• Top
    • Documentation
    • Books
    • Recursion-and-induction
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
      • X86isa
        • Program-execution
        • Introduction
        • X86isa-build-instructions
        • Publications
        • Contributors
        • Machine
          • Syscalls
          • Cpuid
          • X86isa-state
          • Linear-memory
          • Rflag-specifications
          • Characterizing-undefined-behavior
          • Top-level-memory
          • App-view
          • X86-decoder
            • Get-prefixes
            • Vex-0f3a-execute
            • Vex-0f38-execute
            • Vex-0f-execute
            • Two-byte-opcode-execute
            • Second-three-byte-opcode-execute
            • One-byte-opcode-execute
            • First-three-byte-opcode-execute
            • Evex-0f3a-execute
            • Evex-0f38-execute
            • Evex-0f-execute
            • X86-fetch-decode-execute
            • Vex-decode-and-execute
            • Evex-decode-and-execute
            • Opcode-maps
            • X86-run
            • Implemented-opcodes
            • Three-byte-opcode-decode-and-execute
              • X86-run-halt-count
              • Two-byte-opcode-decode-and-execute
              • X86-run-steps
              • X86-fetch-decode-execute-halt
              • X86-run-halt
              • X86-run-steps1
            • Physical-memory
            • Decoding-and-spec-utils
            • Instructions
            • X86-modes
            • Segmentation
            • Register-readers-and-writers
            • Other-non-deterministic-computations
            • Environment
            • Paging
          • Implemented-opcodes
          • Proof-utilities
          • To-do
          • Concrete-simulation-examples
          • Model-validation
          • Utils
          • Debugging-code-proofs
        • Execloader
        • Axe
      • Testing-utilities
      • Math
    • X86-decoder

    Three-byte-opcode-decode-and-execute

    Decoder and dispatch function for three-byte opcodes, where 0x0F 0x38 are the first two opcode bytes

    Signature
    (three-byte-opcode-decode-and-execute 
     proc-mode start-rip temp-rip prefixes 
     rex-byte second-escape-byte x86) 
 
  → 
x86

    Source: Intel Manual, Volume 2, Appendix A-2

    Definitions and Theorems

    Function: three-byte-opcode-decode-and-execute

    (defun
 three-byte-opcode-decode-and-execute
 (proc-mode start-rip temp-rip prefixes
            rex-byte second-escape-byte x86)
 (declare (xargs :stobjs (x86)))
 (declare (type (integer 0 4) proc-mode)
          (type (signed-byte 48) start-rip)
          (type (signed-byte 48) temp-rip)
          (type (unsigned-byte 52) prefixes)
          (type (unsigned-byte 8) rex-byte)
          (type (unsigned-byte 8)
                second-escape-byte))
 (declare (xargs :guard (or (equal second-escape-byte 56)
                            (equal second-escape-byte 58))))
 (let
  ((__function__ 'three-byte-opcode-decode-and-execute))
  (declare (ignorable __function__))
  (b*
   ((ctx 'three-byte-opcode-decode-and-execute)
    ((mv flg0 (the (unsigned-byte 8) opcode)
         x86)
     (rme08 proc-mode temp-rip 1 :x x86))
    ((when flg0)
     (!!ms-fresh :opcode-byte-access-error flg0))
    ((mv flg temp-rip)
     (add-to-*ip proc-mode temp-rip 1 x86))
    ((when flg)
     (!!ms-fresh :increment-error flg))
    ((the (unsigned-byte 8) mandatory-prefix)
     (compute-mandatory-prefix-for-three-byte-opcode
          proc-mode
          second-escape-byte opcode prefixes))
    (modr/m? (three-byte-opcode-modr/m-p proc-mode mandatory-prefix
                                         second-escape-byte opcode))
    ((mv flg1 (the (unsigned-byte 8) modr/m)
         x86)
     (if modr/m?
         (rme08 proc-mode temp-rip 1 :x x86)
         (mv nil 0 x86)))
    ((when flg1)
     (!!ms-fresh :modr/m-byte-read-error flg1))
    ((mv flg temp-rip)
     (if modr/m?
         (add-to-*ip proc-mode temp-rip 1 x86)
         (mv nil temp-rip)))
    ((when flg)
     (!!ms-fresh :increment-error flg))
    (sib?
      (and modr/m?
           (b* ((p4? (eql 103 (prefixes->adr prefixes)))
                (16-bit-addressp
                     (eql 2
                          (select-address-size proc-mode p4? x86))))
               (x86-decode-sib-p modr/m 16-bit-addressp))))
    ((mv flg2 (the (unsigned-byte 8) sib)
         x86)
     (if sib? (rme08 proc-mode temp-rip 1 :x x86)
         (mv nil 0 x86)))
    ((when flg2)
     (!!ms-fresh :sib-byte-read-error flg2))
    ((mv flg temp-rip)
     (if sib?
         (add-to-*ip proc-mode temp-rip 1 x86)
         (mv nil temp-rip)))
    ((when flg)
     (!!ms-fresh :increment-error flg)))
   (case
    second-escape-byte
    (56 (first-three-byte-opcode-execute
             proc-mode
             start-rip temp-rip prefixes rex-byte
             mandatory-prefix opcode modr/m sib x86))
    (58 (second-three-byte-opcode-execute
             proc-mode
             start-rip temp-rip prefixes rex-byte
             mandatory-prefix opcode modr/m sib x86))
    (otherwise
     (!!ms-fresh
       :illegal-value-of-second-escape-byte second-escape-byte))))))

    Theorem: x86p-three-byte-opcode-decode-and-execute

    (defthm x86p-three-byte-opcode-decode-and-execute
        (implies (x86p x86)
                 (x86p (three-byte-opcode-decode-and-execute
                            proc-mode start-rip temp-rip
                            prefixes rex-byte escape-byte x86))))