1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
|
/* prmci3.c: MUTATOR CONTEXT (INTEL 386)
*
* $Id$
* Copyright (c) 2001-2020 Ravenbrook Limited. See end of file for license.
*
* .design: See <design/prmc> for the generic design of the interface
* which is implemented in this module, including the contracts for the
* functions.
*
* .purpose: Implement the mutator context module. <design/prmc>.
*
* .requirements: Current requirements are for limited support only, for
* stepping the sorts of instructions that the Dylan compiler might
* generate for table vector access - i.e., a restricted subset of MOV
* addressing modes. This avoids the need to scan entire weak tables at
* an inappropriate rank when a page fault occurs.
*
*
* SOURCES
*
* .source.i486: Intel486 Microprocessor Family Programmer's
* Reference Manual
*
* .source.dylan: Dylan table code implementation. Especially the
* following HOPE units:
* D-lib-dylan!table.dylan (class <entry-vector>, slot entry-element)
* D-dfmc-harp-cg!harp-primitives.dylan (method op--repeated-slot-element)
* D-harp-pentium-harp!moves.dylan (pentium-template ld-index)
*
*
* ASSUMPTIONS
*
* .assume.null: It's always safe for MutatorContextCanStepInstruction
* to return FALSE. A null implementation of this module would be
* overly conservative but otherwise correct.
*
* .assume.want: The Dylan implementation is likely to access a
* weak table vector using either MOV r/m32,r32 or MOV r32,r/m32
* instructions, where the r/m32 operand will be of one of the forms
* disp8[reg], disp8[reg1][reg2], disp8[reg1][reg2*4] (see .source.dylan
* and .source.i486)
*
* .assume.i3: Assume the following about the i386 environment:
* Steppable instructions (.assume.want) use the CS, DS & SS
* segment registers only (see .source.i486 Table 2-3).
* The processor runs in 32 bit mode.
* The CS, DS and SS segment registers all describe identical 32-
* bit flat address spaces.
*/
#include "mpm.h"
#include "prmci3.h"
SRCID(prmci3, "$Id$");
#if !defined(MPS_ARCH_I3)
#error "prmci3.c is specific to MPS_ARCH_I3"
#endif
/* DecodeCB -- Decode an Intel x86 control byte into Hi, Medium & Low fields */
static void DecodeCB(unsigned int *hReturn,
unsigned int *mReturn,
unsigned int *lReturn,
Byte op)
{
/* see .source.i486 Figure 26-2 */
unsigned int uop = (unsigned int)op;
*lReturn = uop & 7;
uop = uop >> 3;
*mReturn = uop & 7;
uop = uop >> 3;
*hReturn = uop & 3;
}
/* DecodeSIB -- Decode a Scale Index Base byte for an Intel x86 instruction */
static void DecodeSIB(unsigned int *sReturn,
unsigned int *iReturn,
unsigned int *bReturn,
Byte op)
{
DecodeCB(sReturn, iReturn, bReturn, op);
}
/* DecodeModRM -- Decode a ModR/M byte for an Intel x86 instruction */
static void DecodeModRM(unsigned int *modReturn,
unsigned int *rReturn,
unsigned int *mReturn,
Byte op)
{
DecodeCB(modReturn, rReturn, mReturn, op);
}
/* RegValue -- Return the value of a machine register from a context */
static Word RegValue(MutatorContext context, unsigned int regnum)
{
MRef addr;
addr = Prmci3AddressHoldingReg(context, regnum);
return *addr;
}
/* Return a byte element of an instruction vector as a
* Word value, with sign extension
*/
static Word SignedInsElt(Byte insvec[], Count i)
{
signed char eltb;
eltb = ((signed char*)insvec)[i];
return (Word)eltb;
}
/* If a MOV instruction is a sufficiently simple example of a
* move between a register and memory (in either direction),
* then find the register, the effective address and the size
* of the instruction. The instruction is considered sufficiently
* simple if it uses a single byte displacement, a base register,
* and either no index or a (possibly scaled) register.
*/
static Bool DecodeSimpleMov(unsigned int *regnumReturn,
MRef *memReturn,
Size *inslenReturn,
MutatorContext context,
Byte insvec[])
{
unsigned int mod;
unsigned int r;
unsigned int m;
DecodeModRM(&mod, &r, &m, insvec[1]); /* .source.i486 Table 26-3 */
if(1 == mod) {
/* Only know about single byte displacements, .assume.want */
Word base;
Word idx; /* can't shadow index(3) */
Word disp;
if(4 == m) {
/* There is an index. */
unsigned int s;
unsigned int i;
unsigned int b;
DecodeSIB(&s, &i, &b, insvec[2]); /* .source.i486 Table 26-3 */
if(4 == i) {
return FALSE; /* degenerate SIB form - unused by Dylan compiler */
}
disp = SignedInsElt(insvec, 3);
base = RegValue(context, b);
idx = RegValue(context, i) << s;
*inslenReturn = 4;
} else {
/* MOV with reg1 & [reg2+byte] parameters */
disp = SignedInsElt(insvec, 2);
base = RegValue(context, m);
idx = 0;
*inslenReturn = 3;
}
*regnumReturn = r;
*memReturn = (MRef)(base + idx + disp); /* .assume.i3 */
return TRUE;
}
return FALSE;
}
static Bool IsSimpleMov(Size *inslenReturn,
MRef *srcReturn,
MRef *destReturn,
MutatorContext context)
{
Byte *insvec;
unsigned int regnum;
MRef mem;
MRef faultmem;
Prmci3DecodeFaultContext(&faultmem, &insvec, context);
/* .assume.want */
/* .source.i486 Page 26-210 */
if((Byte)0x8b == insvec[0]) {
/* This is an instruction of type MOV reg, r/m32 */
if(DecodeSimpleMov(®num, &mem, inslenReturn, context, insvec)) {
AVER(faultmem == mem); /* Ensure computed address matches exception */
*srcReturn = mem;
*destReturn = Prmci3AddressHoldingReg(context, regnum);
return TRUE;
}
} else if((Byte)0x89 == insvec[0]) {
/* This is an instruction of type MOV r/m32, reg */
if(DecodeSimpleMov(®num, &mem, inslenReturn, context, insvec)) {
AVER(faultmem == mem); /* Ensure computed address matches exception */
*destReturn = mem;
*srcReturn = Prmci3AddressHoldingReg(context, regnum);
return TRUE;
}
}
return FALSE;
}
Bool MutatorContextCanStepInstruction(MutatorContext context)
{
Size inslen;
MRef src;
MRef dest;
AVERT(MutatorContext, context);
/* .assume.null */
/* .assume.want */
if(IsSimpleMov(&inslen, &src, &dest, context)) {
return TRUE;
}
return FALSE;
}
Res MutatorContextStepInstruction(MutatorContext context)
{
Size inslen;
MRef src;
MRef dest;
AVERT(MutatorContext, context);
/* .assume.null */
/* .assume.want */
if(IsSimpleMov(&inslen, &src, &dest, context)) {
*dest = *src;
Prmci3StepOverIns(context, inslen);
return ResOK;
}
return ResUNIMPL;
}
/* C. COPYRIGHT AND LICENSE
*
* Copyright (C) 2001-2020 Ravenbrook Limited <https://www.ravenbrook.com/>.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
* IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
|
