1 2/*---------------------------------------------------------------*/ 3/*--- begin guest_x86_defs.h ---*/ 4/*---------------------------------------------------------------*/ 5 6/* 7 This file is part of Valgrind, a dynamic binary instrumentation 8 framework. 9 10 Copyright (C) 2004-2015 OpenWorks LLP 11 info@open-works.net 12 13 This program is free software; you can redistribute it and/or 14 modify it under the terms of the GNU General Public License as 15 published by the Free Software Foundation; either version 2 of the 16 License, or (at your option) any later version. 17 18 This program is distributed in the hope that it will be useful, but 19 WITHOUT ANY WARRANTY; without even the implied warranty of 20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 21 General Public License for more details. 22 23 You should have received a copy of the GNU General Public License 24 along with this program; if not, write to the Free Software 25 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 26 02110-1301, USA. 27 28 The GNU General Public License is contained in the file COPYING. 29 30 Neither the names of the U.S. Department of Energy nor the 31 University of California nor the names of its contributors may be 32 used to endorse or promote products derived from this software 33 without prior written permission. 34*/ 35 36/* Only to be used within the guest-x86 directory. */ 37 38#ifndef __VEX_GUEST_X86_DEFS_H 39#define __VEX_GUEST_X86_DEFS_H 40 41#include "libvex_basictypes.h" 42#include "libvex_guest_x86.h" // VexGuestX86State 43#include "libvex_emnote.h" // VexEmNote 44#include "guest_generic_bb_to_IR.h" // DisResult 45 46/*---------------------------------------------------------*/ 47/*--- x86 to IR conversion ---*/ 48/*---------------------------------------------------------*/ 49 50/* Convert one x86 insn to IR. See the type DisOneInstrFn in 51 bb_to_IR.h. */ 52extern 53DisResult disInstr_X86 ( IRSB* irbb, 54 Bool (*resteerOkFn) ( void*, Addr ), 55 Bool resteerCisOk, 56 void* callback_opaque, 57 const UChar* guest_code, 58 Long delta, 59 Addr guest_IP, 60 VexArch guest_arch, 61 const VexArchInfo* archinfo, 62 const VexAbiInfo* abiinfo, 63 VexEndness host_endness, 64 Bool sigill_diag ); 65 66/* Used by the optimiser to specialise calls to helpers. */ 67extern 68IRExpr* guest_x86_spechelper ( const HChar* function_name, 69 IRExpr** args, 70 IRStmt** precedingStmts, 71 Int n_precedingStmts ); 72 73/* Describes to the optimiser which part of the guest state require 74 precise memory exceptions. This is logically part of the guest 75 state description. */ 76extern 77Bool guest_x86_state_requires_precise_mem_exns ( Int, Int, 78 VexRegisterUpdates ); 79 80extern 81VexGuestLayout x86guest_layout; 82 83 84/*---------------------------------------------------------*/ 85/*--- x86 guest helpers ---*/ 86/*---------------------------------------------------------*/ 87 88/* --- CLEAN HELPERS --- */ 89 90extern UInt x86g_calculate_eflags_all ( 91 UInt cc_op, UInt cc_dep1, UInt cc_dep2, UInt cc_ndep 92 ); 93 94VEX_REGPARM(3) 95extern UInt x86g_calculate_eflags_c ( 96 UInt cc_op, UInt cc_dep1, UInt cc_dep2, UInt cc_ndep 97 ); 98 99extern UInt x86g_calculate_condition ( 100 UInt/*X86Condcode*/ cond, 101 UInt cc_op, 102 UInt cc_dep1, UInt cc_dep2, UInt cc_ndep 103 ); 104 105extern UInt x86g_calculate_FXAM ( UInt tag, ULong dbl ); 106 107extern ULong x86g_calculate_RCR ( 108 UInt arg, UInt rot_amt, UInt eflags_in, UInt sz 109 ); 110extern ULong x86g_calculate_RCL ( 111 UInt arg, UInt rot_amt, UInt eflags_in, UInt sz 112 ); 113 114extern UInt x86g_calculate_daa_das_aaa_aas ( UInt AX_and_flags, UInt opcode ); 115 116extern UInt x86g_calculate_aad_aam ( UInt AX_and_flags, UInt opcode ); 117 118extern ULong x86g_check_fldcw ( UInt fpucw ); 119 120extern UInt x86g_create_fpucw ( UInt fpround ); 121 122extern ULong x86g_check_ldmxcsr ( UInt mxcsr ); 123 124extern UInt x86g_create_mxcsr ( UInt sseround ); 125 126 127/* Translate a guest virtual_addr into a guest linear address by 128 consulting the supplied LDT/GDT structures. Their representation 129 must be as specified in pub/libvex_guest_x86.h. To indicate a 130 translation failure, 1<<32 is returned. On success, the lower 32 131 bits of the returned result indicate the linear address. 132*/ 133extern 134ULong x86g_use_seg_selector ( HWord ldt, HWord gdt, 135 UInt seg_selector, UInt virtual_addr ); 136 137extern ULong x86g_calculate_mmx_pmaddwd ( ULong, ULong ); 138extern ULong x86g_calculate_mmx_psadbw ( ULong, ULong ); 139 140 141/* --- DIRTY HELPERS --- */ 142 143extern ULong x86g_dirtyhelper_loadF80le ( Addr ); 144 145extern void x86g_dirtyhelper_storeF80le ( Addr, ULong ); 146 147extern void x86g_dirtyhelper_CPUID_sse0 ( VexGuestX86State* ); 148extern void x86g_dirtyhelper_CPUID_mmxext ( VexGuestX86State* ); 149extern void x86g_dirtyhelper_CPUID_sse1 ( VexGuestX86State* ); 150extern void x86g_dirtyhelper_CPUID_sse2 ( VexGuestX86State* ); 151extern void x86g_dirtyhelper_CPUID_sse3 ( VexGuestX86State* ); 152 153extern void x86g_dirtyhelper_FINIT ( VexGuestX86State* ); 154 155extern void x86g_dirtyhelper_FXSAVE ( VexGuestX86State*, HWord ); 156extern void x86g_dirtyhelper_FSAVE ( VexGuestX86State*, HWord ); 157extern void x86g_dirtyhelper_FSTENV ( VexGuestX86State*, HWord ); 158 159extern ULong x86g_dirtyhelper_RDTSC ( void ); 160 161extern UInt x86g_dirtyhelper_IN ( UInt portno, UInt sz/*1,2 or 4*/ ); 162extern void x86g_dirtyhelper_OUT ( UInt portno, UInt data, 163 UInt sz/*1,2 or 4*/ ); 164 165extern void x86g_dirtyhelper_SxDT ( void* address, 166 UInt op /* 0 or 1 */ ); 167 168extern VexEmNote 169 x86g_dirtyhelper_FXRSTOR ( VexGuestX86State*, HWord ); 170 171extern VexEmNote 172 x86g_dirtyhelper_FRSTOR ( VexGuestX86State*, HWord ); 173 174extern VexEmNote 175 x86g_dirtyhelper_FLDENV ( VexGuestX86State*, HWord ); 176 177 178/*---------------------------------------------------------*/ 179/*--- Condition code stuff ---*/ 180/*---------------------------------------------------------*/ 181 182/* eflags masks */ 183#define X86G_CC_SHIFT_O 11 184#define X86G_CC_SHIFT_S 7 185#define X86G_CC_SHIFT_Z 6 186#define X86G_CC_SHIFT_A 4 187#define X86G_CC_SHIFT_C 0 188#define X86G_CC_SHIFT_P 2 189 190#define X86G_CC_MASK_O (1 << X86G_CC_SHIFT_O) 191#define X86G_CC_MASK_S (1 << X86G_CC_SHIFT_S) 192#define X86G_CC_MASK_Z (1 << X86G_CC_SHIFT_Z) 193#define X86G_CC_MASK_A (1 << X86G_CC_SHIFT_A) 194#define X86G_CC_MASK_C (1 << X86G_CC_SHIFT_C) 195#define X86G_CC_MASK_P (1 << X86G_CC_SHIFT_P) 196 197/* additional eflags masks */ 198#define X86G_CC_SHIFT_ID 21 199#define X86G_CC_SHIFT_AC 18 200#define X86G_CC_SHIFT_D 10 201 202#define X86G_CC_MASK_ID (1 << X86G_CC_SHIFT_ID) 203#define X86G_CC_MASK_AC (1 << X86G_CC_SHIFT_AC) 204#define X86G_CC_MASK_D (1 << X86G_CC_SHIFT_D) 205 206/* FPU flag masks */ 207#define X86G_FC_SHIFT_C3 14 208#define X86G_FC_SHIFT_C2 10 209#define X86G_FC_SHIFT_C1 9 210#define X86G_FC_SHIFT_C0 8 211 212#define X86G_FC_MASK_C3 (1 << X86G_FC_SHIFT_C3) 213#define X86G_FC_MASK_C2 (1 << X86G_FC_SHIFT_C2) 214#define X86G_FC_MASK_C1 (1 << X86G_FC_SHIFT_C1) 215#define X86G_FC_MASK_C0 (1 << X86G_FC_SHIFT_C0) 216 217 218/* %EFLAGS thunk descriptors. A four-word thunk is used to record 219 details of the most recent flag-setting operation, so the flags can 220 be computed later if needed. It is possible to do this a little 221 more efficiently using a 3-word thunk, but that makes it impossible 222 to describe the flag data dependencies sufficiently accurately for 223 Memcheck. Hence 4 words are used, with minimal loss of efficiency. 224 225 The four words are: 226 227 CC_OP, which describes the operation. 228 229 CC_DEP1 and CC_DEP2. These are arguments to the operation. 230 We want Memcheck to believe that the resulting flags are 231 data-dependent on both CC_DEP1 and CC_DEP2, hence the 232 name DEP. 233 234 CC_NDEP. This is a 3rd argument to the operation which is 235 sometimes needed. We arrange things so that Memcheck does 236 not believe the resulting flags are data-dependent on CC_NDEP 237 ("not dependent"). 238 239 To make Memcheck believe that (the definedness of) the encoded 240 flags depends only on (the definedness of) CC_DEP1 and CC_DEP2 241 requires two things: 242 243 (1) In the guest state layout info (x86guest_layout), CC_OP and 244 CC_NDEP are marked as always defined. 245 246 (2) When passing the thunk components to an evaluation function 247 (calculate_condition, calculate_eflags, calculate_eflags_c) the 248 IRCallee's mcx_mask must be set so as to exclude from 249 consideration all passed args except CC_DEP1 and CC_DEP2. 250 251 Strictly speaking only (2) is necessary for correctness. However, 252 (1) helps efficiency in that since (2) means we never ask about the 253 definedness of CC_OP or CC_NDEP, we may as well not even bother to 254 track their definedness. 255 256 When building the thunk, it is always necessary to write words into 257 CC_DEP1 and CC_DEP2, even if those args are not used given the 258 CC_OP field (eg, CC_DEP2 is not used if CC_OP is CC_LOGIC1/2/4). 259 This is important because otherwise Memcheck could give false 260 positives as it does not understand the relationship between the 261 CC_OP field and CC_DEP1 and CC_DEP2, and so believes that the 262 definedness of the stored flags always depends on both CC_DEP1 and 263 CC_DEP2. 264 265 However, it is only necessary to set CC_NDEP when the CC_OP value 266 requires it, because Memcheck ignores CC_NDEP, and the evaluation 267 functions do understand the CC_OP fields and will only examine 268 CC_NDEP for suitable values of CC_OP. 269 270 A summary of the field usages is: 271 272 Operation DEP1 DEP2 NDEP 273 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 274 275 add/sub/mul first arg second arg unused 276 277 adc/sbb first arg (second arg) 278 XOR old_carry old_carry 279 280 and/or/xor result zero unused 281 282 inc/dec result zero old_carry 283 284 shl/shr/sar result subshifted- unused 285 result 286 287 rol/ror result zero old_flags 288 289 copy old_flags zero unused. 290 291 292 Therefore Memcheck will believe the following: 293 294 * add/sub/mul -- definedness of result flags depends on definedness 295 of both args. 296 297 * adc/sbb -- definedness of result flags depends on definedness of 298 both args and definedness of the old C flag. Because only two 299 DEP fields are available, the old C flag is XOR'd into the second 300 arg so that Memcheck sees the data dependency on it. That means 301 the NDEP field must contain a second copy of the old C flag 302 so that the evaluation functions can correctly recover the second 303 arg. 304 305 * and/or/xor are straightforward -- definedness of result flags 306 depends on definedness of result value. 307 308 * inc/dec -- definedness of result flags depends only on 309 definedness of result. This isn't really true -- it also depends 310 on the old C flag. However, we don't want Memcheck to see that, 311 and so the old C flag must be passed in NDEP and not in DEP2. 312 It's inconceivable that a compiler would generate code that puts 313 the C flag in an undefined state, then does an inc/dec, which 314 leaves C unchanged, and then makes a conditional jump/move based 315 on C. So our fiction seems a good approximation. 316 317 * shl/shr/sar -- straightforward, again, definedness of result 318 flags depends on definedness of result value. The subshifted 319 value (value shifted one less) is also needed, but its 320 definedness is the same as the definedness of the shifted value. 321 322 * rol/ror -- these only set O and C, and leave A Z C P alone. 323 However it seems prudent (as per inc/dec) to say the definedness 324 of all resulting flags depends on the definedness of the result, 325 hence the old flags must go in as NDEP and not DEP2. 326 327 * rcl/rcr are too difficult to do in-line, and so are done by a 328 helper function. They are not part of this scheme. The helper 329 function takes the value to be rotated, the rotate amount and the 330 old flags, and returns the new flags and the rotated value. 331 Since the helper's mcx_mask does not have any set bits, Memcheck 332 will lazily propagate undefinedness from any of the 3 args into 333 both results (flags and actual value). 334*/ 335enum { 336 X86G_CC_OP_COPY=0, /* DEP1 = current flags, DEP2 = 0, NDEP = unused */ 337 /* just copy DEP1 to output */ 338 339 X86G_CC_OP_ADDB, /* 1 */ 340 X86G_CC_OP_ADDW, /* 2 DEP1 = argL, DEP2 = argR, NDEP = unused */ 341 X86G_CC_OP_ADDL, /* 3 */ 342 343 X86G_CC_OP_SUBB, /* 4 */ 344 X86G_CC_OP_SUBW, /* 5 DEP1 = argL, DEP2 = argR, NDEP = unused */ 345 X86G_CC_OP_SUBL, /* 6 */ 346 347 X86G_CC_OP_ADCB, /* 7 */ 348 X86G_CC_OP_ADCW, /* 8 DEP1 = argL, DEP2 = argR ^ oldCarry, NDEP = oldCarry */ 349 X86G_CC_OP_ADCL, /* 9 */ 350 351 X86G_CC_OP_SBBB, /* 10 */ 352 X86G_CC_OP_SBBW, /* 11 DEP1 = argL, DEP2 = argR ^ oldCarry, NDEP = oldCarry */ 353 X86G_CC_OP_SBBL, /* 12 */ 354 355 X86G_CC_OP_LOGICB, /* 13 */ 356 X86G_CC_OP_LOGICW, /* 14 DEP1 = result, DEP2 = 0, NDEP = unused */ 357 X86G_CC_OP_LOGICL, /* 15 */ 358 359 X86G_CC_OP_INCB, /* 16 */ 360 X86G_CC_OP_INCW, /* 17 DEP1 = result, DEP2 = 0, NDEP = oldCarry (0 or 1) */ 361 X86G_CC_OP_INCL, /* 18 */ 362 363 X86G_CC_OP_DECB, /* 19 */ 364 X86G_CC_OP_DECW, /* 20 DEP1 = result, DEP2 = 0, NDEP = oldCarry (0 or 1) */ 365 X86G_CC_OP_DECL, /* 21 */ 366 367 X86G_CC_OP_SHLB, /* 22 DEP1 = res, DEP2 = res', NDEP = unused */ 368 X86G_CC_OP_SHLW, /* 23 where res' is like res but shifted one bit less */ 369 X86G_CC_OP_SHLL, /* 24 */ 370 371 X86G_CC_OP_SHRB, /* 25 DEP1 = res, DEP2 = res', NDEP = unused */ 372 X86G_CC_OP_SHRW, /* 26 where res' is like res but shifted one bit less */ 373 X86G_CC_OP_SHRL, /* 27 */ 374 375 X86G_CC_OP_ROLB, /* 28 */ 376 X86G_CC_OP_ROLW, /* 29 DEP1 = res, DEP2 = 0, NDEP = old flags */ 377 X86G_CC_OP_ROLL, /* 30 */ 378 379 X86G_CC_OP_RORB, /* 31 */ 380 X86G_CC_OP_RORW, /* 32 DEP1 = res, DEP2 = 0, NDEP = old flags */ 381 X86G_CC_OP_RORL, /* 33 */ 382 383 X86G_CC_OP_UMULB, /* 34 */ 384 X86G_CC_OP_UMULW, /* 35 DEP1 = argL, DEP2 = argR, NDEP = unused */ 385 X86G_CC_OP_UMULL, /* 36 */ 386 387 X86G_CC_OP_SMULB, /* 37 */ 388 X86G_CC_OP_SMULW, /* 38 DEP1 = argL, DEP2 = argR, NDEP = unused */ 389 X86G_CC_OP_SMULL, /* 39 */ 390 391 X86G_CC_OP_NUMBER 392}; 393 394typedef 395 enum { 396 X86CondO = 0, /* overflow */ 397 X86CondNO = 1, /* no overflow */ 398 399 X86CondB = 2, /* below */ 400 X86CondNB = 3, /* not below */ 401 402 X86CondZ = 4, /* zero */ 403 X86CondNZ = 5, /* not zero */ 404 405 X86CondBE = 6, /* below or equal */ 406 X86CondNBE = 7, /* not below or equal */ 407 408 X86CondS = 8, /* negative */ 409 X86CondNS = 9, /* not negative */ 410 411 X86CondP = 10, /* parity even */ 412 X86CondNP = 11, /* not parity even */ 413 414 X86CondL = 12, /* jump less */ 415 X86CondNL = 13, /* not less */ 416 417 X86CondLE = 14, /* less or equal */ 418 X86CondNLE = 15, /* not less or equal */ 419 420 X86CondAlways = 16 /* HACK */ 421 } 422 X86Condcode; 423 424#endif /* ndef __VEX_GUEST_X86_DEFS_H */ 425 426/*---------------------------------------------------------------*/ 427/*--- end guest_x86_defs.h ---*/ 428/*---------------------------------------------------------------*/ 429