VM on 680x0? Almost...

[Guy Harris]

> The 68010 and 68020 are ALMOST capable of supporting hypervisors.
> Unfortunately there is one thing you can't simulate: RTE (Return
> from Exception) into the middle of an instruction as a bus error
> recovery.  If the virtual machine trashes its stack, there is no
> way for the hypervisor to validate the stack other than to run a
> real, privileged RTE on that stack -- which could hang or kill the
> machine, since it contains numerous internal registers including
> the microprogram counter (uPC).  The chip itself is pretty lax about
> validating the stack; it will load anything that looks half reasonable.

The GE 645 (original MULTICS machine) had the same problem - there was
a "store CPU state" instruction (don't remember the actual name) and
a "restore CPU state" instruction used to handle page faults in the
middle of complex instructions.  MULTICS solved this by having the kernel
(ring 0) validate the state to be restored before it did the restore
instruction.

The state included the doubleword (72 bits) containing the instruction,
which was used as a cute way to handle the problem of continuing after
breakpoints.  Normally, if you set a breakpoint by stuffing in a breakpoint
trap instruction, to continue after the breakpoint you have to restore
the original instruction, single-step over it, put the breakpoint trap
back, and continue.  The MULTICS debugger just replaced the breakpoint
trap instruction in the instruction doubleword image with the real
instruction and restored the state.

	Guy Harris
	{seismo,ihnp4,allegra}!rlgvax!guy