1 2 /*---------------------------------------------------------------*/ 3 /*--- begin guest_x86_defs.h ---*/ 4 /*---------------------------------------------------------------*/ 5 6 /* 7 This file is part of Valgrind, a dynamic binary instrumentation 8 framework. 9 10 Copyright (C) 2004-2013 OpenWorks LLP 11 info@open-works.net 12 13 This program is free software; you can redistribute it and/or 14 modify it under the terms of the GNU General Public License as 15 published by the Free Software Foundation; either version 2 of the 16 License, or (at your option) any later version. 17 18 This program is distributed in the hope that it will be useful, but 19 WITHOUT ANY WARRANTY; without even the implied warranty of 20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 21 General Public License for more details. 22 23 You should have received a copy of the GNU General Public License 24 along with this program; if not, write to the Free Software 25 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 26 02110-1301, USA. 27 28 The GNU General Public License is contained in the file COPYING. 29 30 Neither the names of the U.S. Department of Energy nor the 31 University of California nor the names of its contributors may be 32 used to endorse or promote products derived from this software 33 without prior written permission. 34 */ 35 36 /* Only to be used within the guest-x86 directory. */ 37 38 #ifndef __VEX_GUEST_X86_DEFS_H 39 #define __VEX_GUEST_X86_DEFS_H 40 41 #include "libvex_basictypes.h" 42 #include "libvex_guest_x86.h" // VexGuestX86State 43 #include "libvex_emnote.h" // VexEmNote 44 #include "guest_generic_bb_to_IR.h" // DisResult 45 46 /*---------------------------------------------------------*/ 47 /*--- x86 to IR conversion ---*/ 48 /*---------------------------------------------------------*/ 49 50 /* Convert one x86 insn to IR. See the type DisOneInstrFn in 51 bb_to_IR.h. */ 52 extern 53 DisResult disInstr_X86 ( IRSB* irbb, 54 Bool (*resteerOkFn) ( void*, Addr ), 55 Bool resteerCisOk, 56 void* callback_opaque, 57 const UChar* guest_code, 58 Long delta, 59 Addr guest_IP, 60 VexArch guest_arch, 61 const VexArchInfo* archinfo, 62 const VexAbiInfo* abiinfo, 63 VexEndness host_endness, 64 Bool sigill_diag ); 65 66 /* Used by the optimiser to specialise calls to helpers. */ 67 extern 68 IRExpr* guest_x86_spechelper ( const HChar* function_name, 69 IRExpr** args, 70 IRStmt** precedingStmts, 71 Int n_precedingStmts ); 72 73 /* Describes to the optimiser which part of the guest state require 74 precise memory exceptions. This is logically part of the guest 75 state description. */ 76 extern 77 Bool guest_x86_state_requires_precise_mem_exns ( Int, Int, 78 VexRegisterUpdates ); 79 80 extern 81 VexGuestLayout x86guest_layout; 82 83 84 /*---------------------------------------------------------*/ 85 /*--- x86 guest helpers ---*/ 86 /*---------------------------------------------------------*/ 87 88 /* --- CLEAN HELPERS --- */ 89 90 extern UInt x86g_calculate_eflags_all ( 91 UInt cc_op, UInt cc_dep1, UInt cc_dep2, UInt cc_ndep 92 ); 93 94 VEX_REGPARM(3) 95 extern UInt x86g_calculate_eflags_c ( 96 UInt cc_op, UInt cc_dep1, UInt cc_dep2, UInt cc_ndep 97 ); 98 99 extern UInt x86g_calculate_condition ( 100 UInt/*X86Condcode*/ cond, 101 UInt cc_op, 102 UInt cc_dep1, UInt cc_dep2, UInt cc_ndep 103 ); 104 105 extern UInt x86g_calculate_FXAM ( UInt tag, ULong dbl ); 106 107 extern ULong x86g_calculate_RCR ( 108 UInt arg, UInt rot_amt, UInt eflags_in, UInt sz 109 ); 110 extern ULong x86g_calculate_RCL ( 111 UInt arg, UInt rot_amt, UInt eflags_in, UInt sz 112 ); 113 114 extern UInt x86g_calculate_daa_das_aaa_aas ( UInt AX_and_flags, UInt opcode ); 115 116 extern UInt x86g_calculate_aad_aam ( UInt AX_and_flags, UInt opcode ); 117 118 extern ULong x86g_check_fldcw ( UInt fpucw ); 119 120 extern UInt x86g_create_fpucw ( UInt fpround ); 121 122 extern ULong x86g_check_ldmxcsr ( UInt mxcsr ); 123 124 extern UInt x86g_create_mxcsr ( UInt sseround ); 125 126 127 /* Translate a guest virtual_addr into a guest linear address by 128 consulting the supplied LDT/GDT structures. Their representation 129 must be as specified in pub/libvex_guest_x86.h. To indicate a 130 translation failure, 1<<32 is returned. On success, the lower 32 131 bits of the returned result indicate the linear address. 132 */ 133 extern 134 ULong x86g_use_seg_selector ( HWord ldt, HWord gdt, 135 UInt seg_selector, UInt virtual_addr ); 136 137 extern ULong x86g_calculate_mmx_pmaddwd ( ULong, ULong ); 138 extern ULong x86g_calculate_mmx_psadbw ( ULong, ULong ); 139 140 141 /* --- DIRTY HELPERS --- */ 142 143 extern ULong x86g_dirtyhelper_loadF80le ( Addr ); 144 145 extern void x86g_dirtyhelper_storeF80le ( Addr, ULong ); 146 147 extern void x86g_dirtyhelper_CPUID_sse0 ( VexGuestX86State* ); 148 extern void x86g_dirtyhelper_CPUID_mmxext ( VexGuestX86State* ); 149 extern void x86g_dirtyhelper_CPUID_sse1 ( VexGuestX86State* ); 150 extern void x86g_dirtyhelper_CPUID_sse2 ( VexGuestX86State* ); 151 152 extern void x86g_dirtyhelper_FINIT ( VexGuestX86State* ); 153 154 extern void x86g_dirtyhelper_FXSAVE ( VexGuestX86State*, HWord ); 155 extern void x86g_dirtyhelper_FSAVE ( VexGuestX86State*, HWord ); 156 extern void x86g_dirtyhelper_FSTENV ( VexGuestX86State*, HWord ); 157 158 extern ULong x86g_dirtyhelper_RDTSC ( void ); 159 160 extern UInt x86g_dirtyhelper_IN ( UInt portno, UInt sz/*1,2 or 4*/ ); 161 extern void x86g_dirtyhelper_OUT ( UInt portno, UInt data, 162 UInt sz/*1,2 or 4*/ ); 163 164 extern void x86g_dirtyhelper_SxDT ( void* address, 165 UInt op /* 0 or 1 */ ); 166 167 extern VexEmNote 168 x86g_dirtyhelper_FXRSTOR ( VexGuestX86State*, HWord ); 169 170 extern VexEmNote 171 x86g_dirtyhelper_FRSTOR ( VexGuestX86State*, HWord ); 172 173 extern VexEmNote 174 x86g_dirtyhelper_FLDENV ( VexGuestX86State*, HWord ); 175 176 177 /*---------------------------------------------------------*/ 178 /*--- Condition code stuff ---*/ 179 /*---------------------------------------------------------*/ 180 181 /* eflags masks */ 182 #define X86G_CC_SHIFT_O 11 183 #define X86G_CC_SHIFT_S 7 184 #define X86G_CC_SHIFT_Z 6 185 #define X86G_CC_SHIFT_A 4 186 #define X86G_CC_SHIFT_C 0 187 #define X86G_CC_SHIFT_P 2 188 189 #define X86G_CC_MASK_O (1 << X86G_CC_SHIFT_O) 190 #define X86G_CC_MASK_S (1 << X86G_CC_SHIFT_S) 191 #define X86G_CC_MASK_Z (1 << X86G_CC_SHIFT_Z) 192 #define X86G_CC_MASK_A (1 << X86G_CC_SHIFT_A) 193 #define X86G_CC_MASK_C (1 << X86G_CC_SHIFT_C) 194 #define X86G_CC_MASK_P (1 << X86G_CC_SHIFT_P) 195 196 /* FPU flag masks */ 197 #define X86G_FC_SHIFT_C3 14 198 #define X86G_FC_SHIFT_C2 10 199 #define X86G_FC_SHIFT_C1 9 200 #define X86G_FC_SHIFT_C0 8 201 202 #define X86G_FC_MASK_C3 (1 << X86G_FC_SHIFT_C3) 203 #define X86G_FC_MASK_C2 (1 << X86G_FC_SHIFT_C2) 204 #define X86G_FC_MASK_C1 (1 << X86G_FC_SHIFT_C1) 205 #define X86G_FC_MASK_C0 (1 << X86G_FC_SHIFT_C0) 206 207 208 /* %EFLAGS thunk descriptors. A four-word thunk is used to record 209 details of the most recent flag-setting operation, so the flags can 210 be computed later if needed. It is possible to do this a little 211 more efficiently using a 3-word thunk, but that makes it impossible 212 to describe the flag data dependencies sufficiently accurately for 213 Memcheck. Hence 4 words are used, with minimal loss of efficiency. 214 215 The four words are: 216 217 CC_OP, which describes the operation. 218 219 CC_DEP1 and CC_DEP2. These are arguments to the operation. 220 We want Memcheck to believe that the resulting flags are 221 data-dependent on both CC_DEP1 and CC_DEP2, hence the 222 name DEP. 223 224 CC_NDEP. This is a 3rd argument to the operation which is 225 sometimes needed. We arrange things so that Memcheck does 226 not believe the resulting flags are data-dependent on CC_NDEP 227 ("not dependent"). 228 229 To make Memcheck believe that (the definedness of) the encoded 230 flags depends only on (the definedness of) CC_DEP1 and CC_DEP2 231 requires two things: 232 233 (1) In the guest state layout info (x86guest_layout), CC_OP and 234 CC_NDEP are marked as always defined. 235 236 (2) When passing the thunk components to an evaluation function 237 (calculate_condition, calculate_eflags, calculate_eflags_c) the 238 IRCallee's mcx_mask must be set so as to exclude from 239 consideration all passed args except CC_DEP1 and CC_DEP2. 240 241 Strictly speaking only (2) is necessary for correctness. However, 242 (1) helps efficiency in that since (2) means we never ask about the 243 definedness of CC_OP or CC_NDEP, we may as well not even bother to 244 track their definedness. 245 246 When building the thunk, it is always necessary to write words into 247 CC_DEP1 and CC_DEP2, even if those args are not used given the 248 CC_OP field (eg, CC_DEP2 is not used if CC_OP is CC_LOGIC1/2/4). 249 This is important because otherwise Memcheck could give false 250 positives as it does not understand the relationship between the 251 CC_OP field and CC_DEP1 and CC_DEP2, and so believes that the 252 definedness of the stored flags always depends on both CC_DEP1 and 253 CC_DEP2. 254 255 However, it is only necessary to set CC_NDEP when the CC_OP value 256 requires it, because Memcheck ignores CC_NDEP, and the evaluation 257 functions do understand the CC_OP fields and will only examine 258 CC_NDEP for suitable values of CC_OP. 259 260 A summary of the field usages is: 261 262 Operation DEP1 DEP2 NDEP 263 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 264 265 add/sub/mul first arg second arg unused 266 267 adc/sbb first arg (second arg) 268 XOR old_carry old_carry 269 270 and/or/xor result zero unused 271 272 inc/dec result zero old_carry 273 274 shl/shr/sar result subshifted- unused 275 result 276 277 rol/ror result zero old_flags 278 279 copy old_flags zero unused. 280 281 282 Therefore Memcheck will believe the following: 283 284 * add/sub/mul -- definedness of result flags depends on definedness 285 of both args. 286 287 * adc/sbb -- definedness of result flags depends on definedness of 288 both args and definedness of the old C flag. Because only two 289 DEP fields are available, the old C flag is XOR'd into the second 290 arg so that Memcheck sees the data dependency on it. That means 291 the NDEP field must contain a second copy of the old C flag 292 so that the evaluation functions can correctly recover the second 293 arg. 294 295 * and/or/xor are straightforward -- definedness of result flags 296 depends on definedness of result value. 297 298 * inc/dec -- definedness of result flags depends only on 299 definedness of result. This isn't really true -- it also depends 300 on the old C flag. However, we don't want Memcheck to see that, 301 and so the old C flag must be passed in NDEP and not in DEP2. 302 It's inconceivable that a compiler would generate code that puts 303 the C flag in an undefined state, then does an inc/dec, which 304 leaves C unchanged, and then makes a conditional jump/move based 305 on C. So our fiction seems a good approximation. 306 307 * shl/shr/sar -- straightforward, again, definedness of result 308 flags depends on definedness of result value. The subshifted 309 value (value shifted one less) is also needed, but its 310 definedness is the same as the definedness of the shifted value. 311 312 * rol/ror -- these only set O and C, and leave A Z C P alone. 313 However it seems prudent (as per inc/dec) to say the definedness 314 of all resulting flags depends on the definedness of the result, 315 hence the old flags must go in as NDEP and not DEP2. 316 317 * rcl/rcr are too difficult to do in-line, and so are done by a 318 helper function. They are not part of this scheme. The helper 319 function takes the value to be rotated, the rotate amount and the 320 old flags, and returns the new flags and the rotated value. 321 Since the helper's mcx_mask does not have any set bits, Memcheck 322 will lazily propagate undefinedness from any of the 3 args into 323 both results (flags and actual value). 324 */ 325 enum { 326 X86G_CC_OP_COPY=0, /* DEP1 = current flags, DEP2 = 0, NDEP = unused */ 327 /* just copy DEP1 to output */ 328 329 X86G_CC_OP_ADDB, /* 1 */ 330 X86G_CC_OP_ADDW, /* 2 DEP1 = argL, DEP2 = argR, NDEP = unused */ 331 X86G_CC_OP_ADDL, /* 3 */ 332 333 X86G_CC_OP_SUBB, /* 4 */ 334 X86G_CC_OP_SUBW, /* 5 DEP1 = argL, DEP2 = argR, NDEP = unused */ 335 X86G_CC_OP_SUBL, /* 6 */ 336 337 X86G_CC_OP_ADCB, /* 7 */ 338 X86G_CC_OP_ADCW, /* 8 DEP1 = argL, DEP2 = argR ^ oldCarry, NDEP = oldCarry */ 339 X86G_CC_OP_ADCL, /* 9 */ 340 341 X86G_CC_OP_SBBB, /* 10 */ 342 X86G_CC_OP_SBBW, /* 11 DEP1 = argL, DEP2 = argR ^ oldCarry, NDEP = oldCarry */ 343 X86G_CC_OP_SBBL, /* 12 */ 344 345 X86G_CC_OP_LOGICB, /* 13 */ 346 X86G_CC_OP_LOGICW, /* 14 DEP1 = result, DEP2 = 0, NDEP = unused */ 347 X86G_CC_OP_LOGICL, /* 15 */ 348 349 X86G_CC_OP_INCB, /* 16 */ 350 X86G_CC_OP_INCW, /* 17 DEP1 = result, DEP2 = 0, NDEP = oldCarry (0 or 1) */ 351 X86G_CC_OP_INCL, /* 18 */ 352 353 X86G_CC_OP_DECB, /* 19 */ 354 X86G_CC_OP_DECW, /* 20 DEP1 = result, DEP2 = 0, NDEP = oldCarry (0 or 1) */ 355 X86G_CC_OP_DECL, /* 21 */ 356 357 X86G_CC_OP_SHLB, /* 22 DEP1 = res, DEP2 = res', NDEP = unused */ 358 X86G_CC_OP_SHLW, /* 23 where res' is like res but shifted one bit less */ 359 X86G_CC_OP_SHLL, /* 24 */ 360 361 X86G_CC_OP_SHRB, /* 25 DEP1 = res, DEP2 = res', NDEP = unused */ 362 X86G_CC_OP_SHRW, /* 26 where res' is like res but shifted one bit less */ 363 X86G_CC_OP_SHRL, /* 27 */ 364 365 X86G_CC_OP_ROLB, /* 28 */ 366 X86G_CC_OP_ROLW, /* 29 DEP1 = res, DEP2 = 0, NDEP = old flags */ 367 X86G_CC_OP_ROLL, /* 30 */ 368 369 X86G_CC_OP_RORB, /* 31 */ 370 X86G_CC_OP_RORW, /* 32 DEP1 = res, DEP2 = 0, NDEP = old flags */ 371 X86G_CC_OP_RORL, /* 33 */ 372 373 X86G_CC_OP_UMULB, /* 34 */ 374 X86G_CC_OP_UMULW, /* 35 DEP1 = argL, DEP2 = argR, NDEP = unused */ 375 X86G_CC_OP_UMULL, /* 36 */ 376 377 X86G_CC_OP_SMULB, /* 37 */ 378 X86G_CC_OP_SMULW, /* 38 DEP1 = argL, DEP2 = argR, NDEP = unused */ 379 X86G_CC_OP_SMULL, /* 39 */ 380 381 X86G_CC_OP_NUMBER 382 }; 383 384 typedef 385 enum { 386 X86CondO = 0, /* overflow */ 387 X86CondNO = 1, /* no overflow */ 388 389 X86CondB = 2, /* below */ 390 X86CondNB = 3, /* not below */ 391 392 X86CondZ = 4, /* zero */ 393 X86CondNZ = 5, /* not zero */ 394 395 X86CondBE = 6, /* below or equal */ 396 X86CondNBE = 7, /* not below or equal */ 397 398 X86CondS = 8, /* negative */ 399 X86CondNS = 9, /* not negative */ 400 401 X86CondP = 10, /* parity even */ 402 X86CondNP = 11, /* not parity even */ 403 404 X86CondL = 12, /* jump less */ 405 X86CondNL = 13, /* not less */ 406 407 X86CondLE = 14, /* less or equal */ 408 X86CondNLE = 15, /* not less or equal */ 409 410 X86CondAlways = 16 /* HACK */ 411 } 412 X86Condcode; 413 414 #endif /* ndef __VEX_GUEST_X86_DEFS_H */ 415 416 /*---------------------------------------------------------------*/ 417 /*--- end guest_x86_defs.h ---*/ 418 /*---------------------------------------------------------------*/ 419