
+    Assert(pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT);
+    pVCpu->iem.s.enmDefOpSize = IEMMODE_64BIT;
+    if (   (pVCpu->iem.s.fPrefixes & (IEM_OP_PRF_SIZE_REX_W | IEM_OP_PRF_SIZE_OP)) != IEM_OP_PRF_SIZE_OP
+        || pVCpu->iem.s.enmCpuVendor == CPUMCPUVENDOR_INTEL)
+        pVCpu->iem.s.enmEffOpSize = IEMMODE_64BIT;
+    else
+        pVCpu->iem.s.enmEffOpSize = IEMMODE_16BIT;
+}
+
+
 
 
@@ -1585 +1605 @@
     uint64_t const uRipNext = uRipPrev + cbInstr;
     if (RT_LIKELY(   !((uRipNext ^ uRipPrev) & (RT_BIT_64(32) | RT_BIT_64(16)))
-                  || CPUMIsGuestIn64BitCodeEx(&pVCpu->cpum.GstCtx)))
+                  || pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT))
         pVCpu->cpum.GstCtx.rip = uRipNext;
     else if (IEM_GET_TARGET_CPU(pVCpu) >= IEMTARGETCPU_386)

trunk/src/VBox/VMM/include/IEMInternal.h

@@ -3729 +3729 @@
 /** @name Register Access.
  * @{ */
-VBOXSTRICTRC    iemRegRipRelativeJumpS8(PVMCPUCC pVCpu, int8_t offNextInstr) RT_NOEXCEPT;
-VBOXSTRICTRC    iemRegRipRelativeJumpS16(PVMCPUCC pVCpu, int16_t offNextInstr) RT_NOEXCEPT;
-VBOXSTRICTRC    iemRegRipRelativeJumpS32(PVMCPUCC pVCpu, int32_t offNextInstr) RT_NOEXCEPT;
+VBOXSTRICTRC    iemRegRipRelativeJumpS8AndFinishClearingRF(PVMCPUCC pVCpu, uint8_t cbInstr, int8_t offNextInstr,
+                                                           IEMMODE enmEffOpSize) RT_NOEXCEPT;
+VBOXSTRICTRC    iemRegRipRelativeJumpS16AndFinishClearingRF(PVMCPUCC pVCpu, uint8_t cbInstr, int16_t offNextInstr) RT_NOEXCEPT;
+VBOXSTRICTRC    iemRegRipRelativeJumpS32AndFinishClearingRF(PVMCPUCC pVCpu, uint8_t cbInstr, int32_t offNextInstr,
+                                                            IEMMODE enmEffOpSize) RT_NOEXCEPT;
 VBOXSTRICTRC    iemRegRipJump(PVMCPUCC pVCpu, uint64_t uNewRip) RT_NOEXCEPT;
 /** @} */

trunk/src/VBox/VMM/include/IEMMc.h

@@ -55 +55 @@
 /** Advances RIP, finishes the instruction and returns.
  * This may include raising debug exceptions and such. */
-#define IEM_MC_ADVANCE_RIP_AND_FINISH()                 return iemRegUpdateRipAndFinishClearingRF(pVCpu)
+#define IEM_MC_ADVANCE_RIP_AND_FINISH()                 return iemRegAddToRipAndFinishingClearingRF(pVCpu, IEM_GET_INSTR_LEN(pVCpu))
 /** Sets RIP (may trigger \#GP), finishes the instruction and returns. */
-#define IEM_MC_REL_JMP_S8_AND_FINISH(a_i8)              return iemRegRipRelativeJumpS8(pVCpu, (a_i8))
+#define IEM_MC_REL_JMP_S8_AND_FINISH(a_i8) \
+    return iemRegRipRelativeJumpS8AndFinishClearingRF(pVCpu, IEM_GET_INSTR_LEN(pVCpu), (a_i8), pVCpu->iem.s.enmEffOpSize)
+/** Sets RIP (may trigger \#GP), finishes the instruction and returns.
+ * @note only usable in 16-bit op size mode.  */
+#define IEM_MC_REL_JMP_S16_AND_FINISH(a_i16) \
+    return iemRegRipRelativeJumpS16AndFinishClearingRF(pVCpu, IEM_GET_INSTR_LEN(pVCpu), (a_i16))
 /** Sets RIP (may trigger \#GP), finishes the instruction and returns. */
-#define IEM_MC_REL_JMP_S16_AND_FINISH(a_i16)            return iemRegRipRelativeJumpS16(pVCpu, (a_i16))
-/** Sets RIP (may trigger \#GP), finishes the instruction and returns. */
-#define IEM_MC_REL_JMP_S32_AND_FINISH(a_i32)            return iemRegRipRelativeJumpS32(pVCpu, (a_i32))
+#define IEM_MC_REL_JMP_S32_AND_FINISH(a_i32) \
+    return iemRegRipRelativeJumpS32AndFinishClearingRF(pVCpu, IEM_GET_INSTR_LEN(pVCpu), (a_i32), pVCpu->iem.s.enmEffOpSize)
 /** Sets RIP (may trigger \#GP), finishes the instruction and returns. */
 #define IEM_MC_SET_RIP_U16_AND_FINISH(a_u16NewIP)       return iemRegRipJump((pVCpu), (a_u16NewIP))

trunk/src/VBox/VMM/include/IEMOpHlp.h

@@ -367 +367 @@
     } while (0)
 
+/** The instruction defaults to 64-bit operand size if 64-bit mode and intel
+ *  CPUs ignore the operand size prefix complete (e.g. relative jumps). */
+#define IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX() \
+    do \
+    { \
+        if (pVCpu->iem.s.enmCpuMode == IEMMODE_64BIT) \
+            iemRecalEffOpSize64DefaultAndIntelIgnoresOpSizePrefix(pVCpu); \
+    } while (0)
+
 /** The instruction has 64-bit operand size if 64-bit mode. */
 #define IEMOP_HLP_64BIT_OP_SIZE() \

trunk/src/VBox/VMM/testcase/tstIEMCheckMc.cpp

@@ -157 +157 @@
 #define IEMOP_HLP_64BIT_OP_SIZE()                           do { } while (0)
 #define IEMOP_HLP_DEFAULT_64BIT_OP_SIZE()                   do { } while (0)
+#define IEMOP_HLP_DEFAULT_64BIT_OP_SIZE_AND_INTEL_IGNORES_OP_SIZE_PREFIX()                          do { } while (0)
 #define IEMOP_HLP_CLEAR_REX_NOT_BEFORE_OPCODE(a_szPrf)      do { } while (0)
 #define IEMOP_HLP_DONE_DECODING_NO_LOCK_PREFIX()            do { } while (0)