Home | History | Annotate | Download | only in priv
      1 
      2 /*---------------------------------------------------------------*/
      3 /*--- begin                                  guest_x86_defs.h ---*/
      4 /*---------------------------------------------------------------*/
      5 
      6 /*
      7    This file is part of Valgrind, a dynamic binary instrumentation
      8    framework.
      9 
     10    Copyright (C) 2004-2015 OpenWorks LLP
     11       info (at) open-works.net
     12 
     13    This program is free software; you can redistribute it and/or
     14    modify it under the terms of the GNU General Public License as
     15    published by the Free Software Foundation; either version 2 of the
     16    License, or (at your option) any later version.
     17 
     18    This program is distributed in the hope that it will be useful, but
     19    WITHOUT ANY WARRANTY; without even the implied warranty of
     20    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     21    General Public License for more details.
     22 
     23    You should have received a copy of the GNU General Public License
     24    along with this program; if not, write to the Free Software
     25    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
     26    02110-1301, USA.
     27 
     28    The GNU General Public License is contained in the file COPYING.
     29 
     30    Neither the names of the U.S. Department of Energy nor the
     31    University of California nor the names of its contributors may be
     32    used to endorse or promote products derived from this software
     33    without prior written permission.
     34 */
     35 
     36 /* Only to be used within the guest-x86 directory. */
     37 
     38 #ifndef __VEX_GUEST_X86_DEFS_H
     39 #define __VEX_GUEST_X86_DEFS_H
     40 
     41 #include "libvex_basictypes.h"
     42 #include "libvex_guest_x86.h"           // VexGuestX86State
     43 #include "libvex_emnote.h"              // VexEmNote
     44 #include "guest_generic_bb_to_IR.h"     // DisResult
     45 
     46 /*---------------------------------------------------------*/
     47 /*--- x86 to IR conversion                              ---*/
     48 /*---------------------------------------------------------*/
     49 
     50 /* Convert one x86 insn to IR.  See the type DisOneInstrFn in
     51    bb_to_IR.h. */
     52 extern
     53 DisResult disInstr_X86 ( IRSB*        irbb,
     54                          Bool         (*resteerOkFn) ( void*, Addr ),
     55                          Bool         resteerCisOk,
     56                          void*        callback_opaque,
     57                          const UChar* guest_code,
     58                          Long         delta,
     59                          Addr         guest_IP,
     60                          VexArch      guest_arch,
     61                          const VexArchInfo* archinfo,
     62                          const VexAbiInfo*  abiinfo,
     63                          VexEndness   host_endness,
     64                          Bool         sigill_diag );
     65 
     66 /* Used by the optimiser to specialise calls to helpers. */
     67 extern
     68 IRExpr* guest_x86_spechelper ( const HChar* function_name,
     69                                IRExpr** args,
     70                                IRStmt** precedingStmts,
     71                                Int      n_precedingStmts );
     72 
     73 /* Describes to the optimiser which part of the guest state require
     74    precise memory exceptions.  This is logically part of the guest
     75    state description. */
     76 extern
     77 Bool guest_x86_state_requires_precise_mem_exns ( Int, Int,
     78                                                  VexRegisterUpdates );
     79 
     80 extern
     81 VexGuestLayout x86guest_layout;
     82 
     83 
     84 /*---------------------------------------------------------*/
     85 /*--- x86 guest helpers                                 ---*/
     86 /*---------------------------------------------------------*/
     87 
     88 /* --- CLEAN HELPERS --- */
     89 
     90 extern UInt  x86g_calculate_eflags_all (
     91                 UInt cc_op, UInt cc_dep1, UInt cc_dep2, UInt cc_ndep
     92              );
     93 
     94 VEX_REGPARM(3)
     95 extern UInt  x86g_calculate_eflags_c (
     96                 UInt cc_op, UInt cc_dep1, UInt cc_dep2, UInt cc_ndep
     97              );
     98 
     99 extern UInt  x86g_calculate_condition (
    100                 UInt/*X86Condcode*/ cond,
    101                 UInt cc_op,
    102                 UInt cc_dep1, UInt cc_dep2, UInt cc_ndep
    103              );
    104 
    105 extern UInt  x86g_calculate_FXAM ( UInt tag, ULong dbl );
    106 
    107 extern ULong x86g_calculate_RCR (
    108                 UInt arg, UInt rot_amt, UInt eflags_in, UInt sz
    109              );
    110 extern ULong x86g_calculate_RCL (
    111                 UInt arg, UInt rot_amt, UInt eflags_in, UInt sz
    112              );
    113 
    114 extern UInt x86g_calculate_daa_das_aaa_aas ( UInt AX_and_flags, UInt opcode );
    115 
    116 extern UInt x86g_calculate_aad_aam ( UInt AX_and_flags, UInt opcode );
    117 
    118 extern ULong x86g_check_fldcw ( UInt fpucw );
    119 
    120 extern UInt  x86g_create_fpucw ( UInt fpround );
    121 
    122 extern ULong x86g_check_ldmxcsr ( UInt mxcsr );
    123 
    124 extern UInt  x86g_create_mxcsr ( UInt sseround );
    125 
    126 
    127 /* Translate a guest virtual_addr into a guest linear address by
    128    consulting the supplied LDT/GDT structures.  Their representation
    129    must be as specified in pub/libvex_guest_x86.h.  To indicate a
    130    translation failure, 1<<32 is returned.  On success, the lower 32
    131    bits of the returned result indicate the linear address.
    132 */
    133 extern
    134 ULong x86g_use_seg_selector ( HWord ldt, HWord gdt,
    135                               UInt seg_selector, UInt virtual_addr );
    136 
    137 extern ULong x86g_calculate_mmx_pmaddwd  ( ULong, ULong );
    138 extern ULong x86g_calculate_mmx_psadbw   ( ULong, ULong );
    139 
    140 
    141 /* --- DIRTY HELPERS --- */
    142 
    143 extern ULong x86g_dirtyhelper_loadF80le  ( Addr );
    144 
    145 extern void  x86g_dirtyhelper_storeF80le ( Addr, ULong );
    146 
    147 extern void  x86g_dirtyhelper_CPUID_sse0 ( VexGuestX86State* );
    148 extern void  x86g_dirtyhelper_CPUID_mmxext ( VexGuestX86State* );
    149 extern void  x86g_dirtyhelper_CPUID_sse1 ( VexGuestX86State* );
    150 extern void  x86g_dirtyhelper_CPUID_sse2 ( VexGuestX86State* );
    151 extern void  x86g_dirtyhelper_CPUID_sse3 ( VexGuestX86State* );
    152 
    153 extern void  x86g_dirtyhelper_FINIT ( VexGuestX86State* );
    154 
    155 extern void  x86g_dirtyhelper_FXSAVE ( VexGuestX86State*, HWord );
    156 extern void  x86g_dirtyhelper_FSAVE  ( VexGuestX86State*, HWord );
    157 extern void  x86g_dirtyhelper_FSTENV ( VexGuestX86State*, HWord );
    158 
    159 extern ULong x86g_dirtyhelper_RDTSC ( void );
    160 
    161 extern UInt x86g_dirtyhelper_IN  ( UInt portno, UInt sz/*1,2 or 4*/ );
    162 extern void x86g_dirtyhelper_OUT ( UInt portno, UInt data,
    163                                    UInt sz/*1,2 or 4*/ );
    164 
    165 extern void x86g_dirtyhelper_SxDT ( void* address,
    166                                     UInt op /* 0 or 1 */ );
    167 
    168 extern VexEmNote
    169             x86g_dirtyhelper_FXRSTOR ( VexGuestX86State*, HWord );
    170 
    171 extern VexEmNote
    172             x86g_dirtyhelper_FRSTOR ( VexGuestX86State*, HWord );
    173 
    174 extern VexEmNote
    175             x86g_dirtyhelper_FLDENV ( VexGuestX86State*, HWord );
    176 
    177 
    178 /*---------------------------------------------------------*/
    179 /*--- Condition code stuff                              ---*/
    180 /*---------------------------------------------------------*/
    181 
    182 /* eflags masks */
    183 #define X86G_CC_SHIFT_O   11
    184 #define X86G_CC_SHIFT_S   7
    185 #define X86G_CC_SHIFT_Z   6
    186 #define X86G_CC_SHIFT_A   4
    187 #define X86G_CC_SHIFT_C   0
    188 #define X86G_CC_SHIFT_P   2
    189 
    190 #define X86G_CC_MASK_O    (1 << X86G_CC_SHIFT_O)
    191 #define X86G_CC_MASK_S    (1 << X86G_CC_SHIFT_S)
    192 #define X86G_CC_MASK_Z    (1 << X86G_CC_SHIFT_Z)
    193 #define X86G_CC_MASK_A    (1 << X86G_CC_SHIFT_A)
    194 #define X86G_CC_MASK_C    (1 << X86G_CC_SHIFT_C)
    195 #define X86G_CC_MASK_P    (1 << X86G_CC_SHIFT_P)
    196 
    197 /* additional eflags masks */
    198 #define X86G_CC_SHIFT_ID  21
    199 #define X86G_CC_SHIFT_AC  18
    200 #define X86G_CC_SHIFT_D   10
    201 
    202 #define X86G_CC_MASK_ID   (1 << X86G_CC_SHIFT_ID)
    203 #define X86G_CC_MASK_AC   (1 << X86G_CC_SHIFT_AC)
    204 #define X86G_CC_MASK_D    (1 << X86G_CC_SHIFT_D)
    205 
    206 /* FPU flag masks */
    207 #define X86G_FC_SHIFT_C3   14
    208 #define X86G_FC_SHIFT_C2   10
    209 #define X86G_FC_SHIFT_C1   9
    210 #define X86G_FC_SHIFT_C0   8
    211 
    212 #define X86G_FC_MASK_C3    (1 << X86G_FC_SHIFT_C3)
    213 #define X86G_FC_MASK_C2    (1 << X86G_FC_SHIFT_C2)
    214 #define X86G_FC_MASK_C1    (1 << X86G_FC_SHIFT_C1)
    215 #define X86G_FC_MASK_C0    (1 << X86G_FC_SHIFT_C0)
    216 
    217 
    218 /* %EFLAGS thunk descriptors.  A four-word thunk is used to record
    219    details of the most recent flag-setting operation, so the flags can
    220    be computed later if needed.  It is possible to do this a little
    221    more efficiently using a 3-word thunk, but that makes it impossible
    222    to describe the flag data dependencies sufficiently accurately for
    223    Memcheck.  Hence 4 words are used, with minimal loss of efficiency.
    224 
    225    The four words are:
    226 
    227       CC_OP, which describes the operation.
    228 
    229       CC_DEP1 and CC_DEP2.  These are arguments to the operation.
    230          We want Memcheck to believe that the resulting flags are
    231          data-dependent on both CC_DEP1 and CC_DEP2, hence the
    232          name DEP.
    233 
    234       CC_NDEP.  This is a 3rd argument to the operation which is
    235          sometimes needed.  We arrange things so that Memcheck does
    236          not believe the resulting flags are data-dependent on CC_NDEP
    237          ("not dependent").
    238 
    239    To make Memcheck believe that (the definedness of) the encoded
    240    flags depends only on (the definedness of) CC_DEP1 and CC_DEP2
    241    requires two things:
    242 
    243    (1) In the guest state layout info (x86guest_layout), CC_OP and
    244        CC_NDEP are marked as always defined.
    245 
    246    (2) When passing the thunk components to an evaluation function
    247        (calculate_condition, calculate_eflags, calculate_eflags_c) the
    248        IRCallee's mcx_mask must be set so as to exclude from
    249        consideration all passed args except CC_DEP1 and CC_DEP2.
    250 
    251    Strictly speaking only (2) is necessary for correctness.  However,
    252    (1) helps efficiency in that since (2) means we never ask about the
    253    definedness of CC_OP or CC_NDEP, we may as well not even bother to
    254    track their definedness.
    255 
    256    When building the thunk, it is always necessary to write words into
    257    CC_DEP1 and CC_DEP2, even if those args are not used given the
    258    CC_OP field (eg, CC_DEP2 is not used if CC_OP is CC_LOGIC1/2/4).
    259    This is important because otherwise Memcheck could give false
    260    positives as it does not understand the relationship between the
    261    CC_OP field and CC_DEP1 and CC_DEP2, and so believes that the
    262    definedness of the stored flags always depends on both CC_DEP1 and
    263    CC_DEP2.
    264 
    265    However, it is only necessary to set CC_NDEP when the CC_OP value
    266    requires it, because Memcheck ignores CC_NDEP, and the evaluation
    267    functions do understand the CC_OP fields and will only examine
    268    CC_NDEP for suitable values of CC_OP.
    269 
    270    A summary of the field usages is:
    271 
    272    Operation          DEP1               DEP2               NDEP
    273    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    274 
    275    add/sub/mul        first arg          second arg         unused
    276 
    277    adc/sbb            first arg          (second arg)
    278                                          XOR old_carry      old_carry
    279 
    280    and/or/xor         result             zero               unused
    281 
    282    inc/dec            result             zero               old_carry
    283 
    284    shl/shr/sar        result             subshifted-        unused
    285                                          result
    286 
    287    rol/ror            result             zero               old_flags
    288 
    289    copy               old_flags          zero               unused.
    290 
    291 
    292    Therefore Memcheck will believe the following:
    293 
    294    * add/sub/mul -- definedness of result flags depends on definedness
    295      of both args.
    296 
    297    * adc/sbb -- definedness of result flags depends on definedness of
    298      both args and definedness of the old C flag.  Because only two
    299      DEP fields are available, the old C flag is XOR'd into the second
    300      arg so that Memcheck sees the data dependency on it.  That means
    301      the NDEP field must contain a second copy of the old C flag
    302      so that the evaluation functions can correctly recover the second
    303      arg.
    304 
    305    * and/or/xor are straightforward -- definedness of result flags
    306      depends on definedness of result value.
    307 
    308    * inc/dec -- definedness of result flags depends only on
    309      definedness of result.  This isn't really true -- it also depends
    310      on the old C flag.  However, we don't want Memcheck to see that,
    311      and so the old C flag must be passed in NDEP and not in DEP2.
    312      It's inconceivable that a compiler would generate code that puts
    313      the C flag in an undefined state, then does an inc/dec, which
    314      leaves C unchanged, and then makes a conditional jump/move based
    315      on C.  So our fiction seems a good approximation.
    316 
    317    * shl/shr/sar -- straightforward, again, definedness of result
    318      flags depends on definedness of result value.  The subshifted
    319      value (value shifted one less) is also needed, but its
    320      definedness is the same as the definedness of the shifted value.
    321 
    322    * rol/ror -- these only set O and C, and leave A Z C P alone.
    323      However it seems prudent (as per inc/dec) to say the definedness
    324      of all resulting flags depends on the definedness of the result,
    325      hence the old flags must go in as NDEP and not DEP2.
    326 
    327    * rcl/rcr are too difficult to do in-line, and so are done by a
    328      helper function.  They are not part of this scheme.  The helper
    329      function takes the value to be rotated, the rotate amount and the
    330      old flags, and returns the new flags and the rotated value.
    331      Since the helper's mcx_mask does not have any set bits, Memcheck
    332      will lazily propagate undefinedness from any of the 3 args into
    333      both results (flags and actual value).
    334 */
    335 enum {
    336     X86G_CC_OP_COPY=0,  /* DEP1 = current flags, DEP2 = 0, NDEP = unused */
    337                         /* just copy DEP1 to output */
    338 
    339     X86G_CC_OP_ADDB,    /* 1 */
    340     X86G_CC_OP_ADDW,    /* 2 DEP1 = argL, DEP2 = argR, NDEP = unused */
    341     X86G_CC_OP_ADDL,    /* 3 */
    342 
    343     X86G_CC_OP_SUBB,    /* 4 */
    344     X86G_CC_OP_SUBW,    /* 5 DEP1 = argL, DEP2 = argR, NDEP = unused */
    345     X86G_CC_OP_SUBL,    /* 6 */
    346 
    347     X86G_CC_OP_ADCB,    /* 7 */
    348     X86G_CC_OP_ADCW,    /* 8 DEP1 = argL, DEP2 = argR ^ oldCarry, NDEP = oldCarry */
    349     X86G_CC_OP_ADCL,    /* 9 */
    350 
    351     X86G_CC_OP_SBBB,    /* 10 */
    352     X86G_CC_OP_SBBW,    /* 11 DEP1 = argL, DEP2 = argR ^ oldCarry, NDEP = oldCarry */
    353     X86G_CC_OP_SBBL,    /* 12 */
    354 
    355     X86G_CC_OP_LOGICB,  /* 13 */
    356     X86G_CC_OP_LOGICW,  /* 14 DEP1 = result, DEP2 = 0, NDEP = unused */
    357     X86G_CC_OP_LOGICL,  /* 15 */
    358 
    359     X86G_CC_OP_INCB,    /* 16 */
    360     X86G_CC_OP_INCW,    /* 17 DEP1 = result, DEP2 = 0, NDEP = oldCarry (0 or 1) */
    361     X86G_CC_OP_INCL,    /* 18 */
    362 
    363     X86G_CC_OP_DECB,    /* 19 */
    364     X86G_CC_OP_DECW,    /* 20 DEP1 = result, DEP2 = 0, NDEP = oldCarry (0 or 1) */
    365     X86G_CC_OP_DECL,    /* 21 */
    366 
    367     X86G_CC_OP_SHLB,    /* 22 DEP1 = res, DEP2 = res', NDEP = unused */
    368     X86G_CC_OP_SHLW,    /* 23 where res' is like res but shifted one bit less */
    369     X86G_CC_OP_SHLL,    /* 24 */
    370 
    371     X86G_CC_OP_SHRB,    /* 25 DEP1 = res, DEP2 = res', NDEP = unused */
    372     X86G_CC_OP_SHRW,    /* 26 where res' is like res but shifted one bit less */
    373     X86G_CC_OP_SHRL,    /* 27 */
    374 
    375     X86G_CC_OP_ROLB,    /* 28 */
    376     X86G_CC_OP_ROLW,    /* 29 DEP1 = res, DEP2 = 0, NDEP = old flags */
    377     X86G_CC_OP_ROLL,    /* 30 */
    378 
    379     X86G_CC_OP_RORB,    /* 31 */
    380     X86G_CC_OP_RORW,    /* 32 DEP1 = res, DEP2 = 0, NDEP = old flags */
    381     X86G_CC_OP_RORL,    /* 33 */
    382 
    383     X86G_CC_OP_UMULB,   /* 34 */
    384     X86G_CC_OP_UMULW,   /* 35 DEP1 = argL, DEP2 = argR, NDEP = unused */
    385     X86G_CC_OP_UMULL,   /* 36 */
    386 
    387     X86G_CC_OP_SMULB,   /* 37 */
    388     X86G_CC_OP_SMULW,   /* 38 DEP1 = argL, DEP2 = argR, NDEP = unused */
    389     X86G_CC_OP_SMULL,   /* 39 */
    390 
    391     X86G_CC_OP_NUMBER
    392 };
    393 
    394 typedef
    395    enum {
    396       X86CondO      = 0,  /* overflow           */
    397       X86CondNO     = 1,  /* no overflow        */
    398 
    399       X86CondB      = 2,  /* below              */
    400       X86CondNB     = 3,  /* not below          */
    401 
    402       X86CondZ      = 4,  /* zero               */
    403       X86CondNZ     = 5,  /* not zero           */
    404 
    405       X86CondBE     = 6,  /* below or equal     */
    406       X86CondNBE    = 7,  /* not below or equal */
    407 
    408       X86CondS      = 8,  /* negative           */
    409       X86CondNS     = 9,  /* not negative       */
    410 
    411       X86CondP      = 10, /* parity even        */
    412       X86CondNP     = 11, /* not parity even    */
    413 
    414       X86CondL      = 12, /* jump less          */
    415       X86CondNL     = 13, /* not less           */
    416 
    417       X86CondLE     = 14, /* less or equal      */
    418       X86CondNLE    = 15, /* not less or equal  */
    419 
    420       X86CondAlways = 16  /* HACK */
    421    }
    422    X86Condcode;
    423 
    424 #endif /* ndef __VEX_GUEST_X86_DEFS_H */
    425 
    426 /*---------------------------------------------------------------*/
    427 /*--- end                                    guest_x86_defs.h ---*/
    428 /*---------------------------------------------------------------*/
    429