VirtualBox

source: vbox/trunk/src/VBox/VMM/VMMGC/TRPMGCHandlersA.asm@ 21116

Last change on this file since 21116 was 20673, checked in by vboxsync, 16 years ago

VMM: don't clobber pTRPMCPU

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 43.0 KB
Line 
1; $Id: TRPMGCHandlersA.asm 20673 2009-06-17 16:00:46Z vboxsync $
2;; @file
3; TRPM - Guest Context Trap Handlers
4;
5
6; Copyright (C) 2006-2007 Sun Microsystems, Inc.
7;
8; This file is part of VirtualBox Open Source Edition (OSE), as
9; available from http://www.virtualbox.org. This file is free software;
10; you can redistribute it and/or modify it under the terms of the GNU
11; General Public License (GPL) as published by the Free Software
12; Foundation, in version 2 as it comes in the "COPYING" file of the
13; VirtualBox OSE distribution. VirtualBox OSE is distributed in the
14; hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
15;
16; Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
17; Clara, CA 95054 USA or visit http://www.sun.com if you need
18; additional information or have any questions.
19;
20
21;*******************************************************************************
22;* Header Files *
23;*******************************************************************************
24%include "VMMGC.mac"
25%include "VBox/x86.mac"
26%include "VBox/cpum.mac"
27%include "VBox/stam.mac"
28%include "VBox/vm.mac"
29%include "TRPMInternal.mac"
30%include "VBox/err.mac"
31%include "VBox/trpm.mac"
32
33
34;*******************************************************************************
35;* External Symbols *
36;*******************************************************************************
37extern IMPNAME(g_CPUM) ; These IMPNAME(g_*) symbols resolve to the import table
38extern IMPNAME(g_TRPM) ; where there is a pointer to the real symbol. PE imports
39extern IMPNAME(g_TRPMCPU) ; are a bit confusing at first... :-)
40extern IMPNAME(g_VM)
41extern NAME(CPUMGCRestoreInt)
42extern NAME(cpumHandleLazyFPUAsm)
43extern NAME(CPUMHyperSetCtxCore)
44extern NAME(trpmGCTrapInGeneric)
45extern NAME(TRPMGCHyperTrap0bHandler)
46extern NAME(TRPMGCHyperTrap0dHandler)
47extern NAME(TRPMGCHyperTrap0eHandler)
48extern NAME(TRPMGCTrap01Handler)
49%ifdef VBOX_WITH_NMI
50extern NAME(TRPMGCTrap02Handler)
51%endif
52extern NAME(TRPMGCTrap03Handler)
53extern NAME(TRPMGCTrap06Handler)
54extern NAME(TRPMGCTrap0bHandler)
55extern NAME(TRPMGCTrap0dHandler)
56extern NAME(TRPMGCTrap0eHandler)
57extern NAME(TRPMGCTrap07Handler)
58
59;; IMPORTANT all COM_ functions trashes esi, some edi and the LOOP_SHORT_WHILE kills ecx.
60;%define DEBUG_STUFF 1
61;%define DEBUG_STUFF_TRPG 1
62;%define DEBUG_STUFF_INT 1
63
64BEGINCODE
65
66;;
67; Jump table for trap handlers for hypervisor traps.
68;
69g_apfnStaticTrapHandlersHyper:
70 ; N - M M - T - C - D i
71 ; o - n o - y - o - e p
72 ; - e n - p - d - s t
73 ; - i - e - e - c .
74 ; - c - - - r
75 ; =============================================================
76 dd 0 ; 0 - #DE - F - N - Divide error
77 dd NAME(TRPMGCTrap01Handler) ; 1 - #DB - F/T - N - Single step, INT 1 instruction
78%ifdef VBOX_WITH_NMI
79 dd NAME(TRPMGCTrap02Handler) ; 2 - - I - N - Non-Maskable Interrupt (NMI)
80%else
81 dd 0 ; 2 - - I - N - Non-Maskable Interrupt (NMI)
82%endif
83 dd NAME(TRPMGCTrap03Handler) ; 3 - #BP - T - N - Breakpoint, INT 3 instruction.
84 dd 0 ; 4 - #OF - T - N - Overflow, INTO instruction.
85 dd 0 ; 5 - #BR - F - N - BOUND Range Exceeded, BOUND instruction.
86 dd 0 ; 6 - #UD - F - N - Undefined(/Invalid) Opcode.
87 dd 0 ; 7 - #NM - F - N - Device not available, FP or (F)WAIT instruction.
88 dd 0 ; 8 - #DF - A - 0 - Double fault.
89 dd 0 ; 9 - - F - N - Coprocessor Segment Overrun (obsolete).
90 dd 0 ; a - #TS - F - Y - Invalid TSS, Taskswitch or TSS access.
91 dd NAME(TRPMGCHyperTrap0bHandler) ; b - #NP - F - Y - Segment not present.
92 dd 0 ; c - #SS - F - Y - Stack-Segment fault.
93 dd NAME(TRPMGCHyperTrap0dHandler) ; d - #GP - F - Y - General protection fault.
94 dd NAME(TRPMGCHyperTrap0eHandler) ; e - #PF - F - Y - Page fault.
95 dd 0 ; f - - - - Intel Reserved. Do not use.
96 dd 0 ; 10 - #MF - F - N - x86 FPU Floating-Point Error (Math fault), FP or (F)WAIT instruction.
97 dd 0 ; 11 - #AC - F - 0 - Alignment Check.
98 dd 0 ; 12 - #MC - A - N - Machine Check.
99 dd 0 ; 13 - #XF - F - N - SIMD Floating-Point Exception.
100 dd 0 ; 14 - - - - Intel Reserved. Do not use.
101 dd 0 ; 15 - - - - Intel Reserved. Do not use.
102 dd 0 ; 16 - - - - Intel Reserved. Do not use.
103 dd 0 ; 17 - - - - Intel Reserved. Do not use.
104 dd 0 ; 18 - - - - Intel Reserved. Do not use.
105
106
107;;
108; Jump table for trap handlers for guest traps
109;
110g_apfnStaticTrapHandlersGuest:
111 ; N - M M - T - C - D i
112 ; o - n o - y - o - e p
113 ; - e n - p - d - s t
114 ; - i - e - e - c .
115 ; - c - - - r
116 ; =============================================================
117 dd 0 ; 0 - #DE - F - N - Divide error
118 dd NAME(TRPMGCTrap01Handler) ; 1 - #DB - F/T - N - Single step, INT 1 instruction
119%ifdef VBOX_WITH_NMI
120 dd NAME(TRPMGCTrap02Handler) ; 2 - - I - N - Non-Maskable Interrupt (NMI)
121%else
122 dd 0 ; 2 - - I - N - Non-Maskable Interrupt (NMI)
123%endif
124 dd NAME(TRPMGCTrap03Handler) ; 3 - #BP - T - N - Breakpoint, INT 3 instruction.
125 dd 0 ; 4 - #OF - T - N - Overflow, INTO instruction.
126 dd 0 ; 5 - #BR - F - N - BOUND Range Exceeded, BOUND instruction.
127 dd NAME(TRPMGCTrap06Handler) ; 6 - #UD - F - N - Undefined(/Invalid) Opcode.
128 dd NAME(TRPMGCTrap07Handler) ; 7 - #NM - F - N - Device not available, FP or (F)WAIT instruction.
129 dd 0 ; 8 - #DF - A - 0 - Double fault.
130 dd 0 ; 9 - - F - N - Coprocessor Segment Overrun (obsolete).
131 dd 0 ; a - #TS - F - Y - Invalid TSS, Taskswitch or TSS access.
132 dd NAME(TRPMGCTrap0bHandler) ; b - #NP - F - Y - Segment not present.
133 dd 0 ; c - #SS - F - Y - Stack-Segment fault.
134 dd NAME(TRPMGCTrap0dHandler) ; d - #GP - F - Y - General protection fault.
135 dd NAME(TRPMGCTrap0eHandler) ; e - #PF - F - Y - Page fault.
136 dd 0 ; f - - - - Intel Reserved. Do not use.
137 dd 0 ; 10 - #MF - F - N - x86 FPU Floating-Point Error (Math fault), FP or (F)WAIT instruction.
138 dd 0 ; 11 - #AC - F - 0 - Alignment Check.
139 dd 0 ; 12 - #MC - A - N - Machine Check.
140 dd 0 ; 13 - #XF - F - N - SIMD Floating-Point Exception.
141 dd 0 ; 14 - - - - Intel Reserved. Do not use.
142 dd 0 ; 15 - - - - Intel Reserved. Do not use.
143 dd 0 ; 16 - - - - Intel Reserved. Do not use.
144 dd 0 ; 17 - - - - Intel Reserved. Do not use.
145 dd 0 ; 18 - - - - Intel Reserved. Do not use.
146
147
148
149;;
150; We start by 24 push <vector no.> + jmp <generic entry point>
151;
152ALIGNCODE(16)
153BEGINPROC_EXPORTED TRPMGCHandlerGeneric
154%macro TRPMGenericEntry 1
155 db 06ah, i ; push imm8 - note that this is a signextended value.
156 jmp %1
157 ALIGNCODE(8)
158%assign i i+1
159%endmacro
160
161%assign i 0 ; start counter.
162 TRPMGenericEntry GenericTrap ; 0
163 TRPMGenericEntry GenericTrap ; 1
164 TRPMGenericEntry GenericTrap ; 2
165 TRPMGenericEntry GenericTrap ; 3
166 TRPMGenericEntry GenericTrap ; 4
167 TRPMGenericEntry GenericTrap ; 5
168 TRPMGenericEntry GenericTrap ; 6
169 TRPMGenericEntry GenericTrap ; 7
170 TRPMGenericEntry GenericTrapErrCode ; 8
171 TRPMGenericEntry GenericTrap ; 9
172 TRPMGenericEntry GenericTrapErrCode ; a
173 TRPMGenericEntry GenericTrapErrCode ; b
174 TRPMGenericEntry GenericTrapErrCode ; c
175 TRPMGenericEntry GenericTrapErrCode ; d
176 TRPMGenericEntry GenericTrapErrCode ; e
177 TRPMGenericEntry GenericTrap ; f (reserved)
178 TRPMGenericEntry GenericTrap ; 10
179 TRPMGenericEntry GenericTrapErrCode ; 11
180 TRPMGenericEntry GenericTrap ; 12
181 TRPMGenericEntry GenericTrap ; 13
182 TRPMGenericEntry GenericTrap ; 14 (reserved)
183 TRPMGenericEntry GenericTrap ; 15 (reserved)
184 TRPMGenericEntry GenericTrap ; 16 (reserved)
185 TRPMGenericEntry GenericTrap ; 17 (reserved)
186%undef i
187%undef TRPMGenericEntry
188
189;;
190; Main exception handler for the guest context
191;
192; Stack:
193; 14 SS
194; 10 ESP
195; c EFLAGS
196; 8 CS
197; 4 EIP
198; 0 vector number
199;
200; @uses none
201;
202ALIGNCODE(8)
203GenericTrap:
204 ;
205 ; for the present we fake an error code ~0
206 ;
207 push eax
208 mov eax, 0ffffffffh
209 xchg [esp + 4], eax ; get vector number, set error code
210 xchg [esp], eax ; get saved eax, set vector number
211 jmp short GenericTrapErrCode
212
213
214;;
215; Main exception handler for the guest context with error code
216;
217; Stack:
218; 28 GS (V86 only)
219; 24 FS (V86 only)
220; 20 DS (V86 only)
221; 1C ES (V86 only)
222; 18 SS (only if ring transition.)
223; 14 ESP (only if ring transition.)
224; 10 EFLAGS
225; c CS
226; 8 EIP
227; 4 Error code. (~0 for vectors which don't take an error code.)
228; 0 vector number
229;
230; Error code:
231;
232; 31 16 15 3 2 1 0
233;
234; reserved segment TI IDT EXT
235; selector GDT/LDT (1) IDT External interrupt
236; index (IDT=0) index
237;
238; NOTE: Page faults (trap 14) have a different error code
239;
240; @uses none
241;
242ALIGNCODE(8)
243GenericTrapErrCode:
244 cld
245
246 ;
247 ; Setup CPUMCTXCORE frame
248 ;
249 ; ASSUMPTION: If trap in hypervisor, we assume that we can read two dword
250 ; under the bottom of the stack. This is atm safe.
251 ; ASSUMPTION: There is sufficient stack space.
252 ; ASSUMPTION: The stack is not write protected.
253 ;
254%define ESPOFF CPUMCTXCORE_size
255
256 sub esp, CPUMCTXCORE_size
257 mov [esp + CPUMCTXCORE.eax], eax
258 mov [esp + CPUMCTXCORE.ecx], ecx
259 mov [esp + CPUMCTXCORE.edx], edx
260 mov [esp + CPUMCTXCORE.ebx], ebx
261 mov [esp + CPUMCTXCORE.esi], esi
262 mov [esp + CPUMCTXCORE.edi], edi
263 mov [esp + CPUMCTXCORE.ebp], ebp
264
265 mov eax, [esp + 14h + ESPOFF] ; esp
266 mov [esp + CPUMCTXCORE.esp], eax
267%if GC_ARCH_BITS == 64
268 ; zero out the high dword
269 mov dword [esp + CPUMCTXCORE.esp + 4], 0
270%endif
271 mov eax, [esp + 18h + ESPOFF] ; ss
272 mov dword [esp + CPUMCTXCORE.ss], eax
273
274 mov eax, [esp + 0ch + ESPOFF] ; cs
275 mov dword [esp + CPUMCTXCORE.cs], eax
276 mov eax, [esp + 08h + ESPOFF] ; eip
277 mov [esp + CPUMCTXCORE.eip], eax
278%if GC_ARCH_BITS == 64
279 ; zero out the high dword
280 mov dword [esp + CPUMCTXCORE.eip + 4], 0
281%endif
282 mov eax, [esp + 10h + ESPOFF] ; eflags
283 mov [esp + CPUMCTXCORE.eflags], eax
284
285 mov eax, es
286 mov dword [esp + CPUMCTXCORE.es], eax
287 mov eax, ds
288 mov dword [esp + CPUMCTXCORE.ds], eax
289 mov eax, fs
290 mov dword [esp + CPUMCTXCORE.fs], eax
291 mov eax, gs
292 mov dword [esp + CPUMCTXCORE.gs], eax
293
294 test dword [esp + CPUMCTXCORE.eflags], X86_EFL_VM
295 jz short gt_SkipV86Entry
296
297 ;
298 ; The DS, ES, FS and GS registers are zeroed in V86 mode and their real values are on the stack
299 ;
300 mov eax, dword [esp + ESPOFF + 1Ch]
301 mov dword [esp + CPUMCTXCORE.es], eax
302
303 mov eax, dword [esp + ESPOFF + 20h]
304 mov dword [esp + CPUMCTXCORE.ds], eax
305
306 mov eax, dword [esp + ESPOFF + 24h]
307 mov dword [esp + CPUMCTXCORE.fs], eax
308
309 mov eax, dword [esp + ESPOFF + 28h]
310 mov dword [esp + CPUMCTXCORE.gs], eax
311
312gt_SkipV86Entry:
313 ;
314 ; Disable Ring-0 WP
315 ;
316 mov eax, cr0 ;; @todo elimitate this read?
317 and eax, ~X86_CR0_WRITE_PROTECT
318 mov cr0, eax
319
320 ;
321 ; Load Hypervisor DS and ES (get it from the SS)
322 ;
323 mov eax, ss
324 mov ds, eax
325 mov es, eax
326
327%ifdef VBOX_WITH_STATISTICS
328 ;
329 ; Start profiling.
330 ;
331 mov edx, [esp + 0h + ESPOFF] ; vector number
332 imul edx, edx, byte STAMPROFILEADV_size ; assumes < 128.
333 add edx, TRPM.aStatGCTraps
334 add edx, IMP(g_TRPM)
335 STAM_PROFILE_ADV_START edx
336%endif
337
338 ;
339 ; Store the information about the active trap/interrupt.
340 ;
341 mov eax, IMP(g_TRPMCPU)
342 movzx edx, byte [esp + 0h + ESPOFF] ; vector number
343 mov [eax + TRPMCPU.uActiveVector], edx
344 mov edx, [esp + 4h + ESPOFF] ; error code
345 mov [eax + TRPMCPU.uActiveErrorCode], edx
346 mov dword [eax + TRPMCPU.enmActiveType], TRPM_TRAP
347 mov edx, cr2 ;; @todo Check how expensive cr2 reads are!
348 mov dword [eax + TRPMCPU.uActiveCR2], edx
349
350%if GC_ARCH_BITS == 64
351 ; zero out the high dword
352 mov dword [eax + TRPMCPU.uActiveErrorCode + 4], 0
353 mov dword [eax + TRPMCPU.uActiveCR2 + 4], 0
354%endif
355
356 ;
357 ; Check if we're in Hypervisor when this happend.
358 ;
359 test dword [esp + CPUMCTXCORE.eflags], X86_EFL_VM
360 jnz short gt_NotHyperVisor
361
362 test byte [esp + 0ch + ESPOFF], 3h ; check CPL of the cs selector
363 jz near gt_InHypervisor
364
365 ;
366 ; Trap in guest code.
367 ;
368gt_NotHyperVisor:
369%ifdef DEBUG_STUFF_TRPG
370 mov ebx, [esp + 4h + ESPOFF] ; error code
371 mov ecx, 'trpG' ; indicate trap.
372 mov edx, [esp + 0h + ESPOFF] ; vector number
373 lea eax, [esp]
374 call trpmDbgDumpRegisterFrame
375%endif
376
377 ;
378 ; Do we have a GC handler for these traps?
379 ;
380 mov edx, [esp + 0h + ESPOFF] ; vector number
381 mov eax, [g_apfnStaticTrapHandlersGuest + edx * 4]
382 or eax, eax
383 jnz short gt_HaveHandler
384 mov eax, VINF_EM_RAW_GUEST_TRAP
385 jmp short gt_GuestTrap
386
387 ;
388 ; Call static handler.
389 ;
390gt_HaveHandler:
391 push esp ; Param 2 - CPUMCTXCORE pointer.
392 push dword IMP(g_TRPMCPU) ; Param 1 - Pointer to TRPMCPU
393 call eax
394 add esp, byte 8 ; cleanup stack (cdecl)
395 or eax, eax
396 je near gt_continue_guest
397
398 ;
399 ; Switch back to the host and process it there.
400 ;
401gt_GuestTrap:
402%ifdef VBOX_WITH_STATISTICS
403 mov edx, [esp + 0h + ESPOFF] ; vector number
404 imul edx, edx, byte STAMPROFILEADV_size ; assume < 128
405 add edx, IMP(g_TRPM)
406 add edx, TRPM.aStatGCTraps
407 STAM_PROFILE_ADV_STOP edx
408%endif
409 mov edx, IMP(g_VM)
410 call [edx + VM.pfnVMMGCGuestToHostAsmGuestCtx]
411
412 ;; @todo r=bird: is this path actually every taken? if not we should replace this code with a panic.
413 ;
414 ; We've returned!
415 ; N.B. The stack has been changed now! No CPUMCTXCORE any longer. esp = vector number.
416 ; N.B. Current scheduling design causes this code path to be unused.
417 ; N.B. Better not use it when in V86 mode!
418 ;
419
420 ; Enable WP
421 mov eax, cr0 ;; @todo try elimiate this read.
422 or eax, X86_CR0_WRITE_PROTECT
423 mov cr0, eax
424 ; Restore guest context and continue execution.
425 mov edx, IMP(g_CPUM)
426 lea eax, [esp + 8]
427 push eax
428 call NAME(CPUMGCRestoreInt)
429 lea esp, [esp + 0ch] ; cleanup call and skip vector & error code.
430
431 iret
432
433
434 ;
435 ; Continue(/Resume/Restart/Whatever) guest execution.
436 ;
437ALIGNCODE(16)
438gt_continue_guest:
439%ifdef VBOX_WITH_STATISTICS
440 mov edx, [esp + 0h + ESPOFF] ; vector number
441 imul edx, edx, byte STAMPROFILEADV_size ; assumes < 128
442 add edx, TRPM.aStatGCTraps
443 add edx, IMP(g_TRPM)
444 STAM_PROFILE_ADV_STOP edx
445%endif
446
447 ; enable WP
448 mov eax, cr0 ;; @todo try elimiate this read.
449 or eax, X86_CR0_WRITE_PROTECT
450 mov cr0, eax
451
452 ; restore guest state and start executing again.
453 test dword [esp + CPUMCTXCORE.eflags], X86_EFL_VM
454 jnz gt_V86Return
455
456 mov ecx, [esp + CPUMCTXCORE.ecx]
457 mov edx, [esp + CPUMCTXCORE.edx]
458 mov ebx, [esp + CPUMCTXCORE.ebx]
459 mov ebp, [esp + CPUMCTXCORE.ebp]
460 mov esi, [esp + CPUMCTXCORE.esi]
461 mov edi, [esp + CPUMCTXCORE.edi]
462
463 mov eax, [esp + CPUMCTXCORE.esp]
464 mov [esp + 14h + ESPOFF], eax ; esp
465 mov eax, dword [esp + CPUMCTXCORE.ss]
466 mov [esp + 18h + ESPOFF], eax ; ss
467
468 mov eax, dword [esp + CPUMCTXCORE.gs]
469 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_GS
470 mov gs, eax
471
472 mov eax, dword [esp + CPUMCTXCORE.fs]
473 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_FS
474 mov fs, eax
475
476 mov eax, dword [esp + CPUMCTXCORE.es]
477 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_ES
478 mov es, eax
479
480 mov eax, dword [esp + CPUMCTXCORE.ds]
481 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_DS
482 mov ds, eax
483
484 mov eax, dword [esp + CPUMCTXCORE.cs]
485 mov [esp + 0ch + ESPOFF], eax ; cs
486 mov eax, [esp + CPUMCTXCORE.eflags]
487 mov [esp + 10h + ESPOFF], eax ; eflags
488 mov eax, [esp + CPUMCTXCORE.eip]
489 mov [esp + 08h + ESPOFF], eax ; eip
490
491 ; finally restore our scratch register eax
492 mov eax, [esp + CPUMCTXCORE.eax]
493
494 add esp, ESPOFF + 8 ; skip CPUMCTXCORE structure, error code and vector number
495
496 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_IRET
497 iret
498
499ALIGNCODE(16)
500gt_V86Return:
501 mov ecx, [esp + CPUMCTXCORE.ecx]
502 mov edx, [esp + CPUMCTXCORE.edx]
503 mov ebx, [esp + CPUMCTXCORE.ebx]
504 mov ebp, [esp + CPUMCTXCORE.ebp]
505 mov esi, [esp + CPUMCTXCORE.esi]
506 mov edi, [esp + CPUMCTXCORE.edi]
507
508 mov eax, [esp + CPUMCTXCORE.esp]
509 mov [esp + 14h + ESPOFF], eax ; esp
510 mov eax, dword [esp + CPUMCTXCORE.ss]
511 mov [esp + 18h + ESPOFF], eax ; ss
512
513 mov eax, dword [esp + CPUMCTXCORE.es]
514 mov [esp + 1ch + ESPOFF], eax ; es
515 mov eax, dword [esp + CPUMCTXCORE.ds]
516 mov [esp + 20h + ESPOFF], eax ; ds
517 mov eax, dword [esp + CPUMCTXCORE.fs]
518 mov [esp + 24h + ESPOFF], eax ; fs
519 mov eax, dword [esp + CPUMCTXCORE.gs]
520 mov [esp + 28h + ESPOFF], eax ; gs
521
522 mov eax, [esp + CPUMCTXCORE.eip]
523 mov [esp + 08h + ESPOFF], eax ; eip
524 mov eax, dword [esp + CPUMCTXCORE.cs]
525 mov [esp + 0ch + ESPOFF], eax ; cs
526 mov eax, [esp + CPUMCTXCORE.eflags]
527 mov [esp + 10h + ESPOFF], eax ; eflags
528
529 ; finally restore our scratch register eax
530 mov eax, [esp + CPUMCTXCORE.eax]
531
532 add esp, ESPOFF + 8 ; skip CPUMCTXCORE structure, error code and vector number
533
534 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_IRET | TRPM_TRAP_IN_V86
535 iret
536
537 ;
538 ; Trap in Hypervisor, try to handle it.
539 ;
540 ; (eax = pTRPMCPU)
541 ;
542ALIGNCODE(16)
543gt_InHypervisor:
544 ; fix ss:esp.
545 lea ebx, [esp + 14h + ESPOFF] ; calc esp at trap
546 mov [esp + CPUMCTXCORE.esp], ebx; update esp in register frame
547 mov [esp + CPUMCTXCORE.ss], ss ; update ss in register frame
548
549 ; tell cpum about the context core.
550 xchg esi, eax ; save pTRPMCPU - @todo reallocate this variable to esi, edi, or ebx
551 push esp ; Param 2 - The new CPUMCTXCORE pointer.
552 mov eax, IMP(g_VM) ; Param 1 - Pointer to the VMCPU.
553 add eax, [eax + VM.offVMCPU]
554 push eax
555 call NAME(CPUMHyperSetCtxCore)
556 add esp, byte 8 ; stack cleanup (cdecl)
557 xchg eax, esi ; restore pTRPMCPU
558
559 ; check for temporary handler.
560 movzx ebx, byte [eax + TRPMCPU.uActiveVector]
561 mov esi, IMP(g_TRPM) ; keep eax == pTRPMCPU
562 xor ecx, ecx
563 xchg ecx, [esi + TRPM.aTmpTrapHandlers + ebx * 4] ; ecx = Temp handler pointer or 0
564 or ecx, ecx
565 jnz short gt_Hyper_HaveTemporaryHandler
566
567 ; check for static trap handler.
568 mov ecx, [g_apfnStaticTrapHandlersHyper + ebx * 4] ; ecx = Static handler pointer or 0
569 or ecx, ecx
570 jnz short gt_Hyper_HaveStaticHandler
571 jmp gt_Hyper_AbandonShip
572
573
574 ;
575 ; Temporary trap handler present, call it (CDECL).
576 ;
577gt_Hyper_HaveTemporaryHandler:
578 push esp ; Param 2 - Pointer to CPUMCTXCORE.
579 push IMP(g_VM) ; Param 1 - Pointer to VM.
580 call ecx
581 add esp, byte 8 ; cleanup stack (cdecl)
582
583 cmp eax, byte VINF_SUCCESS ; If completely handled Then resume execution.
584 je near gt_Hyper_Continue
585 ;; @todo Handle ALL returns types from temporary handlers!
586 jmp gt_Hyper_AbandonShip
587
588
589 ;
590 ; Static trap handler present, call it (CDECL).
591 ;
592gt_Hyper_HaveStaticHandler:
593 push esp ; Param 2 - Pointer to CPUMCTXCORE.
594 push eax ; Param 1 - Pointer to TRPMCPU
595 call ecx
596 add esp, byte 8 ; cleanup stack (cdecl)
597
598 cmp eax, byte VINF_SUCCESS ; If completely handled Then resume execution.
599 je short gt_Hyper_Continue
600 cmp eax, VINF_EM_DBG_HYPER_STEPPED
601 je short gt_Hyper_ToHost
602 cmp eax, VINF_EM_DBG_HYPER_BREAKPOINT
603 je short gt_Hyper_ToHost
604 cmp eax, VINF_EM_DBG_HYPER_ASSERTION
605 je short gt_Hyper_ToHost
606 jmp gt_Hyper_AbandonShip
607
608 ;
609 ; Pop back to the host to service the error.
610 ;
611gt_Hyper_ToHost:
612 mov ecx, esp
613 mov edx, IMP(g_VM)
614 call [edx + VM.pfnVMMGCGuestToHostAsm]
615 jmp short gt_Hyper_Continue
616
617 ;
618 ; Continue(/Resume/Restart/Whatever) hypervisor execution.
619 ; Don't reset the TRPM state. Caller takes care of that.
620 ;
621ALIGNCODE(16)
622gt_Hyper_Continue:
623%ifdef DEBUG_STUFF
624 mov ebx, [esp + 4h + ESPOFF] ; error code
625 mov ecx, 'resH' ; indicate trap.
626 mov edx, [esp + 0h + ESPOFF] ; vector number
627 lea eax, [esp]
628 call trpmDbgDumpRegisterFrame
629%endif
630 ; tell CPUM to use the default CPUMCTXCORE.
631 push byte 0 ; Param 2 - NULL indicating use default context core.
632 mov eax, IMP(g_VM) ; Param 1 - Pointer to the VMCPU.
633 add eax, [eax + VM.offVMCPU]
634 push eax
635 call NAME(CPUMHyperSetCtxCore)
636 add esp, byte 8 ; stack cleanup (cdecl)
637
638%ifdef VBOX_WITH_STATISTICS
639 mov edx, [esp + 0h + ESPOFF] ; vector number
640 imul edx, edx, byte STAMPROFILEADV_size ; assumes < 128
641 add edx, TRPM.aStatGCTraps
642 add edx, IMP(g_TRPM)
643 STAM_PROFILE_ADV_STOP edx
644%endif
645
646 ; restore
647 mov ecx, [esp + CPUMCTXCORE.ecx]
648 mov edx, [esp + CPUMCTXCORE.edx]
649 mov ebx, [esp + CPUMCTXCORE.ebx]
650 mov ebp, [esp + CPUMCTXCORE.ebp]
651 mov esi, [esp + CPUMCTXCORE.esi]
652 mov edi, [esp + CPUMCTXCORE.edi]
653
654 mov eax, dword [esp + CPUMCTXCORE.gs]
655 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_GS | TRPM_TRAP_IN_HYPER
656 mov gs, eax
657
658 mov eax, dword [esp + CPUMCTXCORE.fs]
659 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_FS | TRPM_TRAP_IN_HYPER
660 mov fs, eax
661
662 mov eax, dword [esp + CPUMCTXCORE.es]
663 mov es, eax
664 mov eax, dword [esp + CPUMCTXCORE.ds]
665 mov ds, eax
666
667 ; skip esp & ss
668
669 mov eax, [esp + CPUMCTXCORE.eip]
670 mov [esp + 08h + ESPOFF], eax ; eip
671 mov eax, dword [esp + CPUMCTXCORE.cs]
672 mov [esp + 0ch + ESPOFF], eax ; cs
673 mov eax, [esp + CPUMCTXCORE.eflags]
674 mov [esp + 10h + ESPOFF], eax ; eflags
675
676 ; finally restore our scratch register eax
677 mov eax, [esp + CPUMCTXCORE.eax]
678
679 add esp, ESPOFF + 8 ; skip CPUMCTXCORE structure, error code and vector number
680
681 iret
682
683
684 ;
685 ; ABANDON SHIP! DON'T PANIC!
686 ;
687gt_Hyper_AbandonShip:
688%ifdef DEBUG_STUFF
689 mov ebx, [esp + 4h + ESPOFF] ; error code
690 mov ecx, 'trpH' ; indicate trap.
691 mov edx, [esp + 0h + ESPOFF] ; vector number
692 lea eax, [esp]
693 call trpmDbgDumpRegisterFrame
694%endif
695
696gt_Hyper_DontPanic:
697 mov ecx, esp
698 mov edx, IMP(g_VM)
699 mov eax, VERR_TRPM_DONT_PANIC
700 call [edx + VM.pfnVMMGCGuestToHostAsmHyperCtx]
701%ifdef DEBUG_STUFF
702 COM_S_PRINT 'bad!!!'
703%endif
704 jmp gt_Hyper_DontPanic ; this shall never ever happen!
705%undef ESPOFF
706ENDPROC TRPMGCHandlerGeneric
707
708
709
710
711
712;;
713; We start by 256 push <vector no.> + jmp interruptworker
714;
715ALIGNCODE(16)
716BEGINPROC_EXPORTED TRPMGCHandlerInterupt
717 ; NASM has some nice features, here an example of a loop.
718%assign i 0
719%rep 256
720 db 06ah, i ; push imm8 - note that this is a signextended value.
721 jmp ti_GenericInterrupt
722 ALIGNCODE(8)
723%assign i i+1
724%endrep
725
726;;
727; Main interrupt handler for the guest context
728;
729; Stack:
730; 24 GS (V86 only)
731; 20 FS (V86 only)
732; 1C DS (V86 only)
733; 18 ES (V86 only)
734; 14 SS
735; 10 ESP
736; c EFLAGS
737; 8 CS
738; 4 EIP
739; ESP -> 0 Vector number (only use low byte!).
740;
741; @uses none
742ti_GenericInterrupt:
743 cld
744
745 ;
746 ; Setup CPUMCTXCORE frame
747 ;
748 ; ASSUMPTION: If trap in hypervisor, we assume that we can read two dword
749 ; under the bottom of the stack. This is atm safe.
750 ; ASSUMPTION: There is sufficient stack space.
751 ; ASSUMPTION: The stack is not write protected.
752 ;
753%define ESPOFF CPUMCTXCORE_size
754
755 sub esp, CPUMCTXCORE_size
756 mov [esp + CPUMCTXCORE.eax], eax
757 mov [esp + CPUMCTXCORE.ecx], ecx
758 mov [esp + CPUMCTXCORE.edx], edx
759 mov [esp + CPUMCTXCORE.ebx], ebx
760 mov [esp + CPUMCTXCORE.esi], esi
761 mov [esp + CPUMCTXCORE.edi], edi
762 mov [esp + CPUMCTXCORE.ebp], ebp
763
764 mov eax, [esp + 04h + ESPOFF] ; eip
765 mov [esp + CPUMCTXCORE.eip], eax
766%if GC_ARCH_BITS == 64
767 ; zero out the high dword
768 mov dword [esp + CPUMCTXCORE.eip + 4], 0
769%endif
770 mov eax, dword [esp + 08h + ESPOFF] ; cs
771 mov [esp + CPUMCTXCORE.cs], eax
772 mov eax, [esp + 0ch + ESPOFF] ; eflags
773 mov [esp + CPUMCTXCORE.eflags], eax
774
775 mov eax, [esp + 10h + ESPOFF] ; esp
776 mov [esp + CPUMCTXCORE.esp], eax
777%if GC_ARCH_BITS == 64
778 ; zero out the high dword
779 mov dword [esp + CPUMCTXCORE.esp + 4], 0
780%endif
781 mov eax, dword [esp + 14h + ESPOFF] ; ss
782 mov [esp + CPUMCTXCORE.ss], eax
783
784 mov eax, es
785 mov dword [esp + CPUMCTXCORE.es], eax
786 mov eax, ds
787 mov dword [esp + CPUMCTXCORE.ds], eax
788 mov eax, fs
789 mov dword [esp + CPUMCTXCORE.fs], eax
790 mov eax, gs
791 mov dword [esp + CPUMCTXCORE.gs], eax
792
793 test dword [esp + CPUMCTXCORE.eflags], X86_EFL_VM
794 jz short ti_SkipV86Entry
795
796 ;
797 ; The DS, ES, FS and GS registers are zeroed in V86 mode and their real values are on the stack
798 ;
799 mov eax, dword [esp + ESPOFF + 18h]
800 mov dword [esp + CPUMCTXCORE.es], eax
801
802 mov eax, dword [esp + ESPOFF + 1Ch]
803 mov dword [esp + CPUMCTXCORE.ds], eax
804
805 mov eax, dword [esp + ESPOFF + 20h]
806 mov dword [esp + CPUMCTXCORE.fs], eax
807
808 mov eax, dword [esp + ESPOFF + 24h]
809 mov dword [esp + CPUMCTXCORE.gs], eax
810
811ti_SkipV86Entry:
812
813 ;
814 ; Disable Ring-0 WP
815 ;
816 mov eax, cr0 ;; @todo try elimiate this read.
817 and eax, ~X86_CR0_WRITE_PROTECT
818 mov cr0, eax
819
820 ;
821 ; Load Hypervisor DS and ES (get it from the SS)
822 ;
823 mov eax, ss
824 mov ds, eax
825 mov es, eax
826
827 ;
828 ; Store the information about the active trap/interrupt.
829 ;
830 mov eax, IMP(g_TRPMCPU)
831 movzx edx, byte [esp + 0h + ESPOFF] ; vector number
832 mov [eax + TRPMCPU.uActiveVector], edx
833 xor edx, edx
834 mov dword [eax + TRPMCPU.enmActiveType], TRPM_HARDWARE_INT
835 dec edx
836 mov [eax + TRPMCPU.uActiveErrorCode], edx
837 mov [eax + TRPMCPU.uActiveCR2], edx
838%if GC_ARCH_BITS == 64
839 ; zero out the high dword
840 mov dword [eax + TRPMCPU.uActiveErrorCode + 4], 0
841 mov dword [eax + TRPMCPU.uActiveCR2 + 4], 0
842%endif
843
844 ;
845 ; Check if we're in Hypervisor when this happend.
846 ;
847 test byte [esp + 08h + ESPOFF], 3h ; check CPL of the cs selector
848 jnz short gi_NotHyperVisor
849 jmp gi_HyperVisor
850
851 ;
852 ; Trap in guest code.
853 ;
854gi_NotHyperVisor:
855 and dword [esp + CPUMCTXCORE.eflags], ~010000h ; Clear RF (Resume Flag). @todo make %defines for eflags.
856 ; The guest shall not see this in it's state.
857%ifdef DEBUG_STUFF_INT
858 mov ecx, 'intG' ; indicate trap.
859 movzx edx, byte [esp + 0h + ESPOFF] ; vector number
860 lea eax, [esp]
861 call trpmDbgDumpRegisterFrame
862%endif
863
864 ;
865 ; Switch back to the host and process it there.
866 ;
867 mov edx, IMP(g_VM)
868 mov eax, VINF_EM_RAW_INTERRUPT
869 call [edx + VM.pfnVMMGCGuestToHostAsmGuestCtx]
870
871 ;
872 ; We've returned!
873 ; NOTE that the stack has been changed now!
874 ; there is no longer any CPUMCTXCORE around and esp points to vector number!
875 ;
876 ; Reset TRPM state
877 mov eax, IMP(g_TRPMCPU)
878 xor edx, edx
879 dec edx ; edx = 0ffffffffh
880 xchg [eax + TRPMCPU.uActiveVector], edx
881 mov [eax + TRPMCPU.uPrevVector], edx
882
883 ; Enable WP
884 mov eax, cr0 ;; @todo try elimiate this read.
885 or eax, X86_CR0_WRITE_PROTECT
886 mov cr0, eax
887 ; restore guest context and continue execution.
888 lea eax, [esp + 8]
889 push eax
890 call NAME(CPUMGCRestoreInt)
891 lea esp, [esp + 0ch] ; cleanup call and skip vector & error code.
892
893 iret
894
895 ; -+- Entry point -+-
896 ;
897 ; We're in hypervisor mode which means no guest context
898 ; and special care to be taken to restore the hypervisor
899 ; context correctely.
900 ;
901 ; ATM the only place this can happen is when entering a trap handler.
902 ; We make ASSUMPTIONS about this in respects to the WP CR0 bit
903 ;
904gi_HyperVisor:
905 lea eax, [esp + 14h + ESPOFF] ; calc esp at trap
906 mov [esp + CPUMCTXCORE.esp], eax ; update esp in register frame
907 mov [esp + CPUMCTXCORE.ss], ss ; update ss in register frame
908
909%ifdef DEBUG_STUFF_INT
910 mov ebx, [esp + 4h + ESPOFF] ; error code
911 mov ecx, 'intH' ; indicate hypervisor interrupt.
912 movzx edx, byte [esp + 0h + ESPOFF] ; vector number
913 lea eax, [esp]
914 call trpmDbgDumpRegisterFrame
915%endif
916
917 mov ecx, esp
918 mov edx, IMP(g_VM)
919 mov eax, VINF_EM_RAW_INTERRUPT_HYPER
920 call [edx + VM.pfnVMMGCGuestToHostAsm]
921%ifdef DEBUG_STUFF_INT
922 COM_CHAR '!'
923%endif
924
925 ;
926 ; We've returned!
927 ;
928 ; Reset TRPM state - don't record this.
929 mov eax, IMP(g_TRPMCPU)
930 mov dword [eax + TRPMCPU.uActiveVector], 0ffffffffh
931
932 ;
933 ; Restore the hypervisor context and return.
934 ;
935 mov ecx, [esp + CPUMCTXCORE.ecx]
936 mov edx, [esp + CPUMCTXCORE.edx]
937 mov ebx, [esp + CPUMCTXCORE.ebx]
938 mov ebp, [esp + CPUMCTXCORE.ebp]
939 mov esi, [esp + CPUMCTXCORE.esi]
940 mov edi, [esp + CPUMCTXCORE.edi]
941
942 ; In V86 mode DS, ES, FS & GS are restored by the iret
943 test dword [esp + CPUMCTXCORE.eflags], X86_EFL_VM
944 jnz short ti_SkipSelRegs
945
946 mov eax, [esp + CPUMCTXCORE.gs]
947 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_GS | TRPM_TRAP_IN_HYPER
948 mov gs, eax
949
950 mov eax, [esp + CPUMCTXCORE.fs]
951 TRPM_NP_GP_HANDLER NAME(trpmGCTrapInGeneric), TRPM_TRAP_IN_MOV_FS | TRPM_TRAP_IN_HYPER
952 mov fs, eax
953
954 mov eax, [esp + CPUMCTXCORE.es]
955 mov es, eax
956 mov eax, [esp + CPUMCTXCORE.ds]
957 mov ds, eax
958
959ti_SkipSelRegs:
960 ; finally restore our scratch register eax
961 mov eax, [esp + CPUMCTXCORE.eax]
962
963 ; skip esp, ss, cs, eip & eflags. Done by iret
964
965 add esp, ESPOFF + 4h ; skip CPUMCTXCORE structure & vector number.
966
967 iret
968%undef ESPOFF
969ENDPROC TRPMGCHandlerInterupt
970
971
972
973;;
974; Trap handler for #MC
975;
976; This handler will forward the #MC to the host OS. Since this
977; is generalized in the generic interrupt handler, we just disable
978; interrupts and push vector number and jump to the generic code.
979;
980; Stack:
981; 10 SS (only if ring transition.)
982; c ESP (only if ring transition.)
983; 8 EFLAGS
984; 4 CS
985; 0 EIP
986;
987; @uses none
988;
989ALIGNCODE(16)
990BEGINPROC_EXPORTED TRPMGCHandlerTrap12
991 push byte 12h
992 jmp ti_GenericInterrupt
993ENDPROC TRPMGCHandlerTrap12
994
995
996
997
998;;
999; Trap handler for double fault (#DF).
1000;
1001; This is a special trap handler executes in separate task with own TSS, with
1002; one of the intermediate memory contexts instead of the shadow context.
1003; The handler will unconditionally print an report to the comport configured
1004; for the COM_S_* macros before attempting to return to the host. If it it ends
1005; up double faulting more than 10 times, it will simply cause an tripple fault
1006; to get us out of the mess.
1007;
1008; @param esp Half way down the hypvervisor stack + the trap frame.
1009; @param ebp Half way down the hypvervisor stack.
1010; @param eflags Interrupts disabled, nested flag is probably set (we don't care).
1011; @param ecx The address of the hypervisor TSS.
1012; @param edi Same as ecx.
1013; @param eax Same as ecx.
1014; @param edx Address of the VM structure.
1015; @param esi Same as edx.
1016; @param ebx Same as edx.
1017; @param ss Hypervisor DS.
1018; @param ds Hypervisor DS.
1019; @param es Hypervisor DS.
1020; @param fs 0
1021; @param gs 0
1022;
1023;
1024; @remark To be able to catch errors with WP turned off, it is required that the
1025; TSS GDT descriptor and the TSSes are writable (X86_PTE_RW). See SELM.cpp
1026; for how to enable this.
1027;
1028; @remark It is *not* safe to resume the VMM after a double fault. (At least not
1029; without clearing the busy flag of the TssTrap8 and fixing whatever cause it.)
1030;
1031ALIGNCODE(16)
1032BEGINPROC_EXPORTED TRPMGCHandlerTrap08
1033 ; be careful.
1034 cli
1035 cld
1036
1037 ;
1038 ; Load Hypervisor DS and ES (get it from the SS) - paranoia, but the TSS could be overwritten.. :)
1039 ;
1040 mov eax, ss
1041 mov ds, eax
1042 mov es, eax
1043
1044 COM_S_PRINT 10,13,'*** Guru Meditation 00000008 - Double Fault! ***',10,13
1045
1046 ;
1047 ; Disable write protection.
1048 ;
1049 mov eax, cr0
1050 and eax, ~X86_CR0_WRITE_PROTECT
1051 mov cr0, eax
1052
1053
1054 COM_S_PRINT 'VM='
1055 COM_S_DWORD_REG edx
1056 COM_S_PRINT ' prevTSS='
1057 COM_S_DWORD_REG ecx
1058 COM_S_PRINT ' prevCR3='
1059 mov eax, [ecx + VBOXTSS.cr3]
1060 COM_S_DWORD_REG eax
1061 COM_S_PRINT ' prevLdtr='
1062 movzx eax, word [ecx + VBOXTSS.selLdt]
1063 COM_S_DWORD_REG eax
1064 COM_S_NEWLINE
1065
1066 ;
1067 ; Create CPUMCTXCORE structure.
1068 ;
1069 sub esp, CPUMCTXCORE_size
1070
1071 mov eax, [ecx + VBOXTSS.eip]
1072 mov [esp + CPUMCTXCORE.eip], eax
1073%if GC_ARCH_BITS == 64
1074 ; zero out the high dword
1075 mov dword [esp + CPUMCTXCORE.eip + 4], 0
1076%endif
1077 mov eax, [ecx + VBOXTSS.eflags]
1078 mov [esp + CPUMCTXCORE.eflags], eax
1079
1080 movzx eax, word [ecx + VBOXTSS.cs]
1081 mov dword [esp + CPUMCTXCORE.cs], eax
1082 movzx eax, word [ecx + VBOXTSS.ds]
1083 mov dword [esp + CPUMCTXCORE.ds], eax
1084 movzx eax, word [ecx + VBOXTSS.es]
1085 mov dword [esp + CPUMCTXCORE.es], eax
1086 movzx eax, word [ecx + VBOXTSS.fs]
1087 mov dword [esp + CPUMCTXCORE.fs], eax
1088 movzx eax, word [ecx + VBOXTSS.gs]
1089 mov dword [esp + CPUMCTXCORE.gs], eax
1090 movzx eax, word [ecx + VBOXTSS.ss]
1091 mov [esp + CPUMCTXCORE.ss], eax
1092 mov eax, [ecx + VBOXTSS.esp]
1093 mov [esp + CPUMCTXCORE.esp], eax
1094%if GC_ARCH_BITS == 64
1095 ; zero out the high dword
1096 mov dword [esp + CPUMCTXCORE.esp + 4], 0
1097%endif
1098 mov eax, [ecx + VBOXTSS.ecx]
1099 mov [esp + CPUMCTXCORE.ecx], eax
1100 mov eax, [ecx + VBOXTSS.edx]
1101 mov [esp + CPUMCTXCORE.edx], eax
1102 mov eax, [ecx + VBOXTSS.ebx]
1103 mov [esp + CPUMCTXCORE.ebx], eax
1104 mov eax, [ecx + VBOXTSS.eax]
1105 mov [esp + CPUMCTXCORE.eax], eax
1106 mov eax, [ecx + VBOXTSS.ebp]
1107 mov [esp + CPUMCTXCORE.ebp], eax
1108 mov eax, [ecx + VBOXTSS.esi]
1109 mov [esp + CPUMCTXCORE.esi], eax
1110 mov eax, [ecx + VBOXTSS.edi]
1111 mov [esp + CPUMCTXCORE.edi], eax
1112
1113 ;
1114 ; Show regs
1115 ;
1116 mov ebx, 0ffffffffh
1117 mov ecx, 'trpH' ; indicate trap.
1118 mov edx, 08h ; vector number
1119 lea eax, [esp]
1120 call trpmDbgDumpRegisterFrame
1121
1122 ;
1123 ; Should we try go back?
1124 ;
1125 inc dword [df_Count]
1126 cmp dword [df_Count], byte 10
1127 jb df_to_host
1128 jmp df_tripple_fault
1129df_Count: dd 0
1130
1131 ;
1132 ; Try return to the host.
1133 ;
1134df_to_host:
1135 COM_S_PRINT 'Trying to return to host...',10,13
1136 mov ecx, esp
1137 mov edx, IMP(g_VM)
1138 mov eax, VERR_TRPM_PANIC
1139 call [edx + VM.pfnVMMGCGuestToHostAsmHyperCtx]
1140 jmp short df_to_host
1141
1142 ;
1143 ; Perform a tripple fault.
1144 ;
1145df_tripple_fault:
1146 COM_S_PRINT 'Giving up - tripple faulting the machine...',10,13
1147 push byte 0
1148 push byte 0
1149 sidt [esp]
1150 mov word [esp], 0
1151 lidt [esp]
1152 xor eax, eax
1153 mov dword [eax], 0
1154 jmp df_tripple_fault
1155
1156ENDPROC TRPMGCHandlerTrap08
1157
1158
1159
1160
1161;;
1162; Internal procedure used to dump registers.
1163;
1164; @param eax Pointer to CPUMCTXCORE.
1165; @param edx Vector number
1166; @param ecx 'trap' if trap, 'int' if interrupt.
1167; @param ebx Error code if trap.
1168;
1169trpmDbgDumpRegisterFrame:
1170 sub esp, byte 8 ; working space for sidt/sgdt/etc
1171
1172; Init _must_ be done on host before crashing!
1173; push edx
1174; push eax
1175; COM_INIT
1176; pop eax
1177; pop edx
1178
1179 cmp ecx, 'trpH'
1180 je near tddrf_trpH
1181 cmp ecx, 'trpG'
1182 je near tddrf_trpG
1183 cmp ecx, 'intH'
1184 je near tddrf_intH
1185 cmp ecx, 'intG'
1186 je near tddrf_intG
1187 cmp ecx, 'resH'
1188 je near tddrf_resH
1189 COM_S_PRINT 10,13,'*** Bogus Dump Code '
1190 jmp tddrf_regs
1191
1192%if 1 ; the verbose version
1193
1194tddrf_intG:
1195 COM_S_PRINT 10,13,'*** Interrupt (Guest) '
1196 COM_S_DWORD_REG edx
1197 jmp tddrf_regs
1198
1199tddrf_intH:
1200 COM_S_PRINT 10,13,'*** Interrupt (Hypervisor) '
1201 COM_S_DWORD_REG edx
1202 jmp tddrf_regs
1203
1204tddrf_trpG:
1205 COM_S_PRINT 10,13,'*** Trap '
1206 jmp tddrf_trap_rest
1207
1208%else ; the short version
1209
1210tddrf_intG:
1211 COM_S_CHAR 'I'
1212 jmp tddrf_ret
1213
1214tddrf_intH:
1215 COM_S_CHAR 'i'
1216 jmp tddrf_ret
1217
1218tddrf_trpG:
1219 COM_S_CHAR 'T'
1220 jmp tddrf_ret
1221
1222%endif ; the short version
1223
1224tddrf_trpH:
1225 COM_S_PRINT 10,13,'*** Guru Meditation '
1226 jmp tddrf_trap_rest
1227
1228tddrf_resH:
1229 COM_S_PRINT 10,13,'*** Resuming Hypervisor Trap '
1230 jmp tddrf_trap_rest
1231
1232tddrf_trap_rest:
1233 COM_S_DWORD_REG edx
1234 COM_S_PRINT ' ErrorCode='
1235 COM_S_DWORD_REG ebx
1236 COM_S_PRINT ' cr2='
1237 mov ecx, cr2
1238 COM_S_DWORD_REG ecx
1239
1240tddrf_regs:
1241 COM_S_PRINT ' ***',10,13,'cs:eip='
1242 movzx ecx, word [eax + CPUMCTXCORE.cs]
1243 COM_S_DWORD_REG ecx
1244 COM_S_CHAR ':'
1245 mov ecx, [eax + CPUMCTXCORE.eip]
1246 COM_S_DWORD_REG ecx
1247
1248 COM_S_PRINT ' ss:esp='
1249 movzx ecx, word [eax + CPUMCTXCORE.ss]
1250 COM_S_DWORD_REG ecx
1251 COM_S_CHAR ':'
1252 mov ecx, [eax + CPUMCTXCORE.esp]
1253 COM_S_DWORD_REG ecx
1254
1255
1256 sgdt [esp]
1257 COM_S_PRINT 10,13,' gdtr='
1258 movzx ecx, word [esp]
1259 COM_S_DWORD_REG ecx
1260 COM_S_CHAR ':'
1261 mov ecx, [esp + 2]
1262 COM_S_DWORD_REG ecx
1263
1264 sidt [esp]
1265 COM_S_PRINT ' idtr='
1266 movzx ecx, word [esp]
1267 COM_S_DWORD_REG ecx
1268 COM_S_CHAR ':'
1269 mov ecx, [esp + 2]
1270 COM_S_DWORD_REG ecx
1271
1272
1273 str [esp] ; yasm BUG! it generates sldt [esp] here! YASMCHECK!
1274 COM_S_PRINT 10,13,' tr='
1275 movzx ecx, word [esp]
1276 COM_S_DWORD_REG ecx
1277
1278 sldt [esp]
1279 COM_S_PRINT ' ldtr='
1280 movzx ecx, word [esp]
1281 COM_S_DWORD_REG ecx
1282
1283 COM_S_PRINT ' eflags='
1284 mov ecx, [eax + CPUMCTXCORE.eflags]
1285 COM_S_DWORD_REG ecx
1286
1287
1288 COM_S_PRINT 10,13,'cr0='
1289 mov ecx, cr0
1290 COM_S_DWORD_REG ecx
1291
1292 COM_S_PRINT ' cr2='
1293 mov ecx, cr2
1294 COM_S_DWORD_REG ecx
1295
1296 COM_S_PRINT ' cr3='
1297 mov ecx, cr3
1298 COM_S_DWORD_REG ecx
1299 COM_S_PRINT ' cr4='
1300 mov ecx, cr4
1301 COM_S_DWORD_REG ecx
1302
1303
1304 COM_S_PRINT 10,13,' ds='
1305 movzx ecx, word [eax + CPUMCTXCORE.ds]
1306 COM_S_DWORD_REG ecx
1307
1308 COM_S_PRINT ' es='
1309 movzx ecx, word [eax + CPUMCTXCORE.es]
1310 COM_S_DWORD_REG ecx
1311
1312 COM_S_PRINT ' fs='
1313 movzx ecx, word [eax + CPUMCTXCORE.fs]
1314 COM_S_DWORD_REG ecx
1315
1316 COM_S_PRINT ' gs='
1317 movzx ecx, word [eax + CPUMCTXCORE.gs]
1318 COM_S_DWORD_REG ecx
1319
1320
1321 COM_S_PRINT 10,13,'eax='
1322 mov ecx, [eax + CPUMCTXCORE.eax]
1323 COM_S_DWORD_REG ecx
1324
1325 COM_S_PRINT ' ebx='
1326 mov ecx, [eax + CPUMCTXCORE.ebx]
1327 COM_S_DWORD_REG ecx
1328
1329 COM_S_PRINT ' ecx='
1330 mov ecx, [eax + CPUMCTXCORE.ecx]
1331 COM_S_DWORD_REG ecx
1332
1333 COM_S_PRINT ' edx='
1334 mov ecx, [eax + CPUMCTXCORE.edx]
1335 COM_S_DWORD_REG ecx
1336
1337
1338 COM_S_PRINT 10,13,'esi='
1339 mov ecx, [eax + CPUMCTXCORE.esi]
1340 COM_S_DWORD_REG ecx
1341
1342 COM_S_PRINT ' edi='
1343 mov ecx, [eax + CPUMCTXCORE.edi]
1344 COM_S_DWORD_REG ecx
1345
1346 COM_S_PRINT ' ebp='
1347 mov ecx, [eax + CPUMCTXCORE.ebp]
1348 COM_S_DWORD_REG ecx
1349
1350
1351 COM_S_NEWLINE
1352
1353tddrf_ret:
1354 add esp, byte 8
1355 ret
1356
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette