/[gxemul]/trunk/src/cpus/cpu_x86.c
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /trunk/src/cpus/cpu_x86.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 14 - (show annotations)
Mon Oct 8 16:18:51 2007 UTC (16 years, 6 months ago) by dpavlin
File MIME type: text/plain
File size: 86207 byte(s) 
++ trunk/HISTORY	(local)
$Id: HISTORY,v 1.982 2005/10/07 22:45:32 debug Exp $
20050816	Some success in decoding the way the SGI O2 PROM draws graphics
		during bootup; lines/rectangles and bitmaps work, enough to
		show the bootlogo etc. :-)
		Adding more PPC instructions, and (dummy) BAT registers.
20050817	Updating the pckbc to support scancode type 3 keyboards
		(required in order to interact with the SGI O2 PROM).
		Adding more PPC instructions.
20050818	Adding more ARM instructions; general register forms.
		Importing armreg.h from NetBSD (ARM cpu ids). Adding a (dummy)
		CATS machine mode (using SA110 as the default CPU).
		Continuing on general dyntrans related stuff.
20050819	Register forms for ARM load/stores. Gaah! The Compaq C Compiler
		bug is triggered for ARM loads as well, not just PPC :-(
		Adding full support for ARM PC-relative load/stores, and load/
		stores where the PC register is the destination register.
		Adding support for ARM a.out binaries.
20050820	Continuing to add more ARM instructions, and correcting some
		bugs. Continuing on CATS emulation.
		More work on the PPC stuff.
20050821	Minor PPC and ARM updates. Adding more machine types.
20050822	All ARM "data processing instructions" are now generated
		automatically.
20050824	Beginning the work on the ARM system control coprocessor.
		Adding support for ARM halfword load/stores, and signed loads.
20050825	Fixing an important bug related to the ARM condition codes.
		OpenBSD/zaurus and NetBSD/netwinder now print some boot
		messages. :)
		Adding a dummy SH (Hitachi SuperH) cpu family.
		Beginning to add some ARM virtual address translation.
		MIPS bugfixes: unaligned PC now cause an ADEL exception (at
		least for non-bintrans execution), and ADEL/ADES (not
		TLBL/TLBS) are used if userland tries to access kernel space.
		(Thanks to Joshua Wise for making me aware of these bugs.)
20050827	More work on the ARM emulation, and various other updates.
20050828	More ARM updates.
		Finally taking the time to work on translation invalidation
		(i.e. invalidating translated code mappings when memory is
		written to). Hopefully this doesn't break anything.
20050829	Moving CPU related files from src/ to a new subdir, src/cpus/.
		Moving PROM emulation stuff from src/ to src/promemul/.
		Better debug instruction trace for ARM loads and stores.
20050830	Various ARM updates (correcting CMP flag calculation, etc).
20050831	PPC instruction updates. (Flag fixes, etc.)
20050901	Various minor PPC and ARM instruction emulation updates.
		Minor OpenFirmware emulation updates.
20050903	Adding support for adding arbitrary ARM coprocessors (with
		the i80321 I/O coprocessor as a first test).
		Various other ARM and PPC updates.
20050904	Adding some SHcompact disassembly routines.
20050907	(Re)adding a dummy HPPA CPU module, and a dummy i960 module.
20050908	Began hacking on some Apple Partition Table support.
20050909	Adding support for loading Mach-O (Darwin PPC) binaries.
20050910	Fixing an ARM bug (Carry flag was incorrectly updated for some
		data processing instructions); OpenBSD/cats and NetBSD/
		netwinder get quite a bit further now.
		Applying a patch to dev_wdc, and a one-liner to dev_pcic, to
		make them work better when emulating new versions of OpenBSD.
		(Thanks to Alexander Yurchenko for the patches.)
		Also doing some other minor updates to dev_wdc. (Some cleanup,
		and finally converting to devinit, etc.)
20050912	IRIX doesn't have u_int64_t by default (noticed by Andreas
		<avr@gnulinux.nl>); configure updated to reflect this.
		Working on ARM register bank switching, CPSR vs SPSR issues,
		and beginning the work on interrupt/exception support.
20050913	Various minor ARM updates (speeding up load/store multiple,
		and fixing a ROR bug in R(); NetBSD/cats now boots as far as
		OpenBSD/cats).
20050917	Adding a dummy Atmel AVR (8-bit) cpu family skeleton.
20050918	Various minor updates.
20050919	Symbols are now loaded from Mach-O executables.
		Continuing the work on adding ARM exception support.
20050920	More work on ARM stuff: OpenBSD/cats and NetBSD/cats reach
		userland! :-)
20050921	Some more progress on ARM interrupt specifics.
20050923	Fixing linesize for VR4121 (patch by Yurchenko). Also fixing
		linesizes/cachesizes for some other VR4xxx.
		Adding a dummy Acer Labs M1543 PCI-ISA bridge (for CATS) and a
		dummy Symphony Labs 83C553 bridge (for Netwinder), usable by 
		dev_footbridge.
20050924	Some PPC progress.
20050925	More PPC progress.
20050926	PPC progress (fixing some bugs etc); Darwin's kernel gets
		slightly further than before.
20050928	Various updates: footbridge/ISA/pciide stuff, and finally
		fixing the VGA text scroll-by-changing-the-base-offset bug.
20050930	Adding a dummy S3 ViRGE pci card for CATS emulation, which
		both NetBSD and OpenBSD detects as VGA.
		Continuing on Footbridge (timers, ISA interrupt stuff).
20051001	Continuing... there are still bugs, probably interrupt-
		related.
20051002	More work on the Footbridge (interrupt stuff).
20051003	Various minor updates. (Trying to find the bug(s).)
20051004	Continuing on the ARM stuff.
20051005	More ARM-related fixes.
20051007	FINALLY! Found and fixed 2 ARM bugs: 1 memory related, and the
		other was because of an error in the ARM manual (load multiple
		with the S-bit set should _NOT_ load usermode registers, as the
		manual says, but it should load saved registers, which may or
		may not happen to be usermode registers).
		NetBSD/cats and OpenBSD/cats seem to install fine now :-)
		except for a minor bug at the end of the OpenBSD/cats install.
		Updating the documentation, preparing for the next release.
20051008	Continuing with release testing and cleanup.
1 /*
2 * Copyright (C) 2005 Anders Gavare. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are met:
6 *
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 3. The name of the author may not be used to endorse or promote products
13 * derived from this software without specific prior written permission.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 *
27 *
28 * $Id: cpu_x86.c,v 1.3 2005/09/30 14:17:03 debug Exp $
29 *
30 * x86 (and amd64) CPU emulation.
31 *
32 *
33 * TODO: Pretty much everything that has to do with 64-bit and 32-bit modes,
34 * memory translation, flag bits, and so on.
35 *
36 * See http://www.amd.com/us-en/Processors/DevelopWithAMD/
37 * 0,,30_2252_875_7044,00.html for more info on AMD64.
38 *
39 * http://www.cs.ucla.edu/~kohler/class/04f-aos/ref/i386/appa.htm has a
40 * nice overview of the standard i386 opcodes.
41 *
42 * HelpPC (http://members.tripod.com/~oldboard/assembly/) is also useful.
43 */
44
45 #include <stdio.h>
46 #include <stdlib.h>
47 #include <string.h>
48 #include <ctype.h>
49
50 #include "cpu.h"
51 #include "devices.h"
52 #include "machine.h"
53 #include "memory.h"
54 #include "misc.h"
55 #include "symbol.h"
56
57 #define DYNTRANS_DUALMODE_32
58 /* #define DYNTRANS_32 */
59 #define DYNTRANS_VARIABLE_INSTRUCTION_LENGTH
60 #include "tmp_x86_head.c"
61
62
63 static struct x86_model models[] = x86_models;
64 static char *reg_names[N_X86_REGS] = x86_reg_names;
65 static char *reg_names_bytes[8] = x86_reg_names_bytes;
66 static char *seg_names[N_X86_SEGS] = x86_seg_names;
67 static char *cond_names[N_X86_CONDS] = x86_cond_names;
68
69 #define REP_REP 1
70 #define REP_REPNE 2
71
72
73 /*
74 * x86_cpu_new():
75 *
76 * Create a new x86 cpu object.
77 */
78 int x86_cpu_new(struct cpu *cpu, struct memory *mem, struct machine *machine,
79 int cpu_id, char *cpu_type_name)
80 {
81 int i = 0;
82
83 /* Try to find a match: */
84 while (models[i].model_number != 0) {
85 if (strcasecmp(cpu_type_name, models[i].name) == 0)
86 break;
87 i++;
88 }
89
90 if (models[i].name == NULL)
91 return 0;
92
93 cpu->memory_rw = x86_memory_rw;
94 cpu->byte_order = EMUL_LITTLE_ENDIAN;
95
96 cpu->cd.x86.model = models[i];
97
98 /* Initial startup is in 16-bit real mode: */
99 cpu->pc = 0xfff0;
100
101 /* Initial segments: */
102 cpu->cd.x86.descr_cache[X86_S_CS].valid = 1;
103 cpu->cd.x86.descr_cache[X86_S_CS].default_op_size = 16;
104 cpu->cd.x86.descr_cache[X86_S_CS].access_rights = 0x93;
105 cpu->cd.x86.descr_cache[X86_S_CS].base = 0xf0000; /* ffff0000 */
106 cpu->cd.x86.descr_cache[X86_S_CS].limit = 0xffff;
107 cpu->cd.x86.descr_cache[X86_S_CS].descr_type = DESCR_TYPE_CODE;
108 cpu->cd.x86.descr_cache[X86_S_CS].readable = 1;
109 cpu->cd.x86.descr_cache[X86_S_CS].writable = 1;
110 cpu->cd.x86.descr_cache[X86_S_CS].granularity = 0;
111 cpu->cd.x86.s[X86_S_CS] = 0xf000;
112
113 cpu->cd.x86.idtr = 0;
114 cpu->cd.x86.idtr_limit = 0x3ff;
115
116 cpu->translate_address = x86_translate_address;
117
118 cpu->cd.x86.rflags = 0x0002;
119 if (cpu->cd.x86.model.model_number == X86_MODEL_8086)
120 cpu->cd.x86.rflags |= 0xf000;
121
122 /* Only show name and caches etc for CPU nr 0 (in SMP machines): */
123 if (cpu_id == 0) {
124 debug("%s", cpu->name);
125 }
126
127 return 1;
128 }
129
130
131 /*
132 * x86_cpu_dumpinfo():
133 */
134 void x86_cpu_dumpinfo(struct cpu *cpu)
135 {
136 debug(", currently in %s mode", PROTECTED_MODE? "protected" : "real");
137 debug("\n");
138 }
139
140
141 /*
142 * x86_cpu_list_available_types():
143 *
144 * Print a list of available x86 CPU types.
145 */
146 void x86_cpu_list_available_types(void)
147 {
148 int i = 0, j;
149
150 while (models[i].model_number != 0) {
151 debug("%s", models[i].name);
152
153 for (j=0; j<10-strlen(models[i].name); j++)
154 debug(" ");
155 i++;
156 if ((i % 6) == 0 || models[i].name == NULL)
157 debug("\n");
158 }
159 }
160
161
162 /*
163 * x86_cpu_register_dump():
164 *
165 * Dump cpu registers in a relatively readable format.
166 * (gprs and coprocs are mostly useful for the MIPS version of this function.)
167 */
168 void x86_cpu_register_dump(struct cpu *cpu, int gprs, int coprocs)
169 {
170 char *symbol;
171 uint64_t offset;
172 int i, x = cpu->cpu_id;
173
174 if (REAL_MODE) {
175 /* Real-mode: */
176 debug("cpu%i: cs:ip = 0x%04x:0x%04x\n", x,
177 cpu->cd.x86.s[X86_S_CS], (int)cpu->pc);
178
179 debug("cpu%i: ax = 0x%04x bx = 0x%04x cx = 0x%04x dx = "
180 "0x%04x\n", x,
181 (int)cpu->cd.x86.r[X86_R_AX], (int)cpu->cd.x86.r[X86_R_BX],
182 (int)cpu->cd.x86.r[X86_R_CX], (int)cpu->cd.x86.r[X86_R_DX]);
183 debug("cpu%i: si = 0x%04x di = 0x%04x bp = 0x%04x sp = "
184 "0x%04x\n", x,
185 (int)cpu->cd.x86.r[X86_R_SI], (int)cpu->cd.x86.r[X86_R_DI],
186 (int)cpu->cd.x86.r[X86_R_BP], (int)cpu->cd.x86.r[X86_R_SP]);
187
188 debug("cpu%i: ds = 0x%04x es = 0x%04x ss = 0x%04x flags "
189 "= 0x%04x\n", x,
190 (int)cpu->cd.x86.s[X86_S_DS], (int)cpu->cd.x86.s[X86_S_ES],
191 (int)cpu->cd.x86.s[X86_S_SS], (int)cpu->cd.x86.rflags);
192 } else {
193 symbol = get_symbol_name(&cpu->machine->symbol_context,
194 cpu->pc, &offset);
195
196 debug("cpu%i: eip=0x", x);
197 debug("%08x", (int)cpu->pc);
198 debug(" <%s>\n", symbol != NULL? symbol : " no symbol ");
199
200 debug("cpu%i: eax=0x%08x ebx=0x%08x ecx=0x%08x edx="
201 "0x%08x\n", x,
202 (int)cpu->cd.x86.r[X86_R_AX], (int)cpu->cd.x86.r[X86_R_BX],
203 (int)cpu->cd.x86.r[X86_R_CX], (int)cpu->cd.x86.r[X86_R_DX]);
204 debug("cpu%i: esi=0x%08x edi=0x%08x ebp=0x%08x esp="
205 "0x%08x\n", x,
206 (int)cpu->cd.x86.r[X86_R_SI], (int)cpu->cd.x86.r[X86_R_DI],
207 (int)cpu->cd.x86.r[X86_R_BP], (int)cpu->cd.x86.r[X86_R_SP]);
208 #if 0
209 } else {
210 /* 64-bit */
211 symbol = get_symbol_name(&cpu->machine->symbol_context,
212 cpu->pc, &offset);
213
214 debug("cpu%i: rip = 0x", x);
215 debug("%016llx", (long long)cpu->pc);
216 debug(" <%s>\n", symbol != NULL? symbol : " no symbol ");
217
218 for (i=0; i<N_X86_REGS; i++) {
219 if ((i & 1) == 0)
220 debug("cpu%i:", x);
221 debug(" r%s = 0x%016llx", reg_names[i],
222 (long long)cpu->cd.x86.r[i]);
223 if ((i & 1) == 1)
224 debug("\n");
225 }
226 #endif
227 }
228
229 if (coprocs != 0) {
230 for (i=0; i<6; i++) {
231 debug("cpu%i: %s=0x%04x (", x, seg_names[i],
232 cpu->cd.x86.s[i]);
233 if (cpu->cd.x86.descr_cache[i].valid) {
234 debug("base=0x%08x, limit=0x%08x, ",
235 (int)cpu->cd.x86.descr_cache[i].base,
236 (int)cpu->cd.x86.descr_cache[i].limit);
237 debug("%s", cpu->cd.x86.descr_cache[i].
238 descr_type==DESCR_TYPE_CODE?"CODE":"DATA");
239 debug(", %i-bit", cpu->cd.x86.descr_cache[i].
240 default_op_size);
241 debug(", %s%s", cpu->cd.x86.descr_cache[i].
242 readable? "R" : "-", cpu->cd.x86.
243 descr_cache[i].writable? "W" : "-");
244 } else
245 debug("invalid");
246 debug(")\n");
247 }
248 debug("cpu%i: gdtr=0x%08llx:0x%04x idtr=0x%08llx:0x%04x "
249 " ldtr=0x%08x:0x%04x\n", x, (long long)cpu->cd.x86.gdtr,
250 (int)cpu->cd.x86.gdtr_limit, (long long)cpu->cd.x86.idtr,
251 (int)cpu->cd.x86.idtr_limit, (long long)cpu->cd.x86.
252 ldtr_base, (int)cpu->cd.x86.ldtr_limit);
253 debug("cpu%i: pic1: irr=0x%02x ier=0x%02x isr=0x%02x "
254 "base=0x%02x\n", x, cpu->machine->isa_pic_data.pic1->irr,
255 cpu->machine->isa_pic_data.pic1->ier,
256 cpu->machine->isa_pic_data.pic1->isr,
257 cpu->machine->isa_pic_data.pic1->irq_base);
258 debug("cpu%i: pic2: irr=0x%02x ier=0x%02x isr=0x%02x "
259 "base=0x%02x\n", x, cpu->machine->isa_pic_data.pic2->irr,
260 cpu->machine->isa_pic_data.pic2->ier,
261 cpu->machine->isa_pic_data.pic2->isr,
262 cpu->machine->isa_pic_data.pic2->irq_base);
263 } else if (PROTECTED_MODE) {
264 /* Protected mode: */
265 debug("cpu%i: cs=0x%04x ds=0x%04x es=0x%04x "
266 "fs=0x%04x gs=0x%04x ss=0x%04x\n", x,
267 (int)cpu->cd.x86.s[X86_S_CS], (int)cpu->cd.x86.s[X86_S_DS],
268 (int)cpu->cd.x86.s[X86_S_ES], (int)cpu->cd.x86.s[X86_S_FS],
269 (int)cpu->cd.x86.s[X86_S_GS], (int)cpu->cd.x86.s[X86_S_SS]);
270 }
271
272 if (PROTECTED_MODE) {
273 /* Protected mode: */
274 debug("cpu%i: cr0=0x%08x cr2=0x%08x cr3=0x%08x eflags="
275 "0x%08x\n", x, (int)cpu->cd.x86.cr[0],
276 (int)cpu->cd.x86.cr[2], (int)cpu->cd.x86.cr[3],
277 (int)cpu->cd.x86.rflags);
278 debug("cpu%i: tr = 0x%04x (base=0x%llx, limit=0x%x)\n",
279 x, (int)cpu->cd.x86.tr, (long long)cpu->cd.x86.tr_base,
280 (int)cpu->cd.x86.tr_limit);
281 }
282 }
283
284
285 /*
286 * x86_cpu_register_match():
287 */
288 void x86_cpu_register_match(struct machine *m, char *name,
289 int writeflag, uint64_t *valuep, int *mr)
290 {
291 int cpunr = 0;
292 int r;
293
294 /* CPU number: TODO */
295
296 if (strcasecmp(name, "pc") == 0 || strcasecmp(name, "rip") == 0) {
297 if (writeflag) {
298 m->cpus[cpunr]->pc = *valuep;
299 m->cpus[cpunr]->cd.x86.halted = 0;
300 } else
301 *valuep = m->cpus[cpunr]->pc;
302 *mr = 1;
303 return;
304 }
305 if (strcasecmp(name, "ip") == 0) {
306 if (writeflag) {
307 m->cpus[cpunr]->pc = (m->cpus[cpunr]->pc & ~0xffff)
308 | (*valuep & 0xffff);
309 m->cpus[cpunr]->cd.x86.halted = 0;
310 } else
311 *valuep = m->cpus[cpunr]->pc & 0xffff;
312 *mr = 1;
313 return;
314 }
315 if (strcasecmp(name, "eip") == 0) {
316 if (writeflag) {
317 m->cpus[cpunr]->pc = *valuep;
318 m->cpus[cpunr]->cd.x86.halted = 0;
319 } else
320 *valuep = m->cpus[cpunr]->pc & 0xffffffffULL;
321 *mr = 1;
322 return;
323 }
324
325 if (strcasecmp(name, "rflags") == 0) {
326 if (writeflag)
327 m->cpus[cpunr]->cd.x86.rflags = *valuep;
328 else
329 *valuep = m->cpus[cpunr]->cd.x86.rflags;
330 *mr = 1;
331 return;
332 }
333 if (strcasecmp(name, "eflags") == 0) {
334 if (writeflag)
335 m->cpus[cpunr]->cd.x86.rflags = (m->cpus[cpunr]->
336 cd.x86.rflags & ~0xffffffffULL) | (*valuep &
337 0xffffffffULL);
338 else
339 *valuep = m->cpus[cpunr]->cd.x86.rflags & 0xffffffffULL;
340 *mr = 1;
341 return;
342 }
343 if (strcasecmp(name, "flags") == 0) {
344 if (writeflag)
345 m->cpus[cpunr]->cd.x86.rflags = (m->cpus[cpunr]->
346 cd.x86.rflags & ~0xffff) | (*valuep & 0xffff);
347 else
348 *valuep = m->cpus[cpunr]->cd.x86.rflags & 0xffff;
349 *mr = 1;
350 return;
351 }
352
353 /* 8-bit low: */
354 for (r=0; r<4; r++)
355 if (strcasecmp(name, reg_names_bytes[r]) == 0) {
356 if (writeflag)
357 m->cpus[cpunr]->cd.x86.r[r] =
358 (m->cpus[cpunr]->cd.x86.r[r] & ~0xff)
359 | (*valuep & 0xff);
360 else
361 *valuep = m->cpus[cpunr]->cd.x86.r[r] & 0xff;
362 *mr = 1;
363 return;
364 }
365
366 /* 8-bit high: */
367 for (r=0; r<4; r++)
368 if (strcasecmp(name, reg_names_bytes[r+4]) == 0) {
369 if (writeflag)
370 m->cpus[cpunr]->cd.x86.r[r] =
371 (m->cpus[cpunr]->cd.x86.r[r] & ~0xff00)
372 | ((*valuep & 0xff) << 8);
373 else
374 *valuep = (m->cpus[cpunr]->cd.x86.r[r] >>
375 8) & 0xff;
376 *mr = 1;
377 return;
378 }
379
380 /* 16-, 32-, 64-bit registers: */
381 for (r=0; r<N_X86_REGS; r++) {
382 /* 16-bit: */
383 if (r<8 && strcasecmp(name, reg_names[r]) == 0) {
384 if (writeflag)
385 m->cpus[cpunr]->cd.x86.r[r] =
386 (m->cpus[cpunr]->cd.x86.r[r] & ~0xffff)
387 | (*valuep & 0xffff);
388 else
389 *valuep = m->cpus[cpunr]->cd.x86.r[r] & 0xffff;
390 *mr = 1;
391 return;
392 }
393
394 /* 32-bit: */
395 if (r<8 && (name[0]=='e' || name[0]=='E') &&
396 strcasecmp(name+1, reg_names[r]) == 0) {
397 if (writeflag)
398 m->cpus[cpunr]->cd.x86.r[r] =
399 *valuep & 0xffffffffULL;
400 else
401 *valuep = m->cpus[cpunr]->cd.x86.r[r] &
402 0xffffffffULL;
403 *mr = 1;
404 return;
405 }
406
407 /* 64-bit: */
408 if ((name[0]=='r' || name[0]=='R') &&
409 strcasecmp(name+1, reg_names[r]) == 0) {
410 if (writeflag)
411 m->cpus[cpunr]->cd.x86.r[r] = *valuep;
412 else
413 *valuep = m->cpus[cpunr]->cd.x86.r[r];
414 *mr = 1;
415 return;
416 }
417 }
418
419 /* segment names: */
420 for (r=0; r<N_X86_SEGS; r++) {
421 if (strcasecmp(name, seg_names[r]) == 0) {
422 if (writeflag)
423 m->cpus[cpunr]->cd.x86.s[r] =
424 (m->cpus[cpunr]->cd.x86.s[r] & ~0xffff)
425 | (*valuep & 0xffff);
426 else
427 *valuep = m->cpus[cpunr]->cd.x86.s[r] & 0xffff;
428 *mr = 1;
429 return;
430 }
431 }
432
433 /* control registers: (TODO: 32- vs 64-bit on AMD64?) */
434 if (strncasecmp(name, "cr", 2) == 0 && atoi(name+2) < N_X86_CREGS ) {
435 int r = atoi(name+2);
436 if (writeflag)
437 m->cpus[cpunr]->cd.x86.cr[r] = *valuep;
438 else
439 *valuep = m->cpus[cpunr]->cd.x86.cr[r];
440 *mr = 1;
441 return;
442 }
443 }
444
445
446 /*
447 * x86_cpu_show_full_statistics():
448 *
449 * Show detailed statistics on opcode usage on each cpu.
450 */
451 void x86_cpu_show_full_statistics(struct machine *m)
452 {
453 fatal("x86_cpu_show_full_statistics(): TODO\n");
454 }
455
456
457 /*
458 * x86_cpu_tlbdump():
459 *
460 * Called from the debugger to dump the TLB in a readable format.
461 * x is the cpu number to dump, or -1 to dump all CPUs.
462 *
463 * If rawflag is nonzero, then the TLB contents isn't formated nicely,
464 * just dumped.
465 */
466 void x86_cpu_tlbdump(struct machine *m, int x, int rawflag)
467 {
468 fatal("ppc_cpu_tlbdump(): TODO\n");
469 }
470
471
472 /* Macro which modifies the lower part of a value, or the entire value,
473 depending on 'mode': */
474 #define modify(old,new) ( \
475 mode==16? ( \
476 ((old) & ~0xffff) + ((new) & 0xffff) \
477 ) : ((new) & 0xffffffffULL) )
478
479 /* "volatile" here, because some versions of gcc with -O3 on i386 are buggy */
480 #define HEXPRINT(x,n) { volatile int j; for (j=0; j<(n); j++) \
481 debug("%02x",(x)[j]); }
482 #define HEXSPACES(i) { int j; j = (i)>10? 10:(i); while (j++<10) debug(" "); \
483 debug(" "); }
484 #define SPACES HEXSPACES(ilen)
485
486
487 static uint32_t read_imm_common(unsigned char **instrp, uint64_t *ilenp,
488 int len, int printflag)
489 {
490 uint32_t imm;
491 unsigned char *instr = *instrp;
492
493 if (len == 8)
494 imm = instr[0];
495 else if (len == 16)
496 imm = instr[0] + (instr[1] << 8);
497 else
498 imm = instr[0] + (instr[1] << 8) +
499 (instr[2] << 16) + (instr[3] << 24);
500
501 if (printflag)
502 HEXPRINT(instr, len / 8);
503
504 if (ilenp != NULL)
505 (*ilenp) += len/8;
506
507 (*instrp) += len/8;
508 return imm;
509 }
510
511
512 static uint32_t read_imm_and_print(unsigned char **instrp, uint64_t *ilenp,
513 int mode)
514 {
515 return read_imm_common(instrp, ilenp, mode, 1);
516 }
517
518
519 static uint32_t read_imm(unsigned char **instrp, uint64_t *newpcp,
520 int mode)
521 {
522 return read_imm_common(instrp, newpcp, mode, 0);
523 }
524
525
526 static void print_csip(struct cpu *cpu)
527 {
528 fatal("0x%04x:", cpu->cd.x86.s[X86_S_CS]);
529 if (PROTECTED_MODE)
530 fatal("0x%llx", (long long)cpu->pc);
531 else
532 fatal("0x%04x", (int)cpu->pc);
533 }
534
535
536 /*
537 * x86_cpu_interrupt():
538 *
539 * NOTE: Interacting with the 8259 PIC is done in src/machine.c.
540 */
541 int x86_cpu_interrupt(struct cpu *cpu, uint64_t nr)
542 {
543 if (cpu->machine->md_interrupt != NULL)
544 cpu->machine->md_interrupt(cpu->machine, cpu, nr, 1);
545 else {
546 fatal("x86_cpu_interrupt(): no md_interrupt()?\n");
547 return 1;
548 }
549
550 return 1;
551 }
552
553
554 /*
555 * x86_cpu_interrupt_ack():
556 *
557 * NOTE: Interacting with the 8259 PIC is done in src/machine.c.
558 */
559 int x86_cpu_interrupt_ack(struct cpu *cpu, uint64_t nr)
560 {
561 if (cpu->machine->md_interrupt != NULL)
562 cpu->machine->md_interrupt(cpu->machine, cpu, nr, 0);
563 else {
564 fatal("x86_cpu_interrupt(): no md_interrupt()?\n");
565 return 1;
566 }
567
568 return 1;
569 }
570
571
572 /* (NOTE: Don't use the lowest 3 bits in these defines) */
573 #define RELOAD_TR 0x1000
574 #define RELOAD_LDTR 0x1008
575
576
577 /*
578 * x86_task_switch():
579 *
580 * Save away current state into the current task state segment, and
581 * load the new state from the new task.
582 *
583 * TODO: 16-bit TSS, etc. And clean up all of this :)
584 *
585 * TODO: Link word. AMD64 stuff. And lots more.
586 */
587 void x86_task_switch(struct cpu *cpu, int new_tr, uint64_t *curpc)
588 {
589 unsigned char old_descr[8];
590 unsigned char new_descr[8];
591 uint32_t value, ofs;
592 int i;
593 unsigned char buf[4];
594
595 fatal("x86_task_switch():\n");
596 cpu->pc = *curpc;
597
598 if (!cpu->memory_rw(cpu, cpu->mem, cpu->cd.x86.gdtr + cpu->cd.x86.tr,
599 old_descr, sizeof(old_descr), MEM_READ, NO_SEGMENTATION)) {
600 fatal("x86_task_switch(): TODO: 1\n");
601 cpu->running = 0;
602 return;
603 }
604
605 /* Check the busy bit, and then clear it: */
606 if (!(old_descr[5] & 0x02)) {
607 fatal("x86_task_switch(): TODO: switching FROM a non-BUSY"
608 " TSS descriptor?\n");
609 cpu->running = 0;
610 return;
611 }
612 old_descr[5] &= ~0x02;
613 if (!cpu->memory_rw(cpu, cpu->mem, cpu->cd.x86.gdtr + cpu->cd.x86.tr,
614 old_descr, sizeof(old_descr), MEM_WRITE, NO_SEGMENTATION)) {
615 fatal("x86_task_switch(): TODO: could not clear busy bit\n");
616 cpu->running = 0;
617 return;
618 }
619
620 x86_cpu_register_dump(cpu, 1, 1);
621
622 /* Set the task-switched bit in CR0: */
623 cpu->cd.x86.cr[0] |= X86_CR0_TS;
624
625 /* Save away all the old registers: */
626 #define WRITE_VALUE { buf[0]=value; buf[1]=value>>8; buf[2]=value>>16; \
627 buf[3]=value>>24; cpu->memory_rw(cpu, cpu->mem, \
628 cpu->cd.x86.tr_base + ofs, buf, sizeof(buf), MEM_WRITE, \
629 NO_SEGMENTATION); }
630
631 ofs = 0x1c; value = cpu->cd.x86.cr[3]; WRITE_VALUE;
632 ofs = 0x20; value = cpu->pc; WRITE_VALUE;
633 ofs = 0x24; value = cpu->cd.x86.rflags; WRITE_VALUE;
634 for (i=0; i<N_X86_REGS; i++) {
635 ofs = 0x28+i*4; value = cpu->cd.x86.r[i]; WRITE_VALUE;
636 }
637 for (i=0; i<6; i++) {
638 ofs = 0x48+i*4; value = cpu->cd.x86.s[i]; WRITE_VALUE;
639 }
640
641 fatal("-------\n");
642
643 if ((cpu->cd.x86.tr & 0xfffc) == 0) {
644 fatal("TODO: x86_task_switch(): task switch, but old TR"
645 " was 0?\n");
646 cpu->running = 0;
647 return;
648 }
649
650 if (!cpu->memory_rw(cpu, cpu->mem, cpu->cd.x86.gdtr + new_tr,
651 new_descr, sizeof(new_descr), MEM_READ, NO_SEGMENTATION)) {
652 fatal("x86_task_switch(): TODO: 1\n");
653 cpu->running = 0;
654 return;
655 }
656 if (new_descr[5] & 0x02) {
657 fatal("x86_task_switch(): TODO: switching TO an already BUSY"
658 " TSS descriptor?\n");
659 cpu->running = 0;
660 return;
661 }
662
663 reload_segment_descriptor(cpu, RELOAD_TR, new_tr, NULL);
664
665 if (cpu->cd.x86.tr_limit < 0x67)
666 fatal("WARNING: tr_limit = 0x%x, must be at least 0x67!\n",
667 (int)cpu->cd.x86.tr_limit);
668
669 /* Read new registers: */
670 #define READ_VALUE { cpu->memory_rw(cpu, cpu->mem, cpu->cd.x86.tr_base + \
671 ofs, buf, sizeof(buf), MEM_READ, NO_SEGMENTATION); \
672 value = buf[0] + (buf[1] << 8) + (buf[2] << 16) + (buf[3] << 24); }
673
674 ofs = 0x1c; READ_VALUE; cpu->cd.x86.cr[3] = value;
675 ofs = 0x20; READ_VALUE; cpu->pc = value;
676 ofs = 0x24; READ_VALUE; cpu->cd.x86.rflags = value;
677 for (i=0; i<N_X86_REGS; i++) {
678 ofs = 0x28+i*4; READ_VALUE; cpu->cd.x86.r[i] = value;
679 }
680 for (i=0; i<6; i++) {
681 ofs = 0x48+i*4; READ_VALUE;
682 reload_segment_descriptor(cpu, i, value, NULL);
683 }
684 ofs = 0x60; READ_VALUE; value &= 0xffff;
685 reload_segment_descriptor(cpu, RELOAD_LDTR, value, NULL);
686
687 if ((cpu->cd.x86.s[X86_S_CS] & X86_PL_MASK) !=
688 (cpu->cd.x86.s[X86_S_SS] & X86_PL_MASK))
689 fatal("WARNING: rpl in CS and SS differ!\n");
690
691 if ((cpu->cd.x86.s[X86_S_CS] & X86_PL_MASK) == X86_RING3 &&
692 !(cpu->cd.x86.rflags & X86_FLAGS_IF))
693 fatal("WARNING (?): switching to userland task, but interrupts"
694 " are disabled?\n");
695
696 x86_cpu_register_dump(cpu, 1, 1);
697 fatal("-------\n");
698
699 *curpc = cpu->pc;
700
701 /* cpu->machine->instruction_trace = 1; */
702 /* cpu->running = 0; */
703 }
704
705
706 /*
707 * reload_segment_descriptor():
708 *
709 * Loads base, limit and other settings from the Global Descriptor Table into
710 * segment descriptors.
711 *
712 * This function can also be used to reload the TR (task register).
713 *
714 * And also to do a task switch, or jump into a trap handler etc.
715 * (Perhaps this function should be renamed.)
716 */
717 void reload_segment_descriptor(struct cpu *cpu, int segnr, int selector,
718 uint64_t *curpcp)
719 {
720 int res, i, readable, writable, granularity, descr_type;
721 int segment = 1, rpl, orig_selector = selector;
722 unsigned char descr[8];
723 char *table_name = "GDT";
724 uint64_t base, limit, table_base, table_limit;
725
726 if (segnr > 0x100) /* arbitrary, larger than N_X86_SEGS */
727 segment = 0;
728
729 if (segment && (segnr < 0 || segnr >= N_X86_SEGS)) {
730 fatal("reload_segment_descriptor(): segnr = %i\n", segnr);
731 exit(1);
732 }
733
734 if (segment && REAL_MODE) {
735 /* Real mode: */
736 cpu->cd.x86.descr_cache[segnr].valid = 1;
737 cpu->cd.x86.descr_cache[segnr].default_op_size = 16;
738 cpu->cd.x86.descr_cache[segnr].access_rights = 0x93;
739 cpu->cd.x86.descr_cache[segnr].descr_type =
740 segnr == X86_S_CS? DESCR_TYPE_CODE : DESCR_TYPE_DATA;
741 cpu->cd.x86.descr_cache[segnr].readable = 1;
742 cpu->cd.x86.descr_cache[segnr].writable = 1;
743 cpu->cd.x86.descr_cache[segnr].granularity = 0;
744 cpu->cd.x86.descr_cache[segnr].base = selector << 4;
745 cpu->cd.x86.descr_cache[segnr].limit = 0xffff;
746 cpu->cd.x86.s[segnr] = selector;
747 return;
748 }
749
750 /*
751 * Protected mode: Load the descriptor cache from the GDT.
752 */
753
754 table_base = cpu->cd.x86.gdtr;
755 table_limit = cpu->cd.x86.gdtr_limit;
756 if (selector & 4) {
757 table_name = "LDT";
758 /* fatal("TODO: x86 translation via LDT: 0x%04x\n",
759 selector); */
760 table_base = cpu->cd.x86.ldtr_base;
761 table_limit = cpu->cd.x86.ldtr_limit;
762 }
763
764 /* Special case: Null-descriptor: */
765 if (segment && (selector & ~3) == 0) {
766 cpu->cd.x86.descr_cache[segnr].valid = 0;
767 cpu->cd.x86.s[segnr] = selector;
768 return;
769 }
770
771 rpl = selector & 3;
772
773 /* TODO: check rpl */
774
775 selector &= ~7;
776
777 if (selector + 7 > table_limit) {
778 fatal("TODO: selector 0x%04x outside %s limit (0x%04x)\n",
779 selector, table_name, (int)table_limit);
780 cpu->running = 0;
781 return;
782 }
783
784 res = cpu->memory_rw(cpu, cpu->mem, table_base + selector,
785 descr, sizeof(descr), MEM_READ, NO_SEGMENTATION);
786 if (!res) {
787 fatal("reload_segment_descriptor(): TODO: "
788 "could not read the GDT\n");
789 cpu->running = 0;
790 return;
791 }
792
793 base = descr[2] + (descr[3] << 8) + (descr[4] << 16) +
794 (descr[7] << 24);
795 limit = descr[0] + (descr[1] << 8) + ((descr[6]&15) << 16);
796
797 descr_type = readable = writable = granularity = 0;
798 granularity = (descr[6] & 0x80)? 1 : 0;
799 if (limit == 0) {
800 fatal("WARNING: descriptor limit = 0\n");
801 limit = 0xfffff;
802 }
803 if (granularity)
804 limit = (limit << 12) | 0xfff;
805
806 #if 0
807 printf("base = %llx\n",(long long)base);
808 for (i=0; i<8; i++)
809 fatal(" %02x", descr[i]);
810 #endif
811
812 if (selector != 0x0000 && (descr[5] & 0x80) == 0x00) {
813 fatal("TODO: nonpresent descriptor?\n");
814 goto fail_dump;
815 }
816
817 if (!segment) {
818 switch (segnr) {
819 case RELOAD_TR:
820 /* Check that this is indeed a TSS descriptor: */
821 if ((descr[5] & 0x15) != 0x01) {
822 fatal("TODO: load TR but entry in table is"
823 " not a TSS descriptor?\n");
824 goto fail_dump;
825 }
826
827 /* Reload the task register: */
828 cpu->cd.x86.tr = selector;
829 cpu->cd.x86.tr_base = base;
830 cpu->cd.x86.tr_limit = limit;
831
832 /* Mark the TSS as busy: */
833 descr[5] |= 0x02;
834 res = cpu->memory_rw(cpu, cpu->mem, cpu->cd.x86.gdtr +
835 selector, descr, sizeof(descr), MEM_WRITE,
836 NO_SEGMENTATION);
837 break;
838 case RELOAD_LDTR:
839 /* Reload the Local Descriptor Table register: */
840 cpu->cd.x86.ldtr = selector;
841 cpu->cd.x86.ldtr_base = base;
842 cpu->cd.x86.ldtr_limit = limit;
843 break;
844 }
845 return;
846 }
847
848 if ((descr[5] & 0x18) == 0x18) {
849 descr_type = DESCR_TYPE_CODE;
850 readable = descr[5] & 0x02? 1 : 0;
851 if ((descr[5] & 0x98) != 0x98) {
852 fatal("TODO CODE\n");
853 goto fail_dump;
854 }
855 } else if ((descr[5] & 0x18) == 0x10) {
856 descr_type = DESCR_TYPE_DATA;
857 readable = 1;
858 writable = descr[5] & 0x02? 1 : 0;
859 if ((descr[5] & 0x98) != 0x90) {
860 fatal("TODO DATA\n");
861 goto fail_dump;
862 }
863 } else if (segnr == X86_S_CS && (descr[5] & 0x15) == 0x01
864 && curpcp != NULL) {
865 /* TSS */
866 x86_task_switch(cpu, selector, curpcp);
867 return;
868 } else {
869 fatal("TODO: other\n");
870 goto fail_dump;
871 }
872
873 cpu->cd.x86.descr_cache[segnr].valid = 1;
874 cpu->cd.x86.descr_cache[segnr].default_op_size =
875 (descr[6] & 0x40)? 32 : 16;
876 cpu->cd.x86.descr_cache[segnr].access_rights = descr[5];
877 cpu->cd.x86.descr_cache[segnr].descr_type = descr_type;
878 cpu->cd.x86.descr_cache[segnr].readable = readable;
879 cpu->cd.x86.descr_cache[segnr].writable = writable;
880 cpu->cd.x86.descr_cache[segnr].granularity = granularity;
881 cpu->cd.x86.descr_cache[segnr].base = base;
882 cpu->cd.x86.descr_cache[segnr].limit = limit;
883 cpu->cd.x86.s[segnr] = orig_selector;
884 return;
885
886 fail_dump:
887 for (i=0; i<8; i++)
888 fatal(" %02x", descr[i]);
889 cpu->running = 0;
890 }
891
892
893 /*
894 * x86_load():
895 *
896 * Returns same error code as memory_rw().
897 */
898 static int x86_load(struct cpu *cpu, uint64_t addr, uint64_t *data, int len)
899 {
900 unsigned char databuf[8];
901 int res;
902 uint64_t d;
903
904 res = cpu->memory_rw(cpu, cpu->mem, addr, &databuf[0], len,
905 MEM_READ, CACHE_DATA);
906
907 d = databuf[0];
908 if (len > 1) {
909 d += ((uint64_t)databuf[1] << 8);
910 if (len > 2) {
911 d += ((uint64_t)databuf[2] << 16);
912 d += ((uint64_t)databuf[3] << 24);
913 if (len > 4) {
914 d += ((uint64_t)databuf[4] << 32);
915 d += ((uint64_t)databuf[5] << 40);
916 d += ((uint64_t)databuf[6] << 48);
917 d += ((uint64_t)databuf[7] << 56);
918 }
919 }
920 }
921
922 *data = d;
923 return res;
924 }
925
926
927 /*
928 * x86_store():
929 *
930 * Returns same error code as memory_rw().
931 */
932 static int x86_store(struct cpu *cpu, uint64_t addr, uint64_t data, int len)
933 {
934 unsigned char databuf[8];
935
936 /* x86 is always little-endian: */
937 databuf[0] = data;
938 if (len > 1) {
939 databuf[1] = data >> 8;
940 if (len > 2) {
941 databuf[2] = data >> 16;
942 databuf[3] = data >> 24;
943 if (len > 4) {
944 databuf[4] = data >> 32;
945 databuf[5] = data >> 40;
946 databuf[6] = data >> 48;
947 databuf[7] = data >> 56;
948 }
949 }
950 }
951
952 return cpu->memory_rw(cpu, cpu->mem, addr, &databuf[0], len,
953 MEM_WRITE, CACHE_DATA);
954 }
955
956
957 /*
958 * x86_write_cr():
959 *
960 * Write to a control register.
961 */
962 static void x86_write_cr(struct cpu *cpu, int r, uint64_t value)
963 {
964 uint64_t new, tmp;
965
966 switch (r) {
967 case 0: new = cpu->cd.x86.cr[r] = value;
968 /* Warn about unimplemented bits: */
969 tmp = new & ~(X86_CR0_PE | X86_CR0_PG);
970 if (cpu->cd.x86.model.model_number <= X86_MODEL_80386) {
971 if (tmp & X86_CR0_WP)
972 fatal("WARNING: cr0 WP bit set, but this is"
973 " not an 80486 or higher (?)\n");
974 }
975 tmp &= ~X86_CR0_WP;
976 if (tmp != 0)
977 fatal("x86_write_cr(): unimplemented cr0 bits: "
978 "0x%08llx\n", (long long)tmp);
979 break;
980 case 2:
981 case 3: new = cpu->cd.x86.cr[r] = value;
982 break;
983 case 4: new = cpu->cd.x86.cr[r] = value;
984 /* Warn about unimplemented bits: */
985 tmp = new; /* & ~(X86_CR0_PE | X86_CR0_PG); */
986 if (tmp != 0)
987 fatal("x86_write_cr(): unimplemented cr4 bits: "
988 "0x%08llx\n", (long long)tmp);
989 break;
990 default:fatal("x86_write_cr(): write to UNIMPLEMENTED cr%i\n", r);
991 cpu->running = 0;
992 }
993 }
994
995
996 static char *ofs_string(int32_t imm)
997 {
998 static char buf[25];
999 buf[0] = buf[sizeof(buf)-1] = '\0';
1000
1001 if (imm > 32)
1002 sprintf(buf, "+0x%x", imm);
1003 else if (imm > 0)
1004 sprintf(buf, "+%i", imm);
1005 else if (imm < -32)
1006 sprintf(buf, "-0x%x", -imm);
1007 else if (imm < 0)
1008 sprintf(buf, "-%i", -imm);
1009
1010 return buf;
1011 }
1012
1013
1014 static char modrm_r[65];
1015 static char modrm_rm[65];
1016 #define MODRM_READ 0
1017 #define MODRM_WRITE_RM 1
1018 #define MODRM_WRITE_R 2
1019 /* flags: */
1020 #define MODRM_EIGHTBIT 1
1021 #define MODRM_SEG 2
1022 #define MODRM_JUST_GET_ADDR 4
1023 #define MODRM_CR 8
1024 #define MODRM_DR 16
1025 #define MODRM_R_NONEIGHTBIT 32
1026 #define MODRM_RM_16BIT 64
1027
1028
1029 /*
1030 * modrm():
1031 *
1032 * Yuck. I have a feeling that this function will become really ugly.
1033 */
1034 static int modrm(struct cpu *cpu, int writeflag, int mode, int mode67,
1035 int flags, unsigned char **instrp, uint64_t *lenp,
1036 uint64_t *op1p, uint64_t *op2p)
1037 {
1038 uint32_t imm, imm2;
1039 uint64_t addr = 0;
1040 int mod, r, rm, res = 1, z, q = mode/8, sib, s, i, b, immlen;
1041 char *e, *f;
1042 int disasm = (op1p == NULL);
1043
1044 /* e for data, f for addresses */
1045 e = f = "";
1046
1047 if (disasm) {
1048 if (mode == 32)
1049 e = "e";
1050 if (mode == 64)
1051 e = "r";
1052 if (mode67 == 32)
1053 f = "e";
1054 if (mode67 == 64)
1055 f = "r";
1056 modrm_rm[0] = modrm_rm[sizeof(modrm_rm)-1] = '\0';
1057 modrm_r[0] = modrm_r[sizeof(modrm_r)-1] = '\0';
1058 }
1059
1060 immlen = mode67;
1061 if (immlen == 64)
1062 immlen = 32;
1063
1064 imm = read_imm_common(instrp, lenp, 8, disasm);
1065 mod = (imm >> 6) & 3; r = (imm >> 3) & 7; rm = imm & 7;
1066
1067 if (flags & MODRM_EIGHTBIT)
1068 q = 1;
1069
1070 /*
1071 * R/M:
1072 */
1073
1074 switch (mod) {
1075 case 0:
1076 if (disasm) {
1077 if (mode67 >= 32) {
1078 if (rm == 5) {
1079 imm2 = read_imm_common(instrp, lenp,
1080 immlen, disasm);
1081 sprintf(modrm_rm, "[0x%x]", imm2);
1082 } else if (rm == 4) {
1083 char tmp[20];
1084 sib = read_imm_common(instrp, lenp,
1085 8, disasm);
1086 s = 1 << (sib >> 6);
1087 i = (sib >> 3) & 7;
1088 b = sib & 7;
1089 if (b == 5) { /* imm base */
1090 imm2 = read_imm_common(instrp,
1091 lenp, immlen, disasm);
1092 sprintf(tmp, ofs_string(imm2));
1093 } else
1094 sprintf(tmp, "+%s%s", f,
1095 reg_names[b]);
1096 if (i == 4)
1097 sprintf(modrm_rm, "[%s]", tmp);
1098 else if (s == 1)
1099 sprintf(modrm_rm, "[%s%s%s]",
1100 f, reg_names[i], tmp);
1101 else
1102 sprintf(modrm_rm, "[%s%s*%i%s"
1103 "]", f, reg_names[i],
1104 s, tmp);
1105 } else {
1106 sprintf(modrm_rm, "[%s%s]", f,
1107 reg_names[rm]);
1108 }
1109 } else {
1110 switch (rm) {
1111 case 0: sprintf(modrm_rm, "[bx+si]");
1112 break;
1113 case 1: sprintf(modrm_rm, "[bx+di]");
1114 break;
1115 case 2: sprintf(modrm_rm, "[bp+si]");
1116 break;
1117 case 3: sprintf(modrm_rm, "[bp+di]");
1118 break;
1119 case 4: sprintf(modrm_rm, "[si]");
1120 break;
1121 case 5: sprintf(modrm_rm, "[di]");
1122 break;
1123 case 6: imm2 = read_imm_common(instrp, lenp,
1124 immlen, disasm);
1125 sprintf(modrm_rm, "[0x%x]", imm2);
1126 break;
1127 case 7: sprintf(modrm_rm, "[bx]");
1128 break;
1129 }
1130 }
1131 } else {
1132 if (mode67 >= 32) {
1133 if (rm == 5) {
1134 addr = read_imm_common(instrp, lenp,
1135 immlen, disasm);
1136 } else if (rm == 4) {
1137 sib = read_imm_common(instrp, lenp,
1138 8, disasm);
1139 s = 1 << (sib >> 6);
1140 i = (sib >> 3) & 7;
1141 b = sib & 7;
1142 if (b == 4 &&
1143 !cpu->cd.x86.seg_override)
1144 cpu->cd.x86.cursegment=X86_S_SS;
1145 if (b == 5)
1146 addr = read_imm_common(instrp,
1147 lenp, mode67, disasm);
1148 else
1149 addr = cpu->cd.x86.r[b];
1150 if (i != 4)
1151 addr += cpu->cd.x86.r[i] * s;
1152 } else {
1153 addr = cpu->cd.x86.r[rm];
1154 }
1155 } else {
1156 switch (rm) {
1157 case 0: addr = cpu->cd.x86.r[X86_R_BX] +
1158 cpu->cd.x86.r[X86_R_SI]; break;
1159 case 1: addr = cpu->cd.x86.r[X86_R_BX] +
1160 cpu->cd.x86.r[X86_R_DI]; break;
1161 case 2: addr = cpu->cd.x86.r[X86_R_BP] +
1162 cpu->cd.x86.r[X86_R_SI];
1163 if (!cpu->cd.x86.seg_override)
1164 cpu->cd.x86.cursegment=X86_S_SS;
1165 break;
1166 case 3: addr = cpu->cd.x86.r[X86_R_BP] +
1167 cpu->cd.x86.r[X86_R_DI];
1168 if (!cpu->cd.x86.seg_override)
1169 cpu->cd.x86.cursegment=X86_S_SS;
1170 break;
1171 case 4: addr = cpu->cd.x86.r[X86_R_SI]; break;
1172 case 5: addr = cpu->cd.x86.r[X86_R_DI]; break;
1173 case 6: addr = read_imm_common(instrp, lenp,
1174 immlen, disasm); break;
1175 case 7: addr = cpu->cd.x86.r[X86_R_BX]; break;
1176 }
1177 }
1178
1179 if (mode67 == 16)
1180 addr &= 0xffff;
1181 if (mode67 == 32)
1182 addr &= 0xffffffffULL;
1183
1184 switch (writeflag) {
1185 case MODRM_WRITE_RM:
1186 res = x86_store(cpu, addr, *op1p, q);
1187 break;
1188 case MODRM_READ: /* read */
1189 if (flags & MODRM_JUST_GET_ADDR)
1190 *op1p = addr;
1191 else
1192 res = x86_load(cpu, addr, op1p, q);
1193 }
1194 }
1195 break;
1196 case 1:
1197 case 2:
1198 z = (mod == 1)? 8 : immlen;
1199 if (disasm) {
1200 if (mode67 >= 32) {
1201 if (rm == 4) {
1202 sib = read_imm_common(instrp, lenp,
1203 8, disasm);
1204 s = 1 << (sib >> 6);
1205 i = (sib >> 3) & 7;
1206 b = sib & 7;
1207 imm2 = read_imm_common(instrp, lenp,
1208 z, disasm);
1209 if (z == 8) imm2 = (signed char)imm2;
1210 if (i == 4)
1211 sprintf(modrm_rm, "[%s%s%s]",
1212 f, reg_names[b],
1213 ofs_string(imm2));
1214 else if (s == 1)
1215 sprintf(modrm_rm, "[%s%s%s"
1216 "%s%s]", f, reg_names[i],
1217 f, reg_names[b],
1218 ofs_string(imm2));
1219 else
1220 sprintf(modrm_rm, "[%s%s*%i+%s"
1221 "%s%s]", f, reg_names[i], s,
1222 f, reg_names[b],
1223 ofs_string(imm2));
1224 } else {
1225 imm2 = read_imm_common(instrp, lenp,
1226 z, disasm);
1227 if (z == 8) imm2 = (signed char)imm2;
1228 sprintf(modrm_rm, "[%s%s%s]", f,
1229 reg_names[rm], ofs_string(imm2));
1230 }
1231 } else
1232 switch (rm) {
1233 case 0: imm2 = read_imm_common(instrp, lenp, z, disasm);
1234 if (z == 8) imm2 = (signed char)imm2;
1235 sprintf(modrm_rm, "[bx+si%s]",ofs_string(imm2));
1236 break;
1237 case 1: imm2 = read_imm_common(instrp, lenp, z, disasm);
1238 if (z == 8) imm2 = (signed char)imm2;
1239 sprintf(modrm_rm, "[bx+di%s]",ofs_string(imm2));
1240 break;
1241 case 2: imm2 = read_imm_common(instrp, lenp, z, disasm);
1242 if (z == 8) imm2 = (signed char)imm2;
1243 sprintf(modrm_rm, "[bp+si%s]",ofs_string(imm2));
1244 break;
1245 case 3: imm2 = read_imm_common(instrp, lenp, z, disasm);
1246 if (z == 8) imm2 = (signed char)imm2;
1247 sprintf(modrm_rm, "[bp+di%s]",ofs_string(imm2));
1248 break;
1249 case 4: imm2 = read_imm_common(instrp, lenp, z, disasm);
1250 if (z == 8) imm2 = (signed char)imm2;
1251 sprintf(modrm_rm, "[si%s]", ofs_string(imm2));
1252 break;
1253 case 5: imm2 = read_imm_common(instrp, lenp, z, disasm);
1254 if (z == 8) imm2 = (signed char)imm2;
1255 sprintf(modrm_rm, "[di%s]", ofs_string(imm2));
1256 break;
1257 case 6: imm2 = read_imm_common(instrp, lenp, z, disasm);
1258 if (z == 8) imm2 = (signed char)imm2;
1259 sprintf(modrm_rm, "[bp%s]", ofs_string(imm2));
1260 break;
1261 case 7: imm2 = read_imm_common(instrp, lenp, z, disasm);
1262 if (z == 8) imm2 = (signed char)imm2;
1263 sprintf(modrm_rm, "[bx%s]", ofs_string(imm2));
1264 break;
1265 }
1266 } else {
1267 if (mode67 >= 32) {
1268 if (rm == 4) {
1269 sib = read_imm_common(instrp, lenp,
1270 8, disasm);
1271 s = 1 << (sib >> 6);
1272 i = (sib >> 3) & 7;
1273 b = sib & 7;
1274 addr = read_imm_common(instrp, lenp,
1275 z, disasm);
1276 if ((b == 4 || b == 5) &&
1277 !cpu->cd.x86.seg_override)
1278 cpu->cd.x86.cursegment=X86_S_SS;
1279 if (z == 8)
1280 addr = (signed char)addr;
1281 if (i == 4)
1282 addr = cpu->cd.x86.r[b] + addr;
1283 else
1284 addr = cpu->cd.x86.r[i] * s +
1285 cpu->cd.x86.r[b] + addr;
1286 } else {
1287 addr = read_imm_common(instrp, lenp,
1288 z, disasm);
1289 if (z == 8)
1290 addr = (signed char)addr;
1291 addr = cpu->cd.x86.r[rm] + addr;
1292 }
1293 } else {
1294 addr = read_imm_common(instrp, lenp, z, disasm);
1295 if (z == 8)
1296 addr = (signed char)addr;
1297 switch (rm) {
1298 case 0: addr += cpu->cd.x86.r[X86_R_BX]
1299 + cpu->cd.x86.r[X86_R_SI];
1300 break;
1301 case 1: addr += cpu->cd.x86.r[X86_R_BX]
1302 + cpu->cd.x86.r[X86_R_DI];
1303 break;
1304 case 2: addr += cpu->cd.x86.r[X86_R_BP]
1305 + cpu->cd.x86.r[X86_R_SI];
1306 if (!cpu->cd.x86.seg_override)
1307 cpu->cd.x86.cursegment=X86_S_SS;
1308 break;
1309 case 3: addr += cpu->cd.x86.r[X86_R_BP]
1310 + cpu->cd.x86.r[X86_R_DI];
1311 if (!cpu->cd.x86.seg_override)
1312 cpu->cd.x86.cursegment=X86_S_SS;
1313 break;
1314 case 4: addr += cpu->cd.x86.r[X86_R_SI];
1315 break;
1316 case 5: addr += cpu->cd.x86.r[X86_R_DI];
1317 break;
1318 case 6: addr += cpu->cd.x86.r[X86_R_BP];
1319 if (!cpu->cd.x86.seg_override)
1320 cpu->cd.x86.cursegment=X86_S_SS;
1321 break;
1322 case 7: addr += cpu->cd.x86.r[X86_R_BX];
1323 break;
1324 }
1325 }
1326
1327 if (mode67 == 16)
1328 addr &= 0xffff;
1329 if (mode67 == 32)
1330 addr &= 0xffffffffULL;
1331
1332 switch (writeflag) {
1333 case MODRM_WRITE_RM:
1334 res = x86_store(cpu, addr, *op1p, q);
1335 break;
1336 case MODRM_READ: /* read */
1337 if (flags & MODRM_JUST_GET_ADDR)
1338 *op1p = addr;
1339 else
1340 res = x86_load(cpu, addr, op1p, q);
1341 }
1342 }
1343 break;
1344 case 3:
1345 if (flags & MODRM_EIGHTBIT) {
1346 if (disasm) {
1347 strlcpy(modrm_rm, reg_names_bytes[rm],
1348 sizeof(modrm_rm));
1349 } else {
1350 switch (writeflag) {
1351 case MODRM_WRITE_RM:
1352 if (rm < 4)
1353 cpu->cd.x86.r[rm] =
1354 (cpu->cd.x86.r[rm] &
1355 ~0xff) | (*op1p & 0xff);
1356 else
1357 cpu->cd.x86.r[rm&3] = (cpu->
1358 cd.x86.r[rm&3] & ~0xff00) |
1359 ((*op1p & 0xff) << 8);
1360 break;
1361 case MODRM_READ:
1362 if (rm < 4)
1363 *op1p = cpu->cd.x86.r[rm] &
1364 0xff;
1365 else
1366 *op1p = (cpu->cd.x86.r[rm&3] &
1367 0xff00) >> 8;
1368 }
1369 }
1370 } else {
1371 if (disasm) {
1372 if (mode == 16 || flags & MODRM_RM_16BIT)
1373 strlcpy(modrm_rm, reg_names[rm],
1374 sizeof(modrm_rm));
1375 else
1376 sprintf(modrm_rm, "%s%s", e,
1377 reg_names[rm]);
1378 } else {
1379 switch (writeflag) {
1380 case MODRM_WRITE_RM:
1381 if (mode == 16 ||
1382 flags & MODRM_RM_16BIT)
1383 cpu->cd.x86.r[rm] = (
1384 cpu->cd.x86.r[rm] & ~0xffff)
1385 | (*op1p & 0xffff);
1386 else
1387 cpu->cd.x86.r[rm] =
1388 modify(cpu->cd.x86.r[rm],
1389 *op1p);
1390 break;
1391 case MODRM_READ: /* read */
1392 if (mode == 16 ||
1393 flags & MODRM_RM_16BIT)
1394 *op1p = cpu->cd.x86.r[rm]
1395 & 0xffff;
1396 else
1397 *op1p = cpu->cd.x86.r[rm];
1398 }
1399 }
1400 }
1401 break;
1402 default:
1403 fatal("modrm(): unimplemented mod %i\n", mod);
1404 exit(1);
1405 }
1406
1407
1408 /*
1409 * R:
1410 */
1411
1412 if (flags & MODRM_EIGHTBIT && !(flags & MODRM_R_NONEIGHTBIT)) {
1413 if (disasm) {
1414 strlcpy(modrm_r, reg_names_bytes[r],
1415 sizeof(modrm_r));
1416 } else {
1417 switch (writeflag) {
1418 case MODRM_WRITE_R:
1419 if (r < 4)
1420 cpu->cd.x86.r[r] = (cpu->cd.x86.r[r] &
1421 ~0xff) | (*op2p & 0xff);
1422 else
1423 cpu->cd.x86.r[r&3] = (cpu->cd.x86.r[r&3]
1424 & ~0xff00) | ((*op2p & 0xff) << 8);
1425 break;
1426 case MODRM_READ:
1427 if (r < 4)
1428 *op2p = cpu->cd.x86.r[r] & 0xff;
1429 else
1430 *op2p = (cpu->cd.x86.r[r&3] &
1431 0xff00) >>8;
1432 }
1433 }
1434 } else {
1435 if (disasm) {
1436 if (flags & MODRM_SEG)
1437 strlcpy(modrm_r, seg_names[r],
1438 sizeof(modrm_r));
1439 else if (flags & MODRM_CR)
1440 sprintf(modrm_r, "cr%i", r);
1441 else if (flags & MODRM_DR)
1442 sprintf(modrm_r, "dr%i", r);
1443 else {
1444 if (mode >= 32)
1445 sprintf(modrm_r, "%s%s", e,
1446 reg_names[r]);
1447 else
1448 strlcpy(modrm_r, reg_names[r],
1449 sizeof(modrm_r));
1450 }
1451 } else {
1452 switch (writeflag) {
1453 case MODRM_WRITE_R:
1454 if (flags & MODRM_SEG)
1455 cpu->cd.x86.s[r] = *op2p;
1456 else if (flags & MODRM_CR)
1457 x86_write_cr(cpu, r, *op2p);
1458 else if (flags & MODRM_DR)
1459 cpu->cd.x86.dr[r] = *op2p;
1460 else
1461 cpu->cd.x86.r[r] =
1462 modify(cpu->cd.x86.r[r], *op2p);
1463 break;
1464 case MODRM_READ:
1465 if (flags & MODRM_SEG)
1466 *op2p = cpu->cd.x86.s[r];
1467 else if (flags & MODRM_CR)
1468 *op2p = cpu->cd.x86.cr[r];
1469 else if (flags & MODRM_DR)
1470 *op2p = cpu->cd.x86.dr[r];
1471 else
1472 *op2p = cpu->cd.x86.r[r];
1473 }
1474 }
1475 }
1476
1477 if (!disasm) {
1478 switch (mode) {
1479 case 16:*op1p &= 0xffff; *op2p &= 0xffff; break;
1480 case 32:*op1p &= 0xffffffffULL; *op2p &= 0xffffffffULL; break;
1481 }
1482 }
1483
1484 return res;
1485 }
1486
1487
1488 /*
1489 * x86_cpu_disassemble_instr():
1490 *
1491 * Convert an instruction word into human readable format, for instruction
1492 * tracing.
1493 *
1494 * If running&1 is 1, cpu->pc should be the address of the instruction.
1495 *
1496 * If running&1 is 0, things that depend on the runtime environment (eg.
1497 * register contents) will not be shown, and addr will be used instead of
1498 * cpu->pc for relative addresses.
1499 *
1500 * The rest of running tells us the default (code) operand size.
1501 */
1502 int x86_cpu_disassemble_instr(struct cpu *cpu, unsigned char *instr,
1503 int running, uint64_t dumpaddr, int bintrans)
1504 {
1505 int op, rep = 0, lock = 0, n_prefix_bytes = 0;
1506 uint64_t ilen = 0, offset;
1507 uint32_t imm=0, imm2;
1508 int mode = running & ~1;
1509 int mode67;
1510 char *symbol, *mnem = "ERROR", *e = "e", *prefix = NULL;
1511
1512 if (running)
1513 dumpaddr = cpu->pc;
1514
1515 if (mode == 0) {
1516 mode = cpu->cd.x86.descr_cache[X86_S_CS].default_op_size;
1517 if (mode == 0) {
1518 fatal("x86_cpu_disassemble_instr(): no mode: TODO\n");
1519 return 1;
1520 }
1521 }
1522
1523 mode67 = mode;
1524
1525 symbol = get_symbol_name(&cpu->machine->symbol_context,
1526 dumpaddr, &offset);
1527 if (symbol != NULL && offset==0)
1528 debug("<%s>\n", symbol);
1529
1530 if (cpu->machine->ncpus > 1 && running)
1531 debug("cpu%i: ", cpu->cpu_id);
1532
1533 if (mode == 32)
1534 debug("%08x: ", (int)dumpaddr);
1535 else if (mode == 64)
1536 debug("%016llx: ", (long long)dumpaddr);
1537 else { /* 16-bit mode */
1538 debug("%04x:%04x ", cpu->cd.x86.s[X86_S_CS],
1539 (int)dumpaddr & 0xffff);
1540 }
1541
1542 /*
1543 * Decode the instruction:
1544 */
1545
1546 /* All instructions are at least 1 byte long: */
1547 HEXPRINT(instr,1);
1548 ilen = 1;
1549
1550 /* Any prefix? */
1551 for (;;) {
1552 if (instr[0] == 0x66) {
1553 if (mode == 16)
1554 mode = 32;
1555 else
1556 mode = 16;
1557 } else if (instr[0] == 0x67) {
1558 if (mode67 == 16)
1559 mode67 = 32;
1560 else
1561 mode67 = 16;
1562 } else if (instr[0] == 0xf2) {
1563 rep = REP_REPNE;
1564 } else if (instr[0] == 0xf3) {
1565 rep = REP_REP;
1566 } else if (instr[0] == 0x26) {
1567 prefix = "es:";
1568 } else if (instr[0] == 0x2e) {
1569 prefix = "cs:";
1570 } else if (instr[0] == 0x36) {
1571 prefix = "ss:";
1572 } else if (instr[0] == 0x3e) {
1573 prefix = "ds:";
1574 } else if (instr[0] == 0x64) {
1575 prefix = "fs:";
1576 } else if (instr[0] == 0x65) {
1577 prefix = "gs:";
1578 } else if (instr[0] == 0xf0) {
1579 lock = 1;
1580 } else
1581 break;
1582
1583 if (++n_prefix_bytes > 4) {
1584 SPACES; debug("more than 4 prefix bytes?\n");
1585 return 4;
1586 }
1587
1588 /* TODO: lock, segment overrides etc */
1589 instr ++; ilen ++;
1590 debug("%02x", instr[0]);
1591 }
1592
1593 if (mode == 16)
1594 e = "";
1595
1596 op = instr[0];
1597 instr ++;
1598
1599 if ((op & 0xf0) <= 0x30 && (op & 7) <= 5) {
1600 switch (op & 0x38) {
1601 case 0x00: mnem = "add"; break;
1602 case 0x08: mnem = "or"; break;
1603 case 0x10: mnem = "adc"; break;
1604 case 0x18: mnem = "sbb"; break;
1605 case 0x20: mnem = "and"; break;
1606 case 0x28: mnem = "sub"; break;
1607 case 0x30: mnem = "xor"; break;
1608 case 0x38: mnem = "cmp"; break;
1609 }
1610 switch (op & 7) {
1611 case 4: imm = read_imm_and_print(&instr, &ilen, 8);
1612 SPACES; debug("%s\tal,0x%02x", mnem, imm);
1613 break;
1614 case 5: imm = read_imm_and_print(&instr, &ilen, mode);
1615 SPACES; debug("%s\t%sax,0x%x", mnem, e, imm);
1616 break;
1617 default:modrm(cpu, MODRM_READ, mode, mode67, op&1? 0 :
1618 MODRM_EIGHTBIT, &instr, &ilen, NULL, NULL);
1619 SPACES; debug("%s\t", mnem);
1620 if (op & 2)
1621 debug("%s,%s", modrm_r, modrm_rm);
1622 else
1623 debug("%s,%s", modrm_rm, modrm_r);
1624 }
1625 } else if (op == 0xf) {
1626 /* "pop cs" on 8086 */
1627 if (cpu->cd.x86.model.model_number == X86_MODEL_8086) {
1628 SPACES; debug("pop\tcs");
1629 } else {
1630 imm = read_imm_and_print(&instr, &ilen, 8);
1631 if (imm == 0x00) {
1632 int subop = (*instr >> 3) & 0x7;
1633 switch (subop) {
1634 case 0: modrm(cpu, MODRM_READ, mode, mode67,
1635 0, &instr, &ilen, NULL, NULL);
1636 SPACES; debug("sldt\t%s", modrm_rm);
1637 break;
1638 case 1: modrm(cpu, MODRM_READ, 16 /* note:16 */,
1639 mode67, 0, &instr, &ilen,
1640 NULL, NULL);
1641 SPACES; debug("str\t%s", modrm_rm);
1642 break;
1643 case 2: modrm(cpu, MODRM_READ, 16 /* note:16 */,
1644 mode67, 0, &instr, &ilen,
1645 NULL, NULL);
1646 SPACES; debug("lldt\t%s", modrm_rm);
1647 break;
1648 case 3: modrm(cpu, MODRM_READ, 16 /* note:16 */,
1649 mode67, 0, &instr, &ilen,
1650 NULL, NULL);
1651 SPACES; debug("ltr\t%s", modrm_rm);
1652 break;
1653 case 4: modrm(cpu, MODRM_READ, 16 /* note:16 */,
1654 mode67, 0, &instr, &ilen,
1655 NULL, NULL);
1656 SPACES; debug("verr\t%s", modrm_rm);
1657 break;
1658 case 5: modrm(cpu, MODRM_READ, 16 /* note:16 */,
1659 mode67, 0, &instr, &ilen,
1660 NULL, NULL);
1661 SPACES; debug("verw\t%s", modrm_rm);
1662 break;
1663 default:SPACES; debug("UNIMPLEMENTED 0x%02x,0x"
1664 "%02x,0x%02x", op, imm, *instr);
1665 }
1666 } else if (imm == 0x01) {
1667 int subop = (*instr >> 3) & 0x7;
1668 switch (subop) {
1669 case 0:
1670 case 1:
1671 case 2:
1672 case 3: modrm(cpu, MODRM_READ, mode, mode67,
1673 0, &instr, &ilen, NULL, NULL);
1674 SPACES; debug("%s%s\t%s",
1675 subop < 2? "s" : "l",
1676 subop&1? "idt" : "gdt", modrm_rm);
1677 break;
1678 case 4:
1679 case 6: if (((*instr >> 3) & 0x7) == 4)
1680 mnem = "smsw";
1681 else
1682 mnem = "lmsw";
1683 modrm(cpu, MODRM_READ, 16, mode67,
1684 0, &instr, &ilen, NULL, NULL);
1685 SPACES; debug("%s\t%s", mnem, modrm_rm);
1686 break;
1687 case 7: modrm(cpu, MODRM_READ, mode,
1688 mode67, 0, &instr, &ilen,
1689 NULL, NULL);
1690 SPACES; debug("invlpg\t%s", modrm_rm);
1691 break;
1692 default:SPACES; debug("UNIMPLEMENTED 0x%02x,0x"
1693 "%02x,0x%02x", op, imm, *instr);
1694 }
1695 } else if (imm == 0x02) {
1696 modrm(cpu, MODRM_READ, mode, mode67,
1697 0, &instr, &ilen, NULL, NULL);
1698 SPACES; debug("lar\t%s,%s", modrm_r, modrm_rm);
1699 } else if (imm == 0x03) {
1700 modrm(cpu, MODRM_READ, mode, mode67,
1701 0, &instr, &ilen, NULL, NULL);
1702 SPACES; debug("lsl\t%s,%s", modrm_r, modrm_rm);
1703 } else if (imm == 0x05) {
1704 SPACES; /* TODO: exactly which models?*/
1705 if (cpu->cd.x86.model.model_number >
1706 X86_MODEL_80486)
1707 debug("syscall");
1708 else
1709 debug("loadall286");
1710 } else if (imm == 0x06) {
1711 SPACES; debug("clts");
1712 } else if (imm == 0x07) {
1713 SPACES; /* TODO: exactly which models?*/
1714 if (cpu->cd.x86.model.model_number >
1715 X86_MODEL_80486)
1716 debug("sysret");
1717 else
1718 debug("loadall");
1719 } else if (imm == 0x08) {
1720 SPACES; debug("invd");
1721 } else if (imm == 0x09) {
1722 SPACES; debug("wbinvd");
1723 } else if (imm == 0x0b) {
1724 SPACES; debug("reserved_0b");
1725 } else if (imm == 0x20 || imm == 0x21) {
1726 modrm(cpu, MODRM_READ, 32 /* note: 32 */,
1727 mode67, imm == 0x20? MODRM_CR : MODRM_DR,
1728 &instr, &ilen, NULL, NULL);
1729 SPACES; debug("mov\t%s,%s", modrm_rm, modrm_r);
1730 } else if (imm == 0x22 || imm == 0x23) {
1731 modrm(cpu, MODRM_READ, 32 /* note: 32 */,
1732 mode67, imm == 0x22? MODRM_CR : MODRM_DR,
1733 &instr, &ilen, NULL, NULL);
1734 SPACES; debug("mov\t%s,%s", modrm_r, modrm_rm);
1735 } else if (imm == 0x30) {
1736 SPACES; debug("wrmsr");
1737 } else if (imm == 0x31) {
1738 SPACES; debug("rdtsc");
1739 } else if (imm == 0x32) {
1740 SPACES; debug("rdmsr");
1741 } else if (imm == 0x33) {
1742 SPACES; debug("rdpmc"); /* http://www
1743 .x86.org/secrets/opcodes/rdpmc.htm */
1744 } else if (imm == 0x34) {
1745 SPACES; debug("sysenter");
1746 } else if (imm == 0x36) {
1747 SPACES; debug("sysexit");
1748 } else if (imm >= 0x40 && imm <= 0x4f) {
1749 modrm(cpu, MODRM_READ, mode, mode67, 0,
1750 &instr, &ilen, NULL, NULL);
1751 op = imm & 0xf;
1752 SPACES; debug("cmov%s%s\t%s,%s", op&1? "n"
1753 : "", cond_names[(op/2) & 0x7],
1754 modrm_r, modrm_rm);
1755 } else if (imm >= 0x80 && imm <= 0x8f) {
1756 op = imm & 0xf;
1757 imm = read_imm_and_print(&instr, &ilen, mode);
1758 imm = dumpaddr + 2 + mode/8 + imm;
1759 SPACES; debug("j%s%s\tnear 0x%x", op&1? "n"
1760 : "", cond_names[(op/2) & 0x7], imm);
1761 } else if (imm >= 0x90 && imm <= 0x9f) {
1762 op = imm;
1763 modrm(cpu, MODRM_READ, mode,
1764 mode67, MODRM_EIGHTBIT, &instr, &ilen,
1765 NULL, NULL);
1766 SPACES; debug("set%s%s\t%s", op&1? "n"
1767 : "", cond_names[(op/2) & 0x7], modrm_rm);
1768 } else if (imm == 0xa0) {
1769 SPACES; debug("push\tfs");
1770 } else if (imm == 0xa1) {
1771 SPACES; debug("pop\tfs");
1772 } else if (imm == 0xa2) {
1773 SPACES; debug("cpuid");
1774 } else if (imm == 0xa3 || imm == 0xab
1775 || imm == 0xb3 || imm == 0xbb) {
1776 modrm(cpu, MODRM_READ, mode, mode67,
1777 0, &instr, &ilen, NULL, NULL);
1778 switch (imm) {
1779 case 0xa3: mnem = "bt"; break;
1780 case 0xab: mnem = "bts"; break;
1781 case 0xb3: mnem = "btr"; break;
1782 case 0xbb: mnem = "btc"; break;
1783 }
1784 SPACES; debug("%s\t%s,%s",
1785 mnem, modrm_rm, modrm_r);
1786 } else if (imm == 0xa4 || imm == 0xa5 ||
1787 imm == 0xac || imm == 0xad) {
1788 modrm(cpu, MODRM_READ, mode, mode67,
1789 0, &instr, &ilen, NULL, NULL);
1790 if (!(imm & 1))
1791 imm2 = read_imm_and_print(&instr,
1792 &ilen, 8);
1793 else
1794 imm2 = 0;
1795 SPACES; debug("sh%sd\t%s,%s,",
1796 imm <= 0xa5? "l" : "r",
1797 modrm_rm, modrm_r);
1798 if (imm & 1)
1799 debug("cl");
1800 else
1801 debug("%i", imm2);
1802 } else if (imm == 0xa8) {
1803 SPACES; debug("push\tgs");
1804 } else if (imm == 0xa9) {
1805 SPACES; debug("pop\tgs");
1806 } else if (imm == 0xaa) {
1807 SPACES; debug("rsm");
1808 } else if (imm == 0xaf) {
1809 modrm(cpu, MODRM_READ, mode, mode67,
1810 0, &instr, &ilen, NULL, NULL);
1811 SPACES; debug("imul\t%s,%s", modrm_r, modrm_rm);
1812 } else if (imm == 0xb0 || imm == 0xb1) {
1813 modrm(cpu, MODRM_READ, mode, mode67,
1814 imm == 0xb0? MODRM_EIGHTBIT : 0,
1815 &instr, &ilen, NULL, NULL);
1816 SPACES; debug("cmpxchg\t%s,%s",
1817 modrm_rm, modrm_r);
1818 } else if (imm == 0xb2 || imm == 0xb4 || imm == 0xb5) {
1819 modrm(cpu, MODRM_READ, mode, mode67, 0,
1820 &instr, &ilen, NULL, NULL);
1821 switch (imm) {
1822 case 0xb2: mnem = "lss"; break;
1823 case 0xb4: mnem = "lfs"; break;
1824 case 0xb5: mnem = "lgs"; break;
1825 }
1826 SPACES; debug("%s\t%s,%s", mnem,
1827 modrm_r, modrm_rm);
1828 } else if (imm == 0xb6 || imm == 0xb7 ||
1829 imm == 0xbe || imm == 0xbf) {
1830 modrm(cpu, MODRM_READ, mode, mode67,
1831 (imm&1)==0? (MODRM_EIGHTBIT |
1832 MODRM_R_NONEIGHTBIT) : MODRM_RM_16BIT,
1833 &instr, &ilen, NULL, NULL);
1834 mnem = "movsx";
1835 if (imm <= 0xb7)
1836 mnem = "movzx";
1837 SPACES; debug("%s\t%s,%s", mnem,
1838 modrm_r, modrm_rm);
1839 } else if (imm == 0xba) {
1840 int subop = (*instr >> 3) & 0x7;
1841 switch (subop) {
1842 case 4: modrm(cpu, MODRM_READ, mode, mode67,
1843 0, &instr, &ilen, NULL, NULL);
1844 imm2 = read_imm_and_print(&instr,
1845 &ilen, 8);
1846 SPACES; debug("bt\t%s,%i",
1847 modrm_rm, imm2);
1848 break;
1849 case 5: modrm(cpu, MODRM_READ, mode, mode67,
1850 0, &instr, &ilen, NULL, NULL);
1851 imm2 = read_imm_and_print(&instr,
1852 &ilen, 8);
1853 SPACES; debug("bts\t%s,%i",
1854 modrm_rm, imm2);
1855 break;
1856 case 6: modrm(cpu, MODRM_READ, mode, mode67,
1857 0, &instr, &ilen, NULL, NULL);
1858 imm2 = read_imm_and_print(&instr,
1859 &ilen, 8);
1860 SPACES; debug("btr\t%s,%i",
1861 modrm_rm, imm2);
1862 break;
1863 case 7: modrm(cpu, MODRM_READ, mode, mode67,
1864 0, &instr, &ilen, NULL, NULL);
1865 imm2 = read_imm_and_print(&instr,
1866 &ilen, 8);
1867 SPACES; debug("btc\t%s,%i",
1868 modrm_rm, imm2);
1869 break;
1870 default:SPACES; debug("UNIMPLEMENTED 0x%02x,0x"
1871 "%02x,0x%02x", op, imm, *instr);
1872 }
1873 } else if (imm == 0xbc || imm == 0xbd) {
1874 modrm(cpu, MODRM_READ, mode, mode67,
1875 0, &instr, &ilen, NULL, NULL);
1876 if (imm == 0xbc)
1877 mnem = "bsf";
1878 else
1879 mnem = "bsr";
1880 SPACES; debug("%s\t%s,%s", mnem, modrm_r,
1881 modrm_rm);
1882 } else if (imm == 0xc0 || imm == 0xc1) {
1883 modrm(cpu, MODRM_READ, mode, mode67,
1884 imm&1? 0 : MODRM_EIGHTBIT,
1885 &instr, &ilen, NULL, NULL);
1886 SPACES; debug("xadd\t%s,%s", modrm_rm, modrm_r);
1887 } else if (imm == 0xc7) {
1888 int subop = (*instr >> 3) & 0x7;
1889 switch (subop) {
1890 case 1: modrm(cpu, MODRM_READ, 64, mode67,
1891 0, &instr, &ilen, NULL, NULL);
1892 SPACES; debug("cmpxchg8b\t%s",modrm_rm);
1893 break;
1894 default:SPACES; debug("UNIMPLEMENTED 0x%02x,0x"
1895 "%02x,0x%02x", op, imm, *instr);
1896 }
1897 } else if (imm >= 0xc8 && imm <= 0xcf) {
1898 SPACES; debug("bswap\te%s", reg_names[imm & 7]);
1899 } else {
1900 SPACES; debug("UNIMPLEMENTED 0x0f,0x%02x", imm);
1901 }
1902 }
1903 } else if (op < 0x20 && (op & 7) == 6) {
1904 SPACES; debug("push\t%s", seg_names[op/8]);
1905 } else if (op < 0x20 && (op & 7) == 7) {
1906 SPACES; debug("pop\t%s", seg_names[op/8]);
1907 } else if (op >= 0x20 && op < 0x40 && (op & 7) == 7) {
1908 SPACES; debug("%sa%s", op < 0x30? "d" : "a",
1909 (op & 0xf)==7? "a" : "s");
1910 } else if (op >= 0x40 && op <= 0x5f) {
1911 switch (op & 0x38) {
1912 case 0x00: mnem = "inc"; break;
1913 case 0x08: mnem = "dec"; break;
1914 case 0x10: mnem = "push"; break;
1915 case 0x18: mnem = "pop"; break;
1916 }
1917 SPACES; debug("%s\t%s%s", mnem, e, reg_names[op & 7]);
1918 } else if (op == 0x60) {
1919 SPACES; debug("pusha%s", mode==16? "" : (mode==32? "d" : "q"));
1920 } else if (op == 0x61) {
1921 SPACES; debug("popa%s", mode==16? "" : (mode==32? "d" : "q"));
1922 } else if (op == 0x62) {
1923 modrm(cpu, MODRM_READ, mode, mode67,
1924 0, &instr, &ilen, NULL, NULL);
1925 SPACES; debug("bound\t%s,%s", modrm_r, modrm_rm);
1926 } else if (op == 0x63) {
1927 modrm(cpu, MODRM_READ, 16, mode67,
1928 0, &instr, &ilen, NULL, NULL);
1929 SPACES; debug("arpl\t%s,%s", modrm_rm, modrm_r);
1930 } else if (op == 0x68) {
1931 imm = read_imm_and_print(&instr, &ilen, mode);
1932 SPACES; debug("push\t%sword 0x%x", mode==32?"d":"", imm);
1933 } else if (op == 0x69 || op == 0x6b) {
1934 modrm(cpu, MODRM_READ, mode, mode67,
1935 0, &instr, &ilen, NULL, NULL);
1936 if (op == 0x69)
1937 imm = read_imm_and_print(&instr, &ilen, mode);
1938 else
1939 imm = (signed char)read_imm_and_print(&instr, &ilen, 8);
1940 SPACES; debug("imul\t%s,%s,%i", modrm_r, modrm_rm, imm);
1941 } else if (op == 0x6a) {
1942 imm = (signed char)read_imm_and_print(&instr, &ilen, 8);
1943 SPACES; debug("push\tbyte 0x%x", imm);
1944 } else if (op == 0x6c) {
1945 SPACES; debug("insb");
1946 } else if (op == 0x6d) {
1947 SPACES; debug("ins%s", mode==16? "w" : (mode==32? "d" : "q"));
1948 } else if (op == 0x6e) {
1949 SPACES; debug("outsb");
1950 } else if (op == 0x6f) {
1951 SPACES; debug("outs%s", mode==16? "w" : (mode==32? "d" : "q"));
1952 } else if ((op & 0xf0) == 0x70) {
1953 imm = (signed char)read_imm_and_print(&instr, &ilen, 8);
1954 imm = dumpaddr + 2 + imm;
1955 SPACES; debug("j%s%s\t0x%x", op&1? "n" : "",
1956 cond_names[(op/2) & 0x7], imm);
1957 } else if (op == 0x80 || op == 0x81) {
1958 switch ((*instr >> 3) & 0x7) {
1959 case 0: mnem = "add"; break;
1960 case 1: mnem = "or"; break;
1961 case 2: mnem = "adc"; break;
1962 case 3: mnem = "sbb"; break;
1963 case 4: mnem = "and"; break;
1964 case 5: mnem = "sub"; break;
1965 case 6: mnem = "xor"; break;
1966 case 7: mnem = "cmp"; break;
1967 default:
1968 SPACES; debug("UNIMPLEMENTED 0x%02x", op);
1969 }
1970 modrm(cpu, MODRM_READ, mode, mode67,
1971 op == 0x80? MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
1972 imm = read_imm_and_print(&instr, &ilen, op==0x80? 8 : mode);
1973 SPACES; debug("%s\t%s,0x%x", mnem, modrm_rm, imm);
1974 } else if (op == 0x83) {
1975 switch ((*instr >> 3) & 0x7) {
1976 case 0: mnem = "add"; break;
1977 case 1: mnem = "or"; break;
1978 case 2: mnem = "adc"; break;
1979 case 3: mnem = "sbb"; break;
1980 case 4: mnem = "and"; break;
1981 case 5: mnem = "sub"; break;
1982 case 6: mnem = "xor"; break;
1983 case 7: mnem = "cmp"; break;
1984 default:
1985 SPACES; debug("UNIMPLEMENTED 0x%02x", op);
1986 }
1987 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr, &ilen,
1988 NULL, NULL);
1989 imm = (signed char)read_imm_and_print(&instr, &ilen, 8);
1990 SPACES; debug("%s\t%s,0x%x", mnem, modrm_rm, imm);
1991 } else if (op == 0x84 || op == 0x85) {
1992 modrm(cpu, MODRM_READ, mode, mode67,
1993 op == 0x84? MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
1994 SPACES; debug("test\t%s,%s", modrm_rm, modrm_r);
1995 } else if (op == 0x86 || op == 0x87) {
1996 modrm(cpu, MODRM_READ, mode, mode67, op == 0x86?
1997 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
1998 SPACES; debug("xchg\t%s,%s", modrm_rm, modrm_r);
1999 } else if (op == 0x88 || op == 0x89) {
2000 modrm(cpu, MODRM_READ, mode, mode67, op == 0x88?
2001 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2002 SPACES; debug("mov\t%s,%s", modrm_rm, modrm_r);
2003 } else if (op == 0x8a || op == 0x8b) {
2004 modrm(cpu, MODRM_READ, mode, mode67, op == 0x8a?
2005 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2006 SPACES; debug("mov\t%s,%s", modrm_r, modrm_rm);
2007 } else if (op == 0x8c || op == 0x8e) {
2008 modrm(cpu, MODRM_READ, mode, mode67, MODRM_SEG, &instr, &ilen,
2009 NULL, NULL);
2010 SPACES; debug("mov\t");
2011 if (op == 0x8c)
2012 debug("%s,%s", modrm_rm, modrm_r);
2013 else
2014 debug("%s,%s", modrm_r, modrm_rm);
2015 } else if (op == 0x8d) {
2016 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr, &ilen,
2017 NULL, NULL);
2018 SPACES; debug("lea\t%s,%s", modrm_r, modrm_rm);
2019 } else if (op == 0x8f) {
2020 switch ((*instr >> 3) & 0x7) {
2021 case 0: /* POP m16/m32 */
2022 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr,
2023 &ilen, NULL, NULL);
2024 SPACES; debug("pop\t%sword %s", mode == 32? "d" : "",
2025 modrm_rm);
2026 break;
2027 default:
2028 SPACES; debug("UNIMPLEMENTED 0x%02x", op);
2029 }
2030 } else if (op == 0x90) {
2031 SPACES; debug("nop");
2032 } else if (op >= 0x91 && op <= 0x97) {
2033 SPACES; debug("xchg\t%sax,%s%s", e, e, reg_names[op & 7]);
2034 } else if (op == 0x98) {
2035 SPACES; debug("cbw");
2036 } else if (op == 0x99) {
2037 SPACES; debug("cwd");
2038 } else if (op == 0x9a) {
2039 imm = read_imm_and_print(&instr, &ilen, mode);
2040 imm2 = read_imm_and_print(&instr, &ilen, 16);
2041 SPACES; debug("call\t0x%04x:", imm2);
2042 if (mode == 16)
2043 debug("0x%04x", imm);
2044 else
2045 debug("0x%08x", imm);
2046 } else if (op == 0x9b) {
2047 SPACES; debug("wait");
2048 } else if (op == 0x9c) {
2049 SPACES; debug("pushf%s", mode==16? "" : (mode==32? "d" : "q"));
2050 } else if (op == 0x9d) {
2051 SPACES; debug("popf%s", mode==16? "" : (mode==32? "d" : "q"));
2052 } else if (op == 0x9e) {
2053 SPACES; debug("sahf");
2054 } else if (op == 0x9f) {
2055 SPACES; debug("lahf");
2056 } else if (op == 0xa0) {
2057 imm = read_imm_and_print(&instr, &ilen, mode67);
2058 SPACES; debug("mov\tal,[0x%x]", imm);
2059 } else if (op == 0xa1) {
2060 imm = read_imm_and_print(&instr, &ilen, mode67);
2061 SPACES; debug("mov\t%sax,[0x%x]", e, imm);
2062 } else if (op == 0xa2) {
2063 imm = read_imm_and_print(&instr, &ilen, mode67);
2064 SPACES; debug("mov\t[0x%x],al", imm);
2065 } else if (op == 0xa3) {
2066 imm = read_imm_and_print(&instr, &ilen, mode67);
2067 SPACES; debug("mov\t[0x%x],%sax", imm, e);
2068 } else if (op == 0xa4) {
2069 SPACES; debug("movsb");
2070 } else if (op == 0xa5) {
2071 SPACES; debug("movs%s", mode==16? "w" : (mode==32? "d" : "q"));
2072 } else if (op == 0xa6) {
2073 SPACES; debug("cmpsb");
2074 } else if (op == 0xa7) {
2075 SPACES; debug("cmps%s", mode==16? "w" : (mode==32? "d" : "q"));
2076 } else if (op == 0xa8 || op == 0xa9) {
2077 imm = read_imm_and_print(&instr, &ilen, op == 0xa8? 8 : mode);
2078 if (op == 0xa8)
2079 mnem = "al";
2080 else if (mode == 16)
2081 mnem = "ax";
2082 else
2083 mnem = "eax";
2084 SPACES; debug("test\t%s,0x%x", mnem, imm);
2085 } else if (op == 0xaa) {
2086 SPACES; debug("stosb");
2087 } else if (op == 0xab) {
2088 SPACES; debug("stos%s", mode==16? "w" : (mode==32? "d" : "q"));
2089 } else if (op == 0xac) {
2090 SPACES; debug("lodsb");
2091 } else if (op == 0xad) {
2092 SPACES; debug("lods%s", mode==16? "w" : (mode==32? "d" : "q"));
2093 } else if (op == 0xae) {
2094 SPACES; debug("scasb");
2095 } else if (op == 0xaf) {
2096 SPACES; debug("scas%s", mode==16? "w" : (mode==32? "d" : "q"));
2097 } else if (op >= 0xb0 && op <= 0xb7) {
2098 imm = read_imm_and_print(&instr, &ilen, 8);
2099 SPACES; debug("mov\t%s,0x%x", reg_names_bytes[op&7], imm);
2100 } else if (op >= 0xb8 && op <= 0xbf) {
2101 imm = read_imm_and_print(&instr, &ilen, mode);
2102 SPACES; debug("mov\t%s%s,0x%x", e, reg_names[op & 7], imm);
2103 } else if (op == 0xc0 || op == 0xc1) {
2104 switch ((*instr >> 3) & 0x7) {
2105 case 0: mnem = "rol"; break;
2106 case 1: mnem = "ror"; break;
2107 case 2: mnem = "rcl"; break;
2108 case 3: mnem = "rcr"; break;
2109 case 4: mnem = "shl"; break;
2110 case 5: mnem = "shr"; break;
2111 case 6: mnem = "sal"; break;
2112 case 7: mnem = "sar"; break;
2113 }
2114 modrm(cpu, MODRM_READ, mode, mode67, op == 0xc0?
2115 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2116 imm = read_imm_and_print(&instr, &ilen, 8);
2117 SPACES; debug("%s\t%s,%i", mnem, modrm_rm, imm);
2118 } else if (op == 0xc2) {
2119 imm = read_imm_and_print(&instr, &ilen, 16);
2120 SPACES; debug("ret\t0x%x", imm);
2121 } else if (op == 0xc3) {
2122 SPACES; debug("ret");
2123 } else if (op == 0xc4 || op == 0xc5) {
2124 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr, &ilen,
2125 NULL, NULL);
2126 switch (op) {
2127 case 0xc4: mnem = "les"; break;
2128 case 0xc5: mnem = "lds"; break;
2129 }
2130 SPACES; debug("%s\t%s,%s", mnem, modrm_r, modrm_rm);
2131 } else if (op == 0xc6 || op == 0xc7) {
2132 switch ((*instr >> 3) & 0x7) {
2133 case 0: modrm(cpu, MODRM_READ, mode, mode67, op == 0xc6?
2134 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2135 imm = read_imm_and_print(&instr, &ilen,
2136 op == 0xc6? 8 : mode);
2137 SPACES; debug("mov\t%s,0x%x", modrm_rm, imm);
2138 break;
2139 default:
2140 SPACES; debug("UNIMPLEMENTED 0x%02x", op);
2141 }
2142 } else if (op == 0xc8) {
2143 imm = read_imm_and_print(&instr, &ilen, 16);
2144 imm2 = read_imm_and_print(&instr, &ilen, 8);
2145 SPACES; debug("enter\t0x%x,%i", imm, imm2);
2146 } else if (op == 0xc9) {
2147 SPACES; debug("leave");
2148 } else if (op == 0xca) {
2149 imm = read_imm_and_print(&instr, &ilen, 16);
2150 SPACES; debug("retf\t0x%x", imm);
2151 } else if (op == 0xcb) {
2152 SPACES; debug("retf");
2153 } else if (op == 0xcc) {
2154 SPACES; debug("int3");
2155 } else if (op == 0xcd) {
2156 imm = read_imm_and_print(&instr, &ilen, 8);
2157 SPACES; debug("int\t0x%x", imm);
2158 } else if (op == 0xce) {
2159 SPACES; debug("into");
2160 } else if (op == 0xcf) {
2161 SPACES; debug("iret");
2162 } else if (op >= 0xd0 && op <= 0xd3) {
2163 int subop = (*instr >> 3) & 0x7;
2164 modrm(cpu, MODRM_READ, mode, mode67, op&1? 0 :
2165 MODRM_EIGHTBIT, &instr, &ilen, NULL, NULL);
2166 switch (subop) {
2167 case 0: mnem = "rol"; break;
2168 case 1: mnem = "ror"; break;
2169 case 2: mnem = "rcl"; break;
2170 case 3: mnem = "rcr"; break;
2171 case 4: mnem = "shl"; break;
2172 case 5: mnem = "shr"; break;
2173 case 6: mnem = "sal"; break;
2174 case 7: mnem = "sar"; break;
2175 }
2176 SPACES; debug("%s\t%s,", mnem, modrm_rm);
2177 if (op <= 0xd1)
2178 debug("1");
2179 else
2180 debug("cl");
2181 } else if (op == 0xd4) {
2182 imm = read_imm_and_print(&instr, &ilen, 8);
2183 SPACES; debug("aam");
2184 if (imm != 10)
2185 debug("\t%i", imm);
2186 } else if (op == 0xd5) {
2187 imm = read_imm_and_print(&instr, &ilen, 8);
2188 SPACES; debug("aad");
2189 if (imm != 10)
2190 debug("\t%i", imm);
2191 } else if (op == 0xd6) {
2192 SPACES; debug("salc"); /* undocumented? */
2193 } else if (op == 0xd7) {
2194 SPACES; debug("xlat");
2195 } else if (op == 0xd9) {
2196 int subop = (*instr >> 3) & 7;
2197 imm = *instr;
2198 if (subop == 5) {
2199 modrm(cpu, MODRM_READ, 16, mode67, 0,
2200 &instr, &ilen, NULL, NULL);
2201 SPACES; debug("fldcw\t%s", modrm_rm);
2202 } else if (subop == 7) {
2203 modrm(cpu, MODRM_READ, 16, mode67, 0,
2204 &instr, &ilen, NULL, NULL);
2205 SPACES; debug("fstcw\t%s", modrm_rm);
2206 } else {
2207 SPACES; debug("UNIMPLEMENTED 0x%02x,0x%02x", op, imm);
2208 }
2209 } else if (op == 0xdb) {
2210 imm = *instr;
2211 if (imm == 0xe2) {
2212 read_imm_and_print(&instr, &ilen, 8);
2213 SPACES; debug("fclex");
2214 } else if (imm == 0xe3) {
2215 read_imm_and_print(&instr, &ilen, 8);
2216 SPACES; debug("finit");
2217 } else if (imm == 0xe4) {
2218 read_imm_and_print(&instr, &ilen, 8);
2219 SPACES; debug("fsetpm");
2220 } else {
2221 SPACES; debug("UNIMPLEMENTED 0x%02x,0x%02x", op, imm);
2222 }
2223 } else if (op == 0xdd) {
2224 int subop = (*instr >> 3) & 7;
2225 imm = *instr;
2226 if (subop == 7) {
2227 modrm(cpu, MODRM_READ, 16, mode67, 0,
2228 &instr, &ilen, NULL, NULL);
2229 SPACES; debug("fstsw\t%s", modrm_rm);
2230 } else {
2231 SPACES; debug("UNIMPLEMENTED 0x%02x,0x%02x", op, imm);
2232 }
2233 } else if (op == 0xdf) {
2234 imm = *instr;
2235 if (imm == 0xe0) {
2236 read_imm_and_print(&instr, &ilen, 8);
2237 SPACES; debug("fstsw\tax");
2238 } else {
2239 SPACES; debug("UNIMPLEMENTED 0x%02x,0x%02x", op, imm);
2240 }
2241 } else if (op == 0xe3) {
2242 imm = read_imm_and_print(&instr, &ilen, 8);
2243 imm = dumpaddr + ilen + (signed char)imm;
2244 if (mode == 16)
2245 mnem = "jcxz";
2246 else
2247 mnem = "jecxz";
2248 SPACES; debug("%s\t0x%x", mnem, imm);
2249 } else if (op == 0xe4) {
2250 imm = read_imm_and_print(&instr, &ilen, 8);
2251 SPACES; debug("in\tal,0x%x", imm);
2252 } else if (op == 0xe5) {
2253 imm = read_imm_and_print(&instr, &ilen, 8);
2254 SPACES; debug("in\t%sax,0x%x", e, imm);
2255 } else if (op == 0xe6) {
2256 imm = read_imm_and_print(&instr, &ilen, 8);
2257 SPACES; debug("out\t0x%x,al", imm);
2258 } else if (op == 0xe7) {
2259 imm = read_imm_and_print(&instr, &ilen, 8);
2260 SPACES; debug("out\t0x%x,%sax", imm, e);
2261 } else if (op == 0xe8 || op == 0xe9) {
2262 imm = read_imm_and_print(&instr, &ilen, mode);
2263 if (mode == 16)
2264 imm = (int16_t)imm;
2265 imm = dumpaddr + ilen + imm;
2266 switch (op) {
2267 case 0xe8: mnem = "call"; break;
2268 case 0xe9: mnem = "jmp"; break;
2269 }
2270 SPACES; debug("%s\t0x%x", mnem, imm);
2271 } else if (op == 0xea) {
2272 imm = read_imm_and_print(&instr, &ilen, mode);
2273 imm2 = read_imm_and_print(&instr, &ilen, 16);
2274 SPACES; debug("jmp\t0x%04x:", imm2);
2275 if (mode == 16)
2276 debug("0x%04x", imm);
2277 else
2278 debug("0x%08x", imm);
2279 } else if ((op >= 0xe0 && op <= 0xe2) || op == 0xeb) {
2280 imm = read_imm_and_print(&instr, &ilen, 8);
2281 imm = dumpaddr + ilen + (signed char)imm;
2282 switch (op) {
2283 case 0xe0: mnem = "loopnz"; break;
2284 case 0xe1: mnem = "loopz"; break;
2285 case 0xe2: mnem = "loop"; break;
2286 case 0xeb: mnem = "jmp"; break;
2287 }
2288 SPACES; debug("%s\t0x%x", mnem, imm);
2289 } else if (op == 0xec) {
2290 SPACES; debug("in\tal,dx");
2291 } else if (op == 0xed) {
2292 SPACES; debug("in\t%sax,dx", e);
2293 } else if (op == 0xee) {
2294 SPACES; debug("out\tdx,al");
2295 } else if (op == 0xef) {
2296 SPACES; debug("out\tdx,%sax", e);
2297 } else if (op == 0xf1) {
2298 SPACES; debug("icebp"); /* undocumented? */
2299 /* http://www.x86.org/secrets/opcodes/icebp.htm */
2300 } else if (op == 0xf4) {
2301 SPACES; debug("hlt");
2302 } else if (op == 0xf5) {
2303 SPACES; debug("cmc");
2304 } else if (op == 0xf8) {
2305 SPACES; debug("clc");
2306 } else if (op == 0xf9) {
2307 SPACES; debug("stc");
2308 } else if (op == 0xfa) {
2309 SPACES; debug("cli");
2310 } else if (op == 0xfb) {
2311 SPACES; debug("sti");
2312 } else if (op == 0xfc) {
2313 SPACES; debug("cld");
2314 } else if (op == 0xfd) {
2315 SPACES; debug("std");
2316 } else if (op == 0xf6 || op == 0xf7) {
2317 switch ((*instr >> 3) & 0x7) {
2318 case 0: modrm(cpu, MODRM_READ, mode, mode67, op == 0xf6?
2319 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2320 imm = read_imm_and_print(&instr, &ilen,
2321 op == 0xf6? 8 : mode);
2322 SPACES; debug("test\t%s,0x%x", modrm_rm, imm);
2323 break;
2324 case 2: modrm(cpu, MODRM_READ, mode, mode67, op == 0xf6?
2325 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2326 SPACES; debug("not\t%s", modrm_rm);
2327 break;
2328 case 3: modrm(cpu, MODRM_READ, mode, mode67, op == 0xf6?
2329 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2330 SPACES; debug("neg\t%s", modrm_rm);
2331 break;
2332 case 4: modrm(cpu, MODRM_READ, mode, mode67, op == 0xf6?
2333 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2334 SPACES; debug("mul\t%s", modrm_rm);
2335 break;
2336 case 5: modrm(cpu, MODRM_READ, mode, mode67, op == 0xf6?
2337 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2338 SPACES; debug("imul\t%s", modrm_rm);
2339 break;
2340 case 6: modrm(cpu, MODRM_READ, mode, mode67, op == 0xf6?
2341 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2342 SPACES; debug("div\t%s", modrm_rm);
2343 break;
2344 case 7: modrm(cpu, MODRM_READ, mode, mode67, op == 0xf6?
2345 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2346 SPACES; debug("idiv\t%s", modrm_rm);
2347 break;
2348 default:
2349 SPACES; debug("UNIMPLEMENTED 0x%02x,0x%02x", op,*instr);
2350 }
2351 } else if (op == 0xfe || op == 0xff) {
2352 /* FE /0 = inc r/m8 */
2353 /* FE /1 = dec r/m8 */
2354 /* FF /2 = call near rm16/32 */
2355 /* FF /3 = call far m16:32 */
2356 /* FF /6 = push r/m16/32 */
2357 switch ((*instr >> 3) & 0x7) {
2358 case 0: modrm(cpu, MODRM_READ, mode, mode67, op == 0xfe?
2359 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2360 SPACES; debug("inc\t%s", modrm_rm);
2361 break;
2362 case 1: modrm(cpu, MODRM_READ, mode, mode67, op == 0xfe?
2363 MODRM_EIGHTBIT : 0, &instr, &ilen, NULL, NULL);
2364 SPACES; debug("dec\t%s", modrm_rm);
2365 break;
2366 case 2: if (op == 0xfe) {
2367 SPACES; debug("UNIMPLEMENTED "
2368 "0x%02x,0x%02x", op,*instr);
2369 } else {
2370 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr,
2371 &ilen, NULL, NULL);
2372 SPACES; debug("call\t%s", modrm_rm);
2373 }
2374 break;
2375 case 3: if (op == 0xfe) {
2376 SPACES; debug("UNIMPLEMENTED "
2377 "0x%02x,0x%02x", op,*instr);
2378 } else {
2379 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr,
2380 &ilen, NULL, NULL);
2381 SPACES; debug("call\tfar %s", modrm_rm);
2382 }
2383 break;
2384 case 4: if (op == 0xfe) {
2385 SPACES; debug("UNIMPLEMENTED "
2386 "0x%02x,0x%02x", op,*instr);
2387 } else {
2388 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr,
2389 &ilen, NULL, NULL);
2390 SPACES; debug("jmp\t%s", modrm_rm);
2391 }
2392 break;
2393 case 5: if (op == 0xfe) {
2394 SPACES; debug("UNIMPLEMENTED "
2395 "0x%02x,0x%02x", op,*instr);
2396 } else {
2397 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr,
2398 &ilen, NULL, NULL);
2399 SPACES; debug("jmp\tfar %s", modrm_rm);
2400 }
2401 break;
2402 case 6: if (op == 0xfe) {
2403 SPACES; debug("UNIMPLEMENTED "
2404 "0x%02x,0x%02x", op,*instr);
2405 } else {
2406 modrm(cpu, MODRM_READ, mode, mode67, 0, &instr,
2407 &ilen, NULL, NULL);
2408 SPACES; debug("push\t%sword %s",
2409 mode == 32? "d" : "", modrm_rm);
2410 }
2411 break;
2412 default:
2413 SPACES; debug("UNIMPLEMENTED 0x%02x,0x%02x", op,*instr);
2414 }
2415 } else {
2416 SPACES; debug("UNIMPLEMENTED 0x%02x", op);
2417 }
2418
2419 switch (rep) {
2420 case REP_REP: debug(" (rep)"); break;
2421 case REP_REPNE: debug(" (repne)"); break;
2422 }
2423 if (prefix != NULL)
2424 debug(" (%s)", prefix);
2425 if (lock)
2426 debug(" (lock)");
2427
2428 debug("\n");
2429 return ilen;
2430 }
2431
2432
2433
2434 /*
2435 * x86_cpuid():
2436 *
2437 * TODO: Level 1 and 2 info.
2438 */
2439 static void x86_cpuid(struct cpu *cpu)
2440 {
2441 switch (cpu->cd.x86.r[X86_R_AX]) {
2442 /* Normal CPU id: */
2443 case 0: cpu->cd.x86.r[X86_R_AX] = 2;
2444 /* Intel... */
2445 cpu->cd.x86.r[X86_R_BX] = 0x756e6547; /* "Genu" */
2446 cpu->cd.x86.r[X86_R_DX] = 0x49656e69; /* "ineI" */
2447 cpu->cd.x86.r[X86_R_CX] = 0x6c65746e; /* "ntel" */
2448 /* ... or AMD: */
2449 cpu->cd.x86.r[X86_R_BX] = 0x68747541; /* "Auth" */
2450 cpu->cd.x86.r[X86_R_DX] = 0x69746E65; /* "enti" */
2451 cpu->cd.x86.r[X86_R_CX] = 0x444D4163; /* "cAMD" */
2452 break;
2453 case 1: /* TODO */
2454 cpu->cd.x86.r[X86_R_AX] = 0x0623;
2455 cpu->cd.x86.r[X86_R_BX] = (cpu->cpu_id << 24);
2456 /* TODO: are bits 8..15 the _total_ nr of cpus, or the
2457 cpu id of this one? */
2458 cpu->cd.x86.r[X86_R_CX] = X86_CPUID_ECX_CX16;
2459 cpu->cd.x86.r[X86_R_DX] = X86_CPUID_EDX_CX8 | X86_CPUID_EDX_FPU
2460 | X86_CPUID_EDX_MSR | X86_CPUID_EDX_TSC | X86_CPUID_EDX_MTRR
2461 | X86_CPUID_EDX_CMOV | X86_CPUID_EDX_PSE |
2462 X86_CPUID_EDX_SEP | X86_CPUID_EDX_PGE |
2463 X86_CPUID_EDX_MMX | X86_CPUID_EDX_FXSR;
2464 break;
2465 case 2: /* TODO: actual Cache info */
2466 /* This is just bogus */
2467 cpu->cd.x86.r[X86_R_AX] = 0x03020101;
2468 cpu->cd.x86.r[X86_R_BX] = 0x00000000;
2469 cpu->cd.x86.r[X86_R_CX] = 0x00000000;
2470 cpu->cd.x86.r[X86_R_DX] = 0x06040a42;
2471 break;
2472
2473 /* Extended CPU id: */
2474 case 0x80000000:
2475 cpu->cd.x86.r[X86_R_AX] = 0x80000008;
2476 /* AMD... */
2477 cpu->cd.x86.r[X86_R_BX] = 0x68747541;
2478 cpu->cd.x86.r[X86_R_DX] = 0x444D4163;
2479 cpu->cd.x86.r[X86_R_CX] = 0x69746E65;
2480 break;
2481 case 0x80000001:
2482 cpu->cd.x86.r[X86_R_AX] = 0;
2483 cpu->cd.x86.r[X86_R_BX] = 0;
2484 cpu->cd.x86.r[X86_R_CX] = 0;
2485 cpu->cd.x86.r[X86_R_DX] = (cpu->cd.x86.model.model_number
2486 >= X86_MODEL_AMD64)? X86_CPUID_EXT_EDX_LM : 0;
2487 break;
2488 case 0x80000002:
2489 case 0x80000003:
2490 case 0x80000004:
2491 case 0x80000005:
2492 case 0x80000006:
2493 case 0x80000007:
2494 fatal("[ CPUID 0x%08x ]\n", (int)cpu->cd.x86.r[X86_R_AX]);
2495 cpu->cd.x86.r[X86_R_AX] = 0;
2496 cpu->cd.x86.r[X86_R_BX] = 0;
2497 cpu->cd.x86.r[X86_R_CX] = 0;
2498 cpu->cd.x86.r[X86_R_DX] = 0;
2499 break;
2500 case 0x80000008:
2501 cpu->cd.x86.r[X86_R_AX] = 0x00003028;
2502 cpu->cd.x86.r[X86_R_BX] = 0;
2503 cpu->cd.x86.r[X86_R_CX] = 0;
2504 cpu->cd.x86.r[X86_R_DX] = 0;
2505 break;
2506 default:fatal("x86_cpuid(): unimplemented eax = 0x%x\n",
2507 (int)cpu->cd.x86.r[X86_R_AX]);
2508 cpu->running = 0;
2509 }
2510 }
2511
2512
2513 /*
2514 * x86_push():
2515 */
2516 int x86_push(struct cpu *cpu, uint64_t value, int mode)
2517 {
2518 int res = 1, oldseg;
2519 int ssize = cpu->cd.x86.descr_cache[X86_S_SS].default_op_size;
2520 uint64_t new_esp;
2521 uint64_t old_esp = cpu->cd.x86.r[X86_R_SP];
2522 uint16_t old_ss = cpu->cd.x86.s[X86_S_SS];
2523 uint64_t old_eip = cpu->pc;
2524 uint16_t old_cs = cpu->cd.x86.s[X86_S_CS];
2525
2526 /* TODO: up/down? */
2527 /* TODO: stacksize? */
2528 ssize = mode;
2529
2530 oldseg = cpu->cd.x86.cursegment;
2531 cpu->cd.x86.cursegment = X86_S_SS;
2532 if (ssize == 16)
2533 new_esp = (cpu->cd.x86.r[X86_R_SP] & ~0xffff)
2534 | ((cpu->cd.x86.r[X86_R_SP] - (ssize / 8)) & 0xffff);
2535 else
2536 new_esp = (cpu->cd.x86.r[X86_R_SP] -
2537 (ssize / 8)) & 0xffffffff;
2538 res = x86_store(cpu, new_esp, value, ssize / 8);
2539 if (!res) {
2540 fatal("WARNING: x86_push store failed: cs:eip=0x%04x:0x%08x"
2541 " ss:esp=0x%04x:0x%08x\n", (int)old_cs,
2542 (int)old_eip, (int)old_ss, (int)old_esp);
2543 if ((old_cs & X86_PL_MASK) != X86_RING3)
2544 cpu->running = 0;
2545 } else {
2546 cpu->cd.x86.r[X86_R_SP] = new_esp;
2547 }
2548 cpu->cd.x86.cursegment = oldseg;
2549 return res;
2550 }
2551
2552
2553 /*
2554 * x86_pop():
2555 */
2556 int x86_pop(struct cpu *cpu, uint64_t *valuep, int mode)
2557 {
2558 int res = 1, oldseg;
2559 int ssize = cpu->cd.x86.descr_cache[X86_S_SS].default_op_size;
2560
2561 /* TODO: up/down? */
2562 /* TODO: stacksize? */
2563 ssize = mode;
2564
2565 oldseg = cpu->cd.x86.cursegment;
2566 cpu->cd.x86.cursegment = X86_S_SS;
2567 res = x86_load(cpu, cpu->cd.x86.r[X86_R_SP], valuep, ssize / 8);
2568 if (!res) {
2569 fatal("WARNING: x86_pop load failed\n");
2570 } else {
2571 if (ssize == 16)
2572 cpu->cd.x86.r[X86_R_SP] = (cpu->cd.x86.r[X86_R_SP] &
2573 ~0xffff) | ((cpu->cd.x86.r[X86_R_SP] + (ssize / 8))
2574 & 0xffff);
2575 else
2576 cpu->cd.x86.r[X86_R_SP] = (cpu->cd.x86.r[X86_R_SP] +
2577 (ssize / 8)) & 0xffffffff;
2578 }
2579 cpu->cd.x86.cursegment = oldseg;
2580 return res;
2581 }
2582
2583
2584 #define INT_TYPE_CALLGATE 1
2585 #define INT_TYPE_INTGATE 2
2586 #define INT_TYPE_TRAPGATE 3
2587 /*
2588 * x86_interrupt():
2589 *
2590 * Read the interrupt descriptor table (or, in real mode, the interrupt
2591 * vector table), push flags/cs/eip, and jump to the interrupt handler.
2592 */
2593 int x86_interrupt(struct cpu *cpu, int nr, int errcode)
2594 {
2595 uint16_t seg, old_cs;
2596 uint32_t ofs;
2597 int res, mode;
2598 unsigned char buf[8];
2599
2600 old_cs = cpu->cd.x86.s[X86_S_CS];
2601
2602 debug("{ x86_interrupt %i }\n", nr);
2603
2604 if (PROTECTED_MODE) {
2605 int i, int_type = 0;
2606
2607 if (nr * 8 > cpu->cd.x86.idtr_limit) {
2608 fatal("TODO: protected mode int 0x%02x outside idtr"
2609 " limit (%i)?\n", nr, (int)cpu->cd.x86.idtr_limit);
2610 cpu->running = 0;
2611 return 0;
2612 }
2613
2614 /* Read the interrupt descriptor: */
2615 res = cpu->memory_rw(cpu, cpu->mem, cpu->cd.x86.idtr + nr*8,
2616 buf, 8, MEM_READ, NO_SEGMENTATION);
2617 if (!res) {
2618 fatal("x86_interrupt(): could not read the"
2619 " interrupt descriptor table (prot. mode)\n");
2620 cpu->running = 0;
2621 return 0;
2622 }
2623
2624 if ((buf[5] & 0x17) == 0x04)
2625 int_type = INT_TYPE_CALLGATE;
2626 if ((buf[5] & 0x17) == 0x06)
2627 int_type = INT_TYPE_INTGATE;
2628 if ((buf[5] & 0x17) == 0x07)
2629 int_type = INT_TYPE_TRAPGATE;
2630
2631 if (!int_type) {
2632 fatal("x86_interrupt(): TODO:\n");
2633 for (i=0; i<8; i++)
2634 fatal(" %02x", buf[i]);
2635 fatal("\n");
2636 cpu->running = 0;
2637 return 0;
2638 }
2639
2640 seg = buf[2] + (buf[3] << 8);
2641 ofs = buf[0] + (buf[1] << 8) + (buf[6] << 16) + (buf[7] << 24);
2642
2643 switch (int_type) {
2644 case INT_TYPE_INTGATE:
2645 case INT_TYPE_TRAPGATE:
2646 break;
2647 default:
2648 fatal("INT type: %i, cs:eip = 0x%04x:0x%08x\n",
2649 int_type, (int)seg, (int)ofs);
2650 cpu->running = 0;
2651 return 0;
2652 }
2653
2654 reload_segment_descriptor(cpu, X86_S_CS, seg, &cpu->pc);
2655
2656 /*
2657 * If we're changing privilege level, the we should change
2658 * stack here, and push the old SS:ESP.
2659 */
2660 if ((seg & X86_PL_MASK) < (old_cs & X86_PL_MASK)) {
2661 unsigned char buf[16];
2662 uint16_t new_ss, old_ss;
2663 uint32_t new_esp, old_esp;
2664 int pl;
2665
2666 pl = seg & X86_PL_MASK;
2667
2668 /* Load SSx:ESPx from the Task State Segment: */
2669 if (cpu->cd.x86.tr < 4)
2670 fatal("WARNING: interrupt with stack switch"
2671 ", but task register = 0?\n");
2672
2673 /* fatal("::: old SS:ESP=0x%04x:0x%08x\n",
2674 (int)cpu->cd.x86.s[X86_S_SS],
2675 (int)cpu->cd.x86.r[X86_R_SP]); */
2676
2677 if (!cpu->memory_rw(cpu, cpu->mem, 4 + pl*8 +
2678 cpu->cd.x86.tr_base, buf, sizeof(buf), MEM_READ,
2679 NO_SEGMENTATION)) {
2680 fatal("ERROR: couldn't read tss blah blah\n");
2681 cpu->running = 0;
2682 return 0;
2683 }
2684
2685 new_esp = buf[0] + (buf[1] << 8) +
2686 (buf[2] << 16) + (buf[3] << 24);
2687 new_ss = buf[4] + (buf[5] << 8);
2688
2689 old_ss = cpu->cd.x86.s[X86_S_SS];
2690 old_esp = cpu->cd.x86.r[X86_R_SP];
2691
2692 reload_segment_descriptor(cpu, X86_S_SS, new_ss, NULL);
2693 cpu->cd.x86.r[X86_R_SP] = new_esp;
2694
2695 fatal("::: Switching Stack: new SS:ESP=0x%04x:0x%08x\n",
2696 (int)new_ss, (int)new_esp);
2697
2698 mode = cpu->cd.x86.descr_cache[X86_S_CS].
2699 default_op_size;
2700
2701 if (!x86_push(cpu, old_ss, mode)) {
2702 fatal("TODO: problem adgsadg 1\n");
2703 cpu->running = 0;
2704 }
2705 if (!x86_push(cpu, old_esp, mode)) {
2706 fatal("TODO: problem adgsadg 2\n");
2707 cpu->running = 0;
2708 }
2709 }
2710
2711 /* Push flags, cs, and ip (pc): */
2712 mode = cpu->cd.x86.descr_cache[X86_S_CS].default_op_size;
2713 if (!x86_push(cpu, cpu->cd.x86.rflags, mode)) {
2714 fatal("TODO: how to handle this 1 asdf\n");
2715 cpu->running = 0;
2716 }
2717 if (!x86_push(cpu, old_cs, mode)) {
2718 fatal("TODO: how to handle this 2 sdghser\n");
2719 cpu->running = 0;
2720 }
2721 if (!x86_push(cpu, cpu->pc, mode)) {
2722 fatal("TODO: how to handle this 3 we\n");
2723 cpu->running = 0;
2724 }
2725
2726 /* Push error code for some exceptions: */
2727 if ((nr >= 8 && nr <=14) || nr == 17) {
2728 if (!x86_push(cpu, errcode, mode)) {
2729 fatal("x86_interrupt(): TODO: asdgblah\n");
2730 cpu->running = 0;
2731 }
2732 }
2733
2734 /* Only turn off interrupts for Interrupt Gates: */
2735 if (int_type == INT_TYPE_INTGATE)
2736 cpu->cd.x86.rflags &= ~X86_FLAGS_IF;
2737
2738 /* Turn off TF for Interrupt and Trap Gates: */
2739 if (int_type == INT_TYPE_INTGATE ||
2740 int_type == INT_TYPE_TRAPGATE)
2741 cpu->cd.x86.rflags &= ~X86_FLAGS_TF;
2742
2743 goto int_jump;
2744 }
2745
2746 /*
2747 * Real mode:
2748 */
2749 if (nr * 4 > cpu->cd.x86.idtr_limit) {
2750 fatal("TODO: real mode int 0x%02x outside idtr limit ("
2751 "%i)?\n", nr, (int)cpu->cd.x86.idtr_limit);
2752 cpu->running = 0;
2753 return 0;
2754 }
2755 /* Read the interrupt vector: */
2756 res = cpu->memory_rw(cpu, cpu->mem, cpu->cd.x86.idtr + nr*4, buf, 4,
2757 MEM_READ, NO_SEGMENTATION);
2758 if (!res) {
2759 fatal("x86_interrupt(): could not read the"
2760 " interrupt descriptor table\n");
2761 cpu->running = 0;
2762 return 0;
2763 }
2764 ofs = buf[0] + (buf[1] << 8); seg = buf[2] + (buf[3] << 8);
2765
2766 reload_segment_descriptor(cpu, X86_S_CS, seg, &cpu->pc);
2767
2768 /* Push old flags, old cs, and old ip (pc): */
2769 mode = cpu->cd.x86.descr_cache[X86_S_CS].default_op_size;
2770
2771 if (!x86_push(cpu, cpu->cd.x86.rflags, mode)) {
2772 fatal("x86_interrupt(): TODO: how to handle this 4\n");
2773 cpu->running = 0;
2774 }
2775 if (!x86_push(cpu, old_cs, mode)) {
2776 fatal("x86_interrupt(): TODO: how to handle this 5\n");
2777 cpu->running = 0;
2778 }
2779 if (!x86_push(cpu, cpu->pc, mode)) {
2780 fatal("x86_interrupt(): TODO: how to handle this 6\n");
2781 cpu->running = 0;
2782 }
2783
2784 /* Turn off interrupts and the Trap Flag, and jump to the interrupt
2785 handler: */
2786 cpu->cd.x86.rflags &= ~(X86_FLAGS_IF | X86_FLAGS_TF);
2787
2788 int_jump:
2789 cpu->pc = ofs;
2790
2791 return 1;
2792 }
2793
2794
2795 #define CALCFLAGS_OP_ADD 1
2796 #define CALCFLAGS_OP_SUB 2
2797 #define CALCFLAGS_OP_XOR 3
2798 /*
2799 * x86_calc_flags():
2800 */
2801 void x86_calc_flags(struct cpu *cpu, uint64_t a, uint64_t b, int mode,
2802 int op)
2803 {
2804 uint64_t c=0, mask;
2805 int i, count;
2806
2807 if (mode == 8)
2808 mask = 0xff;
2809 else if (mode == 16)
2810 mask = 0xffff;
2811 else if (mode == 32)
2812 mask = 0xffffffffULL;
2813 else if (mode == 64)
2814 mask = 0xffffffffffffffffULL;
2815 else {
2816 fatal("x86_calc_flags(): Bad mode (%i)\n", mode);
2817 return;
2818 }
2819
2820 a &= mask;
2821 b &= mask;
2822
2823 /* CF: */
2824 cpu->cd.x86.rflags &= ~X86_FLAGS_CF;
2825 switch (op) {
2826 case CALCFLAGS_OP_ADD:
2827 if (((a + b)&mask) < a && ((a + b)&mask) < b)
2828 cpu->cd.x86.rflags |= X86_FLAGS_CF;
2829 break;
2830 case CALCFLAGS_OP_SUB:
2831 if (a < b)
2832 cpu->cd.x86.rflags |= X86_FLAGS_CF;
2833 break;
2834 case CALCFLAGS_OP_XOR:
2835 break;
2836 }
2837
2838 switch (op) {
2839 case CALCFLAGS_OP_ADD:
2840 c = (a + b) & mask;
2841 break;
2842 case CALCFLAGS_OP_SUB:
2843 c = (a - b) & mask;
2844 break;
2845 case CALCFLAGS_OP_XOR:
2846 c = a;
2847 }
2848
2849 /* ZF: */
2850 cpu->cd.x86.rflags &= ~X86_FLAGS_ZF;
2851 if (c == 0)
2852 cpu->cd.x86.rflags |= X86_FLAGS_ZF;
2853
2854 /* SF: */
2855 cpu->cd.x86.rflags &= ~X86_FLAGS_SF;
2856 if ((mode == 8 && (c & 0x80)) ||
2857 (mode == 16 && (c & 0x8000)) ||
2858 (mode == 32 && (c & 0x80000000ULL)) ||
2859 (mode == 64 && (c & 0x8000000000000000ULL))) {
2860 cpu->cd.x86.rflags |= X86_FLAGS_SF;
2861 }
2862
2863 /* OF: */
2864 cpu->cd.x86.rflags &= ~X86_FLAGS_OF;
2865 switch (op) {
2866 case CALCFLAGS_OP_ADD:
2867 /* TODO */
2868 break;
2869 case CALCFLAGS_OP_SUB:
2870 if (cpu->cd.x86.rflags & X86_FLAGS_SF)
2871 cpu->cd.x86.rflags |= X86_FLAGS_OF;
2872 if (mode == 8 && (int8_t)a < (int8_t)b)
2873 cpu->cd.x86.rflags ^= X86_FLAGS_OF;
2874 if (mode == 16 && (int16_t)a < (int16_t)b)
2875 cpu->cd.x86.rflags ^= X86_FLAGS_OF;
2876 if (mode == 32 && (int32_t)a < (int32_t)b)
2877 cpu->cd.x86.rflags ^= X86_FLAGS_OF;
2878 break;
2879 case CALCFLAGS_OP_XOR:
2880 ;
2881 }
2882
2883 /* AF: */
2884 switch (op) {
2885 case CALCFLAGS_OP_ADD:
2886 if ((a & 0xf) + (b & 0xf) > 15)
2887 cpu->cd.x86.rflags |= X86_FLAGS_AF;
2888 else
2889 cpu->cd.x86.rflags &= ~X86_FLAGS_AF;
2890 break;
2891 case CALCFLAGS_OP_SUB:
2892 if ((b & 0xf) > (a & 0xf))
2893 cpu->cd.x86.rflags |= X86_FLAGS_AF;
2894 else
2895 cpu->cd.x86.rflags &= ~X86_FLAGS_AF;
2896 break;
2897 case CALCFLAGS_OP_XOR:
2898 ;
2899 }
2900
2901 /* PF: (NOTE: Only the lowest 8 bits) */
2902 cpu->cd.x86.rflags &= ~X86_FLAGS_PF;
2903 count = 0;
2904 for (i=0; i<8; i++) {
2905 if (c & 1)
2906 count ++;
2907 c >>= 1;
2908 }
2909 if (!(count&1))
2910 cpu->cd.x86.rflags |= X86_FLAGS_PF;
2911 }
2912
2913
2914 /*
2915 * x86_condition():
2916 *
2917 * Returns 0 or 1 (false or true) depending on flag bits.
2918 */
2919 int x86_condition(struct cpu *cpu, int op)
2920 {
2921 int success = 0;
2922
2923 switch (op & 0xe) {
2924 case 0x00: /* o */
2925 success = cpu->cd.x86.rflags & X86_FLAGS_OF;
2926 break;
2927 case 0x02: /* c */
2928 success = cpu->cd.x86.rflags & X86_FLAGS_CF;
2929 break;
2930 case 0x04: /* z */
2931 success = cpu->cd.x86.rflags & X86_FLAGS_ZF;
2932 break;
2933 case 0x06: /* be */
2934 success = (cpu->cd.x86.rflags & X86_FLAGS_ZF) ||
2935 (cpu->cd.x86.rflags & X86_FLAGS_CF);
2936 break;
2937 case 0x08: /* s */
2938 success = cpu->cd.x86.rflags & X86_FLAGS_SF;
2939 break;
2940 case 0x0a: /* p */
2941 success = cpu->cd.x86.rflags & X86_FLAGS_PF;
2942 break;
2943 case 0x0c: /* nge */
2944 success = (cpu->cd.x86.rflags & X86_FLAGS_SF? 1 : 0)
2945 != (cpu->cd.x86.rflags & X86_FLAGS_OF? 1 : 0);
2946 break;
2947 case 0x0e: /* ng */
2948 success = (cpu->cd.x86.rflags & X86_FLAGS_SF? 1 : 0)
2949 != (cpu->cd.x86.rflags & X86_FLAGS_OF? 1 : 0);
2950 success |= (cpu->cd.x86.rflags & X86_FLAGS_ZF ? 1 : 0);
2951 break;
2952 }
2953
2954 if (op & 1)
2955 success = !success;
2956
2957 return success? 1 : 0;
2958 }
2959
2960
2961 /*
2962 * x86_shiftrotate():
2963 */
2964 void x86_shiftrotate(struct cpu *cpu, uint64_t *op1p, int op,
2965 int n, int mode)
2966 {
2967 uint64_t op1 = *op1p;
2968 int cf = -1, oldcf = 0;
2969
2970 n &= 31;
2971 if (mode != 64)
2972 op1 &= (((uint64_t)1 << mode) - 1);
2973
2974 oldcf = cpu->cd.x86.rflags & X86_FLAGS_CF? 1 : 0;
2975
2976 while (n-- > 0) {
2977 cf = 0;
2978
2979 if (op & 1) { /* right */
2980 if (op1 & 1)
2981 cf = 1;
2982 } else { /* left */
2983 cf = (op1 & ((uint64_t)1 << (mode-1)))? 1 : 0;
2984 }
2985
2986 switch (op) {
2987 case 0: /* rol */
2988 op1 = (op1 << 1) | cf;
2989 break;
2990 case 1: /* ror */
2991 op1 >>= 1;
2992 op1 |= ((uint64_t)cf << (mode - 1));
2993 break;
2994 case 2: /* rcl */
2995 op1 = (op1 << 1) | oldcf;
2996 oldcf = cf;
2997 break;
2998 case 3: /* rcr */
2999 op1 >>= 1;
3000 op1 |= ((uint64_t)oldcf << (mode - 1));
3001 oldcf = cf;
3002 break;
3003 case 4: /* shl */
3004 case 6: /* sal */
3005 op1 <<= 1;
3006 break;
3007 case 5: /* shr */
3008 op1 >>= 1;
3009 break;
3010 case 7: /* sar */
3011 op1 >>= 1;
3012 if (mode == 8 && op1 & 0x40)
3013 op1 |= 0x80;
3014 if (mode == 16 && op1 & 0x4000)
3015 op1 |= 0x8000;
3016 if (mode == 32 && op1 & 0x40000000ULL)
3017 op1 |= 0x80000000ULL;
3018 break;
3019 default:
3020 fatal("x86_shiftrotate(): unimplemented op %i\n", op);
3021 cpu->running = 0;
3022 }
3023 if (mode != 64)
3024 op1 &= (((uint64_t)1 << mode) - 1);
3025 x86_calc_flags(cpu, op1, 0, mode, CALCFLAGS_OP_XOR);
3026 cpu->cd.x86.rflags &= ~X86_FLAGS_CF;
3027 if (cf)
3028 cpu->cd.x86.rflags |= X86_FLAGS_CF;
3029 }
3030
3031 /* TODO: OF flag */
3032
3033 *op1p = op1;
3034 }
3035
3036
3037 /*
3038 * x86_msr():
3039 *
3040 * This function reads or writes the MSRs (Model Specific Registers).
3041 */
3042 void x86_msr(struct cpu *cpu, int writeflag)
3043 {
3044 uint32_t regnr = cpu->cd.x86.r[X86_R_CX] & 0xffffffff;
3045 uint64_t odata=0, idata = (cpu->cd.x86.r[X86_R_AX] & 0xffffffff) +
3046 ((cpu->cd.x86.r[X86_R_DX] & 0xffffffff) << 32);
3047
3048 switch (regnr) {
3049 case 0xc0000080: /* AMD64 EFER */
3050 if (writeflag) {
3051 if (cpu->cd.x86.efer & X86_EFER_LME &&
3052 !(idata & X86_EFER_LME))
3053 debug("[ switching FROM 64-bit mode ]\n");
3054 if (!(cpu->cd.x86.efer & X86_EFER_LME) &&
3055 idata & X86_EFER_LME)
3056 debug("[ switching to 64-bit mode ]\n");
3057 cpu->cd.x86.efer = idata;
3058 } else
3059 odata = cpu->cd.x86.efer;
3060 break;
3061 default:fatal("x86_msr: unimplemented MSR 0x%08x\n", (int)regnr);
3062 cpu->running = 0;
3063 }
3064
3065 if (!writeflag) {
3066 cpu->cd.x86.r[X86_R_AX] = odata & 0xffffffff;
3067 cpu->cd.x86.r[X86_R_DX] = (odata >> 32) & 0xffffffff;
3068 }
3069 }
3070
3071
3072 /*
3073 * cause_interrupt():
3074 *
3075 * Read the registers of PIC1 (and possibly PIC2) to find out which interrupt
3076 * has occured.
3077 *
3078 * Returns 1 if an interrupt happened, 0 otherwise (for example if the
3079 * in-service bit of an interrupt was already set).
3080 */
3081 int cause_interrupt(struct cpu *cpu)
3082 {
3083 int i, irq_nr = -1;
3084
3085 for (i=0; i<8; i++) {
3086 if (cpu->machine->isa_pic_data.pic1->irr &
3087 (~cpu->machine->isa_pic_data.pic1->ier) & (1 << i))
3088 irq_nr = i;
3089 }
3090
3091 if (irq_nr == 2) {
3092 for (i=0; i<8; i++) {
3093 if (cpu->machine->isa_pic_data.pic2->irr &
3094 (~cpu->machine->isa_pic_data.pic2->ier) & (1 << i))
3095 irq_nr = 8+i;
3096 }
3097 }
3098
3099 if (irq_nr == 2) {
3100 fatal("cause_interrupt(): Huh? irq 2 but no secondary irq\n");
3101 cpu->running = 0;
3102 }
3103
3104 /*
3105 * TODO: How about multiple interrupt levels?
3106 */
3107
3108 #if 0
3109 printf("cause1: %i (irr1=%02x ier1=%02x, irr2=%02x ier2=%02x\n", irq_nr,
3110 cpu->machine->isa_pic_data.pic1->irr, cpu->machine->isa_pic_data.pic1->ier,
3111 cpu->machine->isa_pic_data.pic2->irr, cpu->machine->isa_pic_data.pic2->ier);
3112 #endif
3113
3114 /* Set the in-service bit, and calculate actual INT nr: */
3115 if (irq_nr < 8) {
3116 if (cpu->machine->isa_pic_data.pic1->isr & (1 << irq_nr))
3117 return 0;
3118 cpu->machine->isa_pic_data.pic1->isr |= (1 << irq_nr);
3119 irq_nr = cpu->machine->isa_pic_data.pic1->irq_base + irq_nr;
3120 } else {
3121 if (cpu->machine->isa_pic_data.pic2->isr & (1 << (irq_nr & 7)))
3122 return 0;
3123 cpu->machine->isa_pic_data.pic2->isr |= (1 << (irq_nr&7));
3124 irq_nr = cpu->machine->isa_pic_data.pic2->irq_base +
3125 (irq_nr & 7);
3126 }
3127
3128 /* printf("cause2: %i\n", irq_nr); */
3129
3130 x86_interrupt(cpu, irq_nr, 0);
3131 cpu->cd.x86.halted = 0;
3132 return 1;
3133 }
3134
3135
3136 #define TRANSLATE_ADDRESS x86_translate_address
3137 #include "memory_x86.c"
3138 #undef TRANSLATE_ADDRESS
3139
3140
3141 #include "tmp_x86_tail.c"
3142
  ViewVC Help
Powered by ViewVC 1.1.26