IOMAllMMIO.cpp

Timestamp:

May 7, 2016 5:55:21 PM (9 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

107086

Message:

IOMRC.cpp,++: Use IEM for IN and OUT too, cleaning out unnecessary code.

File:

: 1 edited

trunk/src/VBox/VMM/VMMAll/IOMAllMMIO.cpp (modified) (5 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/src/VBox/VMM/VMMAll/IOMAllMMIO.cpp

-              r60854
+              r60874
-/*********************************************************************************************************************************
-*   Defined Constants And Macros                                                                                                 *
-*********************************************************************************************************************************/
-/** @def IEM_USE_IEM_INSTEAD
- * Use IEM instead of IOM for interpreting MMIO accesses.
- * Because of PATM/CSAM issues in raw-mode, we've split this up into 2nd and 3rd
- * IEM deployment step. */
-#if  ((defined(IN_RING3) || defined(IN_RING0)) && defined(VBOX_WITH_2ND_IEM_STEP)) \
-  || defined(VBOX_WITH_3RD_IEM_STEP) || defined(DOXYGEN_RUNNING)
-# define IEM_USE_IEM_INSTEAD
-#endif
-/*********************************************************************************************************************************
-*   Global Variables                                                                                                             *
-*********************************************************************************************************************************/
-/**
- * Array for fast recode of the operand size (1/2/4/8 bytes) to bit shift value.
- */
-static const unsigned g_aSize2Shift[] =
+{
-    ~0U,   /* 0 - invalid */
-,     /* *1 == 2^0 */
-,     /* *2 == 2^1 */
-    ~0U,   /* 3 - invalid */
-,     /* *4 == 2^2 */
-    ~0U,   /* 5 - invalid */
-    ~0U,   /* 6 - invalid */
-    ~0U,   /* 7 - invalid */
-      /* *8 == 2^3 */
-};
-/**
- * Macro for fast recode of the operand size (1/2/4/8 bytes) to bit shift value.
- */
-#define SIZE_2_SHIFT(cb)    (g_aSize2Shift[cb])
-/**
- * Returns the contents of register or immediate data of instruction's parameter.
+ *
- * @returns true on success.
+ *
- * @todo Get rid of this code. Use DISQueryParamVal instead
+ *
- * @param   pCpu                Pointer to current disassembler context.
- * @param   pParam              Pointer to parameter of instruction to process.
- * @param   pRegFrame           Pointer to CPUMCTXCORE guest structure.
- * @param   pu64Data            Where to store retrieved data.
- * @param   pcbSize             Where to store the size of data (1, 2, 4, 8).
- */
-bool iomGetRegImmData(PDISCPUSTATE pCpu, PCDISOPPARAM pParam, PCPUMCTXCORE pRegFrame, uint64_t *pu64Data, unsigned *pcbSize)
+{
-    NOREF(pCpu);
-    if (pParam->fUse & (DISUSE_BASE | DISUSE_INDEX | DISUSE_SCALE | DISUSE_DISPLACEMENT8 | DISUSE_DISPLACEMENT16 | DISUSE_DISPLACEMENT32))
+    {
-        *pcbSize  = 0;
-        *pu64Data = 0;
-        return false;
+    }
-    /* divide and conquer */
-    if (pParam->fUse & (DISUSE_REG_GEN64 | DISUSE_REG_GEN32 | DISUSE_REG_GEN16 | DISUSE_REG_GEN8))
+    {
-        if (pParam->fUse & DISUSE_REG_GEN32)
+        {
-            *pcbSize  = 4;
-            DISFetchReg32(pRegFrame, pParam->Base.idxGenReg, (uint32_t *)pu64Data);
-            return true;
+        }
-        if (pParam->fUse & DISUSE_REG_GEN16)
+        {
-            *pcbSize  = 2;
-            DISFetchReg16(pRegFrame, pParam->Base.idxGenReg, (uint16_t *)pu64Data);
-            return true;
+        }
-        if (pParam->fUse & DISUSE_REG_GEN8)
+        {
-            *pcbSize  = 1;
-            DISFetchReg8(pRegFrame, pParam->Base.idxGenReg, (uint8_t *)pu64Data);
-            return true;
+        }
-        Assert(pParam->fUse & DISUSE_REG_GEN64);
-        *pcbSize  = 8;
-        DISFetchReg64(pRegFrame, pParam->Base.idxGenReg, pu64Data);
-        return true;
+    }
-    else
+    {
-        if (pParam->fUse & (DISUSE_IMMEDIATE64 | DISUSE_IMMEDIATE64_SX8))
+        {
-            *pcbSize  = 8;
-            *pu64Data = pParam->uValue;
-            return true;
+        }
-        if (pParam->fUse & (DISUSE_IMMEDIATE32 | DISUSE_IMMEDIATE32_SX8))
+        {
-            *pcbSize  = 4;
-            *pu64Data = (uint32_t)pParam->uValue;
-            return true;
+        }
-        if (pParam->fUse & (DISUSE_IMMEDIATE16 | DISUSE_IMMEDIATE16_SX8))
+        {
-            *pcbSize  = 2;
-            *pu64Data = (uint16_t)pParam->uValue;
-            return true;
+        }
-        if (pParam->fUse & DISUSE_IMMEDIATE8)
+        {
-            *pcbSize  = 1;
-            *pu64Data = (uint8_t)pParam->uValue;
-            return true;
+        }
-        if (pParam->fUse & DISUSE_REG_SEG)
+        {
-            *pcbSize  = 2;
-            DISFetchRegSeg(pRegFrame, (DISSELREG)pParam->Base.idxSegReg, (RTSEL *)pu64Data);
-            return true;
-        } /* Else - error. */
-        AssertFailed();
-        *pcbSize  = 0;
-        *pu64Data = 0;
-        return false;
+    }
+}
-/**
- * Saves data to 8/16/32 general purpose or segment register defined by
- * instruction's parameter.
+ *
- * @returns true on success.
- * @param   pCpu                Pointer to current disassembler context.
- * @param   pParam              Pointer to parameter of instruction to process.
- * @param   pRegFrame           Pointer to CPUMCTXCORE guest structure.
- * @param   u64Data             8/16/32/64 bit data to store.
- */
-bool iomSaveDataToReg(PDISCPUSTATE pCpu, PCDISOPPARAM pParam, PCPUMCTXCORE pRegFrame, uint64_t u64Data)
+{
-    NOREF(pCpu);
-    if (pParam->fUse & (DISUSE_BASE | DISUSE_INDEX | DISUSE_SCALE | DISUSE_DISPLACEMENT8 | DISUSE_DISPLACEMENT16 | DISUSE_DISPLACEMENT32 | DISUSE_DISPLACEMENT64 | DISUSE_IMMEDIATE8 | DISUSE_IMMEDIATE16 | DISUSE_IMMEDIATE32 | DISUSE_IMMEDIATE32_SX8 | DISUSE_IMMEDIATE16_SX8))
+    {
-        return false;
+    }
-    if (pParam->fUse & DISUSE_REG_GEN32)
+    {
-        DISWriteReg32(pRegFrame, pParam->Base.idxGenReg, (uint32_t)u64Data);
-        return true;
+    }
-    if (pParam->fUse & DISUSE_REG_GEN64)
+    {
-        DISWriteReg64(pRegFrame, pParam->Base.idxGenReg, u64Data);
-        return true;
+    }
-    if (pParam->fUse & DISUSE_REG_GEN16)
+    {
-        DISWriteReg16(pRegFrame, pParam->Base.idxGenReg, (uint16_t)u64Data);
-        return true;
+    }
-    if (pParam->fUse & DISUSE_REG_GEN8)
+    {
-        DISWriteReg8(pRegFrame, pParam->Base.idxGenReg, (uint8_t)u64Data);
-        return true;
+    }
-    if (pParam->fUse & DISUSE_REG_SEG)
+    {
-        DISWriteRegSeg(pRegFrame, (DISSELREG)pParam->Base.idxSegReg, (RTSEL)u64Data);
-        return true;
+    }
-    /* Else - error. */
-    return false;
+}
 #ifndef IN_RING3
 …
-#ifndef IEM_USE_IEM_INSTEAD
-/**
- * MOV      reg, mem         (read)
- * MOVZX    reg, mem         (read)
- * MOVSX    reg, mem         (read)
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Pointer to CPUMCTXCORE guest registers structure.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- */
-static int iomInterpretMOVxXRead(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pCpu,
-                                 PIOMMMIORANGE pRange, RTGCPHYS GCPhysFault)
+{
-    Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
-    /*
-     * Get the data size from parameter 2,
-     * and call the handler function to get the data.
-     */
-    unsigned cb = DISGetParamSize(pCpu, &pCpu->Param2);
-    AssertMsg(cb > 0 && cb <= sizeof(uint64_t), ("cb=%d\n", cb));
-    uint64_t u64Data = 0;
-    int rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &u64Data, cb));
-    if (rc == VINF_SUCCESS)
+    {
-        /*
-         * Do sign extension for MOVSX.
-         */
-        /** @todo checkup MOVSX implementation! */
-        if (pCpu->pCurInstr->uOpcode == OP_MOVSX)
+        {
-            if (cb == 1)
+            {
-                /* DWORD <- BYTE */
-                int64_t iData = (int8_t)u64Data;
-                u64Data = (uint64_t)iData;
+            }
-            else
+            {
-                /* DWORD <- WORD */
-                int64_t iData = (int16_t)u64Data;
-                u64Data = (uint64_t)iData;
+            }
+        }
-        /*
-         * Store the result to register (parameter 1).
-         */
-        bool fRc = iomSaveDataToReg(pCpu, &pCpu->Param1, pRegFrame, u64Data);
-        AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
+    }
-    if (rc == VINF_SUCCESS)
-        iomMMIOStatLength(pVM, cb);
-    return rc;
+}
-/**
- * MOV      mem, reg|imm     (write)
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Pointer to CPUMCTXCORE guest registers structure.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- */
-static int iomInterpretMOVxXWrite(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pCpu,
-                                  PIOMMMIORANGE pRange, RTGCPHYS GCPhysFault)
+{
-    Assert(pRange->CTX_SUFF(pfnWriteCallback) || !pRange->pfnWriteCallbackR3);
-    /*
-     * Get data to write from second parameter,
-     * and call the callback to write it.
-     */
-    unsigned cb = 0;
-    uint64_t u64Data  = 0;
-    bool fRc = iomGetRegImmData(pCpu, &pCpu->Param2, pRegFrame, &u64Data, &cb);
-    AssertMsg(fRc, ("Failed to get reg/imm port number!\n")); NOREF(fRc);
-    int rc = VBOXSTRICTRC_TODO(iomMMIODoWrite(pVM, pVCpu, pRange, GCPhysFault, &u64Data, cb));
-    if (rc == VINF_SUCCESS)
-        iomMMIOStatLength(pVM, cb);
-    return rc;
+}
-/** Wrapper for reading virtual memory. */
-DECLINLINE(int) iomRamRead(PVMCPU pVCpu, void *pDest, RTGCPTR GCSrc, uint32_t cb)
+{
-    /* Note: This will fail in R0 or RC if it hits an access handler. That
-             isn't a problem though since the operation can be restarted in REM. */
-#ifdef IN_RC
-    NOREF(pVCpu);
-    int rc = MMGCRamReadNoTrapHandler(pDest, (void *)(uintptr_t)GCSrc, cb);
-    /* Page may be protected and not directly accessible. */
-    if (rc == VERR_ACCESS_DENIED)
-        rc = VINF_IOM_R3_IOPORT_WRITE;
-    return rc;
-#else
-    return VBOXSTRICTRC_VAL(PGMPhysReadGCPtr(pVCpu, pDest, GCSrc, cb, PGMACCESSORIGIN_IOM));
-#endif
+}
-/** Wrapper for writing virtual memory. */
-DECLINLINE(int) iomRamWrite(PVMCPU pVCpu, PCPUMCTXCORE pCtxCore, RTGCPTR GCPtrDst, void *pvSrc, uint32_t cb)
+{
-    /** @todo Need to update PGMVerifyAccess to take access handlers into account for Ring-0 and
-     *        raw mode code. Some thought needs to be spent on theoretical concurrency issues as
-     *        as well since we're not behind the pgm lock and handler may change between calls.
+     *
-     *        PGMPhysInterpretedWriteNoHandlers/PGMPhysWriteGCPtr may mess up
-     *        the state of some shadowed structures. */
-#if defined(IN_RING0) || defined(IN_RC)
-    return PGMPhysInterpretedWriteNoHandlers(pVCpu, pCtxCore, GCPtrDst, pvSrc, cb, false /*fRaiseTrap*/);
-#else
-    NOREF(pCtxCore);
-    return VBOXSTRICTRC_VAL(PGMPhysWriteGCPtr(pVCpu, GCPtrDst, pvSrc, cb, PGMACCESSORIGIN_IOM));
-#endif
+}
-#if defined(IOM_WITH_MOVS_SUPPORT) && 0 /* locking prevents this from working. has buggy ecx handling. */
-/**
- * [REP] MOVSB
- * [REP] MOVSW
- * [REP] MOVSD
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   uErrorCode  CPU Error code.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- * @param   ppStat      Which sub-sample to attribute this call to.
- */
-static int iomInterpretMOVS(PVM pVM, bool fWriteAccess, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange,
-                            PSTAMPROFILE *ppStat)
+{
-    /*
-     * We do not support segment prefixes or REPNE.
-     */
-    if (pCpu->fPrefix & (DISPREFIX_SEG | DISPREFIX_REPNE))
-        return VINF_IOM_R3_MMIO_READ_WRITE; /** @todo -> interpret whatever. */
-    PVMCPU pVCpu = VMMGetCpu(pVM);
-    /*
-     * Get bytes/words/dwords/qword count to copy.
-     */
-    uint32_t cTransfers = 1;
-    if (pCpu->fPrefix & DISPREFIX_REP)
+    {
-#ifndef IN_RC
-        if (    CPUMIsGuestIn64BitCode(pVCpu, pRegFrame)
-            &&  pRegFrame->rcx >= _4G)
-            return VINF_EM_RAW_EMULATE_INSTR;
-#endif
-        cTransfers = pRegFrame->ecx;
-        if (SELMGetCpuModeFromSelector(pVM, pRegFrame->eflags, pRegFrame->cs, &pRegFrame->csHid) == DISCPUMODE_16BIT)
-            cTransfers &= 0xffff;
-        if (!cTransfers)
-            return VINF_SUCCESS;
+    }
-    /* Get the current privilege level. */
-    uint32_t cpl = CPUMGetGuestCPL(pVCpu, pRegFrame);
-    /*
-     * Get data size.
-     */
-    unsigned cb = DISGetParamSize(pCpu, &pCpu->Param1);
-    AssertMsg(cb > 0 && cb <= sizeof(uint64_t), ("cb=%d\n", cb));
-    int      offIncrement = pRegFrame->eflags.Bits.u1DF ? -(signed)cb : (signed)cb;
-#ifdef VBOX_WITH_STATISTICS
-    if (pVM->iom.s.cMovsMaxBytes < (cTransfers << SIZE_2_SHIFT(cb)))
-        pVM->iom.s.cMovsMaxBytes = cTransfers << SIZE_2_SHIFT(cb);
-#endif
-/** @todo re-evaluate on page boundaries. */
-    RTGCPHYS Phys = GCPhysFault;
-    int rc;
-    if (fWriteAccess)
+    {
-        /*
-         * Write operation: [Mem] -> [MMIO]
-         * ds:esi (Virt Src) -> es:edi (Phys Dst)
-         */
-        STAM_STATS({ *ppStat = &pVM->iom.s.StatRZInstMovsToMMIO; });
-        /* Check callback. */
-        if (!pRange->CTX_SUFF(pfnWriteCallback))
-            return VINF_IOM_R3_MMIO_WRITE;
-        /* Convert source address ds:esi. */
-        RTGCUINTPTR pu8Virt;
-        rc = SELMToFlatEx(pVM, DISSELREG_DS, pRegFrame, (RTGCPTR)pRegFrame->rsi,
-                          SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
-                          (PRTGCPTR)&pu8Virt);
-        if (RT_SUCCESS(rc))
+        {
-            /* Access verification first; we currently can't recover properly from traps inside this instruction */
-            rc = PGMVerifyAccess(pVCpu, pu8Virt, cTransfers * cb, (cpl == 3) ? X86_PTE_US : 0);
-            if (rc != VINF_SUCCESS)
+            {
-                Log(("MOVS will generate a trap -> recompiler, rc=%d\n", rc));
-                return VINF_EM_RAW_EMULATE_INSTR;
+            }
-#ifdef IN_RC
-            MMGCRamRegisterTrapHandler(pVM);
-#endif
-            /* copy loop. */
-            while (cTransfers)
+            {
-                uint32_t u32Data = 0;
-                rc = iomRamRead(pVCpu, &u32Data, (RTGCPTR)pu8Virt, cb);
-                if (rc != VINF_SUCCESS)
-                    break;
-                rc = VBOXSTRICTRC_TODO(iomMMIODoWrite(pVM, pRange, Phys, &u32Data, cb));
-                if (rc != VINF_SUCCESS)
-                    break;
-                pu8Virt        += offIncrement;
-                Phys           += offIncrement;
-                pRegFrame->rsi += offIncrement;
-                pRegFrame->rdi += offIncrement;
-                cTransfers--;
+            }
-#ifdef IN_RC
-            MMGCRamDeregisterTrapHandler(pVM);
-#endif
-            /* Update ecx. */
-            if (pCpu->fPrefix & DISPREFIX_REP)
-                pRegFrame->ecx = cTransfers;
+        }
-        else
-            rc = VINF_IOM_R3_MMIO_READ_WRITE;
+    }
-    else
+    {
-        /*
-         * Read operation: [MMIO] -> [mem] or [MMIO] -> [MMIO]
-         * ds:[eSI] (Phys Src) -> es:[eDI] (Virt Dst)
-         */
-        STAM_STATS({ *ppStat = &pVM->iom.s.StatRZInstMovsFromMMIO; });
-        /* Check callback. */
-        if (!pRange->CTX_SUFF(pfnReadCallback))
-            return VINF_IOM_R3_MMIO_READ;
-        /* Convert destination address. */
-        RTGCUINTPTR pu8Virt;
-        rc = SELMToFlatEx(pVM, DISSELREG_ES, pRegFrame, (RTGCPTR)pRegFrame->rdi,
-                          SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
-                          (RTGCPTR *)&pu8Virt);
-        if (RT_FAILURE(rc))
-            return VINF_IOM_R3_MMIO_READ;
-        /* Check if destination address is MMIO. */
-        PIOMMMIORANGE pMMIODst;
-        RTGCPHYS PhysDst;
-        rc = PGMGstGetPage(pVCpu, (RTGCPTR)pu8Virt, NULL, &PhysDst);
-        PhysDst |= (RTGCUINTPTR)pu8Virt & PAGE_OFFSET_MASK;
-        if (    RT_SUCCESS(rc)
-            &&  (pMMIODst = iomMmioGetRangeWithRef(pVM, PhysDst)))
+        {
-            /** @todo implement per-device locks for MMIO access. */
-            Assert(!pMMIODst->CTX_SUFF(pDevIns)->CTX_SUFF(pCritSect));
-            /*
-             * Extra: [MMIO] -> [MMIO]
-             */
-            STAM_STATS({ *ppStat = &pVM->iom.s.StatRZInstMovsMMIO; });
-            if (!pMMIODst->CTX_SUFF(pfnWriteCallback) && pMMIODst->pfnWriteCallbackR3)
+            {
-                iomMmioReleaseRange(pVM, pRange);
-                return VINF_IOM_R3_MMIO_READ_WRITE;
+            }
-            /* copy loop. */
-            while (cTransfers)
+            {
-                uint32_t u32Data;
-                rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pRange, Phys, &u32Data, cb));
-                if (rc != VINF_SUCCESS)
-                    break;
-                rc = VBOXSTRICTRC_TODO(iomMMIODoWrite(pVM, pMMIODst, PhysDst, &u32Data, cb));
-                if (rc != VINF_SUCCESS)
-                    break;
-                Phys           += offIncrement;
-                PhysDst        += offIncrement;
-                pRegFrame->rsi += offIncrement;
-                pRegFrame->rdi += offIncrement;
-                cTransfers--;
+            }
-            iomMmioReleaseRange(pVM, pRange);
+        }
-        else
+        {
-            /*
-             * Normal: [MMIO] -> [Mem]
-             */
-            /* Access verification first; we currently can't recover properly from traps inside this instruction */
-            rc = PGMVerifyAccess(pVCpu, pu8Virt, cTransfers * cb, X86_PTE_RW | ((cpl == 3) ? X86_PTE_US : 0));
-            if (rc != VINF_SUCCESS)
+            {
-                Log(("MOVS will generate a trap -> recompiler, rc=%d\n", rc));
-                return VINF_EM_RAW_EMULATE_INSTR;
+            }
-            /* copy loop. */
-#ifdef IN_RC
-            MMGCRamRegisterTrapHandler(pVM);
-#endif
-            while (cTransfers)
+            {
-                uint32_t u32Data;
-                rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pRange, Phys, &u32Data, cb));
-                if (rc != VINF_SUCCESS)
-                    break;
-                rc = iomRamWrite(pVCpu, pRegFrame, (RTGCPTR)pu8Virt, &u32Data, cb);
-                if (rc != VINF_SUCCESS)
+                {
-                    Log(("iomRamWrite %08X size=%d failed with %d\n", pu8Virt, cb, rc));
-                    break;
+                }
-                pu8Virt        += offIncrement;
-                Phys           += offIncrement;
-                pRegFrame->rsi += offIncrement;
-                pRegFrame->rdi += offIncrement;
-                cTransfers--;
+            }
-#ifdef IN_RC
-            MMGCRamDeregisterTrapHandler(pVM);
-#endif
+        }
-        /* Update ecx on exit. */
-        if (pCpu->fPrefix & DISPREFIX_REP)
-            pRegFrame->ecx = cTransfers;
+    }
-    /* work statistics. */
-    if (rc == VINF_SUCCESS)
-        iomMMIOStatLength(pVM, cb);
-    NOREF(ppStat);
-    return rc;
+}
-#endif /* IOM_WITH_MOVS_SUPPORT */
-/**
- * Gets the address / opcode mask corresponding to the given CPU mode.
+ *
- * @returns Mask.
- * @param   enmCpuMode          CPU mode.
- */
-static uint64_t iomDisModeToMask(DISCPUMODE enmCpuMode)
+{
-    switch (enmCpuMode)
+    {
-        case DISCPUMODE_16BIT: return UINT16_MAX;
-        case DISCPUMODE_32BIT: return UINT32_MAX;
-        case DISCPUMODE_64BIT: return UINT64_MAX;
-        default:
-            AssertFailedReturn(UINT32_MAX);
+    }
+}
-/**
- * [REP] STOSB
- * [REP] STOSW
- * [REP] STOSD
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- */
-static int iomInterpretSTOS(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault,
-                            PDISCPUSTATE pCpu, PIOMMMIORANGE pRange)
+{
-    /*
-     * We do not support segment prefixes or REPNE..
-     */
-    if (pCpu->fPrefix & (DISPREFIX_SEG | DISPREFIX_REPNE))
-        return VINF_IOM_R3_MMIO_READ_WRITE; /** @todo -> REM instead of HC */
-    /*
-     * Get bytes/words/dwords/qwords count to copy.
-     */
-    uint64_t const fAddrMask = iomDisModeToMask((DISCPUMODE)pCpu->uAddrMode);
-    RTGCUINTREG cTransfers = 1;
-    if (pCpu->fPrefix & DISPREFIX_REP)
+    {
-#ifndef IN_RC
-        if (    CPUMIsGuestIn64BitCode(pVCpu)
-            &&  pRegFrame->rcx >= _4G)
-            return VINF_EM_RAW_EMULATE_INSTR;
-#endif
-        cTransfers = pRegFrame->rcx & fAddrMask;
-        if (!cTransfers)
-            return VINF_SUCCESS;
+    }
-/** @todo r=bird: bounds checks! */
-    /*
-     * Get data size.
-     */
-    unsigned cb = DISGetParamSize(pCpu, &pCpu->Param1);
-    AssertMsg(cb > 0 && cb <= sizeof(uint64_t), ("cb=%d\n", cb));
-    int      offIncrement = pRegFrame->eflags.Bits.u1DF ? -(signed)cb : (signed)cb;
-#ifdef VBOX_WITH_STATISTICS
-    if (pVM->iom.s.cStosMaxBytes < (cTransfers << SIZE_2_SHIFT(cb)))
-        pVM->iom.s.cStosMaxBytes = cTransfers << SIZE_2_SHIFT(cb);
-#endif
-    RTGCPHYS    Phys    = GCPhysFault;
-    int rc;
-    if (   pRange->CTX_SUFF(pfnFillCallback)
-        && cb <= 4 /* can only fill 32-bit values */)
+    {
-        /*
-         * Use the fill callback.
-         */
-        /** @todo pfnFillCallback must return number of bytes successfully written!!! */
-        if (offIncrement > 0)
+        {
-            /* addr++ variant. */
-            rc = pRange->CTX_SUFF(pfnFillCallback)(pRange->CTX_SUFF(pDevIns), pRange->CTX_SUFF(pvUser), Phys,
-                                                   pRegFrame->eax, cb, cTransfers);
-            if (rc == VINF_SUCCESS)
+            {
-                /* Update registers. */
-                pRegFrame->rdi = ((pRegFrame->rdi + (cTransfers << SIZE_2_SHIFT(cb))) & fAddrMask)
-                               | (pRegFrame->rdi & ~fAddrMask);
-                if (pCpu->fPrefix & DISPREFIX_REP)
-                    pRegFrame->rcx &= ~fAddrMask;
+            }
+        }
-        else
+        {
-            /* addr-- variant. */
-            rc = pRange->CTX_SUFF(pfnFillCallback)(pRange->CTX_SUFF(pDevIns),  pRange->CTX_SUFF(pvUser),
-                                                   Phys - ((cTransfers - 1) << SIZE_2_SHIFT(cb)),
-                                                   pRegFrame->eax, cb, cTransfers);
-            if (rc == VINF_SUCCESS)
+            {
-                /* Update registers. */
-                pRegFrame->rdi = ((pRegFrame->rdi - (cTransfers << SIZE_2_SHIFT(cb))) & fAddrMask)
-                               | (pRegFrame->rdi & ~fAddrMask);
-                if (pCpu->fPrefix & DISPREFIX_REP)
-                    pRegFrame->rcx &= ~fAddrMask;
+            }
+        }
+    }
-    else
+    {
-        /*
-         * Use the write callback.
-         */
-        Assert(pRange->CTX_SUFF(pfnWriteCallback) || !pRange->pfnWriteCallbackR3);
-        uint64_t u64Data = pRegFrame->rax;
-        /* fill loop. */
-        do
+        {
-            rc = VBOXSTRICTRC_TODO(iomMMIODoWrite(pVM, pVCpu, pRange, Phys, &u64Data, cb));
-            if (rc != VINF_SUCCESS)
-                break;
-            Phys           += offIncrement;
-            pRegFrame->rdi  = ((pRegFrame->rdi + offIncrement) & fAddrMask)
-                            | (pRegFrame->rdi & ~fAddrMask);
-            cTransfers--;
-        } while (cTransfers);
-        /* Update rcx on exit. */
-        if (pCpu->fPrefix & DISPREFIX_REP)
-            pRegFrame->rcx = (cTransfers & fAddrMask)
-                           | (pRegFrame->rcx & ~fAddrMask);
+    }
-    /*
-     * Work statistics and return.
-     */
-    if (rc == VINF_SUCCESS)
-        iomMMIOStatLength(pVM, cb);
-    return rc;
+}
-/**
- * [REP] LODSB
- * [REP] LODSW
- * [REP] LODSD
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- */
-static int iomInterpretLODS(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu,
-                            PIOMMMIORANGE pRange)
+{
-    Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
-    /*
-     * We do not support segment prefixes or REP*.
-     */
-    if (pCpu->fPrefix & (DISPREFIX_SEG | DISPREFIX_REP | DISPREFIX_REPNE))
-        return VINF_IOM_R3_MMIO_READ_WRITE; /** @todo -> REM instead of HC */
-    /*
-     * Get data size.
-     */
-    unsigned cb = DISGetParamSize(pCpu, &pCpu->Param2);
-    AssertMsg(cb > 0 && cb <= sizeof(uint64_t), ("cb=%d\n", cb));
-    int     offIncrement = pRegFrame->eflags.Bits.u1DF ? -(signed)cb : (signed)cb;
-    /*
-     * Perform read.
-     */
-    int rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &pRegFrame->rax, cb));
-    if (rc == VINF_SUCCESS)
+    {
-        uint64_t const fAddrMask = iomDisModeToMask((DISCPUMODE)pCpu->uAddrMode);
-        pRegFrame->rsi = ((pRegFrame->rsi + offIncrement) & fAddrMask)
-                       | (pRegFrame->rsi & ~fAddrMask);
+    }
-    /*
-     * Work statistics and return.
-     */
-    if (rc == VINF_SUCCESS)
-        iomMMIOStatLength(pVM, cb);
-    return rc;
+}
-/**
- * CMP [MMIO], reg|imm
- * CMP reg|imm, [MMIO]
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- */
-static int iomInterpretCMP(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu,
-                           PIOMMMIORANGE pRange)
+{
-    Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
-    /*
-     * Get the operands.
-     */
-    unsigned cb = 0;
-    uint64_t uData1 = 0;
-    uint64_t uData2 = 0;
-    int rc;
-    if (iomGetRegImmData(pCpu, &pCpu->Param1, pRegFrame, &uData1, &cb))
-        /* cmp reg, [MMIO]. */
-        rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData2, cb));
-    else if (iomGetRegImmData(pCpu, &pCpu->Param2, pRegFrame, &uData2, &cb))
-        /* cmp [MMIO], reg|imm. */
-        rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData1, cb));
-    else
+    {
-        AssertMsgFailed(("Disassember CMP problem..\n"));
-        rc = VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
+    }
-    if (rc == VINF_SUCCESS)
+    {
-#if HC_ARCH_BITS == 32
-        /* Can't deal with 8 byte operands in our 32-bit emulation code. */
-        if (cb > 4)
-            return VINF_IOM_R3_MMIO_READ_WRITE;
-#endif
-        /* Emulate CMP and update guest flags. */
-        uint32_t eflags = EMEmulateCmp(uData1, uData2, cb);
-        pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
-                              | (eflags                &  (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
-        iomMMIOStatLength(pVM, cb);
+    }
-    return rc;
+}
-/**
- * AND [MMIO], reg|imm
- * AND reg, [MMIO]
- * OR [MMIO], reg|imm
- * OR reg, [MMIO]
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- * @param   pfnEmulate  Instruction emulation function.
- */
-static int iomInterpretOrXorAnd(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu,
-                                PIOMMMIORANGE pRange, PFNEMULATEPARAM3 pfnEmulate)
+{
-    unsigned    cb     = 0;
-    uint64_t    uData1 = 0;
-    uint64_t    uData2 = 0;
-    bool        fAndWrite;
-    int         rc;
-#ifdef LOG_ENABLED
-    const char *pszInstr;
-    if (pCpu->pCurInstr->uOpcode == OP_XOR)
-        pszInstr = "Xor";
-    else if (pCpu->pCurInstr->uOpcode == OP_OR)
-        pszInstr = "Or";
-    else if (pCpu->pCurInstr->uOpcode == OP_AND)
-        pszInstr = "And";
-    else
-        pszInstr = "OrXorAnd??";
-#endif
-    if (iomGetRegImmData(pCpu, &pCpu->Param1, pRegFrame, &uData1, &cb))
+    {
-#if HC_ARCH_BITS == 32
-        /* Can't deal with 8 byte operands in our 32-bit emulation code. */
-        if (cb > 4)
-            return VINF_IOM_R3_MMIO_READ_WRITE;
-#endif
-        /* and reg, [MMIO]. */
-        Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
-        fAndWrite = false;
-        rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData2, cb));
+    }
-    else if (iomGetRegImmData(pCpu, &pCpu->Param2, pRegFrame, &uData2, &cb))
+    {
-#if HC_ARCH_BITS == 32
-        /* Can't deal with 8 byte operands in our 32-bit emulation code. */
-        if (cb > 4)
-            return VINF_IOM_R3_MMIO_READ_WRITE;
-#endif
-        /* and [MMIO], reg|imm. */
-        fAndWrite = true;
-        if (    (pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3)
-            &&  (pRange->CTX_SUFF(pfnWriteCallback) || !pRange->pfnWriteCallbackR3))
-            rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData1, cb));
-        else
-            rc = VINF_IOM_R3_MMIO_READ_WRITE;
+    }
-    else
+    {
-        AssertMsgFailed(("Disassember AND problem..\n"));
-        return VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
+    }
-    if (rc == VINF_SUCCESS)
+    {
-        /* Emulate AND and update guest flags. */
-        uint32_t eflags = pfnEmulate((uint32_t *)&uData1, uData2, cb);
-        LogFlow(("iomInterpretOrXorAnd %s result %RX64\n", pszInstr, uData1));
-        if (fAndWrite)
-            /* Store result to MMIO. */
-            rc = VBOXSTRICTRC_TODO(iomMMIODoWrite(pVM, pVCpu, pRange, GCPhysFault, &uData1, cb));
-        else
+        {
-            /* Store result to register. */
-            bool fRc = iomSaveDataToReg(pCpu, &pCpu->Param1, pRegFrame, uData1);
-            AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
+        }
-        if (rc == VINF_SUCCESS)
+        {
-            /* Update guest's eflags and finish. */
-            pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
-                                  | (eflags                &  (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
-            iomMMIOStatLength(pVM, cb);
+        }
+    }
-    return rc;
+}
-/**
- * TEST [MMIO], reg|imm
- * TEST reg, [MMIO]
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- */
-static int iomInterpretTEST(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu,
-                            PIOMMMIORANGE pRange)
+{
-    Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
-    unsigned    cb     = 0;
-    uint64_t    uData1 = 0;
-    uint64_t    uData2 = 0;
-    int         rc;
-    if (iomGetRegImmData(pCpu, &pCpu->Param1, pRegFrame, &uData1, &cb))
+    {
-        /* and test, [MMIO]. */
-        rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData2, cb));
+    }
-    else if (iomGetRegImmData(pCpu, &pCpu->Param2, pRegFrame, &uData2, &cb))
+    {
-        /* test [MMIO], reg|imm. */
-        rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData1, cb));
+    }
-    else
+    {
-        AssertMsgFailed(("Disassember TEST problem..\n"));
-        return VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
+    }
-    if (rc == VINF_SUCCESS)
+    {
-#if HC_ARCH_BITS == 32
-        /* Can't deal with 8 byte operands in our 32-bit emulation code. */
-        if (cb > 4)
-            return VINF_IOM_R3_MMIO_READ_WRITE;
-#endif
-        /* Emulate TEST (=AND without write back) and update guest EFLAGS. */
-        uint32_t eflags = EMEmulateAnd((uint32_t *)&uData1, uData2, cb);
-        pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
-                              | (eflags                &  (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
-        iomMMIOStatLength(pVM, cb);
+    }
-    return rc;
+}
-/**
- * BT [MMIO], reg|imm
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- */
-static int iomInterpretBT(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu,
-                          PIOMMMIORANGE pRange)
+{
-    Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
-    uint64_t    uBit  = 0;
-    uint64_t    uData = 0;
-    unsigned    cbIgnored;
-    if (!iomGetRegImmData(pCpu, &pCpu->Param2, pRegFrame, &uBit, &cbIgnored))
+    {
-        AssertMsgFailed(("Disassember BT problem..\n"));
-        return VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
+    }
-    /* The size of the memory operand only matters here. */
-    unsigned cbData = DISGetParamSize(pCpu, &pCpu->Param1);
-    /* bt [MMIO], reg|imm. */
-    int rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData, cbData));
-    if (rc == VINF_SUCCESS)
+    {
-        /* Find the bit inside the faulting address */
-        pRegFrame->eflags.Bits.u1CF = (uData >> uBit);
-        iomMMIOStatLength(pVM, cbData);
+    }
-    return rc;
+}
-/**
- * XCHG [MMIO], reg
- * XCHG reg, [MMIO]
+ *
- * Restricted implementation.
+ *
+ *
- * @returns VBox status code.
+ *
- * @param   pVM         The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame   Trap register frame.
- * @param   GCPhysFault The GC physical address corresponding to pvFault.
- * @param   pCpu        Disassembler CPU state.
- * @param   pRange      Pointer MMIO range.
- */
-static int iomInterpretXCHG(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu,
-                            PIOMMMIORANGE pRange)
+{
-    /* Check for read & write handlers since IOMMMIOHandler doesn't cover this. */
-    if (    (!pRange->CTX_SUFF(pfnReadCallback)  && pRange->pfnReadCallbackR3)
-        ||  (!pRange->CTX_SUFF(pfnWriteCallback) && pRange->pfnWriteCallbackR3))
-        return VINF_IOM_R3_MMIO_READ_WRITE;
-    int         rc;
-    unsigned    cb     = 0;
-    uint64_t    uData1 = 0;
-    uint64_t    uData2 = 0;
-    if (iomGetRegImmData(pCpu, &pCpu->Param1, pRegFrame, &uData1, &cb))
+    {
-        /* xchg reg, [MMIO]. */
-        rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData2, cb));
-        if (rc == VINF_SUCCESS)
+        {
-            /* Store result to MMIO. */
-            rc = VBOXSTRICTRC_TODO(iomMMIODoWrite(pVM, pVCpu, pRange, GCPhysFault, &uData1, cb));
-            if (rc == VINF_SUCCESS)
+            {
-                /* Store result to register. */
-                bool fRc = iomSaveDataToReg(pCpu, &pCpu->Param1, pRegFrame, uData2);
-                AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
+            }
-            else
-                Assert(rc == VINF_IOM_R3_MMIO_WRITE || rc == VINF_PATM_HC_MMIO_PATCH_WRITE);
+        }
-        else
-            Assert(rc == VINF_IOM_R3_MMIO_READ || rc == VINF_PATM_HC_MMIO_PATCH_READ);
+    }
-    else if (iomGetRegImmData(pCpu, &pCpu->Param2, pRegFrame, &uData2, &cb))
+    {
-        /* xchg [MMIO], reg. */
-        rc = VBOXSTRICTRC_TODO(iomMMIODoRead(pVM, pVCpu, pRange, GCPhysFault, &uData1, cb));
-        if (rc == VINF_SUCCESS)
+        {
-            /* Store result to MMIO. */
-            rc = VBOXSTRICTRC_TODO(iomMMIODoWrite(pVM, pVCpu, pRange, GCPhysFault, &uData2, cb));
-            if (rc == VINF_SUCCESS)
+            {
-                /* Store result to register. */
-                bool fRc = iomSaveDataToReg(pCpu, &pCpu->Param2, pRegFrame, uData1);
-                AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
+            }
-            else
-                AssertMsg(rc == VINF_IOM_R3_MMIO_READ_WRITE || rc == VINF_IOM_R3_MMIO_WRITE || rc == VINF_PATM_HC_MMIO_PATCH_WRITE || rc == VINF_EM_RAW_EMULATE_IO_BLOCK, ("rc=%Rrc\n", rc));
+        }
-        else
-            AssertMsg(rc == VINF_IOM_R3_MMIO_READ_WRITE || rc == VINF_IOM_R3_MMIO_READ || rc == VINF_PATM_HC_MMIO_PATCH_READ || rc == VINF_EM_RAW_EMULATE_IO_BLOCK, ("rc=%Rrc\n", rc));
+    }
-    else
+    {
-        AssertMsgFailed(("Disassember XCHG problem..\n"));
-        rc = VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
+    }
-    return rc;
+}
-#endif /* !IEM_USE_IEM_INSTEAD */
 /**
 …
+    }
-#ifdef IEM_USE_IEM_INSTEAD
     /*
      * Let IEM call us back via iomMmioHandler.
 …
+    }
     return rcStrict;
-#else
-    /*
-     * Disassemble the instruction and interpret it.
-     */
-    PDISCPUSTATE    pDis  = &pVCpu->iom.s.DisState;
-    unsigned        cbOp;
-    rc = EMInterpretDisasCurrent(pVM, pVCpu, pDis, &cbOp);
-    if (RT_FAILURE(rc))
+    {
-        PDMCritSectLeave(pDevIns->CTX_SUFF(pCritSectRo));
-        iomMmioReleaseRange(pVM, pRange);
-        return rc;
+    }
-    switch (pDis->pCurInstr->uOpcode)
+    {
-        case OP_MOV:
-        case OP_MOVZX:
-        case OP_MOVSX:
+        {
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstMov, b);
-            AssertMsg(uErrorCode == UINT32_MAX || DISUSE_IS_EFFECTIVE_ADDR(pDis->Param1.fUse) == !!(uErrorCode & X86_TRAP_PF_RW), ("flags1=%#llx/%RTbool flags2=%#llx/%RTbool ErrCd=%#x\n", pDis->Param1.fUse, DISUSE_IS_EFFECTIVE_ADDR(pDis->Param1.fUse), pDis->Param2.fUse, DISUSE_IS_EFFECTIVE_ADDR(pDis->Param2.fUse), uErrorCode));
-            if (uErrorCode != UINT32_MAX    /* EPT+MMIO optimization */
-                ? uErrorCode & X86_TRAP_PF_RW
-                : DISUSE_IS_EFFECTIVE_ADDR(pDis->Param1.fUse))
-                rc = iomInterpretMOVxXWrite(pVM, pVCpu, pCtxCore, pDis, pRange, GCPhysFault);
-            else
-                rc = iomInterpretMOVxXRead(pVM, pVCpu, pCtxCore, pDis, pRange, GCPhysFault);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstMov, b);
-            break;
+        }
-# ifdef IOM_WITH_MOVS_SUPPORT
-        case OP_MOVSB:
-        case OP_MOVSWD:
+        {
-            if (uErrorCode == UINT32_MAX)
-                rc = VINF_IOM_R3_MMIO_READ_WRITE;
-            else
+            {
-                STAM_PROFILE_ADV_START(&pVM->iom.s.StatRZInstMovs, c);
-                PSTAMPROFILE pStat = NULL;
-                rc = iomInterpretMOVS(pVM, !!(uErrorCode & X86_TRAP_PF_RW), pCtxCore, GCPhysFault, pDis, pRange, &pStat);
-                STAM_PROFILE_ADV_STOP_EX(&pVM->iom.s.StatRZInstMovs, pStat, c);
+            }
-            break;
+        }
-# endif
-        case OP_STOSB:
-        case OP_STOSWD:
-            Assert(uErrorCode & X86_TRAP_PF_RW);
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstStos, d);
-            rc = iomInterpretSTOS(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstStos, d);
-            break;
-        case OP_LODSB:
-        case OP_LODSWD:
-            Assert(!(uErrorCode & X86_TRAP_PF_RW) || uErrorCode == UINT32_MAX);
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstLods, e);
-            rc = iomInterpretLODS(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstLods, e);
-            break;
-        case OP_CMP:
-            Assert(!(uErrorCode & X86_TRAP_PF_RW) || uErrorCode == UINT32_MAX);
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstCmp, f);
-            rc = iomInterpretCMP(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstCmp, f);
-            break;
-        case OP_AND:
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstAnd, g);
-            rc = iomInterpretOrXorAnd(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange, EMEmulateAnd);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstAnd, g);
-            break;
-        case OP_OR:
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstOr, k);
-            rc = iomInterpretOrXorAnd(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange, EMEmulateOr);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstOr, k);
-            break;
-        case OP_XOR:
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstXor, m);
-            rc = iomInterpretOrXorAnd(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange, EMEmulateXor);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstXor, m);
-            break;
-        case OP_TEST:
-            Assert(!(uErrorCode & X86_TRAP_PF_RW) || uErrorCode == UINT32_MAX);
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstTest, h);
-            rc = iomInterpretTEST(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstTest, h);
-            break;
-        case OP_BT:
-            Assert(!(uErrorCode & X86_TRAP_PF_RW) || uErrorCode == UINT32_MAX);
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstBt, l);
-            rc = iomInterpretBT(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstBt, l);
-            break;
-        case OP_XCHG:
-            STAM_PROFILE_START(&pVM->iom.s.StatRZInstXchg, i);
-            rc = iomInterpretXCHG(pVM, pVCpu, pCtxCore, GCPhysFault, pDis, pRange);
-            STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstXchg, i);
-            break;
-        /*
-         * The instruction isn't supported. Hand it on to ring-3.
-         */
-        default:
-            STAM_COUNTER_INC(&pVM->iom.s.StatRZInstOther);
-            rc = VINF_IOM_R3_MMIO_READ_WRITE;
-            break;
+    }
-    /*
-     * On success advance EIP.
-     */
-    if (rc == VINF_SUCCESS)
-        pCtxCore->rip += cbOp;
-    else
+    {
-        STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIOFailures);
-# if defined(VBOX_WITH_STATISTICS) && !defined(IN_RING3)
-        switch (rc)
+        {
-            case VINF_IOM_R3_MMIO_READ:
-            case VINF_IOM_R3_MMIO_READ_WRITE:
-                STAM_COUNTER_INC(&pStats->CTX_MID_Z(Read,ToR3));
-                break;
-            case VINF_IOM_R3_MMIO_WRITE:
-                STAM_COUNTER_INC(&pStats->CTX_MID_Z(Write,ToR3));
-                break;
+        }
-# endif
+    }
-    STAM_PROFILE_STOP(&pVM->iom.s.StatRZMMIOHandler, a);
-    PDMCritSectLeave(pDevIns->CTX_SUFF(pCritSectRo));
-    iomMmioReleaseRange(pVM, pRange);
-    return rc;
-#endif /* !IEM_USE_IEM_INSTEAD */
+}
 …
 #endif /* IN_RING3 - only used by REM. */
-#ifndef IEM_USE_IEM_INSTEAD
-/**
- * [REP*] INSB/INSW/INSD
- * ES:EDI,DX[,ECX]
+ *
- * @remark Assumes caller checked the access privileges (IOMInterpretCheckPortIOAccess)
+ *
- * @returns Strict VBox status code. Informational status codes other than the one documented
- *          here are to be treated as internal failure. Use IOM_SUCCESS() to check for success.
- * @retval  VINF_SUCCESS                Success.
- * @retval  VINF_EM_FIRST-VINF_EM_LAST  Success with some exceptions (see IOM_SUCCESS()), the
- *                                      status code must be passed on to EM.
- * @retval  VINF_IOM_R3_IOPORT_READ     Defer the read to ring-3. (R0/GC only)
- * @retval  VINF_EM_RAW_EMULATE_INSTR   Defer the read to the REM.
- * @retval  VINF_EM_RAW_GUEST_TRAP      The exception was left pending. (TRPMRaiseXcptErr)
- * @retval  VINF_TRPM_XCPT_DISPATCHED   The exception was raised and dispatched for raw-mode execution. (TRPMRaiseXcptErr)
- * @retval  VINF_EM_RESCHEDULE_REM      The exception was dispatched and cannot be executed in raw-mode. (TRPMRaiseXcptErr)
+ *
- * @param   pVM             The cross context VM structure.
- * @param   pVCpu       The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame       Pointer to CPUMCTXCORE guest registers structure.
- * @param   uPort           IO Port
- * @param   uPrefix         IO instruction prefix
- * @param   enmAddrMode     The address mode.
- * @param   cbTransfer      Size of transfer unit
- */
-VMMDECL(VBOXSTRICTRC) IOMInterpretINSEx(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, uint32_t uPort, uint32_t uPrefix,
-                                        DISCPUMODE enmAddrMode, uint32_t cbTransfer)
+{
-    STAM_COUNTER_INC(&pVM->iom.s.StatInstIns);
-    Assert(pVCpu->iom.s.PendingMmioWrite.cbValue == 0);
-    /*
-     * We do not support REPNE or decrementing destination
-     * pointer. Segment prefixes are deliberately ignored, as per the instruction specification.
-     */
-    if (   (uPrefix & DISPREFIX_REPNE)
-        || pRegFrame->eflags.Bits.u1DF)
-        return VINF_EM_RAW_EMULATE_INSTR;
-    /*
-     * Get bytes/words/dwords count to transfer.
-     */
-    uint64_t const fAddrMask = iomDisModeToMask(enmAddrMode);
-    RTGCUINTREG cTransfers = 1;
-    if (uPrefix & DISPREFIX_REP)
+    {
-#ifndef IN_RC
-        if (    CPUMIsGuestIn64BitCode(pVCpu)
-            &&  pRegFrame->rcx >= _4G)
-            return VINF_EM_RAW_EMULATE_INSTR;
-#endif
-        cTransfers = pRegFrame->rcx & fAddrMask;
-        if (!cTransfers)
-            return VINF_SUCCESS;
+    }
-    /* Convert destination address es:edi. */
-    RTGCPTR GCPtrDst;
-    int rc2 = SELMToFlatEx(pVCpu, DISSELREG_ES, pRegFrame, pRegFrame->rdi & fAddrMask,
-                           SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
-                           &GCPtrDst);
-    if (RT_FAILURE(rc2))
+    {
-        Log(("INS destination address conversion failed -> fallback, rc2=%d\n", rc2));
-        return VINF_EM_RAW_EMULATE_INSTR;
+    }
-    /* Access verification first; we can't recover from traps inside this instruction, as the port read cannot be repeated. */
-    uint32_t const cpl = CPUMGetGuestCPL(pVCpu);
-    rc2 = PGMVerifyAccess(pVCpu, (RTGCUINTPTR)GCPtrDst, cTransfers * cbTransfer,
-                          X86_PTE_RW | ((cpl == 3) ? X86_PTE_US : 0));
-    if (rc2 != VINF_SUCCESS)
+    {
-        Log(("INS will generate a trap -> fallback, rc2=%d\n", rc2));
-        return VINF_EM_RAW_EMULATE_INSTR;
+    }
-    Log(("IOM: rep ins%d port %#x count %d\n", cbTransfer * 8, uPort, cTransfers));
-    VBOXSTRICTRC rcStrict = VINF_SUCCESS;
-    if (cTransfers > 1)
+    {
-        /*
-         * Work the string page by page, letting the device handle as much
-         * as it likes via the string I/O interface.
-         */
-        for (;;)
+        {
-            PGMPAGEMAPLOCK Lock;
-            void          *pvDst;
-            rc2 = PGMPhysGCPtr2CCPtr(pVCpu, GCPtrDst, &pvDst, &Lock);
-            if (RT_SUCCESS(rc2))
+            {
-                uint32_t cMaxThisTime = (PAGE_SIZE - (GCPtrDst & PAGE_OFFSET_MASK)) / cbTransfer;
-                if (cMaxThisTime > cTransfers)
-                    cMaxThisTime      = cTransfers;
-                if (!cMaxThisTime)
-                    break;
-                uint32_t cThisTime    = cMaxThisTime;
-                rcStrict = IOMIOPortReadString(pVM, pVCpu, uPort, pvDst, &cThisTime, cbTransfer);
-                AssertRC(VBOXSTRICTRC_VAL(rcStrict));
-                Assert(cThisTime <= cMaxThisTime); /* cThisTime is now how many transfers we have left. */
-                uint32_t const cActual  = cMaxThisTime - cThisTime;
-                if (cActual)
-                {   /* Must dirty the page.  */
-                    uint8_t b = *(uint8_t *)pvDst;
-                    iomRamWrite(pVCpu, pRegFrame, GCPtrDst, &b, 1);
+                }
-                PGMPhysReleasePageMappingLock(pVM, &Lock);
-                uint32_t const cbActual = cActual * cbTransfer;
-                cTransfers    -= cActual;
-                pRegFrame->rdi = ((pRegFrame->rdi + cbActual) & fAddrMask)
-                               | (pRegFrame->rdi & ~fAddrMask);
-                GCPtrDst      += cbActual;
-                if (   cThisTime
-                    || !cTransfers
-                    || rcStrict != VINF_SUCCESS
-                    || (GCPtrDst & PAGE_OFFSET_MASK))
-                    break;
+            }
-            else
+            {
-                Log(("IOMInterpretOUTSEx: PGMPhysGCPtr2CCPtr %#RGv -> %Rrc\n", GCPtrDst, rc2));
-                break;
+            }
+        }
+    }
-    /*
-     * Single transfer / unmapped memory fallback.
-     */
-#ifdef IN_RC
-    MMGCRamRegisterTrapHandler(pVM);
-#endif
-    while (cTransfers && rcStrict == VINF_SUCCESS)
+    {
-        uint32_t u32Value;
-        rcStrict = IOMIOPortRead(pVM, pVCpu, uPort, &u32Value, cbTransfer);
-        if (!IOM_SUCCESS(rcStrict))
-            break;
-        rc2 = iomRamWrite(pVCpu, pRegFrame, GCPtrDst, &u32Value, cbTransfer);
-        Assert(rc2 == VINF_SUCCESS); NOREF(rc2);
-        GCPtrDst = (RTGCPTR)((RTGCUINTPTR)GCPtrDst + cbTransfer);
-        pRegFrame->rdi  = ((pRegFrame->rdi + cbTransfer) & fAddrMask)
-                        | (pRegFrame->rdi & ~fAddrMask);
-        cTransfers--;
+    }
-#ifdef IN_RC
-    MMGCRamDeregisterTrapHandler(pVM);
-#endif
-    /* Update rcx on exit. */
-    if (uPrefix & DISPREFIX_REP)
-        pRegFrame->rcx = (cTransfers & fAddrMask)
-                       | (pRegFrame->rcx & ~fAddrMask);
-    AssertMsg(rcStrict == VINF_SUCCESS || rcStrict == VINF_IOM_R3_IOPORT_READ || (rcStrict >= VINF_EM_FIRST && rcStrict <= VINF_EM_LAST) || RT_FAILURE(rcStrict), ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict)));
-    return rcStrict;
+}
-/**
- * [REP*] OUTSB/OUTSW/OUTSD
- * DS:ESI,DX[,ECX]
+ *
- * @remark  Assumes caller checked the access privileges (IOMInterpretCheckPortIOAccess)
+ *
- * @returns Strict VBox status code. Informational status codes other than the one documented
- *          here are to be treated as internal failure. Use IOM_SUCCESS() to check for success.
- * @retval  VINF_SUCCESS                Success.
- * @retval  VINF_EM_FIRST-VINF_EM_LAST  Success with some exceptions (see IOM_SUCCESS()), the
- *                                      status code must be passed on to EM.
- * @retval  VINF_IOM_R3_IOPORT_WRITE    Defer the write to ring-3. (R0/GC only)
- * @retval  VINF_EM_RAW_GUEST_TRAP      The exception was left pending. (TRPMRaiseXcptErr)
- * @retval  VINF_TRPM_XCPT_DISPATCHED   The exception was raised and dispatched for raw-mode execution. (TRPMRaiseXcptErr)
- * @retval  VINF_EM_RESCHEDULE_REM      The exception was dispatched and cannot be executed in raw-mode. (TRPMRaiseXcptErr)
+ *
- * @param   pVM             The cross context VM structure.
- * @param   pVCpu           The cross context virtual CPU structure of the calling EMT.
- * @param   pRegFrame       Pointer to CPUMCTXCORE guest registers structure.
- * @param   uPort           IO Port
- * @param   uPrefix         IO instruction prefix
- * @param   enmAddrMode     The address mode.
- * @param   cbTransfer      Size of transfer unit
+ *
- * @remarks This API will probably be relaced by IEM before long, so no use in
- *          optimizing+fixing stuff too much here.
- */
-VMMDECL(VBOXSTRICTRC) IOMInterpretOUTSEx(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, uint32_t uPort, uint32_t uPrefix,
-                                         DISCPUMODE enmAddrMode, uint32_t cbTransfer)
+{
-    STAM_COUNTER_INC(&pVM->iom.s.StatInstOuts);
-    Assert(pVCpu->iom.s.PendingMmioWrite.cbValue == 0);
-    /*
-     * We do not support segment prefixes, REPNE or
-     * decrementing source pointer.
-     */
-    if (   (uPrefix & (DISPREFIX_SEG | DISPREFIX_REPNE))
-        || pRegFrame->eflags.Bits.u1DF)
-        return VINF_EM_RAW_EMULATE_INSTR;
-    /*
-     * Get bytes/words/dwords count to transfer.
-     */
-    uint64_t const fAddrMask = iomDisModeToMask(enmAddrMode);
-    RTGCUINTREG cTransfers = 1;
-    if (uPrefix & DISPREFIX_REP)
+    {
-#ifndef IN_RC
-        if (    CPUMIsGuestIn64BitCode(pVCpu)
-            &&  pRegFrame->rcx >= _4G)
-            return VINF_EM_RAW_EMULATE_INSTR;
-#endif
-        cTransfers = pRegFrame->rcx & fAddrMask;
-        if (!cTransfers)
-            return VINF_SUCCESS;
+    }
-    /* Convert source address ds:esi. */
-    RTGCPTR GCPtrSrc;
-    int rc2 = SELMToFlatEx(pVCpu, DISSELREG_DS, pRegFrame, pRegFrame->rsi & fAddrMask,
-                           SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
-                           &GCPtrSrc);
-    if (RT_FAILURE(rc2))
+    {
-        Log(("OUTS source address conversion failed -> fallback, rc2=%Rrc\n", rc2));
-        return VINF_EM_RAW_EMULATE_INSTR;
+    }
-    /* Access verification first; we currently can't recover properly from traps inside this instruction */
-    uint32_t const cpl = CPUMGetGuestCPL(pVCpu);
-    rc2 = PGMVerifyAccess(pVCpu, (RTGCUINTPTR)GCPtrSrc, cTransfers * cbTransfer,
-                          (cpl == 3) ? X86_PTE_US : 0);
-    if (rc2 != VINF_SUCCESS)
+    {
-        Log(("OUTS will generate a trap -> fallback, rc2=%Rrc\n", rc2));
-        return VINF_EM_RAW_EMULATE_INSTR;
+    }
-    Log(("IOM: rep outs%d port %#x count %d\n", cbTransfer * 8, uPort, cTransfers));
-    VBOXSTRICTRC rcStrict = VINF_SUCCESS;
-    if (cTransfers > 1)
+    {
-        /*
-         * Work the string page by page, letting the device handle as much
-         * as it likes via the string I/O interface.
-         */
-        for (;;)
+        {
-            PGMPAGEMAPLOCK Lock;
-            void const    *pvSrc;
-            rc2 = PGMPhysGCPtr2CCPtrReadOnly(pVCpu, GCPtrSrc, &pvSrc, &Lock);
-            if (RT_SUCCESS(rc2))
+            {
-                uint32_t cMaxThisTime = (PAGE_SIZE - (GCPtrSrc & PAGE_OFFSET_MASK)) / cbTransfer;
-                if (cMaxThisTime > cTransfers)
-                    cMaxThisTime      = cTransfers;
-                if (!cMaxThisTime)
-                    break;
-                uint32_t cThisTime    = cMaxThisTime;
-                rcStrict = IOMIOPortWriteString(pVM, pVCpu, uPort, pvSrc, &cThisTime, cbTransfer);
-                AssertRC(VBOXSTRICTRC_VAL(rcStrict));
-                Assert(cThisTime <= cMaxThisTime); /* cThisTime is now how many transfers we have left. */
-                PGMPhysReleasePageMappingLock(pVM, &Lock);
-                uint32_t const cActual  = cMaxThisTime - cThisTime;
-                uint32_t const cbActual = cActual * cbTransfer;
-                cTransfers    -= cActual;
-                pRegFrame->rsi = ((pRegFrame->rsi + cbActual) & fAddrMask)
-                               | (pRegFrame->rsi & ~fAddrMask);
-                GCPtrSrc      += cbActual;
-                if (   cThisTime
-                    || !cTransfers
-                    || rcStrict != VINF_SUCCESS
-                    || (GCPtrSrc & PAGE_OFFSET_MASK))
-                    break;
+            }
-            else
+            {
-                Log(("IOMInterpretOUTSEx: PGMPhysGCPtr2CCPtrReadOnly %#RGv -> %Rrc\n", GCPtrSrc, rc2));
-                break;
+            }
+        }
+    }
-    /*
-     * Single transfer / unmapped memory fallback.
-     */
-#ifdef IN_RC
-    MMGCRamRegisterTrapHandler(pVM);
-#endif
-    while (cTransfers && rcStrict == VINF_SUCCESS)
+    {
-        uint32_t u32Value = 0;
-        rcStrict = iomRamRead(pVCpu, &u32Value, GCPtrSrc, cbTransfer);
-        if (rcStrict != VINF_SUCCESS)
-            break;
-        rcStrict = IOMIOPortWrite(pVM, pVCpu, uPort, u32Value, cbTransfer);
-        if (!IOM_SUCCESS(rcStrict))
-            break;
-        GCPtrSrc = (RTGCPTR)((RTUINTPTR)GCPtrSrc + cbTransfer);
-        pRegFrame->rsi  = ((pRegFrame->rsi + cbTransfer) & fAddrMask)
-                        | (pRegFrame->rsi & ~fAddrMask);
-        cTransfers--;
+    }
-#ifdef IN_RC
-    MMGCRamDeregisterTrapHandler(pVM);
-#endif
-    /* Update rcx on exit. */
-    if (uPrefix & DISPREFIX_REP)
-        pRegFrame->rcx = (cTransfers & fAddrMask)
-                       | (pRegFrame->rcx & ~fAddrMask);
-    AssertMsg(rcStrict == VINF_SUCCESS || rcStrict == VINF_IOM_R3_IOPORT_WRITE || (rcStrict >= VINF_EM_FIRST && rcStrict <= VINF_EM_LAST) || RT_FAILURE(rcStrict), ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict)));
-    return rcStrict;
+}
-#endif /* !IEM_USE_IEM_INSTEAD */
 #ifndef IN_RC

Note: See TracChangeset for help on using the changeset viewer.

Changeset 60874 in vbox for trunk/src/VBox/VMM/VMMAll/IOMAllMMIO.cpp

Legend:

trunk/src/VBox/VMM/VMMAll/IOMAllMMIO.cpp

Download in other formats: