Index: /trunk/src/VBox/VMM/VMMAll/IEMAll.cpp =================================================================== --- /trunk/src/VBox/VMM/VMMAll/IEMAll.cpp (revision 62256) +++ /trunk/src/VBox/VMM/VMMAll/IEMAll.cpp (revision 62257) @@ -9906,10 +9906,10 @@ * @returns Strict VBox status code. * @param pVCpu The cross context virtual CPU structure of the calling thread. - * @param cbMem The number of bytes to push onto the stack. + * @param cbMem The number of bytes to pop from the stack. * @param ppvMem Where to return the pointer to the stack memory. * @param puNewRsp Where to return the new RSP value. This must be - * passed unchanged to - * iemMemStackPopCommitSpecial() or applied - * manually if iemMemStackPopDoneSpecial() is used. + * assigned to CPUMCTX::rsp manually some time + * after iemMemStackPopDoneSpecial() has been + * called. */ IEM_STATIC VBOXSTRICTRC iemMemStackPopBeginSpecial(PVMCPU pVCpu, size_t cbMem, void const **ppvMem, uint64_t *puNewRsp) @@ -9929,15 +9929,15 @@ * @returns Strict VBox status code. * @param pVCpu The cross context virtual CPU structure of the calling thread. - * @param cbMem The number of bytes to push onto the stack. + * @param cbMem The number of bytes to pop from the stack. * @param ppvMem Where to return the pointer to the stack memory. * @param puNewRsp Where to return the new RSP value. This must be - * passed unchanged to - * iemMemStackPopCommitSpecial() or applied - * manually if iemMemStackPopDoneSpecial() is used. + * assigned to CPUMCTX::rsp manually some time + * after iemMemStackPopDoneSpecial() has been + * called. */ IEM_STATIC VBOXSTRICTRC iemMemStackPopContinueSpecial(PVMCPU pVCpu, size_t cbMem, void const **ppvMem, uint64_t *puNewRsp) { Assert(cbMem < UINT8_MAX); - PCPUMCTX pCtx = IEM_GET_CTX(pVCpu); + PCPUMCTX pCtx = IEM_GET_CTX(pVCpu); RTUINT64U NewRsp; NewRsp.u = *puNewRsp; @@ -9945,25 +9945,4 @@ *puNewRsp = NewRsp.u; return iemMemMap(pVCpu, (void **)ppvMem, cbMem, X86_SREG_SS, GCPtrTop, IEM_ACCESS_STACK_R); -} - - -/** - * Commits a special stack pop (started by iemMemStackPopBeginSpecial). - * - * This will update the rSP. - * - * @returns Strict VBox status code. - * @param pVCpu The cross context virtual CPU structure of the calling thread. - * @param pvMem The pointer returned by - * iemMemStackPopBeginSpecial(). - * @param uNewRsp The new RSP value returned by - * iemMemStackPopBeginSpecial(). - */ -IEM_STATIC VBOXSTRICTRC iemMemStackPopCommitSpecial(PVMCPU pVCpu, void const *pvMem, uint64_t uNewRsp) -{ - VBOXSTRICTRC rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)pvMem, IEM_ACCESS_STACK_R); - if (rcStrict == VINF_SUCCESS) - IEM_GET_CTX(pVCpu)->rsp = uNewRsp; - return rcStrict; } Index: /trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h =================================================================== --- /trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h (revision 62256) +++ /trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h (revision 62257) @@ -2162,4 +2162,9 @@ uNewCs = uPtrFrame.pu16[4]; } + rcStrict = iemMemStackPopDoneSpecial(pVCpu, uPtrFrame.pv); + if (RT_LIKELY(rcStrict == VINF_SUCCESS)) + { /* extremely likely */ } + else + return rcStrict; /* @@ -2179,7 +2184,5 @@ /* commit the operation. */ - rcStrict = iemMemStackPopCommitSpecial(pVCpu, uPtrFrame.pv, uNewRsp); - if (rcStrict != VINF_SUCCESS) - return rcStrict; + pCtx->rsp = uNewRsp; pCtx->rip = uNewRip; pCtx->cs.Sel = uNewCs; @@ -2266,10 +2269,9 @@ { /* Read the outer stack pointer stored *after* the parameters. */ - RTCPTRUNION uPtrStack; - rcStrict = iemMemStackPopContinueSpecial(pVCpu, cbPop + cbRetPtr, &uPtrStack.pv, &uNewRsp); + rcStrict = iemMemStackPopContinueSpecial(pVCpu, cbPop + cbRetPtr, &uPtrFrame.pv, &uNewRsp); if (rcStrict != VINF_SUCCESS) return rcStrict; - uPtrStack.pu8 += cbPop; /* Skip the parameters. */ + uPtrFrame.pu8 += cbPop; /* Skip the parameters. */ uint16_t uNewOuterSs; @@ -2277,17 +2279,22 @@ if (enmEffOpSize == IEMMODE_16BIT) { - uNewOuterRsp = uPtrStack.pu16[0]; - uNewOuterSs = uPtrStack.pu16[1]; + uNewOuterRsp = uPtrFrame.pu16[0]; + uNewOuterSs = uPtrFrame.pu16[1]; } else if (enmEffOpSize == IEMMODE_32BIT) { - uNewOuterRsp = uPtrStack.pu32[0]; - uNewOuterSs = uPtrStack.pu16[2]; + uNewOuterRsp = uPtrFrame.pu32[0]; + uNewOuterSs = uPtrFrame.pu16[2]; } else { - uNewOuterRsp = uPtrStack.pu64[0]; - uNewOuterSs = uPtrStack.pu16[4]; - } + uNewOuterRsp = uPtrFrame.pu64[0]; + uNewOuterSs = uPtrFrame.pu16[4]; + } + rcStrict = iemMemStackPopDoneSpecial(pVCpu, uPtrFrame.pv); + if (RT_LIKELY(rcStrict == VINF_SUCCESS)) + { /* extremely likely */ } + else + return rcStrict; /* Check for NULL stack selector (invalid in ring-3 and non-long mode) @@ -2411,7 +2418,5 @@ /* commit */ - rcStrict = iemMemStackPopCommitSpecial(pVCpu, uPtrFrame.pv, uNewRsp); - if (rcStrict != VINF_SUCCESS) - return rcStrict; + pCtx->rsp = uNewRsp; if (enmEffOpSize == IEMMODE_16BIT) pCtx->rip = uNewRip & UINT16_MAX; /** @todo Testcase: When exactly does this occur? With call it happens prior to the limit check according to Intel... */ @@ -2498,7 +2503,5 @@ /* commit */ - rcStrict = iemMemStackPopCommitSpecial(pVCpu, uPtrFrame.pv, uNewRsp); - if (rcStrict != VINF_SUCCESS) - return rcStrict; + pCtx->rsp = uNewRsp; if (enmEffOpSize == IEMMODE_16BIT) pCtx->rip = uNewRip & UINT16_MAX; /** @todo Testcase: When exactly does this occur? With call it happens prior to the limit check according to Intel... */ @@ -2862,4 +2865,10 @@ uNewFlags &= ~(X86_EFL_NT | X86_EFL_IOPL); } + rcStrict = iemMemStackPopDoneSpecial(pVCpu, uFrame.pv); + if (RT_LIKELY(rcStrict == VINF_SUCCESS)) + { /* extremely likely */ } + else + return rcStrict; + /** @todo Check how this is supposed to work if sp=0xfffe. */ Log7(("iemCImpl_iret_real_v8086: uNewCs=%#06x uNewRip=%#010x uNewFlags=%#x uNewRsp=%#18llx\n", @@ -2904,12 +2913,9 @@ * Commit the operation. */ - rcStrict = iemMemStackPopCommitSpecial(pVCpu, uFrame.pv, uNewRsp); - if (rcStrict != VINF_SUCCESS) - return rcStrict; #ifdef DBGFTRACE_ENABLED RTTraceBufAddMsgF(pVCpu->CTX_SUFF(pVM)->CTX_SUFF(hTraceBuf), "iret/rm %04x:%04x -> %04x:%04x %x %04llx", pCtx->cs.Sel, pCtx->eip, uNewCs, uNewEip, uNewFlags, uNewRsp); #endif - + pCtx->rsp = uNewRsp; pCtx->rip = uNewEip; pCtx->cs.Sel = uNewCs; @@ -3123,6 +3129,8 @@ uNewFlags = uFrame.pu16[2]; } - rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)uFrame.pv, IEM_ACCESS_STACK_R); /* don't use iemMemStackPopCommitSpecial here. */ - if (rcStrict != VINF_SUCCESS) + rcStrict = iemMemStackPopDoneSpecial(pVCpu, (void *)uFrame.pv); /* don't use iemMemStackPopCommitSpecial here. */ + if (RT_LIKELY(rcStrict == VINF_SUCCESS)) + { /* extremely likely */ } + else return rcStrict; Log7(("iemCImpl_iret_prot: uNewCs=%#06x uNewEip=%#010x uNewFlags=%#x uNewRsp=%#18llx\n", uNewCs, uNewEip, uNewFlags, uNewRsp)); @@ -3520,6 +3528,8 @@ uNewSs = uFrame.pu16[4]; } - rcStrict = iemMemCommitAndUnmap(pVCpu, (void *)uFrame.pv, IEM_ACCESS_STACK_R); /* don't use iemMemStackPopCommitSpecial here. */ - if (rcStrict != VINF_SUCCESS) + rcStrict = iemMemStackPopDoneSpecial(pVCpu, (void *)uFrame.pv); /* don't use iemMemStackPopCommitSpecial here. */ + if (RT_LIKELY(rcStrict == VINF_SUCCESS)) + { /* extremely like */ } + else return rcStrict; Log7(("iretq stack: cs:rip=%04x:%016RX64 rflags=%016RX64 ss:rsp=%04x:%016RX64\n", uNewCs, uNewRip, uNewFlags, uNewSs, uNewRsp));