2 * Emulation of privileged instructions
4 * Copyright 1995 Alexandre Julliard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27 #include "wine/winuser16.h"
30 #include "selectors.h"
31 #include "wine/debug.h"
34 #include "wine/exception.h"
36 WINE_DEFAULT_DEBUG_CHANNEL(int);
37 WINE_DECLARE_DEBUG_CHANNEL(io);
41 /* macros to set parts of a DWORD */
42 #define SET_LOWORD(dw,val) ((dw) = ((dw) & 0xffff0000) | LOWORD(val))
43 #define SET_LOBYTE(dw,val) ((dw) = ((dw) & 0xffffff00) | LOBYTE(val))
44 #define ADD_LOWORD(dw,val) ((dw) = ((dw) & 0xffff0000) | LOWORD((DWORD)(dw)+(val)))
46 inline static void add_stack( CONTEXT86 *context, int offset )
48 if (ISV86(context) || !IS_SELECTOR_32BIT(context->SegSs))
49 ADD_LOWORD( context->Esp, offset );
51 context->Esp += offset;
54 inline static void *make_ptr( CONTEXT86 *context, DWORD seg, DWORD off, int long_addr )
56 if (ISV86(context)) return PTR_REAL_TO_LIN( seg, off );
57 if (IS_SELECTOR_SYSTEM(seg)) return (void *)off;
58 if (!long_addr) off = LOWORD(off);
59 return (char *) MapSL( MAKESEGPTR( seg, 0 ) ) + off;
62 inline static void *get_stack( CONTEXT86 *context )
64 if (ISV86(context)) return PTR_REAL_TO_LIN( context->SegSs, context->Esp );
65 return wine_ldt_get_ptr( context->SegSs, context->Esp );
69 /***********************************************************************
72 static DWORD CALLBACK timer_thread( void *dummy )
79 return 0; /* unreached */
82 /***********************************************************************
83 * INSTR_ReplaceSelector
85 * Try to replace an invalid selector by a valid one.
86 * The only selector where it is allowed to do "mov ax,40;mov es,ax"
87 * is the so called 'bimodal' selector 0x40, which points to the BIOS
88 * data segment. Used by (at least) Borland products (and programs compiled
89 * using Borland products).
91 * See Undocumented Windows, Chapter 5, __0040.
93 static BOOL INSTR_ReplaceSelector( CONTEXT86 *context, WORD *sel )
97 #if 0 /* hack until this is moved to kernel */
98 static WORD sys_timer = 0;
100 sys_timer = CreateSystemTimer( 55, DOSMEM_Tick );
102 static HANDLE sys_thread;
103 if (!sys_thread) sys_thread = CreateThread( NULL, 0, timer_thread, NULL, 0, NULL );
104 *sel = DOSMEM_BiosDataSeg;
107 return FALSE; /* Can't replace selector, crashdump */
111 /***********************************************************************
112 * INSTR_GetOperandAddr
114 * Return the address of an instruction operand (from the mod/rm byte).
116 static BYTE *INSTR_GetOperandAddr( CONTEXT86 *context, BYTE *instr,
117 int long_addr, int segprefix, int *len )
119 int mod, rm, base, index = 0, ss = 0, seg = 0, off;
122 #define GET_VAL(val,type) \
123 { *val = *(type *)instr; instr += sizeof(type); *len += sizeof(type); }
126 GET_VAL( &mod, BYTE );
134 case 0: return (BYTE *)&context->Eax;
135 case 1: return (BYTE *)&context->Ecx;
136 case 2: return (BYTE *)&context->Edx;
137 case 3: return (BYTE *)&context->Ebx;
138 case 4: return (BYTE *)&context->Esp;
139 case 5: return (BYTE *)&context->Ebp;
140 case 6: return (BYTE *)&context->Esi;
141 case 7: return (BYTE *)&context->Edi;
150 GET_VAL( &sib, BYTE );
155 case 0: index = context->Eax; break;
156 case 1: index = context->Ecx; break;
157 case 2: index = context->Edx; break;
158 case 3: index = context->Ebx; break;
159 case 4: index = 0; break;
160 case 5: index = context->Ebp; break;
161 case 6: index = context->Esi; break;
162 case 7: index = context->Edi; break;
168 case 0: base = context->Eax; seg = context->SegDs; break;
169 case 1: base = context->Ecx; seg = context->SegDs; break;
170 case 2: base = context->Edx; seg = context->SegDs; break;
171 case 3: base = context->Ebx; seg = context->SegDs; break;
172 case 4: base = context->Esp; seg = context->SegSs; break;
173 case 5: base = context->Ebp; seg = context->SegSs; break;
174 case 6: base = context->Esi; seg = context->SegDs; break;
175 case 7: base = context->Edi; seg = context->SegDs; break;
180 if (rm == 5) /* special case: ds:(disp32) */
182 GET_VAL( &base, DWORD );
183 seg = context->SegDs;
187 case 1: /* 8-bit disp */
188 GET_VAL( &off, BYTE );
189 base += (signed char)off;
192 case 2: /* 32-bit disp */
193 GET_VAL( &off, DWORD );
194 base += (signed long)off;
198 else /* short address */
202 case 0: /* ds:(bx,si) */
203 base = LOWORD(context->Ebx) + LOWORD(context->Esi);
204 seg = context->SegDs;
206 case 1: /* ds:(bx,di) */
207 base = LOWORD(context->Ebx) + LOWORD(context->Edi);
208 seg = context->SegDs;
210 case 2: /* ss:(bp,si) */
211 base = LOWORD(context->Ebp) + LOWORD(context->Esi);
212 seg = context->SegSs;
214 case 3: /* ss:(bp,di) */
215 base = LOWORD(context->Ebp) + LOWORD(context->Edi);
216 seg = context->SegSs;
218 case 4: /* ds:(si) */
219 base = LOWORD(context->Esi);
220 seg = context->SegDs;
222 case 5: /* ds:(di) */
223 base = LOWORD(context->Edi);
224 seg = context->SegDs;
226 case 6: /* ss:(bp) */
227 base = LOWORD(context->Ebp);
228 seg = context->SegSs;
230 case 7: /* ds:(bx) */
231 base = LOWORD(context->Ebx);
232 seg = context->SegDs;
239 if (rm == 6) /* special case: ds:(disp16) */
241 GET_VAL( &base, WORD );
242 seg = context->SegDs;
246 case 1: /* 8-bit disp */
247 GET_VAL( &off, BYTE );
248 base += (signed char)off;
251 case 2: /* 16-bit disp */
252 GET_VAL( &off, WORD );
253 base += (signed short)off;
258 if (segprefix != -1) seg = segprefix;
260 /* Make sure the segment and offset are valid */
261 if (IS_SELECTOR_SYSTEM(seg)) return (BYTE *)(base + (index << ss));
262 if ((seg & 7) != 7) return NULL;
263 wine_ldt_get_entry( seg, &entry );
264 if (wine_ldt_is_empty( &entry )) return NULL;
265 if (wine_ldt_get_limit(&entry) < (base + (index << ss))) return NULL;
266 return (char *)wine_ldt_get_base(&entry) + base + (index << ss);
271 /***********************************************************************
274 * Emulate the LDS (and LES,LFS,etc.) instruction.
276 static BOOL INSTR_EmulateLDS( CONTEXT86 *context, BYTE *instr, int long_op,
277 int long_addr, int segprefix, int *len )
280 BYTE *regmodrm = instr + 1 + (*instr == 0x0f);
281 BYTE *addr = INSTR_GetOperandAddr( context, regmodrm,
282 long_addr, segprefix, len );
284 return FALSE; /* Unable to emulate it */
285 seg = *(WORD *)(addr + (long_op ? 4 : 2));
287 if (!INSTR_ReplaceSelector( context, &seg ))
288 return FALSE; /* Unable to emulate it */
290 /* Now store the offset in the correct register */
292 switch((*regmodrm >> 3) & 7)
295 if (long_op) context->Eax = *(DWORD *)addr;
296 else SET_LOWORD(context->Eax,*(WORD *)addr);
299 if (long_op) context->Ecx = *(DWORD *)addr;
300 else SET_LOWORD(context->Ecx,*(WORD *)addr);
303 if (long_op) context->Edx = *(DWORD *)addr;
304 else SET_LOWORD(context->Edx,*(WORD *)addr);
307 if (long_op) context->Ebx = *(DWORD *)addr;
308 else SET_LOWORD(context->Ebx,*(WORD *)addr);
311 if (long_op) context->Esp = *(DWORD *)addr;
312 else SET_LOWORD(context->Esp,*(WORD *)addr);
315 if (long_op) context->Ebp = *(DWORD *)addr;
316 else SET_LOWORD(context->Ebp,*(WORD *)addr);
319 if (long_op) context->Esi = *(DWORD *)addr;
320 else SET_LOWORD(context->Esi,*(WORD *)addr);
323 if (long_op) context->Edi = *(DWORD *)addr;
324 else SET_LOWORD(context->Edi,*(WORD *)addr);
328 /* Store the correct segment in the segment register */
332 case 0xc4: context->SegEs = seg; break; /* les */
333 case 0xc5: context->SegDs = seg; break; /* lds */
334 case 0x0f: switch(instr[1])
336 case 0xb2: context->SegSs = seg; break; /* lss */
337 case 0xb4: context->SegFs = seg; break; /* lfs */
338 case 0xb5: context->SegGs = seg; break; /* lgs */
343 /* Add the opcode size to the total length */
345 *len += 1 + (*instr == 0x0f);
349 /***********************************************************************
352 * input on a I/O port
354 static DWORD INSTR_inport( WORD port, int size, CONTEXT86 *context )
356 DWORD res = IO_inport( port, size );
362 DPRINTF( "0x%x < %02x @ %04x:%04x\n", port, LOBYTE(res),
363 (WORD)context->SegCs, LOWORD(context->Eip));
366 DPRINTF( "0x%x < %04x @ %04x:%04x\n", port, LOWORD(res),
367 (WORD)context->SegCs, LOWORD(context->Eip));
370 DPRINTF( "0x%x < %08lx @ %04x:%04x\n", port, res,
371 (WORD)context->SegCs, LOWORD(context->Eip));
379 /***********************************************************************
382 * output on a I/O port
384 static void INSTR_outport( WORD port, int size, DWORD val, CONTEXT86 *context )
386 IO_outport( port, size, val );
392 DPRINTF("0x%x > %02x @ %04x:%04x\n", port, LOBYTE(val),
393 (WORD)context->SegCs, LOWORD(context->Eip));
396 DPRINTF("0x%x > %04x @ %04x:%04x\n", port, LOWORD(val),
397 (WORD)context->SegCs, LOWORD(context->Eip));
400 DPRINTF("0x%x > %08lx @ %04x:%04x\n", port, val,
401 (WORD)context->SegCs, LOWORD(context->Eip));
408 /***********************************************************************
409 * INSTR_EmulateInstruction
411 * Emulate a privileged instruction.
412 * Returns exception code, or 0 if emulation successful.
414 DWORD INSTR_EmulateInstruction( CONTEXT86 *context )
416 int prefix, segprefix, prefixlen, len, repX, long_op, long_addr;
418 DWORD ret = EXCEPTION_PRIV_INSTRUCTION;
420 long_op = long_addr = (!ISV86(context) && IS_SELECTOR_32BIT(context->SegCs));
421 instr = make_ptr( context, context->SegCs, context->Eip, TRUE );
422 if (!instr) return ret;
424 /* First handle any possible prefix */
426 segprefix = -1; /* no prefix */
435 segprefix = context->SegCs;
438 segprefix = context->SegSs;
441 segprefix = context->SegDs;
444 segprefix = context->SegEs;
447 segprefix = context->SegFs;
450 segprefix = context->SegGs;
453 long_op = !long_op; /* opcode size prefix */
456 long_addr = !long_addr; /* addr size prefix */
458 case 0xf0: /* lock */
460 case 0xf2: /* repne */
463 case 0xf3: /* repe */
467 prefix = 0; /* no more prefixes */
477 /* Now look at the actual instruction */
481 case 0x07: /* pop es */
482 case 0x17: /* pop ss */
483 case 0x1f: /* pop ds */
485 WORD seg = *(WORD *)get_stack( context );
486 if (INSTR_ReplaceSelector( context, &seg ))
490 case 0x07: context->SegEs = seg; break;
491 case 0x17: context->SegSs = seg; break;
492 case 0x1f: context->SegDs = seg; break;
494 add_stack(context, long_op ? 4 : 2);
495 context->Eip += prefixlen + 1;
499 break; /* Unable to emulate it */
501 case 0x0f: /* extended instruction */
504 case 0x22: /* mov eax, crX */
507 ERR("mov eax,cr0 at 0x%08lx, EAX=0x%08lx\n",
508 context->Eip,context->Eax );
509 context->Eip += prefixlen+3;
512 break; /*fallthrough to bad instruction handling */
514 break; /*fallthrough to bad instruction handling */
515 case 0x20: /* mov crX, eax */
517 case 0xe0: /* mov cr4, eax */
518 /* CR4 register . See linux/arch/i386/mm/init.c, X86_CR4_ defs
519 * bit 0: VME Virtual Mode Exception ?
520 * bit 1: PVI Protected mode Virtual Interrupt
521 * bit 2: TSD Timestamp disable
522 * bit 3: DE Debugging extensions
523 * bit 4: PSE Page size extensions
524 * bit 5: PAE Physical address extension
525 * bit 6: MCE Machine check enable
526 * bit 7: PGE Enable global pages
527 * bit 8: PCE Enable performance counters at IPL3
529 ERR("mov cr4,eax at 0x%08lx\n",context->Eip);
531 context->Eip += prefixlen+3;
533 case 0xc0: /* mov cr0, eax */
534 ERR("mov cr0,eax at 0x%08lx\n",context->Eip);
535 context->Eax = 0x10; /* FIXME: set more bits ? */
536 context->Eip += prefixlen+3;
538 default: /* fallthrough to illegal instruction */
541 /* fallthrough to illegal instruction */
543 case 0xa1: /* pop fs */
545 WORD seg = *(WORD *)get_stack( context );
546 if (INSTR_ReplaceSelector( context, &seg ))
548 context->SegFs = seg;
549 add_stack(context, long_op ? 4 : 2);
550 context->Eip += prefixlen + 2;
555 case 0xa9: /* pop gs */
557 WORD seg = *(WORD *)get_stack( context );
558 if (INSTR_ReplaceSelector( context, &seg ))
560 context->SegGs = seg;
561 add_stack(context, long_op ? 4 : 2);
562 context->Eip += prefixlen + 2;
567 case 0xb2: /* lss addr,reg */
568 case 0xb4: /* lfs addr,reg */
569 case 0xb5: /* lgs addr,reg */
570 if (INSTR_EmulateLDS( context, instr, long_op,
571 long_addr, segprefix, &len ))
573 context->Eip += prefixlen + len;
578 break; /* Unable to emulate it */
580 case 0x6c: /* insb */
581 case 0x6d: /* insw/d */
582 case 0x6e: /* outsb */
583 case 0x6f: /* outsw/d */
585 int typ = *instr; /* Just in case it's overwritten. */
586 int outp = (typ >= 0x6e);
587 unsigned long count = repX ?
588 (long_addr ? context->Ecx : LOWORD(context->Ecx)) : 1;
589 int opsize = (typ & 1) ? (long_op ? 4 : 2) : 1;
590 int step = (context->EFlags & 0x400) ? -opsize : +opsize;
591 int seg = outp ? context->SegDs : context->SegEs; /* FIXME: is this right? */
594 /* FIXME: Check segment readable. */
597 /* FIXME: Check segment writeable. */
602 if (long_addr) context->Ecx = 0;
603 else SET_LOWORD(context->Ecx,0);
609 WORD dx = LOWORD(context->Edx);
612 data = make_ptr( context, seg, context->Esi, long_addr );
613 if (long_addr) context->Esi += step;
614 else ADD_LOWORD(context->Esi,step);
618 data = make_ptr( context, seg, context->Edi, long_addr );
619 if (long_addr) context->Edi += step;
620 else ADD_LOWORD(context->Edi,step);
626 *(BYTE *)data = INSTR_inport( dx, 1, context );
630 *(DWORD *)data = INSTR_inport( dx, 4, context );
632 *(WORD *)data = INSTR_inport( dx, 2, context );
635 INSTR_outport( dx, 1, *(BYTE *)data, context );
639 INSTR_outport( dx, 4, *(DWORD *)data, context );
641 INSTR_outport( dx, 2, *(WORD *)data, context );
645 context->Eip += prefixlen + 1;
649 case 0x8e: /* mov XX,segment_reg */
652 BYTE *addr = INSTR_GetOperandAddr(context, instr + 1,
653 long_addr, segprefix, &len );
655 break; /* Unable to emulate it */
657 if (!INSTR_ReplaceSelector( context, &seg ))
658 break; /* Unable to emulate it */
660 switch((instr[1] >> 3) & 7)
663 context->SegEs = seg;
664 context->Eip += prefixlen + len + 1;
669 context->SegSs = seg;
670 context->Eip += prefixlen + len + 1;
673 context->SegDs = seg;
674 context->Eip += prefixlen + len + 1;
677 context->SegFs = seg;
678 context->Eip += prefixlen + len + 1;
681 context->SegGs = seg;
682 context->Eip += prefixlen + len + 1;
689 break; /* Unable to emulate it */
691 case 0xc4: /* les addr,reg */
692 case 0xc5: /* lds addr,reg */
693 if (INSTR_EmulateLDS( context, instr, long_op,
694 long_addr, segprefix, &len ))
696 context->Eip += prefixlen + len;
699 break; /* Unable to emulate it */
701 case 0xcd: /* int <XX> */
702 if (IS_SELECTOR_SYSTEM(context->SegCs))
704 /* Win32 applications cannot use interrupts */
705 ret = EXCEPTION_ACCESS_VIOLATION;
708 else if (!Dosvm.EmulateInterruptPM && !DPMI_LoadDosSystem())
710 ERR("could not initialize interrupt handling\n");
714 context->Eip += prefixlen + 2;
715 Dosvm.EmulateInterruptPM( context, instr[1] );
718 break; /* Unable to emulate it */
720 case 0xcf: /* iret */
723 DWORD *stack = get_stack( context );
724 context->Eip = *stack++;
725 context->SegCs = *stack++;
726 context->EFlags = *stack;
727 add_stack(context, 3*sizeof(DWORD)); /* Pop the return address and flags */
731 WORD *stack = get_stack( context );
732 context->Eip = *stack++;
733 context->SegCs = *stack++;
734 SET_LOWORD(context->EFlags,*stack);
735 add_stack(context, 3*sizeof(WORD)); /* Pop the return address and flags */
739 case 0xe4: /* inb al,XX */
740 SET_LOBYTE(context->Eax,INSTR_inport( instr[1], 1, context ));
741 context->Eip += prefixlen + 2;
744 case 0xe5: /* in (e)ax,XX */
746 context->Eax = INSTR_inport( instr[1], 4, context );
748 SET_LOWORD(context->Eax, INSTR_inport( instr[1], 2, context ));
749 context->Eip += prefixlen + 2;
752 case 0xe6: /* outb XX,al */
753 INSTR_outport( instr[1], 1, LOBYTE(context->Eax), context );
754 context->Eip += prefixlen + 2;
757 case 0xe7: /* out XX,(e)ax */
759 INSTR_outport( instr[1], 4, context->Eax, context );
761 INSTR_outport( instr[1], 2, LOWORD(context->Eax), context );
762 context->Eip += prefixlen + 2;
765 case 0xec: /* inb al,dx */
766 SET_LOBYTE(context->Eax, INSTR_inport( LOWORD(context->Edx), 1, context ) );
767 context->Eip += prefixlen + 1;
770 case 0xed: /* in (e)ax,dx */
772 context->Eax = INSTR_inport( LOWORD(context->Edx), 4, context );
774 SET_LOWORD(context->Eax, INSTR_inport( LOWORD(context->Edx), 2, context ));
775 context->Eip += prefixlen + 1;
778 case 0xee: /* outb dx,al */
779 INSTR_outport( LOWORD(context->Edx), 1, LOBYTE(context->Eax), context );
780 context->Eip += prefixlen + 1;
783 case 0xef: /* out dx,(e)ax */
785 INSTR_outport( LOWORD(context->Edx), 4, context->Eax, context );
787 INSTR_outport( LOWORD(context->Edx), 2, LOWORD(context->Eax), context );
788 context->Eip += prefixlen + 1;
792 NtCurrentTeb()->dpmi_vif = 0;
793 context->Eip += prefixlen + 1;
797 NtCurrentTeb()->dpmi_vif = 1;
798 context->Eip += prefixlen + 1;
799 if (NtCurrentTeb()->vm86_pending)
801 NtCurrentTeb()->vm86_pending = 0;
802 return EXCEPTION_VM86_STI;
806 return ret; /* Unable to emulate it */
809 #endif /* __i386__ */
projects / wine / blob