Bochs/bochs/cpu/exception.cc
Peter Tattam b968c4e5c8 Latest round of patches/fixups to get 64 bit emulation further.
This is an interim update to allow others to test.

We have userland code running!!! (up to a point)

Able to start executing "sash" as /sbin/init in userland from linux 64 bit
kernel until it crashes trying to access a null pointer.  No kernel panics
though, just a segfault loop.
2002-10-08 14:43:18 +00:00

1325 lines
41 KiB
C++

/////////////////////////////////////////////////////////////////////////
// $Id: exception.cc,v 1.28 2002-10-08 14:43:18 ptrumpet Exp $
/////////////////////////////////////////////////////////////////////////
//
// Copyright (C) 2001 MandrakeSoft S.A.
//
// MandrakeSoft S.A.
// 43, rue d'Aboukir
// 75002 Paris - France
// http://www.linux-mandrake.com/
// http://www.mandrakesoft.com/
//
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public
// License as published by the Free Software Foundation; either
// version 2 of the License, or (at your option) any later version.
//
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#define NEED_CPU_REG_SHORTCUTS 1
#include "bochs.h"
#define LOG_THIS BX_CPU_THIS_PTR
/* Exception classes. These are used as indexes into the 'is_exception_OK'
* array below, and are stored in the 'exception' array also
*/
#define BX_ET_BENIGN 0
#define BX_ET_CONTRIBUTORY 1
#define BX_ET_PAGE_FAULT 2
#define BX_ET_DOUBLE_FAULT 10
const Boolean BX_CPU_C::is_exception_OK[3][3] = {
{ 1, 1, 1 }, /* 1st exception is BENIGN */
{ 1, 0, 1 }, /* 1st exception is CONTRIBUTORY */
{ 1, 0, 0 } /* 1st exception is PAGE_FAULT */
};
void
BX_CPU_C::interrupt(Bit8u vector, Boolean is_INT, Boolean is_error_code,
Bit16u error_code)
{
#if BX_DEBUGGER
if (bx_guard.special_unwind_stack) {
BX_INFO (("interrupt() returning early because special_unwind_stack is set"));
return;
}
BX_CPU_THIS_PTR show_flag |= Flag_intsig;
#if BX_DEBUG_LINUX
if (bx_dbg.linux_syscall) {
if (vector == 0x80) bx_dbg_linux_syscall ();
}
#endif
#endif
//BX_DEBUG(( "::interrupt(%u)", vector ));
BX_INSTR_INTERRUPT(CPU_ID, vector);
invalidate_prefetch_q();
// Discard any traps and inhibits for new context; traps will
// resume upon return.
BX_CPU_THIS_PTR debug_trap = 0;
BX_CPU_THIS_PTR inhibit_mask = 0;
#if BX_CPU_LEVEL >= 2
// unsigned prev_errno;
BX_DEBUG(("interrupt(): vector = %u, INT = %u, EXT = %u",
(unsigned) vector, (unsigned) is_INT, (unsigned) BX_CPU_THIS_PTR EXT));
BX_CPU_THIS_PTR save_cs = BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS];
BX_CPU_THIS_PTR save_ss = BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS];
BX_CPU_THIS_PTR save_eip = EIP;
BX_CPU_THIS_PTR save_esp = ESP;
// prev_errno = BX_CPU_THIS_PTR errorno;
#if BX_SUPPORT_X86_64
if (BX_CPU_THIS_PTR msr.lma) {
// long mode interrupt
Bit64u idtindex;
Bit32u save_upper;
Bit32u dword1, dword2, dword3;
bx_descriptor_t gate_descriptor, cs_descriptor;
bx_selector_t cs_selector;
Bit16u gate_dest_selector;
Bit64u gate_dest_offset;
// interrupt vector must be within IDT table limits,
// else #GP(vector number*16 + 2 + EXT)
idtindex = vector*16;
if ( (idtindex + 15) > BX_CPU_THIS_PTR idtr.limit) {
BX_DEBUG(("IDT.limit = %04x", (unsigned) BX_CPU_THIS_PTR idtr.limit));
BX_DEBUG(("IDT.base = %06x", (unsigned) BX_CPU_THIS_PTR idtr.base));
BX_DEBUG(("interrupt vector must be within IDT table limits"));
BX_DEBUG(("bailing"));
BX_DEBUG(("interrupt(): vector > idtr.limit"));
exception(BX_GP_EXCEPTION, vector*16 + 2, 0);
}
// descriptor AR byte must indicate interrupt gate, trap gate,
// or task gate, else #GP(vector*8 + 2 + EXT)
idtindex += BX_CPU_THIS_PTR idtr.base;
access_linear(idtindex, 4, 0,
BX_READ, &dword1);
access_linear(idtindex + 4, 4, 0,
BX_READ, &dword2);
access_linear(idtindex + 8, 4, 0,
BX_READ, &dword3);
parse_descriptor(dword1, dword2, &gate_descriptor);
if ( (gate_descriptor.valid==0) || gate_descriptor.segment) {
BX_DEBUG(("interrupt(): gate descriptor is not valid sys seg"));
exception(BX_GP_EXCEPTION, vector*8 + 2, 0);
}
switch (gate_descriptor.type) {
//case 5: // task gate
//case 6: // 286 interrupt gate
//case 7: // 286 trap gate
case 14: // 386 interrupt gate
case 15: // 386 trap gate
break;
default:
BX_DEBUG(("interrupt(): gate.type(%u) != {5,6,7,14,15}",
(unsigned) gate_descriptor.type));
exception(BX_GP_EXCEPTION, vector*8 + 2, 0);
return;
}
// if software interrupt, then gate descripor DPL must be >= CPL,
// else #GP(vector * 8 + 2 + EXT)
if (is_INT && (gate_descriptor.dpl < CPL)) {
/* ??? */
BX_DEBUG(("interrupt(): is_INT && (dpl < CPL)"));
exception(BX_GP_EXCEPTION, vector*8 + 2, 0);
return;
}
// Gate must be present, else #NP(vector * 8 + 2 + EXT)
if (gate_descriptor.p == 0) {
BX_DEBUG(("interrupt(): p == 0"));
exception(BX_NP_EXCEPTION, vector*8 + 2, 0);
}
gate_dest_selector = gate_descriptor.u.gate386.dest_selector;
gate_dest_offset = ((Bit64u)dword3 << 32) +
gate_descriptor.u.gate386.dest_offset;
// examine CS selector and descriptor given in gate descriptor
// selector must be non-null else #GP(EXT)
if ( (gate_dest_selector & 0xfffc) == 0 ) {
BX_PANIC(("int_trap_gate(): selector null"));
exception(BX_GP_EXCEPTION, 0, 0);
}
parse_selector(gate_dest_selector, &cs_selector);
// selector must be within its descriptor table limits
// else #GP(selector+EXT)
fetch_raw_descriptor(&cs_selector, &dword1, &dword2,
BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &cs_descriptor);
// descriptor AR byte must indicate code seg
// and code segment descriptor DPL<=CPL, else #GP(selector+EXT)
if ( cs_descriptor.valid==0 ||
cs_descriptor.segment==0 ||
cs_descriptor.u.segment.executable==0 ||
cs_descriptor.dpl>CPL
) {
BX_DEBUG(("interrupt(): not code segment"));
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc, 0);
}
// check that it's a 64 bit segment
if ( cs_descriptor.u.segment.l == 0 ||
cs_descriptor.u.segment.d_b == 1) {
BX_DEBUG(("interrupt(): must be 64 bit segment"));
exception(BX_GP_EXCEPTION, vector, 0);
}
// segment must be present, else #NP(selector + EXT)
if ( cs_descriptor.p==0 ) {
BX_DEBUG(("interrupt(): segment not present"));
exception(BX_NP_EXCEPTION, cs_selector.value & 0xfffc, 0);
}
// if code segment is non-conforming and DPL < CPL then
// INTERRUPT TO INNER PRIVILEGE:
if ( cs_descriptor.u.segment.c_ed==0 && cs_descriptor.dpl<CPL ) {
Bit16u old_SS, old_CS;
Bit64u RSP_for_cpl_x, old_RIP, old_RSP;
bx_descriptor_t ss_descriptor;
bx_selector_t ss_selector;
int bytes;
BX_DEBUG(("interrupt(): INTERRUPT TO INNER PRIVILEGE"));
// check selector and descriptor for new stack in current TSS
get_RSP_from_TSS(cs_descriptor.dpl,&RSP_for_cpl_x);
// set up a null descriptor
parse_selector(0,&ss_selector);
parse_descriptor(0,0,&ss_descriptor);
// 386 int/trap gate
// new stack must have room for 40|48 bytes, else #SS(0)
//if ( is_error_code )
// bytes = 48;
//else
// bytes = 40;
old_RSP = RSP;
// load new RSP values from TSS
load_ss(&ss_selector, &ss_descriptor, cs_descriptor.dpl);
RSP = RSP_for_cpl_x;
// load new CS:IP values from gate
// set CPL to new code segment DPL
CPL = cs_descriptor.dpl;
// set RPL of CS to CPL
// push long pointer to old stack onto new stack
// align ESP
push_64(BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].selector.value);
push_64(old_RSP);
// push EFLAGS
push_64(read_eflags());
// push long pointer to return address onto new stack
push_64(BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value);
push_64(RIP);
if ( is_error_code )
push_64(error_code);
load_cs(&cs_selector, &cs_descriptor, cs_descriptor.dpl);
RIP = gate_dest_offset;
// if INTERRUPT GATE set IF to 0
if ( !(gate_descriptor.type & 1) ) // even is int-gate
BX_CPU_THIS_PTR clear_IF ();
BX_CPU_THIS_PTR clear_TF ();
BX_CPU_THIS_PTR clear_VM ();
BX_CPU_THIS_PTR clear_RF ();
BX_CPU_THIS_PTR clear_NT ();
return;
}
// if code segment is conforming OR code segment DPL = CPL then
// INTERRUPT TO SAME PRIVILEGE LEVEL:
if ( cs_descriptor.u.segment.c_ed==1 || cs_descriptor.dpl==CPL ) {
Bit64u old_RSP;
BX_DEBUG(("int_trap_gate286(): INTERRUPT TO SAME PRIVILEGE"));
old_RSP = RSP;
// align stack
RSP = RSP & BX_CONST64(0xfffffffffffffff0);
// push flags onto stack
// push current CS selector onto stack
// push return offset onto stack
push_64(BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].selector.value);
push_64(old_RSP);
push_64(read_eflags());
push_64(BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value);
push_64(RIP);
if ( is_error_code )
push_64(error_code);
// load CS:IP from gate
// load CS descriptor
// set the RPL field of CS to CPL
load_cs(&cs_selector, &cs_descriptor, CPL);
RIP = gate_dest_offset;
// if interrupt gate then set IF to 0
if ( !(gate_descriptor.type & 1) ) // even is int-gate
BX_CPU_THIS_PTR clear_IF ();
BX_CPU_THIS_PTR clear_TF ();
BX_CPU_THIS_PTR clear_VM ();
BX_CPU_THIS_PTR clear_RF ();
BX_CPU_THIS_PTR clear_NT ();
return;
}
// else #GP(CS selector + ext)
BX_DEBUG(("interrupt: bad descriptor"));
BX_DEBUG(("c_ed=%u, descriptor.dpl=%u, CPL=%u",
(unsigned) cs_descriptor.u.segment.c_ed,
(unsigned) cs_descriptor.dpl,
(unsigned) CPL));
BX_DEBUG(("cs.segment = %u", (unsigned) cs_descriptor.segment));
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc, 0);
}
else
#endif // #if BX_SUPPORT_X86_64
if(!real_mode()) {
Bit32u dword1, dword2;
bx_descriptor_t gate_descriptor, cs_descriptor;
bx_selector_t cs_selector;
Bit16u raw_tss_selector;
bx_selector_t tss_selector;
bx_descriptor_t tss_descriptor;
Bit16u gate_dest_selector;
Bit32u gate_dest_offset;
// interrupt vector must be within IDT table limits,
// else #GP(vector number*8 + 2 + EXT)
if ( (vector*8 + 7) > BX_CPU_THIS_PTR idtr.limit) {
BX_DEBUG(("IDT.limit = %04x", (unsigned) BX_CPU_THIS_PTR idtr.limit));
BX_DEBUG(("IDT.base = %06x", (unsigned) BX_CPU_THIS_PTR idtr.base));
BX_DEBUG(("interrupt vector must be within IDT table limits"));
BX_DEBUG(("bailing"));
BX_DEBUG(("interrupt(): vector > idtr.limit"));
exception(BX_GP_EXCEPTION, vector*8 + 2, 0);
}
// descriptor AR byte must indicate interrupt gate, trap gate,
// or task gate, else #GP(vector*8 + 2 + EXT)
access_linear(BX_CPU_THIS_PTR idtr.base + vector*8, 4, 0,
BX_READ, &dword1);
access_linear(BX_CPU_THIS_PTR idtr.base + vector*8 + 4, 4, 0,
BX_READ, &dword2);
parse_descriptor(dword1, dword2, &gate_descriptor);
if ( (gate_descriptor.valid==0) || gate_descriptor.segment) {
BX_DEBUG(("interrupt(): gate descriptor is not valid sys seg"));
exception(BX_GP_EXCEPTION, vector*8 + 2, 0);
}
switch (gate_descriptor.type) {
case 5: // task gate
case 6: // 286 interrupt gate
case 7: // 286 trap gate
case 14: // 386 interrupt gate
case 15: // 386 trap gate
break;
default:
BX_DEBUG(("interrupt(): gate.type(%u) != {5,6,7,14,15}",
(unsigned) gate_descriptor.type));
exception(BX_GP_EXCEPTION, vector*8 + 2, 0);
return;
}
// if software interrupt, then gate descripor DPL must be >= CPL,
// else #GP(vector * 8 + 2 + EXT)
if (is_INT && (gate_descriptor.dpl < CPL)) {
/* ??? */
BX_DEBUG(("interrupt(): is_INT && (dpl < CPL)"));
exception(BX_GP_EXCEPTION, vector*8 + 2, 0);
return;
}
// Gate must be present, else #NP(vector * 8 + 2 + EXT)
if (gate_descriptor.p == 0) {
BX_DEBUG(("interrupt(): p == 0"));
exception(BX_NP_EXCEPTION, vector*8 + 2, 0);
}
switch (gate_descriptor.type) {
case 5: // 286/386 task gate
// examine selector to TSS, given in task gate descriptor
raw_tss_selector = gate_descriptor.u.taskgate.tss_selector;
parse_selector(raw_tss_selector, &tss_selector);
// must specify global in the local/global bit,
// else #TS(TSS selector)
// +++
// 486/Pent books say #TSS(selector)
// PPro+ says #GP(selector)
if (tss_selector.ti) {
BX_PANIC(("interrupt: tss_selector.ti=1"));
exception(BX_TS_EXCEPTION, raw_tss_selector & 0xfffc, 0);
return;
}
// index must be within GDT limits, else #TS(TSS selector)
fetch_raw_descriptor(&tss_selector, &dword1, &dword2,
BX_TS_EXCEPTION);
// AR byte must specify available TSS,
// else #TS(TSS selector)
parse_descriptor(dword1, dword2, &tss_descriptor);
if (tss_descriptor.valid==0 || tss_descriptor.segment) {
BX_PANIC(("exception: TSS selector points to bad TSS"));
exception(BX_TS_EXCEPTION, raw_tss_selector & 0xfffc, 0);
return;
}
if (tss_descriptor.type!=9 && tss_descriptor.type!=1) {
BX_PANIC(("exception: TSS selector points to bad TSS"));
exception(BX_TS_EXCEPTION, raw_tss_selector & 0xfffc, 0);
return;
}
// TSS must be present, else #NP(TSS selector)
// done in task_switch()
// switch tasks with nesting to TSS
task_switch(&tss_selector, &tss_descriptor,
BX_TASK_FROM_CALL_OR_INT, dword1, dword2);
// if interrupt was caused by fault with error code
// stack limits must allow push of 2 more bytes, else #SS(0)
// push error code onto stack
//??? push_16 vs push_32
if ( is_error_code ) {
//if (tss_descriptor.type==9)
if (BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].cache.u.segment.d_b)
push_32(error_code);
else
push_16(error_code);
}
// instruction pointer must be in CS limit, else #GP(0)
//if (EIP > cs_descriptor.u.segment.limit_scaled) {}
if (EIP > BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].cache.u.segment.limit_scaled) {
BX_PANIC(("exception(): eIP > CS.limit"));
exception(BX_GP_EXCEPTION, 0x0000, 0);
}
return;
break;
case 6: // 286 interrupt gate
case 7: // 286 trap gate
case 14: // 386 interrupt gate
case 15: // 386 trap gate
if ( gate_descriptor.type >= 14 ) { // 386 gate
gate_dest_selector = gate_descriptor.u.gate386.dest_selector;
gate_dest_offset = gate_descriptor.u.gate386.dest_offset;
}
else { // 286 gate
gate_dest_selector = gate_descriptor.u.gate286.dest_selector;
gate_dest_offset = gate_descriptor.u.gate286.dest_offset;
}
// examine CS selector and descriptor given in gate descriptor
// selector must be non-null else #GP(EXT)
if ( (gate_dest_selector & 0xfffc) == 0 ) {
BX_PANIC(("int_trap_gate(): selector null"));
exception(BX_GP_EXCEPTION, 0, 0);
}
parse_selector(gate_dest_selector, &cs_selector);
// selector must be within its descriptor table limits
// else #GP(selector+EXT)
fetch_raw_descriptor(&cs_selector, &dword1, &dword2,
BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &cs_descriptor);
// descriptor AR byte must indicate code seg
// and code segment descriptor DPL<=CPL, else #GP(selector+EXT)
if ( cs_descriptor.valid==0 ||
cs_descriptor.segment==0 ||
cs_descriptor.u.segment.executable==0 ||
cs_descriptor.dpl>CPL ) {
BX_DEBUG(("interrupt(): not code segment"));
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc, 0);
}
// segment must be present, else #NP(selector + EXT)
if ( cs_descriptor.p==0 ) {
BX_DEBUG(("interrupt(): segment not present"));
exception(BX_NP_EXCEPTION, cs_selector.value & 0xfffc, 0);
}
// if code segment is non-conforming and DPL < CPL then
// INTERRUPT TO INNER PRIVILEGE:
if ( cs_descriptor.u.segment.c_ed==0 && cs_descriptor.dpl<CPL ) {
Bit16u old_SS, old_CS, SS_for_cpl_x;
Bit32u ESP_for_cpl_x, old_EIP, old_ESP;
bx_descriptor_t ss_descriptor;
bx_selector_t ss_selector;
int bytes;
BX_DEBUG(("interrupt(): INTERRUPT TO INNER PRIVILEGE"));
// check selector and descriptor for new stack in current TSS
get_SS_ESP_from_TSS(cs_descriptor.dpl,
&SS_for_cpl_x, &ESP_for_cpl_x);
// Selector must be non-null else #TS(EXT)
if ( (SS_for_cpl_x & 0xfffc) == 0 ) {
BX_PANIC(("interrupt(): SS selector null"));
/* TS(ext) */
exception(BX_TS_EXCEPTION, 0, 0);
}
// selector index must be within its descriptor table limits
// else #TS(SS selector + EXT)
parse_selector(SS_for_cpl_x, &ss_selector);
// fetch 2 dwords of descriptor; call handles out of limits checks
fetch_raw_descriptor(&ss_selector, &dword1, &dword2,
BX_TS_EXCEPTION);
parse_descriptor(dword1, dword2, &ss_descriptor);
// selector rpl must = dpl of code segment,
// else #TS(SS selector + ext)
if (ss_selector.rpl != cs_descriptor.dpl) {
BX_PANIC(("interrupt(): SS.rpl != CS.dpl"));
exception(BX_TS_EXCEPTION, SS_for_cpl_x & 0xfffc, 0);
}
// stack seg DPL must = DPL of code segment,
// else #TS(SS selector + ext)
if (ss_descriptor.dpl != cs_descriptor.dpl) {
BX_PANIC(("interrupt(): SS.dpl != CS.dpl"));
exception(BX_TS_EXCEPTION, SS_for_cpl_x & 0xfffc, 0);
}
// descriptor must indicate writable data segment,
// else #TS(SS selector + EXT)
if (ss_descriptor.valid==0 ||
ss_descriptor.segment==0 ||
ss_descriptor.u.segment.executable==1 ||
ss_descriptor.u.segment.r_w==0) {
BX_PANIC(("interrupt(): SS not writable data segment"));
exception(BX_TS_EXCEPTION, SS_for_cpl_x & 0xfffc, 0);
}
// seg must be present, else #SS(SS selector + ext)
if (ss_descriptor.p==0) {
BX_PANIC(("interrupt(): SS not present"));
exception(BX_SS_EXCEPTION, SS_for_cpl_x & 0xfffc, 0);
}
if (gate_descriptor.type>=14) {
// 386 int/trap gate
// new stack must have room for 20|24 bytes, else #SS(0)
if ( is_error_code )
bytes = 24;
else
bytes = 20;
if (v8086_mode())
bytes += 16;
}
else {
// new stack must have room for 10|12 bytes, else #SS(0)
if ( is_error_code )
bytes = 12;
else
bytes = 10;
if (v8086_mode()) {
bytes += 8;
BX_PANIC(("interrupt: int/trap gate VM"));
}
}
// 486,Pentium books
// new stack must have room for 10/12 bytes, else #SS(0) 486 book
// PPro+
// new stack must have room for 10/12 bytes, else #SS(seg selector)
if ( !can_push(&ss_descriptor, ESP_for_cpl_x, bytes) ) {
BX_PANIC(("interrupt(): new stack doesn't have room for %u bytes",
(unsigned) bytes));
// SS(???)
}
// IP must be within CS segment boundaries, else #GP(0)
if (gate_dest_offset > cs_descriptor.u.segment.limit_scaled) {
BX_PANIC(("interrupt(): gate eIP > CS.limit"));
exception(BX_GP_EXCEPTION, 0, 0);
}
old_ESP = ESP;
old_SS = BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].selector.value;
old_EIP = EIP;
old_CS = BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value;
// load new SS:SP values from TSS
load_ss(&ss_selector, &ss_descriptor, cs_descriptor.dpl);
if (ss_descriptor.u.segment.d_b)
ESP = ESP_for_cpl_x;
else
SP = ESP_for_cpl_x; // leave upper 16bits
// load new CS:IP values from gate
// set CPL to new code segment DPL
// set RPL of CS to CPL
load_cs(&cs_selector, &cs_descriptor, cs_descriptor.dpl);
EIP = gate_dest_offset;
if (gate_descriptor.type>=14) { // 386 int/trap gate
if (v8086_mode()) {
push_32(BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].selector.value);
push_32(BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].selector.value);
push_32(BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].selector.value);
push_32(BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].selector.value);
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].cache.valid = 0;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].selector.value = 0;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].cache.valid = 0;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].selector.value = 0;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].cache.valid = 0;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].selector.value = 0;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].cache.valid = 0;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].selector.value = 0;
}
// push long pointer to old stack onto new stack
push_32(old_SS);
push_32(old_ESP);
// push EFLAGS
push_32(read_eflags());
// push long pointer to return address onto new stack
push_32(old_CS);
push_32(old_EIP);
if ( is_error_code )
push_32(error_code);
}
else { // 286 int/trap gate
if (v8086_mode()) {
BX_PANIC(("286 int/trap gate, VM"));
}
// push long pointer to old stack onto new stack
push_16(old_SS);
push_16(old_ESP); // ignores upper 16bits
// push FLAGS
push_16(read_flags());
// push return address onto new stack
push_16(old_CS);
push_16(old_EIP); // ignores upper 16bits
if ( is_error_code )
push_16(error_code);
}
// if INTERRUPT GATE set IF to 0
if ( !(gate_descriptor.type & 1) ) // even is int-gate
BX_CPU_THIS_PTR clear_IF ();
BX_CPU_THIS_PTR clear_TF ();
BX_CPU_THIS_PTR clear_VM ();
BX_CPU_THIS_PTR clear_RF ();
BX_CPU_THIS_PTR clear_NT ();
return;
}
if (v8086_mode()) {
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc, 0);
}
// if code segment is conforming OR code segment DPL = CPL then
// INTERRUPT TO SAME PRIVILEGE LEVEL:
if ( cs_descriptor.u.segment.c_ed==1 || cs_descriptor.dpl==CPL ) {
int bytes;
Bit32u temp_ESP;
if (BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].cache.u.segment.d_b)
temp_ESP = ESP;
else
temp_ESP = SP;
BX_DEBUG(("int_trap_gate286(): INTERRUPT TO SAME PRIVILEGE"));
// Current stack limits must allow pushing 6|8 bytes, else #SS(0)
if (gate_descriptor.type >= 14) { // 386 gate
if ( is_error_code )
bytes = 16;
else
bytes = 12;
}
else { // 286 gate
if ( is_error_code )
bytes = 8;
else
bytes = 6;
}
if ( !can_push(&BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].cache,
temp_ESP, bytes) ) {
BX_DEBUG(("interrupt(): stack doesn't have room"));
exception(BX_SS_EXCEPTION, 0, 0);
}
// eIP must be in CS limit else #GP(0)
if (gate_dest_offset > cs_descriptor.u.segment.limit_scaled) {
BX_PANIC(("interrupt(): IP > cs descriptor limit"));
exception(BX_GP_EXCEPTION, 0, 0);
}
// push flags onto stack
// push current CS selector onto stack
// push return offset onto stack
if (gate_descriptor.type >= 14) { // 386 gate
push_32(read_eflags());
push_32(BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value);
push_32(EIP);
if ( is_error_code )
push_32(error_code);
}
else { // 286 gate
push_16(read_flags());
push_16(BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value);
push_16(IP);
if ( is_error_code )
push_16(error_code);
}
// load CS:IP from gate
// load CS descriptor
// set the RPL field of CS to CPL
load_cs(&cs_selector, &cs_descriptor, CPL);
EIP = gate_dest_offset;
// if interrupt gate then set IF to 0
if ( !(gate_descriptor.type & 1) ) // even is int-gate
BX_CPU_THIS_PTR clear_IF ();
BX_CPU_THIS_PTR clear_TF ();
BX_CPU_THIS_PTR clear_NT ();
BX_CPU_THIS_PTR clear_VM ();
BX_CPU_THIS_PTR clear_RF ();
return;
}
// else #GP(CS selector + ext)
BX_DEBUG(("interrupt: bad descriptor"));
BX_DEBUG(("c_ed=%u, descriptor.dpl=%u, CPL=%u",
(unsigned) cs_descriptor.u.segment.c_ed,
(unsigned) cs_descriptor.dpl,
(unsigned) CPL));
BX_DEBUG(("cs.segment = %u", (unsigned) cs_descriptor.segment));
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc, 0);
break;
default:
BX_PANIC(("bad descriptor type in interrupt()!"));
break;
}
}
else
#endif
{ /* real mode */
Bit16u cs_selector, ip;
if ( (vector*4+3) > BX_CPU_THIS_PTR idtr.limit )
BX_PANIC(("interrupt(real mode) vector > limit"));
push_16(read_flags());
cs_selector = BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value;
push_16(cs_selector);
ip = EIP;
push_16(ip);
access_linear(BX_CPU_THIS_PTR idtr.base + 4 * vector, 2, 0, BX_READ, &ip);
IP = ip;
access_linear(BX_CPU_THIS_PTR idtr.base + 4 * vector + 2, 2, 0, BX_READ, &cs_selector);
load_seg_reg(&BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS], cs_selector);
/* INT affects the following flags: I,T */
BX_CPU_THIS_PTR clear_IF ();
BX_CPU_THIS_PTR clear_TF ();
#if BX_CPU_LEVEL >= 4
BX_CPU_THIS_PTR clear_AC ();
#endif
BX_CPU_THIS_PTR clear_RF ();
}
}
void
BX_CPU_C::exception(unsigned vector, Bit16u error_code, Boolean is_INT)
// vector: 0..255: vector in IDT
// error_code: if exception generates and error, push this error code
{
Boolean push_error;
Bit8u exception_type;
unsigned prev_errno;
invalidate_prefetch_q();
UNUSED(is_INT);
#if BX_DEBUGGER
if (bx_guard.special_unwind_stack) {
BX_INFO (("exception() returning early because special_unwind_stack is set"));
longjmp(BX_CPU_THIS_PTR jmp_buf_env, 1); // go back to main decode loop
}
#endif
#if BX_EXTERNAL_DEBUGGER
#if BX_SUPPORT_X86_64
printf ("Exception(%u) code=%08x @%08x%08x\n", vector, error_code,(Bit32u)(BX_CPU_THIS_PTR prev_eip >>32),(Bit32u)(BX_CPU_THIS_PTR prev_eip));
#else
printf ("Exception(%u) code=%08x @%08x\n", vector, error_code,(Bit32u)(BX_CPU_THIS_PTR prev_eip));
#endif
//trap_debugger(1);
#endif
BX_INSTR_EXCEPTION(CPU_ID, vector);
BX_DEBUG(("exception(%02x h)", (unsigned) vector));
// if not initial error, restore previous register values from
// previous attempt to handle exception
if (BX_CPU_THIS_PTR errorno) {
BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS] = BX_CPU_THIS_PTR save_cs;
BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS] = BX_CPU_THIS_PTR save_ss;
EIP = BX_CPU_THIS_PTR save_eip;
ESP = BX_CPU_THIS_PTR save_esp;
}
BX_CPU_THIS_PTR errorno++;
if (BX_CPU_THIS_PTR errorno >= 3) {
BX_PANIC(("exception(): 3rd (%d) exception with no resolution", vector));
BX_ERROR(("WARNING: Any simulation after this point is completely bogus."));
#if BX_DEBUGGER
bx_guard.special_unwind_stack = true;
#endif
longjmp(BX_CPU_THIS_PTR jmp_buf_env, 1); // go back to main decode loop
}
/* careful not to get here with curr_exception[1]==DOUBLE_FAULT */
/* ...index on DOUBLE_FAULT below, will be out of bounds */
/* if 1st was a double fault (software INT?), then shutdown */
if ( (BX_CPU_THIS_PTR errorno==2) && (BX_CPU_THIS_PTR curr_exception[0]==BX_ET_DOUBLE_FAULT) ) {
BX_PANIC(("exception(): triple fault encountered"));
BX_ERROR(("WARNING: Any simulation after this point is completely bogus."));
#if BX_DEBUGGER
bx_guard.special_unwind_stack = true;
#endif
longjmp(BX_CPU_THIS_PTR jmp_buf_env, 1); // go back to main decode loop
}
/* ??? this is not totally correct, should be done depending on
* vector */
/* backup IP to value before error occurred */
EIP = BX_CPU_THIS_PTR prev_eip;
ESP = BX_CPU_THIS_PTR prev_esp;
// note: fault-class exceptions _except_ #DB set RF in
// eflags image.
switch (vector) {
case 0: // DIV by 0
push_error = 0;
exception_type = BX_ET_CONTRIBUTORY;
BX_CPU_THIS_PTR assert_RF ();
break;
case 1: // debug exceptions
push_error = 0;
exception_type = BX_ET_BENIGN;
break;
case 2: // NMI
push_error = 0;
exception_type = BX_ET_BENIGN;
break;
case 3: // breakpoint
push_error = 0;
exception_type = BX_ET_BENIGN;
break;
case 4: // overflow
push_error = 0;
exception_type = BX_ET_BENIGN;
break;
case 5: // bounds check
push_error = 0;
exception_type = BX_ET_BENIGN;
BX_CPU_THIS_PTR assert_RF ();
break;
case 6: // invalid opcode
push_error = 0;
exception_type = BX_ET_BENIGN;
BX_CPU_THIS_PTR assert_RF ();
break;
case 7: // device not available
push_error = 0;
exception_type = BX_ET_BENIGN;
BX_CPU_THIS_PTR assert_RF ();
break;
case 8: // double fault
push_error = 1;
exception_type = BX_ET_DOUBLE_FAULT;
break;
case 9: // coprocessor segment overrun (286,386 only)
push_error = 0;
exception_type = BX_ET_CONTRIBUTORY;
BX_CPU_THIS_PTR assert_RF ();
BX_PANIC(("exception(9): unfinished"));
break;
case 10: // invalid TSS
push_error = 1;
exception_type = BX_ET_CONTRIBUTORY;
error_code = (error_code & 0xfffe) | BX_CPU_THIS_PTR EXT;
BX_CPU_THIS_PTR assert_RF ();
break;
case 11: // segment not present
push_error = 1;
exception_type = BX_ET_CONTRIBUTORY;
error_code = (error_code & 0xfffe) | BX_CPU_THIS_PTR EXT;
BX_CPU_THIS_PTR assert_RF ();
break;
case 12: // stack fault
push_error = 1;
exception_type = BX_ET_CONTRIBUTORY;
error_code = (error_code & 0xfffe) | BX_CPU_THIS_PTR EXT;
BX_CPU_THIS_PTR assert_RF ();
break;
case 13: // general protection
push_error = 1;
exception_type = BX_ET_CONTRIBUTORY;
error_code = (error_code & 0xfffe) | BX_CPU_THIS_PTR EXT;
BX_CPU_THIS_PTR assert_RF ();
break;
case 14: // page fault
push_error = 1;
exception_type = BX_ET_PAGE_FAULT;
// ??? special format error returned
BX_CPU_THIS_PTR assert_RF ();
break;
case 15: // reserved
BX_PANIC(("exception(15): reserved"));
push_error = 0; // keep compiler happy for now
exception_type = 0; // keep compiler happy for now
break;
case 16: // floating-point error
push_error = 0;
exception_type = BX_ET_BENIGN;
BX_CPU_THIS_PTR assert_RF ();
break;
#if BX_CPU_LEVEL >= 4
case 17: // alignment check
BX_PANIC(("exception(): alignment-check, vector 17 unimplemented"));
push_error = 0; // keep compiler happy for now
exception_type = 0; // keep compiler happy for now
BX_CPU_THIS_PTR assert_RF ();
break;
#endif
#if BX_CPU_LEVEL >= 5
case 18: // machine check
BX_PANIC(("exception(): machine-check, vector 18 unimplemented"));
push_error = 0; // keep compiler happy for now
exception_type = 0; // keep compiler happy for now
break;
#endif
default:
BX_PANIC(("exception(%u): bad vector", (unsigned) vector));
push_error = 0; // keep compiler happy for now
exception_type = 0; // keep compiler happy for now
break;
}
if (exception_type != BX_ET_PAGE_FAULT) {
// Page faults have different format
error_code = (error_code & 0xfffe) | BX_CPU_THIS_PTR EXT;
}
BX_CPU_THIS_PTR EXT = 1;
/* if we've already had 1st exception, see if 2nd causes a
* Double Fault instead. Otherwise, just record 1st exception
*/
if (BX_CPU_THIS_PTR errorno >= 2) {
if (is_exception_OK[BX_CPU_THIS_PTR curr_exception[0]][exception_type])
BX_CPU_THIS_PTR curr_exception[1] = exception_type;
else {
BX_CPU_THIS_PTR curr_exception[1] = BX_ET_DOUBLE_FAULT;
vector = 8;
}
}
else {
BX_CPU_THIS_PTR curr_exception[0] = exception_type;
}
#if BX_CPU_LEVEL >= 2
if (!real_mode()) {
prev_errno = BX_CPU_THIS_PTR errorno;
BX_CPU_THIS_PTR interrupt(vector, 0, push_error, error_code);
// if (BX_CPU_THIS_PTR errorno > prev_errno) {
// BX_INFO(("segment_exception(): errorno changed"));
// longjmp(jmp_buf_env, 1); // go back to main decode loop
// return;
// }
// if (push_error) {
// /* push error code on stack, after handling interrupt */
// /* pushed as a word or dword depending upon default size ??? */
// if (ss.cache.u.segment.d_b)
// push_32((Bit32u) error_code); /* upper bits reserved */
// else
// push_16(error_code);
// if (BX_CPU_THIS_PTR errorno > prev_errno) {
// BX_PANIC(("segment_exception(): errorno changed"));
// return;
// }
// }
BX_CPU_THIS_PTR errorno = 0; // error resolved
longjmp(BX_CPU_THIS_PTR jmp_buf_env, 1); // go back to main decode loop
}
else // real mode
#endif
{
// not INT, no error code pushed
BX_CPU_THIS_PTR interrupt(vector, 0, 0, 0);
BX_CPU_THIS_PTR errorno = 0; // error resolved
longjmp(BX_CPU_THIS_PTR jmp_buf_env, 1); // go back to main decode loop
}
}
int
BX_CPU_C::int_number(bx_segment_reg_t *seg)
{
if (seg == &BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS])
return(BX_SS_EXCEPTION);
else
return(BX_GP_EXCEPTION);
}
void
BX_CPU_C::shutdown_cpu(void)
{
#if BX_CPU_LEVEL > 2
BX_PANIC(("shutdown_cpu(): not implemented for 386"));
#endif
invalidate_prefetch_q();
BX_PANIC(("shutdown_cpu(): not finished"));
}
#if BX_SUPPORT_X86_64
void
BX_CPU_C::SYSCALL(bxInstruction_c *i)
{
/* pseudo code from AMD manual.
SYSCALL_START:
IF (MSR_EFER.SCE = 0) // Check if syscall/sysret are enabled.
EXCEPTION [#UD]
IF (LONG_MODE)
SYSCALL_LONG_MODE
ELSE // (LEGACY_MODE)
SYSCALL_LEGACY_MODE
SYSCALL_LONG_MODE:
RCX.q = next_RIP
R11.q = RFLAGS // with rf cleared
IF (64BIT_MODE)
temp_RIP.q = MSR_LSTAR
ELSE // (COMPATIBILITY_MODE)
temp_RIP.q = MSR_CSTAR
CS.sel = MSR_STAR.SYSCALL_CS AND 0xFFFC
CS.attr = 64-bit code,dpl0 // Always switch to 64-bit mode in long mode.
CS.base = 0x00000000
CS.limit = 0xFFFFFFFF
SS.sel = MSR_STAR.SYSCALL_CS + 8
SS.attr = 64-bit stack,dpl0
SS.base = 0x00000000
SS.limit = 0xFFFFFFFF
RFLAGS = RFLAGS AND ~MSR_SFMASK
RFLAGS.RF = 0
CPL = 0
RIP = temp_RIP
EXIT
SYSCALL_LEGACY_MODE:
RCX.d = next_RIP
temp_RIP.d = MSR_STAR.EIP
CS.sel = MSR_STAR.SYSCALL_CS AND 0xFFFC
CS.attr = 32-bit code,dpl0 // Always switch to 32-bit mode in legacy mode.
CS.base = 0x00000000
CS.limit = 0xFFFFFFFF
SS.sel = MSR_STAR.SYSCALL_CS + 8
SS.attr = 32-bit stack,dpl0
SS.base = 0x00000000
SS.limit = 0xFFFFFFFF
RFLAGS.VM,IF,RF=0
CPL = 0
RIP = temp_RIP
EXIT
*/
bx_address temp_RIP;
bx_descriptor_t cs_descriptor,ss_descriptor;
bx_selector_t cs_selector,ss_selector;
Bit32u dword1, dword2;
if (!BX_CPU_THIS_PTR msr.sce) {
exception(BX_GP_EXCEPTION, 0, 0);
}
invalidate_prefetch_q();
if (BX_CPU_THIS_PTR msr.lma) {
RCX = RIP;
#warning - PRT: SYSCALL -- do we reset RF/VM before saving to R11?
R11 = read_eflags();
if (BX_CPU_THIS_PTR cpu_mode == BX_MODE_LONG_64) {
temp_RIP = MSR_LSTAR;
}
else {
temp_RIP = MSR_CSTAR;
}
parse_selector((MSR_STAR >> 32) & 0xFFFC, &cs_selector);
fetch_raw_descriptor(&cs_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &cs_descriptor);
load_cs(&cs_selector, &cs_descriptor, 0);
parse_selector((MSR_STAR >> 32) + 8, &ss_selector);
fetch_raw_descriptor(&ss_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &ss_descriptor);
load_ss(&ss_selector, &ss_descriptor, 0);
write_eflags(read_eflags() & MSR_FMASK,1,1,1,0);
BX_CPU_THIS_PTR clear_RF ();
RIP = temp_RIP;
}
else {
// legacy mode
ECX = EIP;
temp_RIP = MSR_STAR & 0xFFFFFFFF;
parse_selector((MSR_STAR >> 32) & 0xFFFC, &cs_selector);
fetch_raw_descriptor(&cs_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &cs_descriptor);
load_cs(&cs_selector, &cs_descriptor, 0);
parse_selector((MSR_STAR >> 32) + 8, &ss_selector);
fetch_raw_descriptor(&ss_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &ss_descriptor);
load_ss(&ss_selector, &ss_descriptor, 0);
BX_CPU_THIS_PTR clear_VM ();
BX_CPU_THIS_PTR clear_IF ();
BX_CPU_THIS_PTR clear_RF ();
RIP = temp_RIP;
}
}
void
BX_CPU_C::SYSRET(bxInstruction_c *i)
{
/* from AMD manual
SYSRET_START:
IF (MSR_EFER.SCE = 0) // Check if syscall/sysret are enabled.
EXCEPTION [#UD]
IF ((!PROTECTED_MODE) || (CPL != 0))
EXCEPTION [#GP(0)] // SYSRET requires protected mode, cpl0
IF (64BIT_MODE)
SYSRET_64BIT_MODE
ELSE // (!64BIT_MODE)
SYSRET_NON_64BIT_MODE
SYSRET_64BIT_MODE:
IF (OPERAND_SIZE = 64) // Return to 64-bit mode.
{
CS.sel = (MSR_STAR.SYSRET_CS + 16) OR 3
CS.base = 0x00000000
CS.limit = 0xFFFFFFFF
CS.attr = 64-bit code,dpl3
temp_RIP.q = RCX
}
ELSE // Return to 32-bit compatibility mode.
{
CS.sel = MSR_STAR.SYSRET_CS OR 3
CS.base = 0x00000000
CS.limit = 0xFFFFFFFF
CS.attr = 32-bit code,dpl3
temp_RIP.d = RCX
}
SS.sel = MSR_STAR.SYSRET_CS + 8 // SS selector is changed,
// SS base, limit, attributes unchanged.
RFLAGS.q = R11 // RF=0,VM=0
CPL = 3
RIP = temp_RIP
EXIT
SYSRET_NON_64BIT_MODE:
CS.sel = MSR_STAR.SYSRET_CS OR 3 // Return to 32-bit legacy protected mode.
CS.base = 0x00000000
CS.limit = 0xFFFFFFFF
CS.attr = 32-bit code,dpl3
temp_RIP.d = RCX
SS.sel = MSR_STAR.SYSRET_CS + 8 // SS selector is changed.
// SS base, limit, attributes unchanged.
RFLAGS.IF = 1
CPL = 3
RIP = temp_RIP
EXIT
*/
bx_address temp_RIP;
bx_descriptor_t cs_descriptor,ss_descriptor;
bx_selector_t cs_selector,ss_selector;
Bit32u dword1, dword2;
if (!BX_CPU_THIS_PTR msr.sce) {
exception(BX_GP_EXCEPTION, 0, 0);
}
if(real_mode() || CPL != 0) {
exception(BX_GP_EXCEPTION, 0, 0);
}
invalidate_prefetch_q();
if (BX_CPU_THIS_PTR cpu_mode == BX_MODE_LONG_64) {
if (i->os64L()) { // Return to 64-bit mode.
parse_selector(((MSR_STAR >> 48) + 16) | 3, &cs_selector);
fetch_raw_descriptor(&cs_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &cs_descriptor);
load_cs(&cs_selector, &cs_descriptor, 3);
temp_RIP = RCX;
}
else { // Return to 32-bit compatibility mode.
parse_selector((MSR_STAR >> 48) | 3, &cs_selector);
fetch_raw_descriptor(&cs_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &cs_descriptor);
load_cs(&cs_selector, &cs_descriptor, 3);
temp_RIP = ECX;
}
parse_selector((MSR_STAR >> 48) + 8, &ss_selector);
fetch_raw_descriptor(&ss_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &ss_descriptor);
load_ss(&ss_selector, &ss_descriptor, 0);
// SS base, limit, attributes unchanged.
write_eflags(R11,1,1,1,1);
RIP = temp_RIP;
}
else { // (!64BIT_MODE)
parse_selector((MSR_STAR >> 48) + 16, &cs_selector);
fetch_raw_descriptor(&cs_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &cs_descriptor);
load_cs(&cs_selector, &cs_descriptor, 3);
temp_RIP = ECX;
parse_selector((MSR_STAR >> 48) + 8, &ss_selector);
fetch_raw_descriptor(&ss_selector, &dword1, &dword2, BX_GP_EXCEPTION);
parse_descriptor(dword1, dword2, &ss_descriptor);
load_ss(&ss_selector, &ss_descriptor, 0);
BX_CPU_THIS_PTR assert_IF ();
RIP = temp_RIP;
}
}
#endif // BX_SUPPORT_X86_64