summaryrefslogtreecommitdiffstats
path: root/src/VBox/ValidationKit/bootsectors/bs3-cpu-basic-2-pf.c32
diff options
context:
space:
mode:
Diffstat (limited to 'src/VBox/ValidationKit/bootsectors/bs3-cpu-basic-2-pf.c32')
-rw-r--r--src/VBox/ValidationKit/bootsectors/bs3-cpu-basic-2-pf.c321890
1 files changed, 1890 insertions, 0 deletions
diff --git a/src/VBox/ValidationKit/bootsectors/bs3-cpu-basic-2-pf.c32 b/src/VBox/ValidationKit/bootsectors/bs3-cpu-basic-2-pf.c32
new file mode 100644
index 00000000..1323f092
--- /dev/null
+++ b/src/VBox/ValidationKit/bootsectors/bs3-cpu-basic-2-pf.c32
@@ -0,0 +1,1890 @@
+/* $Id: bs3-cpu-basic-2-pf.c32 $ */
+/** @file
+ * BS3Kit - bs3-cpu-basic-2, 32-bit C code for testing \#PF.
+ */
+
+/*
+ * Copyright (C) 2007-2023 Oracle and/or its affiliates.
+ *
+ * This file is part of VirtualBox base platform packages, as
+ * available from https://www.virtualbox.org.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation, in version 3 of the
+ * License.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses>.
+ *
+ * The contents of this file may alternatively be used under the terms
+ * of the Common Development and Distribution License Version 1.0
+ * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
+ * in the VirtualBox distribution, in which case the provisions of the
+ * CDDL are applicable instead of those of the GPL.
+ *
+ * You may elect to license modified versions of this file under the
+ * terms and conditions of either the GPL or the CDDL or both.
+ *
+ * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
+ */
+
+
+/*********************************************************************************************************************************
+* Header Files *
+*********************************************************************************************************************************/
+#include <bs3kit.h>
+#include <iprt/asm-amd64-x86.h>
+
+
+/*********************************************************************************************************************************
+* Defined Constants And Macros *
+*********************************************************************************************************************************/
+#define CHECK_MEMBER(a_pszMode, a_szName, a_szFmt, a_Actual, a_Expected) \
+ do { \
+ if ((a_Actual) == (a_Expected)) { /* likely */ } \
+ else Bs3TestFailedF("%u - %s: " a_szName "=" a_szFmt " expected " a_szFmt, \
+ g_usBs3TestStep, (a_pszMode), (a_Actual), (a_Expected)); \
+ } while (0)
+
+#define BS3CPUBASIC2PF_HALT(pThis) \
+ do { \
+ Bs3TestPrintf("Halting: pteworker=%s store=%s accessor=%s\n", \
+ pThis->pszPteWorker, pThis->pszStore, pThis->pszAccessor); \
+ ASMHalt(); \
+ } while (0)
+
+
+/** @def BS3CPUBASIC2PF_FASTER
+ * This is useful for IEM execution. */
+#define BS3CPUBASIC2PF_FASTER
+
+
+/*********************************************************************************************************************************
+* Structures and Typedefs *
+*********************************************************************************************************************************/
+typedef void BS3_CALL FNBS3CPUBASIC2PFSNIPPET(void);
+
+typedef struct FNBS3CPUBASIC2PFTSTCODE
+{
+ FNBS3CPUBASIC2PFSNIPPET *pfn;
+ uint8_t offUd2;
+
+} FNBS3CPUBASIC2PFTSTCODE;
+typedef FNBS3CPUBASIC2PFTSTCODE const *PCFNBS3CPUBASIC2PFTSTCODE;
+
+typedef struct BS3CPUBASIC2PFTTSTCMNMODE
+{
+ uint8_t bMode;
+ FNBS3CPUBASIC2PFTSTCODE MovLoad;
+ FNBS3CPUBASIC2PFTSTCODE MovStore;
+ FNBS3CPUBASIC2PFTSTCODE Xchg;
+ FNBS3CPUBASIC2PFTSTCODE CmpXchg;
+ FNBS3CPUBASIC2PFTSTCODE DivMem;
+} BS3CPUBASIC2PFTTSTCMNMODE;
+typedef BS3CPUBASIC2PFTTSTCMNMODE const *PCBS3CPUBASIC2PFTTSTCMNMODE;
+
+
+typedef struct BS3CPUBASIC2PFSTATE
+{
+ /** The mode we're currently testing. */
+ uint8_t bMode;
+ /** The size of a natural access. */
+ uint8_t cbAccess;
+ /** The common mode functions. */
+ PCBS3CPUBASIC2PFTTSTCMNMODE pCmnMode;
+ /** Address of the test area (alias). */
+ union
+ {
+ uint64_t u;
+ uint32_t u32;
+ uint16_t u16;
+ } uTestAddr;
+ /** Pointer to the orignal test area mapping. */
+ uint8_t *pbOrgTest;
+ /** The size of the test area (at least two pages). */
+ uint32_t cbTest;
+ /** cbTest expressed as a page count. */
+ uint16_t cTestPages;
+ /** The number of PTEs in the first PTE, i.e. what we can
+ * safely access via PgInfo.u.Pae.pPte/PgInfo.u.Legacy.pPte. */
+ uint16_t cTest1stPtes;
+ /** The number of PDEs for cTestPages. */
+ uint16_t cTestPdes;
+ /** 16-bit data selector for uTestAddr.u32. */
+ uint16_t uSel16TestData;
+ /** 16-bit code selector for uTestAddr.u32. */
+ uint16_t uSel16TestCode;
+ /** The size of the PDE backup. */
+ uint16_t cbPdeBackup;
+ /** The size of the PTE backup. */
+ uint16_t cbPteBackup;
+ /** Test paging information for uTestAddr.u. */
+ BS3PAGINGINFO4ADDR PgInfo;
+
+ /** Set if we can use the INVLPG instruction. */
+ bool fUseInvlPg;
+ /** Physical addressing width. */
+ uint8_t cBitsPhysWidth;
+
+ /** Reflects CR0.WP. */
+ bool fWp;
+ /** Reflects EFER.NXE & CR4.PAE. */
+ bool fNxe;
+
+ const char *pszAccessor;
+ const char *pszPteWorker;
+ const char *pszStore;
+
+ /** Trap context frame. */
+ BS3TRAPFRAME TrapCtx;
+ /** Expected result context. */
+ BS3REGCTX ExpectCtx;
+
+ /** The PML4E backup. */
+ uint64_t u64Pml4eBackup;
+ /** The PDPTE backup. */
+ uint64_t u64PdpteBackup;
+ /** The PDE backup. */
+ uint64_t au64PdeBackup[16];
+ /** The PTE backup. */
+ union
+ {
+ uint32_t Legacy[X86_PG_ENTRIES];
+ uint64_t Pae[X86_PG_PAE_ENTRIES];
+ } PteBackup;
+
+} BS3CPUBASIC2PFSTATE;
+/** Pointer to state for the \#PF test. */
+typedef BS3CPUBASIC2PFSTATE *PBS3CPUBASIC2PFSTATE;
+
+
+/**
+ * Paging modification worker.
+ */
+typedef struct BS3CPUBASIC2PFMODPT
+{
+ const char *pszName;
+ uint32_t fPresent : 1;
+ uint32_t fUser : 1;
+ uint32_t fWriteable : 1;
+ uint32_t fNoExecute : 1;
+ uint32_t fReserved : 1;
+ uint32_t uModifyArg : 24;
+ void (*pfnModify)(PBS3CPUBASIC2PFSTATE pThis, unsigned iStore, struct BS3CPUBASIC2PFMODPT const *pEntry,
+ uint32_t fClearMask, uint32_t fSetMask);
+ bool (*pfnApplicable)(PBS3CPUBASIC2PFSTATE pThis, struct BS3CPUBASIC2PFMODPT const *pEntry);
+} BS3CPUBASIC2PFMODPT;
+typedef BS3CPUBASIC2PFMODPT const *PCBS3CPUBASIC2PFMODPT;
+
+/** Page level protection. Alternative is page directory or higher level. */
+#define BS3CB2PFACC_F_PAGE_LEVEL RT_BIT(0)
+/** Directly access the boobytrapped page, no edging on or off it. */
+#define BS3CB2PFACC_F_DIRECT RT_BIT(1)
+
+/**
+ * Memory accessor.
+ */
+typedef struct BS3CPUBASIC2PFACCESSOR
+{
+ /** Accessor name. */
+ const char *pszName;
+ /** The accessor. */
+ void (*pfnAccessor)(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags, uint8_t bXcpt, uint8_t uPfErrCd);
+ /** The X86_TRAP_PF_XXX access flags this access sets. */
+ uint32_t fAccess;
+ /** The exception when things are fine. */
+ uint8_t bOkayXcpt;
+} BS3CPUBASIC2PFACCESSOR;
+typedef const BS3CPUBASIC2PFACCESSOR *PCBS3CPUBASIC2PFACCESSOR;
+
+
+/*********************************************************************************************************************************
+* Internal Functions *
+*********************************************************************************************************************************/
+FNBS3TESTDOMODE bs3CpuBasic2_RaiseXcpt0e_c32;
+
+/* bs3-cpu-basic-2-asm.asm: */
+void BS3_CALL bs3CpuBasic2_Store_mov_c32(void *pvDst, uint32_t uValue, uint32_t uOld);
+void BS3_CALL bs3CpuBasic2_Store_xchg_c32(void *pvDst, uint32_t uValue, uint32_t uOld);
+void BS3_CALL bs3CpuBasic2_Store_cmpxchg_c32(void *pvDst, uint32_t uValue, uint32_t uOld);
+
+
+/* bs3-cpu-basic-2-template.mac: */
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_mov_ax_ds_bx__ud2_c16;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_mov_ds_bx_ax__ud2_c16;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_xchg_ds_bx_ax__ud2_c16;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_cmpxchg_ds_bx_cx__ud2_c16;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_div_ds_bx__ud2_c16;
+
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_mov_ax_ds_bx__ud2_c32;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_mov_ds_bx_ax__ud2_c32;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_xchg_ds_bx_ax__ud2_c32;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_cmpxchg_ds_bx_cx__ud2_c32;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_div_ds_bx__ud2_c32;
+
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_mov_ax_ds_bx__ud2_c64;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_mov_ds_bx_ax__ud2_c64;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_xchg_ds_bx_ax__ud2_c64;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_cmpxchg_ds_bx_cx__ud2_c64;
+FNBS3CPUBASIC2PFSNIPPET bs3CpuBasic2_div_ds_bx__ud2_c64;
+
+
+/*********************************************************************************************************************************
+* Global Variables *
+*********************************************************************************************************************************/
+/** Page table access functions. */
+static const struct
+{
+ const char *pszName;
+ void (BS3_CALL *pfnStore)(void *pvDst, uint32_t uValue, uint32_t uOld);
+} g_aStoreMethods[] =
+{
+ { "mov", bs3CpuBasic2_Store_mov_c32 },
+ { "xchg", bs3CpuBasic2_Store_xchg_c32 },
+ { "cmpxchg", bs3CpuBasic2_Store_cmpxchg_c32 },
+};
+
+
+static const BS3CPUBASIC2PFTTSTCMNMODE g_aCmnModes[] =
+{
+ {
+ BS3_MODE_CODE_16,
+ { bs3CpuBasic2_mov_ax_ds_bx__ud2_c16, 2 },
+ { bs3CpuBasic2_mov_ds_bx_ax__ud2_c16, 2 },
+ { bs3CpuBasic2_xchg_ds_bx_ax__ud2_c16, 2 },
+ { bs3CpuBasic2_cmpxchg_ds_bx_cx__ud2_c16, 3 },
+ { bs3CpuBasic2_div_ds_bx__ud2_c16, 2 },
+ },
+ {
+ BS3_MODE_CODE_32,
+ { bs3CpuBasic2_mov_ax_ds_bx__ud2_c32, 2 },
+ { bs3CpuBasic2_mov_ds_bx_ax__ud2_c32, 2 },
+ { bs3CpuBasic2_xchg_ds_bx_ax__ud2_c32, 2 },
+ { bs3CpuBasic2_cmpxchg_ds_bx_cx__ud2_c32, 3 },
+ { bs3CpuBasic2_div_ds_bx__ud2_c32, 2 },
+ },
+ {
+ BS3_MODE_CODE_64,
+ { bs3CpuBasic2_mov_ax_ds_bx__ud2_c64, 2 + 1 },
+ { bs3CpuBasic2_mov_ds_bx_ax__ud2_c64, 2 + 1 },
+ { bs3CpuBasic2_xchg_ds_bx_ax__ud2_c64, 2 + 1 },
+ { bs3CpuBasic2_cmpxchg_ds_bx_cx__ud2_c64, 3 + 1 },
+ { bs3CpuBasic2_div_ds_bx__ud2_c64, 2 + 1 },
+ },
+ {
+ BS3_MODE_CODE_V86,
+ { bs3CpuBasic2_mov_ax_ds_bx__ud2_c16, 2 },
+ { bs3CpuBasic2_mov_ds_bx_ax__ud2_c16, 2 },
+ { bs3CpuBasic2_xchg_ds_bx_ax__ud2_c16, 2 },
+ { bs3CpuBasic2_cmpxchg_ds_bx_cx__ud2_c16, 3 },
+ { bs3CpuBasic2_div_ds_bx__ud2_c16, 2 },
+ },
+};
+
+
+/**
+ * Compares a CPU trap.
+ */
+static void bs3CpuBasic2Pf_CompareCtx(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pExpectCtx, int cbPcAdjust,
+ uint8_t bXcpt, unsigned uErrCd)
+{
+ const char *pszHint = "xxxx";
+ uint16_t const cErrorsBefore = Bs3TestSubErrorCount();
+ uint32_t fExtraEfl;
+
+ CHECK_MEMBER(pszHint, "bXcpt", "%#04x", pThis->TrapCtx.bXcpt, bXcpt);
+ CHECK_MEMBER(pszHint, "uErrCd", "%#06RX16", (uint16_t)pThis->TrapCtx.uErrCd, (uint16_t)uErrCd); /* 486 only writes a word */
+
+ fExtraEfl = X86_EFL_RF;
+ if (BS3_MODE_IS_16BIT_SYS(g_bBs3CurrentMode))
+ fExtraEfl = 0;
+ else
+ fExtraEfl = X86_EFL_RF;
+ Bs3TestCheckRegCtxEx(&pThis->TrapCtx.Ctx, pExpectCtx, cbPcAdjust, 0 /*cbSpAdjust*/, fExtraEfl, pszHint, g_usBs3TestStep);
+ if (Bs3TestSubErrorCount() != cErrorsBefore)
+ {
+ Bs3TrapPrintFrame(&pThis->TrapCtx);
+#if 1
+ Bs3TestPrintf("Halting: g_uBs3CpuDetected=%#x\n", g_uBs3CpuDetected);
+ Bs3TestPrintf("Halting: bXcpt=%#x uErrCd=%#x\n", bXcpt, uErrCd);
+ BS3CPUBASIC2PF_HALT(pThis);
+#endif
+ }
+}
+
+
+/**
+ * Compares a CPU trap.
+ */
+static void bs3CpuBasic2Pf_CompareSimpleCtx(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pStartCtx, int offAddPC,
+ uint8_t bXcpt, unsigned uErrCd, uint64_t uCr2)
+{
+ const char *pszHint = "xxxx";
+ uint16_t const cErrorsBefore = Bs3TestSubErrorCount();
+ uint64_t const uSavedCr2 = pStartCtx->cr2.u;
+ uint32_t fExtraEfl;
+
+ CHECK_MEMBER(pszHint, "bXcpt", "%#04x", pThis->TrapCtx.bXcpt, bXcpt);
+ CHECK_MEMBER(pszHint, "uErrCd", "%#06RX16", (uint16_t)pThis->TrapCtx.uErrCd, (uint16_t)uErrCd); /* 486 only writes a word */
+
+ fExtraEfl = X86_EFL_RF;
+ if (BS3_MODE_IS_16BIT_SYS(g_bBs3CurrentMode))
+ fExtraEfl = 0;
+ else
+ fExtraEfl = X86_EFL_RF;
+ pStartCtx->cr2.u = uCr2;
+ Bs3TestCheckRegCtxEx(&pThis->TrapCtx.Ctx, pStartCtx, offAddPC, 0 /*cbSpAdjust*/, fExtraEfl, pszHint, g_usBs3TestStep);
+ pStartCtx->cr2.u = uSavedCr2;
+ if (Bs3TestSubErrorCount() != cErrorsBefore)
+ {
+ Bs3TrapPrintFrame(&pThis->TrapCtx);
+#if 1
+ Bs3TestPrintf("Halting: g_uBs3CpuDetected=%#x\n", g_uBs3CpuDetected);
+ Bs3TestPrintf("Halting: bXcpt=%#x uErrCd=%#x\n", bXcpt, uErrCd);
+ BS3CPUBASIC2PF_HALT(pThis);
+#endif
+ }
+}
+
+
+/**
+ * Checks the trap context for a simple \#PF trap.
+ */
+static void bs3CpuBasic2Pf_CompareSimplePf(PBS3CPUBASIC2PFSTATE pThis, PCBS3REGCTX pStartCtx, int offAddPC,
+ unsigned uErrCd, uint64_t uCr2)
+{
+ bs3CpuBasic2Pf_CompareSimpleCtx(pThis, (PBS3REGCTX)pStartCtx, offAddPC, X86_XCPT_PF, uErrCd, uCr2);
+}
+
+/**
+ * Checks the trap context for a simple \#UD trap.
+ */
+static void bs3CpuBasic2Pf_CompareSimpleUd(PBS3CPUBASIC2PFSTATE pThis, PCBS3REGCTX pStartCtx, int offAddPC)
+{
+ bs3CpuBasic2Pf_CompareSimpleCtx(pThis, (PBS3REGCTX)pStartCtx, offAddPC, X86_XCPT_UD, 0, pStartCtx->cr2.u);
+}
+
+
+/**
+ * Restores all the paging entries from backup and flushes everything.
+ */
+static void bs3CpuBasic2Pf_FlushAll(void)
+{
+ if ((g_uBs3CpuDetected & BS3CPU_TYPE_MASK) >= BS3CPU_80486)
+ {
+ uint32_t uCr4 = ASMGetCR4();
+ if (uCr4 & (X86_CR4_PGE | X86_CR4_PCIDE))
+ {
+ ASMSetCR4(uCr4 & ~(X86_CR4_PGE | X86_CR4_PCIDE));
+ ASMSetCR4(uCr4);
+ return;
+ }
+ }
+
+ ASMReloadCR3();
+}
+
+
+/**
+ * Restores all the paging entries from backup and flushes everything.
+ *
+ * @param pThis Test state data.
+ */
+static void bs3CpuBasic2Pf_RestoreFromBackups(PBS3CPUBASIC2PFSTATE pThis)
+{
+ Bs3MemCpy(pThis->PgInfo.u.Legacy.pPte, &pThis->PteBackup, pThis->cbPteBackup);
+ Bs3MemCpy(pThis->PgInfo.u.Legacy.pPde, pThis->au64PdeBackup, pThis->cbPdeBackup);
+ if (pThis->PgInfo.cEntries > 2)
+ pThis->PgInfo.u.Pae.pPdpe->u = pThis->u64PdpteBackup;
+ if (pThis->PgInfo.cEntries > 3)
+ pThis->PgInfo.u.Pae.pPml4e->u = pThis->u64Pml4eBackup;
+ bs3CpuBasic2Pf_FlushAll();
+}
+
+
+/** @name BS3CPUBASIC2PFACCESSOR::pfnAccessor Implementations
+ * @{ */
+
+static void bs3CpuBasic2Pf_DoExec(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags, uint8_t bXcpt, uint8_t uPfErrCd)
+{
+ uint8_t *pbOrgTest = pThis->pbOrgTest;
+ unsigned offEnd = fFlags & BS3CB2PFACC_F_DIRECT ? X86_PAGE_SIZE + 1 : X86_PAGE_SIZE + 2;
+ unsigned off = fFlags & BS3CB2PFACC_F_DIRECT ? offEnd - 1 : X86_PAGE_SIZE - 5;
+
+ for (; off < offEnd; off++)
+ {
+ /* Emit a little bit of code (using the original allocation mapping) and point pCtx to it. */
+ pbOrgTest[off + 0] = X86_OP_PRF_SIZE_ADDR;
+ pbOrgTest[off + 1] = X86_OP_PRF_SIZE_OP;
+ pbOrgTest[off + 2] = 0x90; /* NOP */
+ pbOrgTest[off + 3] = 0x0f; /* UD2 */
+ pbOrgTest[off + 4] = 0x0b;
+ pbOrgTest[off + 5] = 0xeb; /* JMP $-4 */
+ pbOrgTest[off + 6] = 0xfc;
+ switch (pThis->bMode & BS3_MODE_CODE_MASK)
+ {
+ default:
+ pCtx->rip.u = pThis->uTestAddr.u + off;
+ break;
+ case BS3_MODE_CODE_16:
+ Bs3SelSetup16BitCode(&Bs3GdteSpare01, pThis->uTestAddr.u32, pCtx->bCpl);
+ pCtx->rip.u = off;
+ pCtx->cs = BS3_SEL_SPARE_01 | pCtx->bCpl;
+ break;
+ case BS3_MODE_CODE_V86:
+ /** @todo fix me. */
+ return;
+ }
+ //Bs3TestPrintf("cs:rip=%04x:%010RX64 iRing=%d\n", pCtx->cs, pCtx->rip.u, pCtx->bCpl);
+
+ Bs3TrapSetJmpAndRestore(pCtx, &pThis->TrapCtx);
+ //Bs3TestPrintf("off=%#06x bXcpt=%#x uErrCd=%#RX64\n", off, pThis->TrapCtx.bXcpt, pThis->TrapCtx.uErrCd);
+ if ( bXcpt != X86_XCPT_PF
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off < X86_PAGE_SIZE - 4))
+ bs3CpuBasic2Pf_CompareSimpleUd(pThis, pCtx, 3);
+ else if (!(fFlags & BS3CB2PFACC_F_PAGE_LEVEL) || off >= X86_PAGE_SIZE)
+ bs3CpuBasic2Pf_CompareSimplePf(pThis, pCtx, 0, uPfErrCd, pThis->uTestAddr.u + off);
+ else
+ bs3CpuBasic2Pf_CompareSimplePf(pThis, pCtx,
+ off + 3 == X86_PAGE_SIZE || off + 4 == X86_PAGE_SIZE
+ ? RT_MIN(X86_PAGE_SIZE, off + 3) - off : 0,
+ uPfErrCd, pThis->uTestAddr.u + RT_MIN(X86_PAGE_SIZE, off + 4));
+ }
+}
+
+
+static void bs3CpuBasic2Pf_SetCsEip(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, PCFNBS3CPUBASIC2PFTSTCODE pCode)
+{
+ switch (pThis->bMode & BS3_MODE_CODE_MASK)
+ {
+ default:
+ pCtx->rip.u = (uintptr_t)pCode->pfn;
+ break;
+
+ case BS3_MODE_CODE_16:
+ {
+ uint32_t uFar16 = Bs3SelFlatCodeToProtFar16((uintptr_t)pCode->pfn);
+ pCtx->rip.u = (uint16_t)uFar16;
+ pCtx->cs = (uint16_t)(uFar16 >> 16) | pCtx->bCpl;
+ pCtx->cs += (uint16_t)pCtx->bCpl << BS3_SEL_RING_SHIFT;
+ break;
+ }
+
+ case BS3_MODE_CODE_V86:
+ {
+ uint32_t uFar16 = Bs3SelFlatCodeToRealMode((uintptr_t)pCode->pfn);
+ pCtx->rip.u = (uint16_t)uFar16;
+ pCtx->cs = (uint16_t)(uFar16 >> 16);
+ break;
+ }
+ }
+}
+
+
+/**
+ * Test a simple load instruction around the edges of page two.
+ *
+ * @param pThis The test stat data.
+ * @param pCtx The test context.
+ * @param fFlags BS3CB2PFACC_F_XXX.
+ * @param bXcpt X86_XCPT_PF if this can cause \#PFs, otherwise
+ * X86_XCPT_UD.
+ * @param uPfErrCd The error code for \#PFs.
+ */
+static void bs3CpuBasic2Pf_DoMovLoad(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags, uint8_t bXcpt, uint8_t uPfErrCd)
+{
+ static uint64_t const s_uValue = UINT64_C(0x7c4d0114428d);
+ uint64_t uExpectRax;
+ unsigned i;
+
+ /*
+ * Adjust the incoming context and calculate our expections.
+ */
+ bs3CpuBasic2Pf_SetCsEip(pThis, pCtx, &pThis->pCmnMode->MovLoad);
+ Bs3MemCpy(&pThis->ExpectCtx, pCtx, sizeof(pThis->ExpectCtx));
+ switch (pThis->bMode & BS3_MODE_CODE_MASK)
+ {
+ case BS3_MODE_CODE_16:
+ case BS3_MODE_CODE_V86:
+ uExpectRax = (uint16_t)s_uValue | (pCtx->rax.u & UINT64_C(0xffffffffffff0000));
+ break;
+ case BS3_MODE_CODE_32:
+ uExpectRax = (uint32_t)s_uValue | (pCtx->rax.u & UINT64_C(0xffffffff00000000));
+ break;
+ case BS3_MODE_CODE_64:
+ uExpectRax = s_uValue;
+ break;
+ }
+ if (uExpectRax == pCtx->rax.u)
+ pCtx->rax.u = ~pCtx->rax.u;
+
+ /*
+ * Make two approaches to the test page (the 2nd one):
+ * - i=0: Start on the 1st page and edge into the 2nd.
+ * - i=1: Start at the end of the 2nd page and edge off it and into the 3rd.
+ */
+ for (i = 0; i < 2; i++)
+ {
+ unsigned off = fFlags & BS3CB2PFACC_F_DIRECT ? X86_PAGE_SIZE : X86_PAGE_SIZE * (i + 1) - pThis->cbAccess;
+ unsigned offEnd = fFlags & BS3CB2PFACC_F_DIRECT ? off + 1 : X86_PAGE_SIZE * (i + 1) + (i == 0 ? 8 : 7);
+
+ for (; off < offEnd; off++)
+ {
+ *(uint64_t *)&pThis->pbOrgTest[off] = s_uValue;
+ if (BS3_MODE_IS_16BIT_CODE(pThis->bMode))
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = off;
+ else
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = pThis->uTestAddr.u + off;
+
+ Bs3TrapSetJmpAndRestore(pCtx, &pThis->TrapCtx);
+ //Bs3TestPrintf("off=%#06x bXcpt=%#x uErrCd=%#RX64\n", off, pThis->TrapCtx.bXcpt, pThis->TrapCtx.uErrCd);
+
+ if ( bXcpt != X86_XCPT_PF
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off >= X86_PAGE_SIZE * 2)
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off <= X86_PAGE_SIZE - pThis->cbAccess) )
+ {
+ pThis->ExpectCtx.rax.u = uExpectRax;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, pThis->pCmnMode->MovLoad.offUd2, X86_XCPT_UD, 0 /*uErrCd*/);
+ pThis->ExpectCtx.rax = pCtx->rax;
+ }
+ else
+ {
+ if (off < X86_PAGE_SIZE)
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + X86_PAGE_SIZE;
+ else
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + off;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, 0 /*cbPcAdjust*/, bXcpt, uPfErrCd);
+ pThis->ExpectCtx.cr2 = pCtx->cr2;
+ }
+ }
+
+ if (fFlags & BS3CB2PFACC_F_DIRECT)
+ break;
+ }
+}
+
+
+/**
+ * Test a simple store instruction around the edges of page two.
+ *
+ * @param pThis The test stat data.
+ * @param pCtx The test context.
+ * @param fFlags BS3CB2PFACC_F_XXX.
+ * @param bXcpt X86_XCPT_PF if this can cause \#PFs, otherwise
+ * X86_XCPT_UD.
+ * @param uPfErrCd The error code for \#PFs.
+ */
+static void bs3CpuBasic2Pf_DoMovStore(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags,
+ uint8_t bXcpt, uint8_t uPfErrCd)
+{
+ static uint64_t const s_uValue = UINT64_C(0x3af45ead86a34a26);
+ static uint64_t const s_uValueFlipped = UINT64_C(0xc50ba152795cb5d9);
+ uint64_t const uRaxSaved = pCtx->rax.u;
+ uint64_t uExpectStored;
+ unsigned i;
+
+ /*
+ * Adjust the incoming context and calculate our expections.
+ */
+ bs3CpuBasic2Pf_SetCsEip(pThis, pCtx, &pThis->pCmnMode->MovStore);
+ if ((pThis->bMode & BS3_MODE_CODE_MASK) != BS3_MODE_CODE_64)
+ pCtx->rax.u = (uint32_t)s_uValue; /* leave the upper part zero */
+ else
+ pCtx->rax.u = s_uValue;
+
+ Bs3MemCpy(&pThis->ExpectCtx, pCtx, sizeof(pThis->ExpectCtx));
+ switch (pThis->bMode & BS3_MODE_CODE_MASK)
+ {
+ case BS3_MODE_CODE_16:
+ case BS3_MODE_CODE_V86:
+ uExpectStored = (uint16_t)s_uValue | (s_uValueFlipped & UINT64_C(0xffffffffffff0000));
+ break;
+ case BS3_MODE_CODE_32:
+ uExpectStored = (uint32_t)s_uValue | (s_uValueFlipped & UINT64_C(0xffffffff00000000));
+ break;
+ case BS3_MODE_CODE_64:
+ uExpectStored = s_uValue;
+ break;
+ }
+
+ /*
+ * Make two approaches to the test page (the 2nd one):
+ * - i=0: Start on the 1st page and edge into the 2nd.
+ * - i=1: Start at the end of the 2nd page and edge off it and into the 3rd.
+ */
+ for (i = 0; i < 2; i++)
+ {
+ unsigned off = fFlags & BS3CB2PFACC_F_DIRECT ? X86_PAGE_SIZE : X86_PAGE_SIZE * (i + 1) - pThis->cbAccess;
+ unsigned offEnd = fFlags & BS3CB2PFACC_F_DIRECT ? off + 1 : X86_PAGE_SIZE * (i + 1) + (i == 0 ? 8 : 7);
+ for (; off < offEnd; off++)
+ {
+ *(uint64_t *)&pThis->pbOrgTest[off] = s_uValueFlipped;
+ if (BS3_MODE_IS_16BIT_CODE(pThis->bMode))
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = off;
+ else
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = pThis->uTestAddr.u + off;
+
+ Bs3TrapSetJmpAndRestore(pCtx, &pThis->TrapCtx);
+ //Bs3TestPrintf("off=%#06x bXcpt=%#x uErrCd=%#RX64\n", off, pThis->TrapCtx.bXcpt, pThis->TrapCtx.uErrCd);
+
+ if ( bXcpt != X86_XCPT_PF
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off >= X86_PAGE_SIZE * 2)
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off <= X86_PAGE_SIZE - pThis->cbAccess) )
+ {
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, pThis->pCmnMode->MovStore.offUd2, X86_XCPT_UD, 0 /*uErrCd*/);
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != uExpectStored)
+ Bs3TestFailedF("%u - %s: Stored %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], uExpectStored);
+ }
+ else
+ {
+ if (off < X86_PAGE_SIZE)
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + X86_PAGE_SIZE;
+ else
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + off;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, 0 /*cbPcAdjust*/, bXcpt, uPfErrCd);
+ pThis->ExpectCtx.cr2 = pCtx->cr2;
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != s_uValueFlipped)
+ Bs3TestFailedF("%u - %s: #PF'ed store modified memory: %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], s_uValueFlipped);
+
+ }
+ }
+
+ if (fFlags & BS3CB2PFACC_F_DIRECT)
+ break;
+ }
+
+ pCtx->rax.u = uRaxSaved;
+}
+
+
+/**
+ * Test a xchg instruction around the edges of page two.
+ *
+ * @param pThis The test stat data.
+ * @param pCtx The test context.
+ * @param fFlags BS3CB2PFACC_F_XXX.
+ * @param bXcpt X86_XCPT_PF if this can cause \#PFs, otherwise
+ * X86_XCPT_UD.
+ * @param uPfErrCd The error code for \#PFs.
+ */
+static void bs3CpuBasic2Pf_DoXchg(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags, uint8_t bXcpt, uint8_t uPfErrCd)
+{
+ static uint64_t const s_uValue = UINT64_C(0xea58699648e2f32c);
+ static uint64_t const s_uValueFlipped = UINT64_C(0x15a79669b71d0cd3);
+ uint64_t const uRaxSaved = pCtx->rax.u;
+ uint64_t uRaxIn;
+ uint64_t uExpectedRax;
+ uint64_t uExpectStored;
+ unsigned i;
+
+ /*
+ * Adjust the incoming context and calculate our expections.
+ */
+ bs3CpuBasic2Pf_SetCsEip(pThis, pCtx, &pThis->pCmnMode->Xchg);
+ if ((pThis->bMode & BS3_MODE_CODE_MASK) != BS3_MODE_CODE_64)
+ uRaxIn = (uint32_t)s_uValue; /* leave the upper part zero */
+ else
+ uRaxIn = s_uValue;
+
+ Bs3MemCpy(&pThis->ExpectCtx, pCtx, sizeof(pThis->ExpectCtx));
+ switch (pThis->bMode & BS3_MODE_CODE_MASK)
+ {
+ case BS3_MODE_CODE_16:
+ case BS3_MODE_CODE_V86:
+ uExpectedRax = (uint16_t)s_uValueFlipped | (uRaxIn & UINT64_C(0xffffffffffff0000));
+ uExpectStored = (uint16_t)s_uValue | (s_uValueFlipped & UINT64_C(0xffffffffffff0000));
+ break;
+ case BS3_MODE_CODE_32:
+ uExpectedRax = (uint32_t)s_uValueFlipped | (uRaxIn & UINT64_C(0xffffffff00000000));
+ uExpectStored = (uint32_t)s_uValue | (s_uValueFlipped & UINT64_C(0xffffffff00000000));
+ break;
+ case BS3_MODE_CODE_64:
+ uExpectedRax = s_uValueFlipped;
+ uExpectStored = s_uValue;
+ break;
+ }
+
+ /*
+ * Make two approaches to the test page (the 2nd one):
+ * - i=0: Start on the 1st page and edge into the 2nd.
+ * - i=1: Start at the end of the 2nd page and edge off it and into the 3rd.
+ */
+ for (i = 0; i < 2; i++)
+ {
+ unsigned off = fFlags & BS3CB2PFACC_F_DIRECT ? X86_PAGE_SIZE : X86_PAGE_SIZE * (i + 1) - pThis->cbAccess;
+ unsigned offEnd = fFlags & BS3CB2PFACC_F_DIRECT ? off + 1 : X86_PAGE_SIZE * (i + 1) + (i == 0 ? 8 : 7);
+ for (; off < offEnd; off++)
+ {
+ *(uint64_t *)&pThis->pbOrgTest[off] = s_uValueFlipped;
+ pCtx->rax.u = uRaxIn;
+ if (BS3_MODE_IS_16BIT_CODE(pThis->bMode))
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = off;
+ else
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = pThis->uTestAddr.u + off;
+
+ Bs3TrapSetJmpAndRestore(pCtx, &pThis->TrapCtx);
+ //Bs3TestPrintf("off=%#06x bXcpt=%#x uErrCd=%#RX64\n", off, pThis->TrapCtx.bXcpt, pThis->TrapCtx.uErrCd);
+
+ if ( bXcpt != X86_XCPT_PF
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off >= X86_PAGE_SIZE * 2)
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off <= X86_PAGE_SIZE - pThis->cbAccess) )
+ {
+ pThis->ExpectCtx.rax.u = uExpectedRax;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, pThis->pCmnMode->Xchg.offUd2, X86_XCPT_UD, 0 /*uErrCd*/);
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != uExpectStored)
+ Bs3TestFailedF("%u - %s: Stored %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], uExpectStored);
+ }
+ else
+ {
+ pThis->ExpectCtx.rax.u = uRaxIn;
+ if (off < X86_PAGE_SIZE)
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + X86_PAGE_SIZE;
+ else
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + off;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, 0 /*cbPcAdjust*/, bXcpt, uPfErrCd);
+ pThis->ExpectCtx.cr2 = pCtx->cr2;
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != s_uValueFlipped)
+ Bs3TestFailedF("%u - %s: #PF'ed store modified memory: %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], s_uValueFlipped);
+ }
+ }
+
+ if (fFlags & BS3CB2PFACC_F_DIRECT)
+ break;
+ }
+
+ pCtx->rax.u = uRaxSaved;
+}
+
+
+/**
+ * Test a cmpxchg instruction around the edges of page two.
+ *
+ * @param pThis The test stat data.
+ * @param pCtx The test context.
+ * @param fFlags BS3CB2PFACC_F_XXX.
+ * @param bXcpt X86_XCPT_PF if this can cause \#PFs, otherwise
+ * X86_XCPT_UD.
+ * @param uPfErrCd The error code for \#PFs.
+ * @param fMissmatch Whether to fail and not store (@c true), or succeed
+ * and do the store.
+ */
+static void bs3CpuBasic2Pf_DoCmpXchg(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags,
+ uint8_t bXcpt, uint8_t uPfErrCd, bool fMissmatch)
+{
+ static uint64_t const s_uValue = UINT64_C(0xea58699648e2f32c);
+ static uint64_t const s_uValueFlipped = UINT64_C(0x15a79669b71d0cd3);
+ static uint64_t const s_uValueOther = UINT64_C(0x2171239bcb044c81);
+ uint64_t const uRaxSaved = pCtx->rax.u;
+ uint64_t const uRcxSaved = pCtx->rcx.u;
+ uint64_t uRaxIn;
+ uint64_t uExpectedRax;
+ uint32_t uExpectedFlags;
+ uint64_t uExpectStored;
+ unsigned i;
+
+ /*
+ * Adjust the incoming context and calculate our expections.
+ * Hint: CMPXCHG [xBX],xCX ; xAX compare and update implicit, ZF set to !fMissmatch.
+ */
+ bs3CpuBasic2Pf_SetCsEip(pThis, pCtx, &pThis->pCmnMode->CmpXchg);
+ if ((pThis->bMode & BS3_MODE_CODE_MASK) != BS3_MODE_CODE_64)
+ {
+ uRaxIn = (uint32_t)(fMissmatch ? s_uValueOther : s_uValueFlipped); /* leave the upper part zero */
+ pCtx->rcx.u = (uint32_t)s_uValue; /* ditto */
+ }
+ else
+ {
+ uRaxIn = fMissmatch ? s_uValueOther : s_uValueFlipped;
+ pCtx->rcx.u = s_uValue;
+ }
+ if (fMissmatch)
+ pCtx->rflags.u32 |= X86_EFL_ZF;
+ else
+ pCtx->rflags.u32 &= ~X86_EFL_ZF;
+
+ Bs3MemCpy(&pThis->ExpectCtx, pCtx, sizeof(pThis->ExpectCtx));
+ uExpectedFlags = pCtx->rflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_SF | X86_EFL_OF | X86_EFL_ZF);
+ switch (pThis->bMode & BS3_MODE_CODE_MASK)
+ {
+ case BS3_MODE_CODE_16:
+ case BS3_MODE_CODE_V86:
+ uExpectedRax = (uint16_t)s_uValueFlipped | (uRaxIn & UINT64_C(0xffffffffffff0000));
+ uExpectStored = (uint16_t)s_uValue | (s_uValueFlipped & UINT64_C(0xffffffffffff0000));
+ uExpectedFlags |= !fMissmatch ? X86_EFL_ZF | X86_EFL_PF : X86_EFL_AF;
+ break;
+ case BS3_MODE_CODE_32:
+ uExpectedRax = (uint32_t)s_uValueFlipped | (uRaxIn & UINT64_C(0xffffffff00000000));
+ uExpectStored = (uint32_t)s_uValue | (s_uValueFlipped & UINT64_C(0xffffffff00000000));
+ uExpectedFlags |= !fMissmatch ? X86_EFL_ZF | X86_EFL_PF : X86_EFL_AF;
+ break;
+ case BS3_MODE_CODE_64:
+ uExpectedRax = s_uValueFlipped;
+ uExpectStored = s_uValue;
+ uExpectedFlags |= !fMissmatch ? X86_EFL_ZF | X86_EFL_PF : X86_EFL_AF;
+ break;
+ }
+ if (fMissmatch)
+ uExpectStored = s_uValueFlipped;
+
+ /*
+ * Make two approaches to the test page (the 2nd one):
+ * - i=0: Start on the 1st page and edge into the 2nd.
+ * - i=1: Start at the end of the 2nd page and edge off it and into the 3rd.
+ */
+ for (i = 0; i < 2; i++)
+ {
+ unsigned off = fFlags & BS3CB2PFACC_F_DIRECT ? X86_PAGE_SIZE : X86_PAGE_SIZE * (i + 1) - pThis->cbAccess;
+ unsigned offEnd = fFlags & BS3CB2PFACC_F_DIRECT ? off + 1 : X86_PAGE_SIZE * (i + 1) + (i == 0 ? 8 : 7);
+ for (; off < offEnd; off++)
+ {
+ *(uint64_t *)&pThis->pbOrgTest[off] = s_uValueFlipped;
+ pCtx->rax.u = uRaxIn;
+ if (BS3_MODE_IS_16BIT_CODE(pThis->bMode))
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = off;
+ else
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = pThis->uTestAddr.u + off;
+
+ Bs3TrapSetJmpAndRestore(pCtx, &pThis->TrapCtx);
+ //Bs3TestPrintf("off=%#06x bXcpt=%#x uErrCd=%#RX64\n", off, pThis->TrapCtx.bXcpt, pThis->TrapCtx.uErrCd);
+
+ if ( bXcpt != X86_XCPT_PF
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off >= X86_PAGE_SIZE * 2)
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off <= X86_PAGE_SIZE - pThis->cbAccess) )
+ {
+ pThis->ExpectCtx.rax.u = uExpectedRax;
+ pThis->ExpectCtx.rflags.u32 = uExpectedFlags;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, pThis->pCmnMode->CmpXchg.offUd2, X86_XCPT_UD, 0 /*uErrCd*/);
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != uExpectStored)
+ Bs3TestFailedF("%u - %s: Stored %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], uExpectStored);
+ }
+ else
+ {
+ pThis->ExpectCtx.rax.u = uRaxIn;
+ pThis->ExpectCtx.rflags = pCtx->rflags;
+ if (off < X86_PAGE_SIZE)
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + X86_PAGE_SIZE;
+ else
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + off;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, 0 /*cbPcAdjust*/, bXcpt, uPfErrCd);
+ pThis->ExpectCtx.cr2 = pCtx->cr2;
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != s_uValueFlipped)
+ Bs3TestFailedF("%u - %s: #PF'ed store modified memory: %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], s_uValueFlipped);
+ }
+ }
+
+ if (fFlags & BS3CB2PFACC_F_DIRECT)
+ break;
+ }
+
+ pCtx->rax.u = uRaxSaved;
+ pCtx->rcx.u = uRcxSaved;
+}
+
+
+static void bs3CpuBasic2Pf_DoCmpXchgMiss(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags,
+ uint8_t bXcpt, uint8_t uPfErrCd)
+{
+ bs3CpuBasic2Pf_DoCmpXchg(pThis, pCtx, fFlags, bXcpt, uPfErrCd, true /*fMissmatch*/ );
+}
+
+
+static void bs3CpuBasic2Pf_DoCmpXchgMatch(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags,
+ uint8_t bXcpt, uint8_t uPfErrCd)
+{
+ bs3CpuBasic2Pf_DoCmpXchg(pThis, pCtx, fFlags, bXcpt, uPfErrCd , false /*fMissmatch*/ );
+}
+
+
+/**
+ * @interface_method_impl{BS3CPUBASIC2PFACCESSOR,pfnAccessor,
+ * DIV [MEM=0] for checking the accessed bit}
+ */
+static void bs3CpuBasic2Pf_DoDivByZero(PBS3CPUBASIC2PFSTATE pThis, PBS3REGCTX pCtx, uint32_t fFlags,
+ uint8_t bXcpt, uint8_t uPfErrCd)
+{
+ static uint64_t const s_uFiller = UINT64_C(0x9856703711f4069e);
+ uint64_t uZeroAndFill;
+ unsigned i;
+
+ /*
+ * Adjust the incoming context and calculate our expections.
+ */
+ bs3CpuBasic2Pf_SetCsEip(pThis, pCtx, &pThis->pCmnMode->DivMem);
+
+ Bs3MemCpy(&pThis->ExpectCtx, pCtx, sizeof(pThis->ExpectCtx));
+ switch (pThis->bMode & BS3_MODE_CODE_MASK)
+ {
+ case BS3_MODE_CODE_16:
+ case BS3_MODE_CODE_V86:
+ uZeroAndFill = s_uFiller & UINT64_C(0xffffffffffff0000);
+ break;
+ case BS3_MODE_CODE_32:
+ uZeroAndFill = s_uFiller & UINT64_C(0xffffffff00000000);
+ break;
+ case BS3_MODE_CODE_64:
+ uZeroAndFill = 0;
+ break;
+ }
+
+ /*
+ * Make two approaches to the test page (the 2nd one):
+ * - i=0: Start on the 1st page and edge into the 2nd.
+ * - i=1: Start at the end of the 2nd page and edge off it and into the 3rd.
+ */
+ for (i = 0; i < 2; i++)
+ {
+ unsigned off = fFlags & BS3CB2PFACC_F_DIRECT ? X86_PAGE_SIZE : X86_PAGE_SIZE * (i + 1) - pThis->cbAccess;
+ unsigned offEnd = fFlags & BS3CB2PFACC_F_DIRECT ? off + 1 : X86_PAGE_SIZE * (i + 1) + (i == 0 ? 8 : 7);
+ for (; off < offEnd; off++)
+ {
+ *(uint64_t *)&pThis->pbOrgTest[off] = uZeroAndFill;
+ if (BS3_MODE_IS_16BIT_CODE(pThis->bMode))
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = off;
+ else
+ pThis->ExpectCtx.rbx.u = pCtx->rbx.u = pThis->uTestAddr.u + off;
+
+ Bs3TrapSetJmpAndRestore(pCtx, &pThis->TrapCtx);
+ //if (pThis->bMode == BS3_MODE_PP16_32) Bs3TestPrintf("off=%#06x bXcpt=%#x uErrCd=%#RX64\n", off, pThis->TrapCtx.bXcpt, pThis->TrapCtx.uErrCd);
+
+ if ( bXcpt != X86_XCPT_PF
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off >= X86_PAGE_SIZE * 2)
+ || ((fFlags & BS3CB2PFACC_F_PAGE_LEVEL) && off <= X86_PAGE_SIZE - pThis->cbAccess) )
+ {
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, 0 /*cbPcAdjust*/, X86_XCPT_DE, 0 /*uErrCd*/);
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != uZeroAndFill)
+ Bs3TestFailedF("%u - %s: Modified source op: %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], uZeroAndFill);
+ }
+ else
+ {
+ if (off < X86_PAGE_SIZE)
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + X86_PAGE_SIZE;
+ else
+ pThis->ExpectCtx.cr2.u = pThis->uTestAddr.u + off;
+ bs3CpuBasic2Pf_CompareCtx(pThis, &pThis->ExpectCtx, 0 /*cbPcAdjust*/, bXcpt, uPfErrCd);
+ pThis->ExpectCtx.cr2 = pCtx->cr2;
+ if (*(uint64_t *)&pThis->pbOrgTest[off] != uZeroAndFill)
+ Bs3TestFailedF("%u - %s: Modified source op: %#RX64, expected %#RX64",
+ g_usBs3TestStep, "xxxx", *(uint64_t *)&pThis->pbOrgTest[off], uZeroAndFill);
+ }
+ }
+
+ if (fFlags & BS3CB2PFACC_F_DIRECT)
+ break;
+ }
+}
+
+
+static BS3CPUBASIC2PFACCESSOR const g_aAccessors[] =
+{
+ { "DoExec", bs3CpuBasic2Pf_DoExec, X86_TRAP_PF_ID, X86_XCPT_UD },
+ { "DoMovLoad", bs3CpuBasic2Pf_DoMovLoad, 0, X86_XCPT_UD },
+ { "DoMovStore", bs3CpuBasic2Pf_DoMovStore, X86_TRAP_PF_RW, X86_XCPT_UD },
+ { "DoXchg", bs3CpuBasic2Pf_DoXchg, X86_TRAP_PF_RW, X86_XCPT_UD },
+ { "DoCmpXchgMiss", bs3CpuBasic2Pf_DoCmpXchgMiss, X86_TRAP_PF_RW, X86_XCPT_UD },
+ { "DoCmpXhcgMatch", bs3CpuBasic2Pf_DoCmpXchgMatch, X86_TRAP_PF_RW, X86_XCPT_UD },
+ { "DoDivByZero", bs3CpuBasic2Pf_DoDivByZero, 0, X86_XCPT_DE },
+};
+
+/** @} */
+
+
+/** @name BS3CPUBASIC2PFMODPT::pfnModify implementations.
+ * @{ */
+
+
+static void bs3CpuBasic2Pf_ClearMask(PBS3CPUBASIC2PFSTATE pThis, unsigned iStore, PCBS3CPUBASIC2PFMODPT pEntry,
+ uint32_t fClearMask, uint32_t fSetMask)
+{
+ if (pThis->PgInfo.cbEntry == 4)
+ {
+ uint32_t const uOrg = pThis->PteBackup.Legacy[1];
+ uint32_t uNew = ((uOrg & ~fClearMask) | fSetMask) & ~(uint32_t)pEntry->uModifyArg;
+ uint32_t const uOld = pThis->PgInfo.u.Legacy.pPte[1].u;
+ g_aStoreMethods[iStore].pfnStore(pThis->PgInfo.u.Legacy.pPte + 1, uNew, uOld);
+ }
+ else
+ {
+ uint64_t const uOrg = pThis->PteBackup.Pae[1];
+ uint64_t uNew = ((uOrg & ~(uint64_t)fClearMask) | fSetMask) & ~(uint64_t)pEntry->uModifyArg;
+ uint64_t const uOld = pThis->PgInfo.u.Pae.pPte[1].u;
+
+ g_aStoreMethods[iStore].pfnStore(&pThis->PgInfo.u.Pae.pPte[1].au32[0], (uint32_t)uNew, (uint32_t)uOld);
+ if ((uint32_t)(uNew >> 32) != (uint32_t)(uOld >> 32))
+ g_aStoreMethods[iStore].pfnStore(&pThis->PgInfo.u.Pae.pPte[1].au32[1],
+ (uint32_t)(uNew >> 32), (uint32_t)(uOld >> 32));
+ }
+}
+
+static void bs3CpuBasic2Pf_SetBit(PBS3CPUBASIC2PFSTATE pThis, unsigned iStore, PCBS3CPUBASIC2PFMODPT pEntry,
+ uint32_t fClearMask, uint32_t fSetMask)
+{
+ if (pThis->PgInfo.cbEntry == 4)
+ {
+ uint32_t const uOrg = pThis->PteBackup.Legacy[1];
+ uint32_t uNew = (uOrg & ~fClearMask) | fSetMask | RT_BIT_32(pEntry->uModifyArg);
+ uint32_t const uOld = pThis->PgInfo.u.Legacy.pPte[1].u;
+ g_aStoreMethods[iStore].pfnStore(pThis->PgInfo.u.Legacy.pPte + 1, uNew, uOld);
+ }
+ else
+ {
+ uint64_t const uOrg = pThis->PteBackup.Pae[1];
+ uint64_t uNew = ((uOrg & ~(uint64_t)fClearMask) | fSetMask) | RT_BIT_64(pEntry->uModifyArg);
+ uint64_t const uOld = pThis->PgInfo.u.Pae.pPte[1].u;
+
+ if (pEntry->uModifyArg < 32 || (uint32_t)uNew != (uint32_t)uOld)
+ g_aStoreMethods[iStore].pfnStore(&pThis->PgInfo.u.Pae.pPte[1].au32[0], (uint32_t)uNew, (uint32_t)uOld);
+ if (pEntry->uModifyArg >= 32 || (uint32_t)(uNew >> 32) != (uint32_t)(uOld >> 32))
+ g_aStoreMethods[iStore].pfnStore(&pThis->PgInfo.u.Pae.pPte[1].au32[1],
+ (uint32_t)(uNew >> 32), (uint32_t)(uOld >> 32));
+ }
+}
+
+static void bs3CpuBasic2Pf_NoChange(PBS3CPUBASIC2PFSTATE pThis, unsigned iStore, PCBS3CPUBASIC2PFMODPT pEntry,
+ uint32_t fClearMask, uint32_t fSetMask)
+{
+ if (pThis->PgInfo.cbEntry == 4)
+ {
+ uint32_t const uOrg = pThis->PteBackup.Legacy[1];
+ uint32_t uNew = (uOrg & ~fClearMask) | fSetMask;
+ uint32_t const uOld = pThis->PgInfo.u.Legacy.pPte[1].u;
+ if (uNew != uOld)
+ g_aStoreMethods[iStore].pfnStore(&pThis->PgInfo.u.Legacy.pPte[1], uNew, uOld);
+ }
+ else
+ {
+ uint64_t const uOrg = pThis->PteBackup.Pae[1];
+ uint64_t uNew = (uOrg & ~(uint64_t)fClearMask) | fSetMask;
+ uint64_t const uOld = pThis->PgInfo.u.Pae.pPte[1].u;
+ if (uNew != uOld)
+ {
+ if ((uint32_t)uNew != (uint32_t)uOld)
+ g_aStoreMethods[iStore].pfnStore(&pThis->PgInfo.u.Pae.pPte[1].au32[0], (uint32_t)uNew, (uint32_t)uOld);
+ if ((uint32_t)(uNew >> 32) != (uint32_t)(uOld >> 32))
+ g_aStoreMethods[iStore].pfnStore(&pThis->PgInfo.u.Pae.pPte[1].au32[1],
+ (uint32_t)(uNew >> 32), (uint32_t)(uOld >> 32));
+ }
+ }
+}
+
+/** @} */
+
+
+/** @name BS3CPUBASIC2PFMODPT::pfnApplicable implementations.
+ * @{ */
+
+static bool bs3CpuBasic2Pf_IsPteBitReserved(PBS3CPUBASIC2PFSTATE pThis, PCBS3CPUBASIC2PFMODPT pEntry)
+{
+ if (pThis->PgInfo.cbEntry == 8)
+ {
+ /* Bits 52..63 or 62 (NXE=1). */
+ if (pThis->PgInfo.cEntries == 3)
+ {
+ if ((uint32_t)(pEntry->uModifyArg - 52U) < (uint32_t)(12 - pThis->fNxe))
+ return true;
+ }
+ else if (pEntry->uModifyArg == 63 && !pThis->fNxe)
+ return true;
+
+ /* Reserved physical address bits. */
+ if (pEntry->uModifyArg < 52)
+ {
+ if ((uint32_t)pEntry->uModifyArg >= (uint32_t)pThis->cBitsPhysWidth)
+ return true;
+ }
+ }
+ return false;
+}
+
+static bool bs3CpuBasic2Pf_IsPteBitSoftwareUsable(PBS3CPUBASIC2PFSTATE pThis, PCBS3CPUBASIC2PFMODPT pEntry)
+{
+ if (pThis->PgInfo.cbEntry == 8)
+ {
+ if (pThis->PgInfo.cEntries != 3)
+ {
+ if ((uint32_t)(pEntry->uModifyArg - 52U) < (uint32_t)11)
+ return true;
+ }
+ }
+ return false;
+}
+
+
+static bool bs3CpuBasic2Pf_IsNxe(PBS3CPUBASIC2PFSTATE pThis, PCBS3CPUBASIC2PFMODPT pEntry)
+{
+ return pThis->fNxe && pThis->PgInfo.cbEntry == 8;
+}
+
+/** @} */
+
+
+static const BS3CPUBASIC2PFMODPT g_aPteWorkers[] =
+{
+/* { pszName, P U W NX RSV ModiyfArg pfnModify, pfnApplicable }, */
+ { "org", 1, 1, 1, 0, 0, 0, bs3CpuBasic2Pf_NoChange, NULL },
+ { "!US", 1, 0, 1, 0, 0, X86_PTE_US, bs3CpuBasic2Pf_ClearMask, NULL },
+ { "!RW", 1, 1, 0, 0, 0, X86_PTE_RW, bs3CpuBasic2Pf_ClearMask, NULL },
+ { "!RW+!US", 1, 0, 0, 0, 0, X86_PTE_RW | X86_PTE_US, bs3CpuBasic2Pf_ClearMask, NULL },
+ { "!P", 0, 0, 0, 0, 0, X86_PTE_P, bs3CpuBasic2Pf_ClearMask, NULL },
+ { "NX", 1, 1, 1, 1, 0, 63, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsNxe },
+ { "RSVPH[32]", 0, 0, 0, 0, 1, 32, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[33]", 0, 0, 0, 0, 1, 33, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[34]", 0, 0, 0, 0, 1, 34, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[35]", 0, 0, 0, 0, 1, 35, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[36]", 0, 0, 0, 0, 1, 36, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[37]", 0, 0, 0, 0, 1, 37, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[38]", 0, 0, 0, 0, 1, 38, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[39]", 0, 0, 0, 0, 1, 39, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[40]", 0, 0, 0, 0, 1, 40, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[41]", 0, 0, 0, 0, 1, 41, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[42]", 0, 0, 0, 0, 1, 42, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[43]", 0, 0, 0, 0, 1, 43, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[44]", 0, 0, 0, 0, 1, 44, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[45]", 0, 0, 0, 0, 1, 45, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[46]", 0, 0, 0, 0, 1, 46, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[47]", 0, 0, 0, 0, 1, 47, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[48]", 0, 0, 0, 0, 1, 48, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[49]", 0, 0, 0, 0, 1, 49, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[50]", 0, 0, 0, 0, 1, 50, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSVPH[51]", 0, 0, 0, 0, 1, 51, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[52]", 0, 0, 0, 0, 1, 52, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[53]", 0, 0, 0, 0, 1, 53, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[54]", 0, 0, 0, 0, 1, 54, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[55]", 0, 0, 0, 0, 1, 55, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[56]", 0, 0, 0, 0, 1, 56, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[57]", 0, 0, 0, 0, 1, 57, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[58]", 0, 0, 0, 0, 1, 58, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[59]", 0, 0, 0, 0, 1, 59, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[60]", 0, 0, 0, 0, 1, 60, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[61]", 0, 0, 0, 0, 1, 61, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[62]", 0, 0, 0, 0, 1, 62, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[62]", 0, 0, 0, 0, 1, 62, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "RSV[63]", 0, 0, 0, 0, 1, 63, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitReserved },
+ { "!RSV[52]", 1, 1, 1, 0, 0, 52, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[53]", 1, 1, 1, 0, 0, 53, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[54]", 1, 1, 1, 0, 0, 54, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[55]", 1, 1, 1, 0, 0, 55, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[56]", 1, 1, 1, 0, 0, 56, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[57]", 1, 1, 1, 0, 0, 57, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[58]", 1, 1, 1, 0, 0, 58, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[59]", 1, 1, 1, 0, 0, 59, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[60]", 1, 1, 1, 0, 0, 60, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[61]", 1, 1, 1, 0, 0, 61, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+ { "!RSV[62]", 1, 1, 1, 0, 0, 62, bs3CpuBasic2Pf_SetBit, bs3CpuBasic2Pf_IsPteBitSoftwareUsable },
+
+};
+
+
+/**
+ * Worker for bs3CpuBasic2_RaiseXcpt0e_c32 that does the actual testing.
+ *
+ * Caller does all the cleaning up.
+ *
+ * @returns Error count.
+ * @param pThis Test state data.
+ * @param fNxe Whether NX is enabled.
+ */
+static uint8_t bs3CpuBasic2_RaiseXcpt0eWorker(PBS3CPUBASIC2PFSTATE register pThis, bool const fWp, bool const fNxe)
+{
+ unsigned iLevel;
+ unsigned iRing;
+ unsigned iStore;
+ unsigned iAccessor;
+ unsigned iOuter;
+ unsigned cPml4Tests;
+ unsigned cPdPtrTests;
+ uint32_t const fPfIdMask = fNxe ? UINT32_MAX : ~X86_TRAP_PF_ID;
+ BS3REGCTX aCtxts[4];
+
+ pThis->fWp = fWp;
+ pThis->fNxe = fNxe;
+
+ /** @todo figure out V8086 testing. */
+ if ((pThis->bMode & BS3_MODE_CODE_MASK) == BS3_MODE_CODE_V86)
+ return BS3TESTDOMODE_SKIPPED;
+
+
+ /* paranoia: Touch the various big stack structures to ensure the compiler has allocated stack for them. */
+ for (iRing = 0; iRing < RT_ELEMENTS(aCtxts); iRing++)
+ Bs3MemZero(&aCtxts[iRing], sizeof(aCtxts[iRing]));
+
+ /*
+ * Set up a few contexts for testing this stuff.
+ */
+ Bs3RegCtxSaveEx(&aCtxts[0], pThis->bMode, 2048);
+ for (iRing = 1; iRing < 4; iRing++)
+ {
+ aCtxts[iRing] = aCtxts[0];
+ Bs3RegCtxConvertToRingX(&aCtxts[iRing], iRing);
+ }
+
+ if (!BS3_MODE_IS_16BIT_CODE(pThis->bMode))
+ {
+ for (iRing = 0; iRing < 4; iRing++)
+ aCtxts[iRing].rbx.u = pThis->uTestAddr.u;
+ }
+ else
+ {
+ for (iRing = 0; iRing < 4; iRing++)
+ {
+ aCtxts[iRing].ds = pThis->uSel16TestData;
+ aCtxts[iRing].rbx.u = 0;
+ }
+ }
+
+ /*
+ * Check basic operation:
+ */
+ for (iRing = 0; iRing < 4; iRing++)
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ g_aAccessors[iAccessor].pfnAccessor(pThis, &aCtxts[iRing], BS3CB2PFACC_F_PAGE_LEVEL, X86_XCPT_UD, UINT8_MAX);
+
+ /*
+ * Some PTE checks. We only mess with the 2nd page.
+ */
+ for (iOuter = 0; iOuter < 2; iOuter++)
+ {
+ uint32_t const fAccessor = (iOuter == 0 ? BS3CB2PFACC_F_DIRECT : 0) | BS3CB2PFACC_F_PAGE_LEVEL;
+ unsigned iPteWrk;
+
+ bs3CpuBasic2Pf_FlushAll();
+ for (iPteWrk = 0; iPteWrk < RT_ELEMENTS(g_aPteWorkers); iPteWrk++)
+ {
+ BS3CPUBASIC2PFMODPT EffWrk;
+ const BS3CPUBASIC2PFMODPT *pPteWrk = &g_aPteWorkers[iPteWrk];
+ if (pPteWrk->pfnApplicable && !pPteWrk->pfnApplicable(pThis, pPteWrk))
+ continue;
+
+ pThis->pszPteWorker = pPteWrk->pszName;
+
+ EffWrk = *pPteWrk;
+
+#if 1
+ /*
+ * Do the modification once, then test all different accesses
+ * without flushing the TLB or anything in-between.
+ */
+ for (iStore = 0; iStore < RT_ELEMENTS(g_aStoreMethods); iStore++)
+ {
+ pThis->pszStore = g_aStoreMethods[iStore].pszName;
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, 0);
+
+ for (iRing = 0; iRing < 4; iRing++)
+ {
+ PBS3REGCTX const pCtx = &aCtxts[iRing];
+ if ( EffWrk.fReserved
+ || !EffWrk.fPresent
+ || (!EffWrk.fUser && iRing == 3))
+ {
+ uint32_t const fPfBase = ( EffWrk.fReserved ? X86_TRAP_PF_P | X86_TRAP_PF_RSVD
+ : EffWrk.fPresent ? X86_TRAP_PF_P : 0)
+ | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ }
+ }
+ else
+ {
+ uint32_t const fPfBase = X86_TRAP_PF_P | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+ if ( ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_ID)
+ && EffWrk.fNoExecute)
+ || ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_RW)
+ && !EffWrk.fWriteable
+ && (fWp || iRing == 3)) )
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ else
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ }
+ }
+ }
+
+ /* Reset the paging + full flush. */
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+ }
+#endif
+
+#define CHECK_AD_BITS(a_fExpectedAD) \
+ do { \
+ uint32_t fActualAD = ( pThis->PgInfo.cbEntry == 8 \
+ ? pThis->PgInfo.u.Pae.pPte[1].au32[0] : pThis->PgInfo.u.Legacy.pPte[1].au32[0]) \
+ & (X86_PTE_A | X86_PTE_D); \
+ if (fActualAD != (a_fExpectedAD)) \
+ { \
+ Bs3TestFailedF("%u - %s/%u: unexpected A/D bits: %#x, expected %#x\n", \
+ g_usBs3TestStep, "xxxx", __LINE__, fActualAD, a_fExpectedAD); \
+ BS3CPUBASIC2PF_HALT(pThis); \
+ } \
+ } while (0)
+
+ /*
+ * Again, but redoing everything for each accessor.
+ */
+ for (iStore = 0; iStore < RT_ELEMENTS(g_aStoreMethods); iStore++)
+ {
+ pThis->pszStore = g_aStoreMethods[iStore].pszName;
+
+ for (iRing = 0; iRing < 4; iRing++)
+ {
+ PBS3REGCTX const pCtx = &aCtxts[iRing];
+
+ if ( EffWrk.fReserved
+ || !EffWrk.fPresent
+ || (!EffWrk.fUser && iRing == 3))
+ {
+ uint32_t const fPfBase = ( EffWrk.fReserved ? X86_TRAP_PF_P | X86_TRAP_PF_RSVD
+ : EffWrk.fPresent ? X86_TRAP_PF_P : 0)
+ | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, 0);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ CHECK_AD_BITS(0);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ CHECK_AD_BITS(0);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+ }
+ }
+ else
+ {
+ uint32_t const fPfBase = X86_TRAP_PF_P | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+ if ( ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_ID)
+ && EffWrk.fNoExecute)
+ || ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_RW)
+ && !EffWrk.fWriteable
+ && (fWp || iRing == 3)) )
+ {
+ uint32_t const fErrCd = fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(0);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, X86_PTE_A | X86_PTE_D);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_A | X86_PTE_D);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A, X86_PTE_D);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_D);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_D, X86_PTE_A);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_A);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+ }
+ else
+ {
+ uint32_t const fExpectedAD = (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_RW)
+ ? X86_PTE_A | X86_PTE_D : X86_PTE_A;
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, X86_PTE_A | X86_PTE_D);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(X86_PTE_A | X86_PTE_D);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A, X86_PTE_D);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD | X86_PTE_D);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_D, X86_PTE_A);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD | X86_PTE_A);
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+ }
+ }
+ }
+ }
+ }
+
+ /*
+ * Again, but using invalidate page.
+ */
+ if (pThis->fUseInvlPg)
+ {
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+
+ for (iStore = 0; iStore < RT_ELEMENTS(g_aStoreMethods); iStore++)
+ {
+ pThis->pszStore = g_aStoreMethods[iStore].pszName;
+
+ for (iRing = 0; iRing < 4; iRing++)
+ {
+ PBS3REGCTX const pCtx = &aCtxts[iRing];
+
+ if ( EffWrk.fReserved
+ || !EffWrk.fPresent
+ || (!EffWrk.fUser && iRing == 3))
+ {
+ uint32_t const fPfBase = ( EffWrk.fReserved ? X86_TRAP_PF_P | X86_TRAP_PF_RSVD
+ : EffWrk.fPresent ? X86_TRAP_PF_P : 0)
+ | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ CHECK_AD_BITS(0);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ CHECK_AD_BITS(0);
+ }
+ }
+ else
+ {
+ uint32_t const fPfBase = X86_TRAP_PF_P | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+ if ( ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_ID)
+ && EffWrk.fNoExecute)
+ || ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_RW)
+ && !EffWrk.fWriteable
+ && (fWp || iRing == 3)) )
+ {
+ uint32_t const fErrCd = fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(0);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, X86_PTE_A | X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_A | X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A, X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_D, X86_PTE_A);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_A);
+ }
+ else
+ {
+ uint32_t const fExpectedAD = (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_RW)
+ ? X86_PTE_A | X86_PTE_D : X86_PTE_A;
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, X86_PTE_A | X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(X86_PTE_A | X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A, X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD | X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_D, X86_PTE_A);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD | X86_PTE_A);
+ }
+ }
+ }
+ }
+ }
+
+ bs3CpuBasic2Pf_RestoreFromBackups(pThis);
+ }
+ }
+ }
+
+
+ /*
+ * Do all 4 paging levels. We start out with full access to the page and
+ * restrict it in various ways.
+ *
+ * (On the final level we only mess with the 2nd page for now.)
+ */
+ cPdPtrTests = 1;
+ cPml4Tests = 1;
+ if (pThis->uTestAddr.u >= UINT64_C(0x8000000000))
+ {
+ cPml4Tests = 2;
+ cPdPtrTests = 2;
+ }
+ else if (pThis->PgInfo.cEntries == 3)
+ cPdPtrTests = 2;
+
+#if 0
+ /* Loop 1: Accessor flags. */
+ for (iOuter = 0; iOuter < 2; iOuter++)
+ {
+ uint32_t const fAccessor = (iOuter == 0 ? BS3CB2PFACC_F_DIRECT : 0) | BS3CB2PFACC_F_PAGE_LEVEL;
+
+ /* Loop 2: Paging store method. */
+ for (iStore = 0; iStore < RT_ELEMENTS(g_aStoreMethods); iStore++)
+ {
+ unsigned iPml4Test;
+ int8_t cReserved = 0;
+ int8_t cNotPresent = 0;
+ int8_t cNotWrite = 0;
+ int8_t cNotUser = 0;
+ int8_t cExecute = 0;
+
+ /* Loop 3: Page map level 4 */
+ for (iPml4Test = 0; iPml4Test < cPml4Tests; iPml4Test++)
+ {
+ unsigned iPdPtrTest;
+
+ /* Loop 4: Page directory pointer table. */
+ for (iPdPtrTest = 0; iPdPtrTest < cPdPtrTests; iPdPtrTest++)
+ {
+ unsigned iPdTest;
+
+ /* Loop 5: Page directory. */
+ for (iPdTest = 0; iPdTest < 2; iPdTest++)
+ {
+ unsigned iPtTest;
+
+ /* Loop 6: Page table. */
+ for (iPtTest = 0; iPtTest < 2; iPtTest++)
+ {
+ /* Loop 7: Accessor ring. */
+ for (iRing = 0; iRing < 4; iRing++)
+ {
+ PBS3REGCTX const pCtx = &aCtxts[iRing];
+
+ if ( EffWrk.fReserved
+ || !EffWrk.fPresent
+ || (!EffWrk.fUser && iRing == 3))
+ {
+ uint32_t const fPfBase = ( EffWrk.fReserved ? X86_TRAP_PF_P | X86_TRAP_PF_RSVD
+ : EffWrk.fPresent ? X86_TRAP_PF_P : 0)
+ | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ CHECK_AD_BITS(0);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF,
+ fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask));
+ CHECK_AD_BITS(0);
+ }
+ }
+ else
+ {
+ uint32_t const fPfBase = X86_TRAP_PF_P | (iRing == 3 ? X86_TRAP_PF_US : 0);
+ for (iAccessor = 0; iAccessor < RT_ELEMENTS(g_aAccessors); iAccessor++)
+ {
+ pThis->pszAccessor = g_aAccessors[iAccessor].pszName;
+ if ( ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_ID)
+ && EffWrk.fNoExecute)
+ || ( (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_RW)
+ && !EffWrk.fWriteable
+ && (fWp || iRing == 3)) )
+ {
+ uint32_t const fErrCd = fPfBase | (g_aAccessors[iAccessor].fAccess & fPfIdMask);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(0);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, X86_PTE_A | X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_A | X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A, X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_D, X86_PTE_A);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_PF, fErrCd);
+ CHECK_AD_BITS(X86_PTE_A);
+ }
+ else
+ {
+ uint32_t const fExpectedAD = (g_aAccessors[iAccessor].fAccess & X86_TRAP_PF_RW)
+ ? X86_PTE_A | X86_PTE_D : X86_PTE_A;
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A | X86_PTE_D, 0);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, 0, X86_PTE_A | X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(X86_PTE_A | X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_A, X86_PTE_D);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD | X86_PTE_D);
+
+ pPteWrk->pfnModify(pThis, iStore, pPteWrk, X86_PTE_D, X86_PTE_A);
+ ASMInvalidatePage(pThis->uTestAddr.u + X86_PAGE_SIZE);
+ g_aAccessors[iAccessor].pfnAccessor(pThis, pCtx, fAccessor, X86_XCPT_UD, UINT8_MAX);
+ CHECK_AD_BITS(fExpectedAD | X86_PTE_A);
+ }
+ }
+ }
+ }
+
+ }
+ }
+ }
+ }
+
+ }
+ }
+#endif
+
+ /*
+ * Check reserved bits on each paging level.
+ */
+
+ /* Loop 1: Accessor flags (only direct for now). */
+ for (iOuter = 0; iOuter < 1; iOuter++)
+ {
+ uint32_t const fAccessor = BS3CB2PFACC_F_DIRECT;
+
+ /* Loop 2: Paging store method. */
+ for (iStore = 0; iStore < RT_ELEMENTS(g_aStoreMethods); iStore++)
+ {
+ /* Loop 3: Accessor ring. */
+ for (iRing = 0; iRing < 4; iRing++)
+ {
+ /* Loop 4: Which level we mess up. */
+ for (iLevel = 0; iLevel < pThis->PgInfo.cEntries; iLevel++)
+ {
+#if 0
+ const BS3CPUBASIC2PFMODPT *pPteWrk = &g_aPteWorkers[iPteWrk];
+ if (pThis->PgInfo.)
+ {
+ }
+#endif
+
+
+ }
+ }
+ }
+ }
+
+
+
+ return 0;
+}
+
+
+BS3_DECL_CALLBACK(uint8_t) bs3CpuBasic2_RaiseXcpt0e_c32(uint8_t bMode)
+{
+ void *pvTestUnaligned;
+ uint32_t cbTestUnaligned = _8M;
+ uint8_t bRet = 1;
+ int rc;
+ BS3CPUBASIC2PFSTATE State;
+
+ /*
+ * Initalize the state data.
+ */
+ Bs3MemZero(&State, sizeof(State));
+ State.bMode = bMode;
+ switch (bMode & BS3_MODE_CODE_MASK)
+ {
+ case BS3_MODE_CODE_16: State.cbAccess = sizeof(uint16_t); break;
+ case BS3_MODE_CODE_V86: State.cbAccess = sizeof(uint16_t); break;
+ case BS3_MODE_CODE_32: State.cbAccess = sizeof(uint32_t); break;
+ case BS3_MODE_CODE_64: State.cbAccess = sizeof(uint64_t); break;
+ }
+ State.pCmnMode = &g_aCmnModes[0];
+ while (State.pCmnMode->bMode != (bMode & BS3_MODE_CODE_MASK))
+ State.pCmnMode++;
+ State.fUseInvlPg = (g_uBs3CpuDetected & BS3CPU_TYPE_MASK) >= BS3CPU_80486;
+
+ /* Figure physical addressing width. */
+ State.cBitsPhysWidth = 32;
+ if ( (g_uBs3CpuDetected & BS3CPU_F_CPUID)
+ && (ASMCpuId_EDX(1) & (X86_CPUID_FEATURE_EDX_PSE36 | X86_CPUID_FEATURE_EDX_PAE)) )
+ State.cBitsPhysWidth = 36;
+
+ if ( (g_uBs3CpuDetected & BS3CPU_F_CPUID_EXT_LEAVES)
+ && ASMCpuId_EAX(0x80000000) >= 0x80000008)
+ {
+ uint8_t cBits = (uint8_t)ASMCpuId_EAX(0x80000008);
+ if (cBits >= 32 && cBits <= 52)
+ State.cBitsPhysWidth = cBits;
+ else
+ Bs3TestPrintf("CPUID 0x80000008: Physical bitcount out of range: %u\n", cBits);
+ }
+ //Bs3TestPrintf("Physical bitcount: %u\n", State.cBitsPhysWidth);
+
+ /*
+ * Allocate a some memory we can play around with, then carve a size aligned
+ * chunk out of it so we might be able to maybe play with 2/4MB pages too.
+ */
+ cbTestUnaligned = _8M * 2;
+ while ((pvTestUnaligned = Bs3MemAlloc(BS3MEMKIND_FLAT32, cbTestUnaligned)) == NULL)
+ {
+ cbTestUnaligned >>= 1;
+ if (cbTestUnaligned <= _16K)
+ {
+ Bs3TestFailed("Failed to allocate memory to play around with\n");
+ return 1;
+ }
+ }
+
+ /* align. */
+ if ((uintptr_t)pvTestUnaligned & (cbTestUnaligned - 1))
+ {
+ State.cbTest = cbTestUnaligned >> 1;
+ State.pbOrgTest = (uint8_t *)(((uintptr_t)pvTestUnaligned + State.cbTest - 1) & ~(State.cbTest - 1));
+ }
+ else
+ {
+ State.pbOrgTest = pvTestUnaligned;
+ State.cbTest = cbTestUnaligned;
+ }
+ State.cTestPages = State.cbTest >> X86_PAGE_SHIFT;
+
+ /*
+ * Alias this memory far away from where our code and data lives.
+ */
+ if (bMode & BS3_MODE_CODE_64)
+ State.uTestAddr.u = UINT64_C(0x0000648680000000);
+ else
+ State.uTestAddr.u = UINT32_C(0x80000000);
+ rc = Bs3PagingAlias(State.uTestAddr.u, (uintptr_t)State.pbOrgTest, State.cbTest, X86_PTE_P | X86_PTE_RW | X86_PTE_US);
+ if (RT_SUCCESS(rc))
+ {
+ rc = Bs3PagingQueryAddressInfo(State.uTestAddr.u, &State.PgInfo);
+ if (RT_SUCCESS(rc))
+ {
+//if (bMode & BS3_MODE_CODE_64) ASMHalt();
+ /* Set values that derives from the test memory size and paging info. */
+ if (State.PgInfo.cEntries == 2)
+ {
+ State.cTestPdes = (State.cTestPages + X86_PG_ENTRIES - 1) / X86_PG_ENTRIES;
+ State.cTest1stPtes = RT_MIN(State.cTestPages, X86_PG_ENTRIES);
+ State.cbPdeBackup = State.cTestPdes * (X86_PAGE_SIZE / X86_PG_ENTRIES);
+ State.cbPteBackup = State.cTest1stPtes * (X86_PAGE_SIZE / X86_PG_ENTRIES);
+ }
+ else
+ {
+ State.cTestPdes = (State.cTestPages + X86_PG_PAE_ENTRIES - 1) / X86_PG_PAE_ENTRIES;
+ State.cTest1stPtes = RT_MIN(State.cTestPages, X86_PG_PAE_ENTRIES);
+ State.cbPdeBackup = State.cTestPdes * (X86_PAGE_SIZE / X86_PG_PAE_ENTRIES);
+ State.cbPteBackup = State.cTest1stPtes * (X86_PAGE_SIZE / X86_PG_PAE_ENTRIES);
+ }
+#ifdef BS3CPUBASIC2PF_FASTER
+ State.cbPteBackup = State.PgInfo.cbEntry * 4;
+#endif
+ if (State.cTestPdes <= RT_ELEMENTS(State.au64PdeBackup))
+ {
+ uint32_t cr0 = ASMGetCR0();
+
+ /* Back up the structures. */
+ Bs3MemCpy(&State.PteBackup, State.PgInfo.u.Legacy.pPte, State.cbPteBackup);
+ Bs3MemCpy(State.au64PdeBackup, State.PgInfo.u.Legacy.pPde, State.cbPdeBackup);
+ if (State.PgInfo.cEntries > 2)
+ State.u64PdpteBackup = State.PgInfo.u.Pae.pPdpe->u;
+ if (State.PgInfo.cEntries > 3)
+ State.u64Pml4eBackup = State.PgInfo.u.Pae.pPml4e->u;
+
+ /*
+ * Setup a 16-bit selector for accessing the alias.
+ */
+ Bs3SelSetup16BitData(&Bs3GdteSpare00, State.uTestAddr.u32);
+ State.uSel16TestData = BS3_SEL_SPARE_00 | 3;
+
+ /*
+ * Do the testing.
+ */
+ ASMSetCR0(ASMGetCR0() & ~X86_CR0_WP);
+ bRet = bs3CpuBasic2_RaiseXcpt0eWorker(&State, false /*fWp*/, false /*fNxe*/);
+ if (bRet == 0 && (g_uBs3CpuDetected & BS3CPU_TYPE_MASK) >= BS3CPU_80486)
+ {
+ ASMSetCR0(ASMGetCR0() | X86_CR0_WP);
+ bRet = bs3CpuBasic2_RaiseXcpt0eWorker(&State, true /*fWp*/, false /*fNxe*/);
+ }
+
+ /* Do again with NX enabled. */
+ if (bRet == 0 && (g_uBs3CpuDetected & BS3CPU_F_NX))
+ {
+ ASMWrMsr(MSR_K6_EFER, ASMRdMsr(MSR_K6_EFER) | MSR_K6_EFER_NXE);
+ ASMSetCR0(ASMGetCR0() & ~X86_CR0_WP);
+ bRet = bs3CpuBasic2_RaiseXcpt0eWorker(&State, false /*fWp*/, State.PgInfo.cbEntry == 8 /*fNxe*/);
+ ASMSetCR0(ASMGetCR0() | X86_CR0_WP);
+ bRet = bs3CpuBasic2_RaiseXcpt0eWorker(&State, true /*fWp*/, State.PgInfo.cbEntry == 8 /*fNxe*/);
+ ASMWrMsr(MSR_K6_EFER, ASMRdMsr(MSR_K6_EFER) & ~MSR_K6_EFER_NXE);
+ }
+ bs3CpuBasic2Pf_RestoreFromBackups(&State);
+ ASMSetCR0((ASMGetCR0() & ~X86_CR0_WP) | (cr0 & X86_CR0_WP));
+ }
+ else
+ Bs3TestFailedF("cTestPdes=%u!\n", State.cTestPdes);
+ }
+ else
+ Bs3TestFailedF("Bs3PagingQueryAddressInfo failed: %d\n", rc);
+ Bs3PagingUnalias(State.uTestAddr.u, State.cbTest);
+ }
+ else
+ Bs3TestFailedF("Bs3PagingAlias failed! rc=%d\n", rc);
+ Bs3MemFree(pvTestUnaligned, cbTestUnaligned);
+ return bRet;
+}
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-13 05:13:03 +0000