VirtualBox

source: vbox/trunk/src/recompiler/VBoxRecompiler.c@ 60309

Last change on this file since 60309 was 58536, checked in by vboxsync, 9 years ago

got the assertion the wrong way around, just needed CPU_INTERRUPT_EXTERNAL_DMA to be added.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 185.9 KB
Line 
1/* $Id: VBoxRecompiler.c 58536 2015-10-30 13:55:22Z vboxsync $ */
2/** @file
3 * VBox Recompiler - QEMU.
4 */
5
6/*
7 * Copyright (C) 2006-2013 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18/** @page pg_rem REM - Recompiled Execution Manager.
19 *
20 * The recompiled exeuction manager (REM) serves the final fallback for guest
21 * execution, after HM / raw-mode and IEM have given up.
22 *
23 * The REM is qemu with a whole bunch of VBox specific customization for
24 * interfacing with PATM, CSAM, PGM and other components.
25 *
26 * @sa @ref grp_rem
27 */
28
29/*********************************************************************************************************************************
30* Header Files *
31*********************************************************************************************************************************/
32#define LOG_GROUP LOG_GROUP_REM
33#include <stdio.h> /* FILE */
34#include "osdep.h"
35#include "config.h"
36#include "cpu.h"
37#include "exec-all.h"
38#include "ioport.h"
39
40#include <VBox/vmm/rem.h>
41#include <VBox/vmm/vmapi.h>
42#include <VBox/vmm/tm.h>
43#include <VBox/vmm/ssm.h>
44#include <VBox/vmm/em.h>
45#include <VBox/vmm/trpm.h>
46#include <VBox/vmm/iom.h>
47#include <VBox/vmm/mm.h>
48#include <VBox/vmm/pgm.h>
49#include <VBox/vmm/pdm.h>
50#include <VBox/vmm/dbgf.h>
51#include <VBox/dbg.h>
52#include <VBox/vmm/hm.h>
53#include <VBox/vmm/patm.h>
54#include <VBox/vmm/csam.h>
55#include "REMInternal.h"
56#include <VBox/vmm/vm.h>
57#include <VBox/vmm/uvm.h>
58#include <VBox/param.h>
59#include <VBox/err.h>
60
61#include <VBox/log.h>
62#include <iprt/alloca.h>
63#include <iprt/semaphore.h>
64#include <iprt/asm.h>
65#include <iprt/assert.h>
66#include <iprt/thread.h>
67#include <iprt/string.h>
68
69/* Don't wanna include everything. */
70extern void cpu_exec_init_all(uintptr_t tb_size);
71extern void cpu_x86_update_cr3(CPUX86State *env, target_ulong new_cr3);
72extern void cpu_x86_update_cr0(CPUX86State *env, uint32_t new_cr0);
73extern void cpu_x86_update_cr4(CPUX86State *env, uint32_t new_cr4);
74extern void tlb_flush_page(CPUX86State *env, target_ulong addr);
75extern void tlb_flush(CPUX86State *env, int flush_global);
76extern void sync_seg(CPUX86State *env1, int seg_reg, int selector);
77extern void sync_ldtr(CPUX86State *env1, int selector);
78
79#ifdef VBOX_STRICT
80ram_addr_t get_phys_page_offset(target_ulong addr);
81#endif
82
83
84/*********************************************************************************************************************************
85* Defined Constants And Macros *
86*********************************************************************************************************************************/
87
88/** Copy 80-bit fpu register at pSrc to pDst.
89 * This is probably faster than *calling* memcpy.
90 */
91#define REM_COPY_FPU_REG(pDst, pSrc) \
92 do { *(PX86FPUMMX)(pDst) = *(const X86FPUMMX *)(pSrc); } while (0)
93
94/** How remR3RunLoggingStep operates. */
95#define REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
96
97
98/** Selector flag shift between qemu and VBox.
99 * VBox shifts the qemu bits to the right. */
100#define SEL_FLAGS_SHIFT (8)
101/** Mask applied to the shifted qemu selector flags to get the attributes VBox
102 * (VT-x) needs. */
103#define SEL_FLAGS_SMASK UINT32_C(0x1F0FF)
104
105
106/*********************************************************************************************************************************
107* Internal Functions *
108*********************************************************************************************************************************/
109static DECLCALLBACK(int) remR3Save(PVM pVM, PSSMHANDLE pSSM);
110static DECLCALLBACK(int) remR3Load(PVM pVM, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass);
111static void remR3StateUpdate(PVM pVM, PVMCPU pVCpu);
112static int remR3InitPhysRamSizeAndDirtyMap(PVM pVM, bool fGuarded);
113
114static uint32_t remR3MMIOReadU8(void *pvEnv, target_phys_addr_t GCPhys);
115static uint32_t remR3MMIOReadU16(void *pvEnv, target_phys_addr_t GCPhys);
116static uint32_t remR3MMIOReadU32(void *pvEnv, target_phys_addr_t GCPhys);
117static void remR3MMIOWriteU8(void *pvEnv, target_phys_addr_t GCPhys, uint32_t u32);
118static void remR3MMIOWriteU16(void *pvEnv, target_phys_addr_t GCPhys, uint32_t u32);
119static void remR3MMIOWriteU32(void *pvEnv, target_phys_addr_t GCPhys, uint32_t u32);
120
121static uint32_t remR3HandlerReadU8(void *pvVM, target_phys_addr_t GCPhys);
122static uint32_t remR3HandlerReadU16(void *pvVM, target_phys_addr_t GCPhys);
123static uint32_t remR3HandlerReadU32(void *pvVM, target_phys_addr_t GCPhys);
124static void remR3HandlerWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
125static void remR3HandlerWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
126static void remR3HandlerWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
127
128static void remR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM);
129static void remR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler);
130static void remR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM);
131
132
133/*********************************************************************************************************************************
134* Global Variables *
135*********************************************************************************************************************************/
136
137/** @todo Move stats to REM::s some rainy day we have nothing do to. */
138#ifdef VBOX_WITH_STATISTICS
139static STAMPROFILEADV gStatExecuteSingleInstr;
140static STAMPROFILEADV gStatCompilationQEmu;
141static STAMPROFILEADV gStatRunCodeQEmu;
142static STAMPROFILEADV gStatTotalTimeQEmu;
143static STAMPROFILEADV gStatTimers;
144static STAMPROFILEADV gStatTBLookup;
145static STAMPROFILEADV gStatIRQ;
146static STAMPROFILEADV gStatRawCheck;
147static STAMPROFILEADV gStatMemRead;
148static STAMPROFILEADV gStatMemWrite;
149static STAMPROFILE gStatGCPhys2HCVirt;
150static STAMCOUNTER gStatCpuGetTSC;
151static STAMCOUNTER gStatRefuseTFInhibit;
152static STAMCOUNTER gStatRefuseVM86;
153static STAMCOUNTER gStatRefusePaging;
154static STAMCOUNTER gStatRefusePAE;
155static STAMCOUNTER gStatRefuseIOPLNot0;
156static STAMCOUNTER gStatRefuseIF0;
157static STAMCOUNTER gStatRefuseCode16;
158static STAMCOUNTER gStatRefuseWP0;
159static STAMCOUNTER gStatRefuseRing1or2;
160static STAMCOUNTER gStatRefuseCanExecute;
161static STAMCOUNTER gaStatRefuseStale[6];
162static STAMCOUNTER gStatREMGDTChange;
163static STAMCOUNTER gStatREMIDTChange;
164static STAMCOUNTER gStatREMLDTRChange;
165static STAMCOUNTER gStatREMTRChange;
166static STAMCOUNTER gStatSelOutOfSync[6];
167static STAMCOUNTER gStatSelOutOfSyncStateBack[6];
168static STAMCOUNTER gStatFlushTBs;
169#endif
170/* in exec.c */
171extern uint32_t tlb_flush_count;
172extern uint32_t tb_flush_count;
173extern uint32_t tb_phys_invalidate_count;
174
175/*
176 * Global stuff.
177 */
178
179/** MMIO read callbacks. */
180CPUReadMemoryFunc *g_apfnMMIORead[3] =
181{
182 remR3MMIOReadU8,
183 remR3MMIOReadU16,
184 remR3MMIOReadU32
185};
186
187/** MMIO write callbacks. */
188CPUWriteMemoryFunc *g_apfnMMIOWrite[3] =
189{
190 remR3MMIOWriteU8,
191 remR3MMIOWriteU16,
192 remR3MMIOWriteU32
193};
194
195/** Handler read callbacks. */
196CPUReadMemoryFunc *g_apfnHandlerRead[3] =
197{
198 remR3HandlerReadU8,
199 remR3HandlerReadU16,
200 remR3HandlerReadU32
201};
202
203/** Handler write callbacks. */
204CPUWriteMemoryFunc *g_apfnHandlerWrite[3] =
205{
206 remR3HandlerWriteU8,
207 remR3HandlerWriteU16,
208 remR3HandlerWriteU32
209};
210
211
212#ifdef VBOX_WITH_DEBUGGER
213/*
214 * Debugger commands.
215 */
216static FNDBGCCMD remR3CmdDisasEnableStepping;;
217
218/** '.remstep' arguments. */
219static const DBGCVARDESC g_aArgRemStep[] =
220{
221 /* cTimesMin, cTimesMax, enmCategory, fFlags, pszName, pszDescription */
222 { 0, ~0U, DBGCVAR_CAT_NUMBER, 0, "on/off", "Boolean value/mnemonic indicating the new state." },
223};
224
225/** Command descriptors. */
226static const DBGCCMD g_aCmds[] =
227{
228 {
229 .pszCmd ="remstep",
230 .cArgsMin = 0,
231 .cArgsMax = 1,
232 .paArgDescs = &g_aArgRemStep[0],
233 .cArgDescs = RT_ELEMENTS(g_aArgRemStep),
234 .fFlags = 0,
235 .pfnHandler = remR3CmdDisasEnableStepping,
236 .pszSyntax = "[on/off]",
237 .pszDescription = "Enable or disable the single stepping with logged disassembly. "
238 "If no arguments show the current state."
239 }
240};
241#endif
242
243/** Prologue code, must be in lower 4G to simplify jumps to/from generated code.
244 * @todo huh??? That cannot be the case on the mac... So, this
245 * point is probably not valid any longer. */
246uint8_t *code_gen_prologue;
247
248
249/*********************************************************************************************************************************
250* Internal Functions *
251*********************************************************************************************************************************/
252void remAbort(int rc, const char *pszTip);
253extern int testmath(void);
254
255/* Put them here to avoid unused variable warning. */
256AssertCompile(RT_SIZEOFMEMB(VM, rem.padding) >= RT_SIZEOFMEMB(VM, rem.s));
257#if !defined(IPRT_NO_CRT) && (defined(RT_OS_LINUX) || defined(RT_OS_DARWIN) || defined(RT_OS_WINDOWS))
258//AssertCompileMemberSize(REM, Env, REM_ENV_SIZE);
259/* Why did this have to be identical?? */
260AssertCompile(RT_SIZEOFMEMB(REM, Env) <= REM_ENV_SIZE);
261#else
262AssertCompile(RT_SIZEOFMEMB(REM, Env) <= REM_ENV_SIZE);
263#endif
264
265
266/**
267 * Initializes the REM.
268 *
269 * @returns VBox status code.
270 * @param pVM The VM to operate on.
271 */
272REMR3DECL(int) REMR3Init(PVM pVM)
273{
274 PREMHANDLERNOTIFICATION pCur;
275 uint32_t u32Dummy;
276 int rc;
277 unsigned i;
278
279#ifdef VBOX_ENABLE_VBOXREM64
280 LogRel(("Using 64-bit aware REM\n"));
281#endif
282
283 /*
284 * Assert sanity.
285 */
286 AssertReleaseMsg(sizeof(pVM->rem.padding) >= sizeof(pVM->rem.s), ("%#x >= %#x; sizeof(Env)=%#x\n", sizeof(pVM->rem.padding), sizeof(pVM->rem.s), sizeof(pVM->rem.s.Env)));
287 AssertReleaseMsg(sizeof(pVM->rem.s.Env) <= REM_ENV_SIZE, ("%#x == %#x\n", sizeof(pVM->rem.s.Env), REM_ENV_SIZE));
288 AssertReleaseMsg(!(RT_OFFSETOF(VM, rem) & 31), ("off=%#x\n", RT_OFFSETOF(VM, rem)));
289#if 0 /* just an annoyance at the moment. */
290#if defined(DEBUG) && !defined(RT_OS_SOLARIS) && !defined(RT_OS_FREEBSD) /// @todo fix the solaris and freebsd math stuff.
291 Assert(!testmath());
292#endif
293#endif
294
295 /*
296 * Init some internal data members.
297 */
298 pVM->rem.s.offVM = RT_OFFSETOF(VM, rem.s);
299 pVM->rem.s.Env.pVM = pVM;
300#ifdef CPU_RAW_MODE_INIT
301 pVM->rem.s.state |= CPU_RAW_MODE_INIT;
302#endif
303
304 /*
305 * Initialize the REM critical section.
306 *
307 * Note: This is not a 100% safe solution as updating the internal memory state while another VCPU
308 * is executing code could be dangerous. Taking the REM lock is not an option due to the danger of
309 * deadlocks. (mostly pgm vs rem locking)
310 */
311 rc = PDMR3CritSectInit(pVM, &pVM->rem.s.CritSectRegister, RT_SRC_POS, "REM-Register");
312 AssertRCReturn(rc, rc);
313
314 /* ctx. */
315 pVM->rem.s.pCtx = NULL; /* set when executing code. */
316 AssertMsg(MMR3PhysGetRamSize(pVM) == 0, ("Init order has changed! REM depends on notification about ALL physical memory registrations\n"));
317
318 /* ignore all notifications */
319 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
320
321 code_gen_prologue = RTMemExecAlloc(_1K);
322 AssertLogRelReturn(code_gen_prologue, VERR_NO_MEMORY);
323
324 cpu_exec_init_all(0);
325
326 /*
327 * Init the recompiler.
328 */
329 if (!cpu_x86_init(&pVM->rem.s.Env, "vbox"))
330 {
331 AssertMsgFailed(("cpu_x86_init failed - impossible!\n"));
332 return VERR_GENERAL_FAILURE;
333 }
334 PVMCPU pVCpu = VMMGetCpu(pVM);
335 CPUMGetGuestCpuId(pVCpu, 1, 0, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
336 CPUMGetGuestCpuId(pVCpu, 0x80000001, 0, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext3_features, &pVM->rem.s.Env.cpuid_ext2_features);
337
338 EMRemLock(pVM);
339 cpu_reset(&pVM->rem.s.Env);
340 EMRemUnlock(pVM);
341
342 /* allocate code buffer for single instruction emulation. */
343 pVM->rem.s.Env.cbCodeBuffer = 4096;
344 pVM->rem.s.Env.pvCodeBuffer = RTMemExecAlloc(pVM->rem.s.Env.cbCodeBuffer);
345 AssertMsgReturn(pVM->rem.s.Env.pvCodeBuffer, ("Failed to allocate code buffer!\n"), VERR_NO_MEMORY);
346
347 /* Finally, set the cpu_single_env global. */
348 cpu_single_env = &pVM->rem.s.Env;
349
350 /* Nothing is pending by default */
351 pVM->rem.s.u32PendingInterrupt = REM_NO_PENDING_IRQ;
352
353 /*
354 * Register ram types.
355 */
356 pVM->rem.s.iMMIOMemType = cpu_register_io_memory(g_apfnMMIORead, g_apfnMMIOWrite, &pVM->rem.s.Env);
357 AssertReleaseMsg(pVM->rem.s.iMMIOMemType >= 0, ("pVM->rem.s.iMMIOMemType=%d\n", pVM->rem.s.iMMIOMemType));
358 pVM->rem.s.iHandlerMemType = cpu_register_io_memory(g_apfnHandlerRead, g_apfnHandlerWrite, pVM);
359 AssertReleaseMsg(pVM->rem.s.iHandlerMemType >= 0, ("pVM->rem.s.iHandlerMemType=%d\n", pVM->rem.s.iHandlerMemType));
360 Log2(("REM: iMMIOMemType=%d iHandlerMemType=%d\n", pVM->rem.s.iMMIOMemType, pVM->rem.s.iHandlerMemType));
361
362 /* stop ignoring. */
363 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
364
365 /*
366 * Register the saved state data unit.
367 */
368 rc = SSMR3RegisterInternal(pVM, "rem", 1, REM_SAVED_STATE_VERSION, sizeof(uint32_t) * 10,
369 NULL, NULL, NULL,
370 NULL, remR3Save, NULL,
371 NULL, remR3Load, NULL);
372 if (RT_FAILURE(rc))
373 return rc;
374
375#ifdef VBOX_WITH_DEBUGGER
376 /*
377 * Debugger commands.
378 */
379 static bool fRegisteredCmds = false;
380 if (!fRegisteredCmds)
381 {
382 int rc = DBGCRegisterCommands(&g_aCmds[0], RT_ELEMENTS(g_aCmds));
383 if (RT_SUCCESS(rc))
384 fRegisteredCmds = true;
385 }
386#endif
387
388#ifdef VBOX_WITH_STATISTICS
389 /*
390 * Statistics.
391 */
392 STAM_REG(pVM, &gStatExecuteSingleInstr, STAMTYPE_PROFILE, "/PROF/REM/SingleInstr",STAMUNIT_TICKS_PER_CALL, "Profiling single instruction emulation.");
393 STAM_REG(pVM, &gStatCompilationQEmu, STAMTYPE_PROFILE, "/PROF/REM/Compile", STAMUNIT_TICKS_PER_CALL, "Profiling QEmu compilation.");
394 STAM_REG(pVM, &gStatRunCodeQEmu, STAMTYPE_PROFILE, "/PROF/REM/Runcode", STAMUNIT_TICKS_PER_CALL, "Profiling QEmu code execution.");
395 STAM_REG(pVM, &gStatTotalTimeQEmu, STAMTYPE_PROFILE, "/PROF/REM/Emulate", STAMUNIT_TICKS_PER_CALL, "Profiling code emulation.");
396 STAM_REG(pVM, &gStatTimers, STAMTYPE_PROFILE, "/PROF/REM/Timers", STAMUNIT_TICKS_PER_CALL, "Profiling timer queue processing.");
397 STAM_REG(pVM, &gStatTBLookup, STAMTYPE_PROFILE, "/PROF/REM/TBLookup", STAMUNIT_TICKS_PER_CALL, "Profiling translation block lookup.");
398 STAM_REG(pVM, &gStatIRQ, STAMTYPE_PROFILE, "/PROF/REM/IRQ", STAMUNIT_TICKS_PER_CALL, "Profiling IRQ delivery.");
399 STAM_REG(pVM, &gStatRawCheck, STAMTYPE_PROFILE, "/PROF/REM/RawCheck", STAMUNIT_TICKS_PER_CALL, "Profiling remR3CanExecuteRaw calls.");
400 STAM_REG(pVM, &gStatMemRead, STAMTYPE_PROFILE, "/PROF/REM/MemRead", STAMUNIT_TICKS_PER_CALL, "Profiling memory access.");
401 STAM_REG(pVM, &gStatMemWrite, STAMTYPE_PROFILE, "/PROF/REM/MemWrite", STAMUNIT_TICKS_PER_CALL, "Profiling memory access.");
402 STAM_REG(pVM, &gStatGCPhys2HCVirt, STAMTYPE_PROFILE, "/PROF/REM/GCPhys2HCVirt", STAMUNIT_TICKS_PER_CALL, "Profiling memory conversion (PGMR3PhysTlbGCPhys2Ptr).");
403
404 STAM_REG(pVM, &gStatCpuGetTSC, STAMTYPE_COUNTER, "/REM/CpuGetTSC", STAMUNIT_OCCURENCES, "cpu_get_tsc calls");
405
406 STAM_REG(pVM, &gStatRefuseTFInhibit, STAMTYPE_COUNTER, "/REM/Refuse/TFInibit", STAMUNIT_OCCURENCES, "Raw mode refused because of TF or irq inhibit");
407 STAM_REG(pVM, &gStatRefuseVM86, STAMTYPE_COUNTER, "/REM/Refuse/VM86", STAMUNIT_OCCURENCES, "Raw mode refused because of VM86");
408 STAM_REG(pVM, &gStatRefusePaging, STAMTYPE_COUNTER, "/REM/Refuse/Paging", STAMUNIT_OCCURENCES, "Raw mode refused because of disabled paging/pm");
409 STAM_REG(pVM, &gStatRefusePAE, STAMTYPE_COUNTER, "/REM/Refuse/PAE", STAMUNIT_OCCURENCES, "Raw mode refused because of PAE");
410 STAM_REG(pVM, &gStatRefuseIOPLNot0, STAMTYPE_COUNTER, "/REM/Refuse/IOPLNot0", STAMUNIT_OCCURENCES, "Raw mode refused because of IOPL != 0");
411 STAM_REG(pVM, &gStatRefuseIF0, STAMTYPE_COUNTER, "/REM/Refuse/IF0", STAMUNIT_OCCURENCES, "Raw mode refused because of IF=0");
412 STAM_REG(pVM, &gStatRefuseCode16, STAMTYPE_COUNTER, "/REM/Refuse/Code16", STAMUNIT_OCCURENCES, "Raw mode refused because of 16 bit code");
413 STAM_REG(pVM, &gStatRefuseWP0, STAMTYPE_COUNTER, "/REM/Refuse/WP0", STAMUNIT_OCCURENCES, "Raw mode refused because of WP=0");
414 STAM_REG(pVM, &gStatRefuseRing1or2, STAMTYPE_COUNTER, "/REM/Refuse/Ring1or2", STAMUNIT_OCCURENCES, "Raw mode refused because of ring 1/2 execution");
415 STAM_REG(pVM, &gStatRefuseCanExecute, STAMTYPE_COUNTER, "/REM/Refuse/CanExecuteRaw", STAMUNIT_OCCURENCES, "Raw mode refused because of cCanExecuteRaw");
416 STAM_REG(pVM, &gaStatRefuseStale[R_ES], STAMTYPE_COUNTER, "/REM/Refuse/StaleES", STAMUNIT_OCCURENCES, "Raw mode refused because of stale ES");
417 STAM_REG(pVM, &gaStatRefuseStale[R_CS], STAMTYPE_COUNTER, "/REM/Refuse/StaleCS", STAMUNIT_OCCURENCES, "Raw mode refused because of stale CS");
418 STAM_REG(pVM, &gaStatRefuseStale[R_SS], STAMTYPE_COUNTER, "/REM/Refuse/StaleSS", STAMUNIT_OCCURENCES, "Raw mode refused because of stale SS");
419 STAM_REG(pVM, &gaStatRefuseStale[R_DS], STAMTYPE_COUNTER, "/REM/Refuse/StaleDS", STAMUNIT_OCCURENCES, "Raw mode refused because of stale DS");
420 STAM_REG(pVM, &gaStatRefuseStale[R_FS], STAMTYPE_COUNTER, "/REM/Refuse/StaleFS", STAMUNIT_OCCURENCES, "Raw mode refused because of stale FS");
421 STAM_REG(pVM, &gaStatRefuseStale[R_GS], STAMTYPE_COUNTER, "/REM/Refuse/StaleGS", STAMUNIT_OCCURENCES, "Raw mode refused because of stale GS");
422 STAM_REG(pVM, &gStatFlushTBs, STAMTYPE_COUNTER, "/REM/FlushTB", STAMUNIT_OCCURENCES, "Number of TB flushes");
423
424 STAM_REG(pVM, &gStatREMGDTChange, STAMTYPE_COUNTER, "/REM/Change/GDTBase", STAMUNIT_OCCURENCES, "GDT base changes");
425 STAM_REG(pVM, &gStatREMLDTRChange, STAMTYPE_COUNTER, "/REM/Change/LDTR", STAMUNIT_OCCURENCES, "LDTR changes");
426 STAM_REG(pVM, &gStatREMIDTChange, STAMTYPE_COUNTER, "/REM/Change/IDTBase", STAMUNIT_OCCURENCES, "IDT base changes");
427 STAM_REG(pVM, &gStatREMTRChange, STAMTYPE_COUNTER, "/REM/Change/TR", STAMUNIT_OCCURENCES, "TR selector changes");
428
429 STAM_REG(pVM, &gStatSelOutOfSync[0], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/ES", STAMUNIT_OCCURENCES, "ES out of sync");
430 STAM_REG(pVM, &gStatSelOutOfSync[1], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/CS", STAMUNIT_OCCURENCES, "CS out of sync");
431 STAM_REG(pVM, &gStatSelOutOfSync[2], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/SS", STAMUNIT_OCCURENCES, "SS out of sync");
432 STAM_REG(pVM, &gStatSelOutOfSync[3], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/DS", STAMUNIT_OCCURENCES, "DS out of sync");
433 STAM_REG(pVM, &gStatSelOutOfSync[4], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/FS", STAMUNIT_OCCURENCES, "FS out of sync");
434 STAM_REG(pVM, &gStatSelOutOfSync[5], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/GS", STAMUNIT_OCCURENCES, "GS out of sync");
435
436 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[0], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/ES", STAMUNIT_OCCURENCES, "ES out of sync");
437 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[1], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/CS", STAMUNIT_OCCURENCES, "CS out of sync");
438 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[2], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/SS", STAMUNIT_OCCURENCES, "SS out of sync");
439 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[3], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/DS", STAMUNIT_OCCURENCES, "DS out of sync");
440 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[4], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/FS", STAMUNIT_OCCURENCES, "FS out of sync");
441 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[5], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/GS", STAMUNIT_OCCURENCES, "GS out of sync");
442
443 STAM_REG(pVM, &pVM->rem.s.Env.StatTbFlush, STAMTYPE_PROFILE, "/REM/TbFlush", STAMUNIT_TICKS_PER_CALL, "profiling tb_flush().");
444#endif /* VBOX_WITH_STATISTICS */
445 AssertCompileMemberAlignment(CPUX86State, StatTbFlush, 4);
446 AssertCompileMemberAlignment(CPUX86State, StatTbFlush, 8);
447
448 STAM_REL_REG(pVM, &tb_flush_count, STAMTYPE_U32_RESET, "/REM/TbFlushCount", STAMUNIT_OCCURENCES, "tb_flush() calls");
449 STAM_REL_REG(pVM, &tb_phys_invalidate_count, STAMTYPE_U32_RESET, "/REM/TbPhysInvldCount", STAMUNIT_OCCURENCES, "tb_phys_invalidate() calls");
450 STAM_REL_REG(pVM, &tlb_flush_count, STAMTYPE_U32_RESET, "/REM/TlbFlushCount", STAMUNIT_OCCURENCES, "tlb_flush() calls");
451
452
453#ifdef DEBUG_ALL_LOGGING
454 loglevel = ~0;
455#endif
456
457 /*
458 * Init the handler notification lists.
459 */
460 pVM->rem.s.idxPendingList = UINT32_MAX;
461 pVM->rem.s.idxFreeList = 0;
462
463 for (i = 0 ; i < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications); i++)
464 {
465 pCur = &pVM->rem.s.aHandlerNotifications[i];
466 pCur->idxNext = i + 1;
467 pCur->idxSelf = i;
468 }
469 pCur->idxNext = UINT32_MAX; /* the last record. */
470
471 return rc;
472}
473
474
475/**
476 * Finalizes the REM initialization.
477 *
478 * This is called after all components, devices and drivers has
479 * been initialized. Its main purpose it to finish the RAM related
480 * initialization.
481 *
482 * @returns VBox status code.
483 *
484 * @param pVM The VM handle.
485 */
486REMR3DECL(int) REMR3InitFinalize(PVM pVM)
487{
488 int rc;
489
490 /*
491 * Ram size & dirty bit map.
492 */
493 Assert(!pVM->rem.s.fGCPhysLastRamFixed);
494 pVM->rem.s.fGCPhysLastRamFixed = true;
495#ifdef RT_STRICT
496 rc = remR3InitPhysRamSizeAndDirtyMap(pVM, true /* fGuarded */);
497#else
498 rc = remR3InitPhysRamSizeAndDirtyMap(pVM, false /* fGuarded */);
499#endif
500 return rc;
501}
502
503/**
504 * Initializes ram_list.phys_dirty and ram_list.phys_dirty_size.
505 *
506 * @returns VBox status code.
507 * @param pVM The VM handle.
508 * @param fGuarded Whether to guard the map.
509 */
510static int remR3InitPhysRamSizeAndDirtyMap(PVM pVM, bool fGuarded)
511{
512 int rc = VINF_SUCCESS;
513 RTGCPHYS cb;
514
515 AssertLogRelReturn(QLIST_EMPTY(&ram_list.blocks), VERR_INTERNAL_ERROR_2);
516
517 cb = pVM->rem.s.GCPhysLastRam + 1;
518 AssertLogRelMsgReturn(cb > pVM->rem.s.GCPhysLastRam,
519 ("GCPhysLastRam=%RGp - out of range\n", pVM->rem.s.GCPhysLastRam),
520 VERR_OUT_OF_RANGE);
521
522 ram_list.phys_dirty_size = cb >> PAGE_SHIFT;
523 AssertMsg(((RTGCPHYS)ram_list.phys_dirty_size << PAGE_SHIFT) == cb, ("%RGp\n", cb));
524
525 if (!fGuarded)
526 {
527 ram_list.phys_dirty = MMR3HeapAlloc(pVM, MM_TAG_REM, ram_list.phys_dirty_size);
528 AssertLogRelMsgReturn(ram_list.phys_dirty, ("Failed to allocate %u bytes of dirty page map bytes\n", ram_list.phys_dirty_size), VERR_NO_MEMORY);
529 }
530 else
531 {
532 /*
533 * Fill it up the nearest 4GB RAM and leave at least _64KB of guard after it.
534 */
535 uint32_t cbBitmapAligned = RT_ALIGN_32(ram_list.phys_dirty_size, PAGE_SIZE);
536 uint32_t cbBitmapFull = RT_ALIGN_32(ram_list.phys_dirty_size, (_4G >> PAGE_SHIFT));
537 if (cbBitmapFull == cbBitmapAligned)
538 cbBitmapFull += _4G >> PAGE_SHIFT;
539 else if (cbBitmapFull - cbBitmapAligned < _64K)
540 cbBitmapFull += _64K;
541
542 ram_list.phys_dirty = RTMemPageAlloc(cbBitmapFull);
543 AssertLogRelMsgReturn(ram_list.phys_dirty, ("Failed to allocate %u bytes of dirty page map bytes\n", cbBitmapFull), VERR_NO_MEMORY);
544
545 rc = RTMemProtect(ram_list.phys_dirty + cbBitmapAligned, cbBitmapFull - cbBitmapAligned, RTMEM_PROT_NONE);
546 if (RT_FAILURE(rc))
547 {
548 RTMemPageFree(ram_list.phys_dirty, cbBitmapFull);
549 AssertLogRelRCReturn(rc, rc);
550 }
551
552 ram_list.phys_dirty += cbBitmapAligned - ram_list.phys_dirty_size;
553 }
554
555 /* initialize it. */
556 memset(ram_list.phys_dirty, 0xff, ram_list.phys_dirty_size);
557 return rc;
558}
559
560
561/**
562 * Terminates the REM.
563 *
564 * Termination means cleaning up and freeing all resources,
565 * the VM it self is at this point powered off or suspended.
566 *
567 * @returns VBox status code.
568 * @param pVM The VM to operate on.
569 */
570REMR3DECL(int) REMR3Term(PVM pVM)
571{
572 /*
573 * Statistics.
574 */
575 STAMR3Deregister(pVM->pUVM, "/PROF/REM/*");
576 STAMR3Deregister(pVM->pUVM, "/REM/*");
577
578 return VINF_SUCCESS;
579}
580
581
582/**
583 * The VM is being reset.
584 *
585 * For the REM component this means to call the cpu_reset() and
586 * reinitialize some state variables.
587 *
588 * @param pVM VM handle.
589 */
590REMR3DECL(void) REMR3Reset(PVM pVM)
591{
592 EMRemLock(pVM); /* Only pro forma, we're in a rendezvous. */
593
594 /*
595 * Reset the REM cpu.
596 */
597 Assert(pVM->rem.s.cIgnoreAll == 0);
598 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
599 cpu_reset(&pVM->rem.s.Env);
600 pVM->rem.s.cInvalidatedPages = 0;
601 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
602 Assert(pVM->rem.s.cIgnoreAll == 0);
603
604 /* Clear raw ring 0 init state */
605 pVM->rem.s.Env.state &= ~CPU_RAW_RING0;
606
607 /* Flush the TBs the next time we execute code here. */
608 pVM->rem.s.fFlushTBs = true;
609
610 EMRemUnlock(pVM);
611}
612
613
614/**
615 * Execute state save operation.
616 *
617 * @returns VBox status code.
618 * @param pVM VM Handle.
619 * @param pSSM SSM operation handle.
620 */
621static DECLCALLBACK(int) remR3Save(PVM pVM, PSSMHANDLE pSSM)
622{
623 PREM pRem = &pVM->rem.s;
624
625 /*
626 * Save the required CPU Env bits.
627 * (Not much because we're never in REM when doing the save.)
628 */
629 LogFlow(("remR3Save:\n"));
630 Assert(!pRem->fInREM);
631 SSMR3PutU32(pSSM, pRem->Env.hflags);
632 SSMR3PutU32(pSSM, ~0); /* separator */
633
634 /* Remember if we've entered raw mode (vital for ring 1 checks in e.g. iret emulation). */
635 SSMR3PutU32(pSSM, !!(pRem->Env.state & CPU_RAW_RING0));
636 SSMR3PutU32(pSSM, pVM->rem.s.u32PendingInterrupt);
637
638 return SSMR3PutU32(pSSM, ~0); /* terminator */
639}
640
641
642/**
643 * Execute state load operation.
644 *
645 * @returns VBox status code.
646 * @param pVM VM Handle.
647 * @param pSSM SSM operation handle.
648 * @param uVersion Data layout version.
649 * @param uPass The data pass.
650 */
651static DECLCALLBACK(int) remR3Load(PVM pVM, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
652{
653 uint32_t u32Dummy;
654 uint32_t fRawRing0 = false;
655 uint32_t u32Sep;
656 uint32_t i;
657 int rc;
658 PREM pRem;
659
660 LogFlow(("remR3Load:\n"));
661 Assert(uPass == SSM_PASS_FINAL); NOREF(uPass);
662
663 /*
664 * Validate version.
665 */
666 if ( uVersion != REM_SAVED_STATE_VERSION
667 && uVersion != REM_SAVED_STATE_VERSION_VER1_6)
668 {
669 AssertMsgFailed(("remR3Load: Invalid version uVersion=%d!\n", uVersion));
670 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
671 }
672
673 /*
674 * Do a reset to be on the safe side...
675 */
676 REMR3Reset(pVM);
677
678 /*
679 * Ignore all ignorable notifications.
680 * (Not doing this will cause serious trouble.)
681 */
682 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
683
684 /*
685 * Load the required CPU Env bits.
686 * (Not much because we're never in REM when doing the save.)
687 */
688 pRem = &pVM->rem.s;
689 Assert(!pRem->fInREM);
690 SSMR3GetU32(pSSM, &pRem->Env.hflags);
691 if (uVersion == REM_SAVED_STATE_VERSION_VER1_6)
692 {
693 /* Redundant REM CPU state has to be loaded, but can be ignored. */
694 CPUX86State_Ver16 temp;
695 SSMR3GetMem(pSSM, &temp, RT_OFFSETOF(CPUX86State_Ver16, jmp_env));
696 }
697
698 rc = SSMR3GetU32(pSSM, &u32Sep); /* separator */
699 if (RT_FAILURE(rc))
700 return rc;
701 if (u32Sep != ~0U)
702 {
703 AssertMsgFailed(("u32Sep=%#x\n", u32Sep));
704 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
705 }
706
707 /* Remember if we've entered raw mode (vital for ring 1 checks in e.g. iret emulation). */
708 SSMR3GetUInt(pSSM, &fRawRing0);
709 if (fRawRing0)
710 pRem->Env.state |= CPU_RAW_RING0;
711
712 if (uVersion == REM_SAVED_STATE_VERSION_VER1_6)
713 {
714 /*
715 * Load the REM stuff.
716 */
717 /** @todo r=bird: We should just drop all these items, restoring doesn't make
718 * sense. */
719 rc = SSMR3GetU32(pSSM, (uint32_t *)&pRem->cInvalidatedPages);
720 if (RT_FAILURE(rc))
721 return rc;
722 if (pRem->cInvalidatedPages > RT_ELEMENTS(pRem->aGCPtrInvalidatedPages))
723 {
724 AssertMsgFailed(("cInvalidatedPages=%#x\n", pRem->cInvalidatedPages));
725 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
726 }
727 for (i = 0; i < pRem->cInvalidatedPages; i++)
728 SSMR3GetGCPtr(pSSM, &pRem->aGCPtrInvalidatedPages[i]);
729 }
730
731 rc = SSMR3GetUInt(pSSM, &pVM->rem.s.u32PendingInterrupt);
732 if (RT_FAILURE(rc))
733 return rc;
734
735 /* check the terminator. */
736 rc = SSMR3GetU32(pSSM, &u32Sep);
737 if (RT_FAILURE(rc))
738 return rc;
739 if (u32Sep != ~0U)
740 {
741 AssertMsgFailed(("u32Sep=%#x (term)\n", u32Sep));
742 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
743 }
744
745 /*
746 * Get the CPUID features.
747 */
748 PVMCPU pVCpu = VMMGetCpu(pVM);
749 CPUMGetGuestCpuId(pVCpu, 1, 0, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
750 CPUMGetGuestCpuId(pVCpu, 0x80000001, 0, &u32Dummy, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext2_features);
751
752 /*
753 * Stop ignoring ignorable notifications.
754 */
755 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
756
757 /*
758 * Sync the whole CPU state when executing code in the recompiler.
759 */
760 for (i = 0; i < pVM->cCpus; i++)
761 {
762 PVMCPU pVCpu = &pVM->aCpus[i];
763 CPUMSetChangedFlags(pVCpu, CPUM_CHANGED_ALL);
764 }
765 return VINF_SUCCESS;
766}
767
768
769
770#undef LOG_GROUP
771#define LOG_GROUP LOG_GROUP_REM_RUN
772
773/**
774 * Single steps an instruction in recompiled mode.
775 *
776 * Before calling this function the REM state needs to be in sync with
777 * the VM. Call REMR3State() to perform the sync. It's only necessary
778 * (and permitted) to sync at the first call to REMR3Step()/REMR3Run()
779 * and after calling REMR3StateBack().
780 *
781 * @returns VBox status code.
782 *
783 * @param pVM VM Handle.
784 * @param pVCpu VMCPU Handle.
785 */
786REMR3DECL(int) REMR3Step(PVM pVM, PVMCPU pVCpu)
787{
788 int rc, interrupt_request;
789 RTGCPTR GCPtrPC;
790 bool fBp;
791
792 /*
793 * Lock the REM - we don't wanna have anyone interrupting us
794 * while stepping - and enabled single stepping. We also ignore
795 * pending interrupts and suchlike.
796 */
797 interrupt_request = pVM->rem.s.Env.interrupt_request;
798 Assert(!(interrupt_request & ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER | CPU_INTERRUPT_EXTERNAL_HARD | CPU_INTERRUPT_EXTERNAL_EXIT | CPU_INTERRUPT_EXTERNAL_FLUSH_TLB | CPU_INTERRUPT_EXTERNAL_TIMER)));
799 pVM->rem.s.Env.interrupt_request = 0;
800 cpu_single_step(&pVM->rem.s.Env, 1);
801
802 /*
803 * If we're standing at a breakpoint, that have to be disabled before we start stepping.
804 */
805 GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
806 fBp = !cpu_breakpoint_remove(&pVM->rem.s.Env, GCPtrPC, BP_GDB);
807
808 /*
809 * Execute and handle the return code.
810 * We execute without enabling the cpu tick, so on success we'll
811 * just flip it on and off to make sure it moves
812 */
813 rc = cpu_exec(&pVM->rem.s.Env);
814 if (rc == EXCP_DEBUG)
815 {
816 TMR3NotifyResume(pVM, pVCpu);
817 TMR3NotifySuspend(pVM, pVCpu);
818 rc = VINF_EM_DBG_STEPPED;
819 }
820 else
821 {
822 switch (rc)
823 {
824 case EXCP_INTERRUPT: rc = VINF_SUCCESS; break;
825 case EXCP_HLT:
826 case EXCP_HALTED: rc = VINF_EM_HALT; break;
827 case EXCP_RC:
828 rc = pVM->rem.s.rc;
829 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
830 break;
831 case EXCP_EXECUTE_RAW:
832 case EXCP_EXECUTE_HM:
833 /** @todo: is it correct? No! */
834 rc = VINF_SUCCESS;
835 break;
836 default:
837 AssertReleaseMsgFailed(("This really shouldn't happen, rc=%d!\n", rc));
838 rc = VERR_INTERNAL_ERROR;
839 break;
840 }
841 }
842
843 /*
844 * Restore the stuff we changed to prevent interruption.
845 * Unlock the REM.
846 */
847 if (fBp)
848 {
849 int rc2 = cpu_breakpoint_insert(&pVM->rem.s.Env, GCPtrPC, BP_GDB, NULL);
850 Assert(rc2 == 0); NOREF(rc2);
851 }
852 cpu_single_step(&pVM->rem.s.Env, 0);
853 pVM->rem.s.Env.interrupt_request = interrupt_request;
854
855 return rc;
856}
857
858
859/**
860 * Set a breakpoint using the REM facilities.
861 *
862 * @returns VBox status code.
863 * @param pVM The VM handle.
864 * @param Address The breakpoint address.
865 * @thread The emulation thread.
866 */
867REMR3DECL(int) REMR3BreakpointSet(PVM pVM, RTGCUINTPTR Address)
868{
869 VM_ASSERT_EMT(pVM);
870 if (!cpu_breakpoint_insert(&pVM->rem.s.Env, Address, BP_GDB, NULL))
871 {
872 LogFlow(("REMR3BreakpointSet: Address=%RGv\n", Address));
873 return VINF_SUCCESS;
874 }
875 LogFlow(("REMR3BreakpointSet: Address=%RGv - failed!\n", Address));
876 return VERR_REM_NO_MORE_BP_SLOTS;
877}
878
879
880/**
881 * Clears a breakpoint set by REMR3BreakpointSet().
882 *
883 * @returns VBox status code.
884 * @param pVM The VM handle.
885 * @param Address The breakpoint address.
886 * @thread The emulation thread.
887 */
888REMR3DECL(int) REMR3BreakpointClear(PVM pVM, RTGCUINTPTR Address)
889{
890 VM_ASSERT_EMT(pVM);
891 if (!cpu_breakpoint_remove(&pVM->rem.s.Env, Address, BP_GDB))
892 {
893 LogFlow(("REMR3BreakpointClear: Address=%RGv\n", Address));
894 return VINF_SUCCESS;
895 }
896 LogFlow(("REMR3BreakpointClear: Address=%RGv - not found!\n", Address));
897 return VERR_REM_BP_NOT_FOUND;
898}
899
900
901/**
902 * Emulate an instruction.
903 *
904 * This function executes one instruction without letting anyone
905 * interrupt it. This is intended for being called while being in
906 * raw mode and thus will take care of all the state syncing between
907 * REM and the rest.
908 *
909 * @returns VBox status code.
910 * @param pVM VM handle.
911 * @param pVCpu VMCPU Handle.
912 */
913REMR3DECL(int) REMR3EmulateInstruction(PVM pVM, PVMCPU pVCpu)
914{
915 bool fFlushTBs;
916
917 int rc, rc2;
918 Log2(("REMR3EmulateInstruction: (cs:eip=%04x:%08x)\n", CPUMGetGuestCS(pVCpu), CPUMGetGuestEIP(pVCpu)));
919
920 /* Make sure this flag is set; we might never execute remR3CanExecuteRaw in the AMD-V case.
921 * CPU_RAW_HM makes sure we never execute interrupt handlers in the recompiler.
922 */
923 if (HMIsEnabled(pVM))
924 pVM->rem.s.Env.state |= CPU_RAW_HM;
925
926 /* Skip the TB flush as that's rather expensive and not necessary for single instruction emulation. */
927 fFlushTBs = pVM->rem.s.fFlushTBs;
928 pVM->rem.s.fFlushTBs = false;
929
930 /*
931 * Sync the state and enable single instruction / single stepping.
932 */
933 rc = REMR3State(pVM, pVCpu);
934 pVM->rem.s.fFlushTBs = fFlushTBs;
935 if (RT_SUCCESS(rc))
936 {
937 int interrupt_request = pVM->rem.s.Env.interrupt_request;
938 Assert(!( interrupt_request
939 & ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER | CPU_INTERRUPT_EXTERNAL_HARD
940 | CPU_INTERRUPT_EXTERNAL_EXIT | CPU_INTERRUPT_EXTERNAL_FLUSH_TLB | CPU_INTERRUPT_EXTERNAL_TIMER
941 | CPU_INTERRUPT_EXTERNAL_DMA)));
942#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
943 cpu_single_step(&pVM->rem.s.Env, 0);
944#endif
945 Assert(!pVM->rem.s.Env.singlestep_enabled);
946
947 /*
948 * Now we set the execute single instruction flag and enter the cpu_exec loop.
949 */
950 TMNotifyStartOfExecution(pVCpu);
951 pVM->rem.s.Env.interrupt_request = CPU_INTERRUPT_SINGLE_INSTR;
952 rc = cpu_exec(&pVM->rem.s.Env);
953 TMNotifyEndOfExecution(pVCpu);
954 switch (rc)
955 {
956 /*
957 * Executed without anything out of the way happening.
958 */
959 case EXCP_SINGLE_INSTR:
960 rc = VINF_EM_RESCHEDULE;
961 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_SINGLE_INSTR\n"));
962 break;
963
964 /*
965 * If we take a trap or start servicing a pending interrupt, we might end up here.
966 * (Timer thread or some other thread wishing EMT's attention.)
967 */
968 case EXCP_INTERRUPT:
969 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_INTERRUPT\n"));
970 rc = VINF_EM_RESCHEDULE;
971 break;
972
973 /*
974 * Single step, we assume!
975 * If there was a breakpoint there we're fucked now.
976 */
977 case EXCP_DEBUG:
978 if (pVM->rem.s.Env.watchpoint_hit)
979 {
980 /** @todo deal with watchpoints */
981 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_DEBUG rc=%Rrc !watchpoint_hit!\n", rc));
982 rc = VINF_EM_DBG_BREAKPOINT;
983 }
984 else
985 {
986 CPUBreakpoint *pBP;
987 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
988 QTAILQ_FOREACH(pBP, &pVM->rem.s.Env.breakpoints, entry)
989 if (pBP->pc == GCPtrPC)
990 break;
991 rc = pBP ? VINF_EM_DBG_BREAKPOINT : VINF_EM_DBG_STEPPED;
992 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_DEBUG rc=%Rrc pBP=%p GCPtrPC=%RGv\n", rc, pBP, GCPtrPC));
993 }
994 break;
995
996 /*
997 * hlt instruction.
998 */
999 case EXCP_HLT:
1000 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_HLT\n"));
1001 rc = VINF_EM_HALT;
1002 break;
1003
1004 /*
1005 * The VM has halted.
1006 */
1007 case EXCP_HALTED:
1008 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_HALTED\n"));
1009 rc = VINF_EM_HALT;
1010 break;
1011
1012 /*
1013 * Switch to RAW-mode.
1014 */
1015 case EXCP_EXECUTE_RAW:
1016 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_EXECUTE_RAW\n"));
1017 rc = VINF_EM_RESCHEDULE_RAW;
1018 break;
1019
1020 /*
1021 * Switch to hardware accelerated RAW-mode.
1022 */
1023 case EXCP_EXECUTE_HM:
1024 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_EXECUTE_HM\n"));
1025 rc = VINF_EM_RESCHEDULE_HM;
1026 break;
1027
1028 /*
1029 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1030 */
1031 case EXCP_RC:
1032 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_RC\n"));
1033 rc = pVM->rem.s.rc;
1034 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1035 break;
1036
1037 /*
1038 * Figure out the rest when they arrive....
1039 */
1040 default:
1041 AssertMsgFailed(("rc=%d\n", rc));
1042 Log2(("REMR3EmulateInstruction: cpu_exec -> %d\n", rc));
1043 rc = VINF_EM_RESCHEDULE;
1044 break;
1045 }
1046
1047 /*
1048 * Switch back the state.
1049 */
1050 pVM->rem.s.Env.interrupt_request = interrupt_request;
1051 rc2 = REMR3StateBack(pVM, pVCpu);
1052 AssertRC(rc2);
1053 }
1054
1055 Log2(("REMR3EmulateInstruction: returns %Rrc (cs:eip=%04x:%RGv)\n",
1056 rc, pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1057 return rc;
1058}
1059
1060
1061/**
1062 * Used by REMR3Run to handle the case where CPU_EMULATE_SINGLE_STEP is set.
1063 *
1064 * @returns VBox status code.
1065 *
1066 * @param pVM The VM handle.
1067 * @param pVCpu The Virtual CPU handle.
1068 */
1069static int remR3RunLoggingStep(PVM pVM, PVMCPU pVCpu)
1070{
1071 int rc;
1072
1073 Assert(pVM->rem.s.fInREM);
1074#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1075 cpu_single_step(&pVM->rem.s.Env, 1);
1076#else
1077 Assert(!pVM->rem.s.Env.singlestep_enabled);
1078#endif
1079
1080 /*
1081 * Now we set the execute single instruction flag and enter the cpu_exec loop.
1082 */
1083 for (;;)
1084 {
1085 char szBuf[256];
1086
1087 /*
1088 * Log the current registers state and instruction.
1089 */
1090 remR3StateUpdate(pVM, pVCpu);
1091 DBGFR3Info(pVM->pUVM, "cpumguest", NULL, NULL);
1092 szBuf[0] = '\0';
1093 rc = DBGFR3DisasInstrEx(pVM->pUVM,
1094 pVCpu->idCpu,
1095 0, /* Sel */ 0, /* GCPtr */
1096 DBGF_DISAS_FLAGS_CURRENT_GUEST | DBGF_DISAS_FLAGS_DEFAULT_MODE,
1097 szBuf,
1098 sizeof(szBuf),
1099 NULL);
1100 if (RT_FAILURE(rc))
1101 RTStrPrintf(szBuf, sizeof(szBuf), "DBGFR3DisasInstrEx failed with rc=%Rrc\n", rc);
1102 RTLogPrintf("CPU%d: %s\n", pVCpu->idCpu, szBuf);
1103
1104 /*
1105 * Execute the instruction.
1106 */
1107 TMNotifyStartOfExecution(pVCpu);
1108
1109 if ( pVM->rem.s.Env.exception_index < 0
1110 || pVM->rem.s.Env.exception_index > 256)
1111 pVM->rem.s.Env.exception_index = -1; /** @todo We need to do similar stuff elsewhere, I think. */
1112
1113#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1114 pVM->rem.s.Env.interrupt_request = 0;
1115#else
1116 pVM->rem.s.Env.interrupt_request = CPU_INTERRUPT_SINGLE_INSTR;
1117#endif
1118 if ( VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC)
1119 || pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ)
1120 pVM->rem.s.Env.interrupt_request |= CPU_INTERRUPT_HARD;
1121 RTLogPrintf("remR3RunLoggingStep: interrupt_request=%#x halted=%d exception_index=%#x\n",
1122 pVM->rem.s.Env.interrupt_request,
1123 pVM->rem.s.Env.halted,
1124 pVM->rem.s.Env.exception_index
1125 );
1126
1127 rc = cpu_exec(&pVM->rem.s.Env);
1128
1129 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> %#x interrupt_request=%#x halted=%d exception_index=%#x\n", rc,
1130 pVM->rem.s.Env.interrupt_request,
1131 pVM->rem.s.Env.halted,
1132 pVM->rem.s.Env.exception_index
1133 );
1134
1135 TMNotifyEndOfExecution(pVCpu);
1136
1137 switch (rc)
1138 {
1139#ifndef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1140 /*
1141 * The normal exit.
1142 */
1143 case EXCP_SINGLE_INSTR:
1144 if ( !VM_FF_IS_PENDING(pVM, VM_FF_ALL_REM_MASK)
1145 && !VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_ALL_REM_MASK))
1146 continue;
1147 RTLogPrintf("remR3RunLoggingStep: rc=VINF_SUCCESS w/ FFs (%#x/%#x)\n",
1148 pVM->fGlobalForcedActions, pVCpu->fLocalForcedActions);
1149 rc = VINF_SUCCESS;
1150 break;
1151
1152#else
1153 /*
1154 * The normal exit, check for breakpoints at PC just to be sure.
1155 */
1156#endif
1157 case EXCP_DEBUG:
1158 if (pVM->rem.s.Env.watchpoint_hit)
1159 {
1160 /** @todo deal with watchpoints */
1161 Log2(("remR3RunLoggingStep: cpu_exec -> EXCP_DEBUG rc=%Rrc !watchpoint_hit!\n", rc));
1162 rc = VINF_EM_DBG_BREAKPOINT;
1163 }
1164 else
1165 {
1166 CPUBreakpoint *pBP;
1167 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
1168 QTAILQ_FOREACH(pBP, &pVM->rem.s.Env.breakpoints, entry)
1169 if (pBP->pc == GCPtrPC)
1170 break;
1171 rc = pBP ? VINF_EM_DBG_BREAKPOINT : VINF_EM_DBG_STEPPED;
1172 Log2(("remR3RunLoggingStep: cpu_exec -> EXCP_DEBUG rc=%Rrc pBP=%p GCPtrPC=%RGv\n", rc, pBP, GCPtrPC));
1173 }
1174#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1175 if (rc == VINF_EM_DBG_STEPPED)
1176 {
1177 if ( !VM_FF_IS_PENDING(pVM, VM_FF_ALL_REM_MASK)
1178 && !VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_ALL_REM_MASK))
1179 continue;
1180
1181 RTLogPrintf("remR3RunLoggingStep: rc=VINF_SUCCESS w/ FFs (%#x/%#x)\n",
1182 pVM->fGlobalForcedActions, pVCpu->fLocalForcedActions);
1183 rc = VINF_SUCCESS;
1184 }
1185#endif
1186 break;
1187
1188 /*
1189 * If we take a trap or start servicing a pending interrupt, we might end up here.
1190 * (Timer thread or some other thread wishing EMT's attention.)
1191 */
1192 case EXCP_INTERRUPT:
1193 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_INTERRUPT rc=VINF_SUCCESS\n");
1194 rc = VINF_SUCCESS;
1195 break;
1196
1197 /*
1198 * hlt instruction.
1199 */
1200 case EXCP_HLT:
1201 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_HLT rc=VINF_EM_HALT\n");
1202 rc = VINF_EM_HALT;
1203 break;
1204
1205 /*
1206 * The VM has halted.
1207 */
1208 case EXCP_HALTED:
1209 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_HALTED rc=VINF_EM_HALT\n");
1210 rc = VINF_EM_HALT;
1211 break;
1212
1213 /*
1214 * Switch to RAW-mode.
1215 */
1216 case EXCP_EXECUTE_RAW:
1217 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_EXECUTE_RAW rc=VINF_EM_RESCHEDULE_RAW\n");
1218 rc = VINF_EM_RESCHEDULE_RAW;
1219 break;
1220
1221 /*
1222 * Switch to hardware accelerated RAW-mode.
1223 */
1224 case EXCP_EXECUTE_HM:
1225 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_EXECUTE_HM rc=VINF_EM_RESCHEDULE_HM\n");
1226 rc = VINF_EM_RESCHEDULE_HM;
1227 break;
1228
1229 /*
1230 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1231 */
1232 case EXCP_RC:
1233 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_RC rc=%Rrc\n", pVM->rem.s.rc);
1234 rc = pVM->rem.s.rc;
1235 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1236 break;
1237
1238 /*
1239 * Figure out the rest when they arrive....
1240 */
1241 default:
1242 AssertMsgFailed(("rc=%d\n", rc));
1243 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> %d rc=VINF_EM_RESCHEDULE\n", rc);
1244 rc = VINF_EM_RESCHEDULE;
1245 break;
1246 }
1247 break;
1248 }
1249
1250#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1251// cpu_single_step(&pVM->rem.s.Env, 0);
1252#else
1253 pVM->rem.s.Env.interrupt_request &= ~(CPU_INTERRUPT_SINGLE_INSTR | CPU_INTERRUPT_SINGLE_INSTR_IN_FLIGHT);
1254#endif
1255 return rc;
1256}
1257
1258
1259/**
1260 * Runs code in recompiled mode.
1261 *
1262 * Before calling this function the REM state needs to be in sync with
1263 * the VM. Call REMR3State() to perform the sync. It's only necessary
1264 * (and permitted) to sync at the first call to REMR3Step()/REMR3Run()
1265 * and after calling REMR3StateBack().
1266 *
1267 * @returns VBox status code.
1268 *
1269 * @param pVM VM Handle.
1270 * @param pVCpu VMCPU Handle.
1271 */
1272REMR3DECL(int) REMR3Run(PVM pVM, PVMCPU pVCpu)
1273{
1274 int rc;
1275
1276 if (RT_UNLIKELY(pVM->rem.s.Env.state & CPU_EMULATE_SINGLE_STEP))
1277 return remR3RunLoggingStep(pVM, pVCpu);
1278
1279 Assert(pVM->rem.s.fInREM);
1280 Log2(("REMR3Run: (cs:eip=%04x:%RGv)\n", pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1281
1282 TMNotifyStartOfExecution(pVCpu);
1283 rc = cpu_exec(&pVM->rem.s.Env);
1284 TMNotifyEndOfExecution(pVCpu);
1285 switch (rc)
1286 {
1287 /*
1288 * This happens when the execution was interrupted
1289 * by an external event, like pending timers.
1290 */
1291 case EXCP_INTERRUPT:
1292 Log2(("REMR3Run: cpu_exec -> EXCP_INTERRUPT\n"));
1293 rc = VINF_SUCCESS;
1294 break;
1295
1296 /*
1297 * hlt instruction.
1298 */
1299 case EXCP_HLT:
1300 Log2(("REMR3Run: cpu_exec -> EXCP_HLT\n"));
1301 rc = VINF_EM_HALT;
1302 break;
1303
1304 /*
1305 * The VM has halted.
1306 */
1307 case EXCP_HALTED:
1308 Log2(("REMR3Run: cpu_exec -> EXCP_HALTED\n"));
1309 rc = VINF_EM_HALT;
1310 break;
1311
1312 /*
1313 * Breakpoint/single step.
1314 */
1315 case EXCP_DEBUG:
1316 if (pVM->rem.s.Env.watchpoint_hit)
1317 {
1318 /** @todo deal with watchpoints */
1319 Log2(("REMR3Run: cpu_exec -> EXCP_DEBUG rc=%Rrc !watchpoint_hit!\n", rc));
1320 rc = VINF_EM_DBG_BREAKPOINT;
1321 }
1322 else
1323 {
1324 CPUBreakpoint *pBP;
1325 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
1326 QTAILQ_FOREACH(pBP, &pVM->rem.s.Env.breakpoints, entry)
1327 if (pBP->pc == GCPtrPC)
1328 break;
1329 rc = pBP ? VINF_EM_DBG_BREAKPOINT : VINF_EM_DBG_STEPPED;
1330 Log2(("REMR3Run: cpu_exec -> EXCP_DEBUG rc=%Rrc pBP=%p GCPtrPC=%RGv\n", rc, pBP, GCPtrPC));
1331 }
1332 break;
1333
1334 /*
1335 * Switch to RAW-mode.
1336 */
1337 case EXCP_EXECUTE_RAW:
1338 Log2(("REMR3Run: cpu_exec -> EXCP_EXECUTE_RAW pc=%RGv\n", pVM->rem.s.Env.eip));
1339 rc = VINF_EM_RESCHEDULE_RAW;
1340 break;
1341
1342 /*
1343 * Switch to hardware accelerated RAW-mode.
1344 */
1345 case EXCP_EXECUTE_HM:
1346 Log2(("REMR3Run: cpu_exec -> EXCP_EXECUTE_HM\n"));
1347 rc = VINF_EM_RESCHEDULE_HM;
1348 break;
1349
1350 /*
1351 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1352 */
1353 case EXCP_RC:
1354 Log2(("REMR3Run: cpu_exec -> EXCP_RC rc=%Rrc\n", pVM->rem.s.rc));
1355 rc = pVM->rem.s.rc;
1356 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1357 break;
1358
1359 /*
1360 * Figure out the rest when they arrive....
1361 */
1362 default:
1363 AssertMsgFailed(("rc=%d\n", rc));
1364 Log2(("REMR3Run: cpu_exec -> %d\n", rc));
1365 rc = VINF_SUCCESS;
1366 break;
1367 }
1368
1369 Log2(("REMR3Run: returns %Rrc (cs:eip=%04x:%RGv)\n", rc, pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1370 return rc;
1371}
1372
1373
1374/**
1375 * Check if the cpu state is suitable for Raw execution.
1376 *
1377 * @returns true if RAW/HWACC mode is ok, false if we should stay in REM.
1378 *
1379 * @param env The CPU env struct.
1380 * @param eip The EIP to check this for (might differ from env->eip).
1381 * @param fFlags hflags OR'ed with IOPL, TF and VM from eflags.
1382 * @param piException Stores EXCP_EXECUTE_RAW/HWACC in case raw mode is supported in this context
1383 *
1384 * @remark This function must be kept in perfect sync with the scheduler in EM.cpp!
1385 */
1386bool remR3CanExecuteRaw(CPUX86State *env, RTGCPTR eip, unsigned fFlags, int *piException)
1387{
1388 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1389 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1390 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1391 uint32_t u32CR0;
1392
1393#ifdef IEM_VERIFICATION_MODE
1394 return false;
1395#endif
1396
1397 /* Update counter. */
1398 env->pVM->rem.s.cCanExecuteRaw++;
1399
1400 /* Never when single stepping+logging guest code. */
1401 if (env->state & CPU_EMULATE_SINGLE_STEP)
1402 return false;
1403
1404 if (HMIsEnabled(env->pVM))
1405 {
1406#ifdef RT_OS_WINDOWS
1407 PCPUMCTX pCtx = alloca(sizeof(*pCtx));
1408#else
1409 CPUMCTX Ctx;
1410 PCPUMCTX pCtx = &Ctx;
1411#endif
1412
1413 env->state |= CPU_RAW_HM;
1414
1415 /*
1416 * The simple check first...
1417 */
1418 if (!EMIsHwVirtExecutionEnabled(env->pVM))
1419 return false;
1420
1421 /*
1422 * Create partial context for HMR3CanExecuteGuest
1423 */
1424 pCtx->cr0 = env->cr[0];
1425 pCtx->cr3 = env->cr[3];
1426 pCtx->cr4 = env->cr[4];
1427
1428 pCtx->tr.Sel = env->tr.selector;
1429 pCtx->tr.ValidSel = env->tr.selector;
1430 pCtx->tr.fFlags = CPUMSELREG_FLAGS_VALID;
1431 pCtx->tr.u64Base = env->tr.base;
1432 pCtx->tr.u32Limit = env->tr.limit;
1433 pCtx->tr.Attr.u = (env->tr.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1434
1435 pCtx->ldtr.Sel = env->ldt.selector;
1436 pCtx->ldtr.ValidSel = env->ldt.selector;
1437 pCtx->ldtr.fFlags = CPUMSELREG_FLAGS_VALID;
1438 pCtx->ldtr.u64Base = env->ldt.base;
1439 pCtx->ldtr.u32Limit = env->ldt.limit;
1440 pCtx->ldtr.Attr.u = (env->ldt.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1441
1442 pCtx->idtr.cbIdt = env->idt.limit;
1443 pCtx->idtr.pIdt = env->idt.base;
1444
1445 pCtx->gdtr.cbGdt = env->gdt.limit;
1446 pCtx->gdtr.pGdt = env->gdt.base;
1447
1448 pCtx->rsp = env->regs[R_ESP];
1449 pCtx->rip = env->eip;
1450
1451 pCtx->eflags.u32 = env->eflags;
1452
1453 pCtx->cs.Sel = env->segs[R_CS].selector;
1454 pCtx->cs.ValidSel = env->segs[R_CS].selector;
1455 pCtx->cs.fFlags = CPUMSELREG_FLAGS_VALID;
1456 pCtx->cs.u64Base = env->segs[R_CS].base;
1457 pCtx->cs.u32Limit = env->segs[R_CS].limit;
1458 pCtx->cs.Attr.u = (env->segs[R_CS].flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1459
1460 pCtx->ds.Sel = env->segs[R_DS].selector;
1461 pCtx->ds.ValidSel = env->segs[R_DS].selector;
1462 pCtx->ds.fFlags = CPUMSELREG_FLAGS_VALID;
1463 pCtx->ds.u64Base = env->segs[R_DS].base;
1464 pCtx->ds.u32Limit = env->segs[R_DS].limit;
1465 pCtx->ds.Attr.u = (env->segs[R_DS].flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1466
1467 pCtx->es.Sel = env->segs[R_ES].selector;
1468 pCtx->es.ValidSel = env->segs[R_ES].selector;
1469 pCtx->es.fFlags = CPUMSELREG_FLAGS_VALID;
1470 pCtx->es.u64Base = env->segs[R_ES].base;
1471 pCtx->es.u32Limit = env->segs[R_ES].limit;
1472 pCtx->es.Attr.u = (env->segs[R_ES].flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1473
1474 pCtx->fs.Sel = env->segs[R_FS].selector;
1475 pCtx->fs.ValidSel = env->segs[R_FS].selector;
1476 pCtx->fs.fFlags = CPUMSELREG_FLAGS_VALID;
1477 pCtx->fs.u64Base = env->segs[R_FS].base;
1478 pCtx->fs.u32Limit = env->segs[R_FS].limit;
1479 pCtx->fs.Attr.u = (env->segs[R_FS].flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1480
1481 pCtx->gs.Sel = env->segs[R_GS].selector;
1482 pCtx->gs.ValidSel = env->segs[R_GS].selector;
1483 pCtx->gs.fFlags = CPUMSELREG_FLAGS_VALID;
1484 pCtx->gs.u64Base = env->segs[R_GS].base;
1485 pCtx->gs.u32Limit = env->segs[R_GS].limit;
1486 pCtx->gs.Attr.u = (env->segs[R_GS].flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1487
1488 pCtx->ss.Sel = env->segs[R_SS].selector;
1489 pCtx->ss.ValidSel = env->segs[R_SS].selector;
1490 pCtx->ss.fFlags = CPUMSELREG_FLAGS_VALID;
1491 pCtx->ss.u64Base = env->segs[R_SS].base;
1492 pCtx->ss.u32Limit = env->segs[R_SS].limit;
1493 pCtx->ss.Attr.u = (env->segs[R_SS].flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
1494
1495 pCtx->msrEFER = env->efer;
1496
1497 /* Hardware accelerated raw-mode:
1498 *
1499 * Typically only 32-bits protected mode, with paging enabled, code is allowed here.
1500 */
1501 if (HMR3CanExecuteGuest(env->pVM, pCtx) == true)
1502 {
1503 *piException = EXCP_EXECUTE_HM;
1504 return true;
1505 }
1506 return false;
1507 }
1508
1509 /*
1510 * Here we only support 16 & 32 bits protected mode ring 3 code that has no IO privileges
1511 * or 32 bits protected mode ring 0 code
1512 *
1513 * The tests are ordered by the likelihood of being true during normal execution.
1514 */
1515 if (fFlags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK))
1516 {
1517 STAM_COUNTER_INC(&gStatRefuseTFInhibit);
1518 Log2(("raw mode refused: fFlags=%#x\n", fFlags));
1519 return false;
1520 }
1521
1522#ifndef VBOX_RAW_V86
1523 if (fFlags & VM_MASK) {
1524 STAM_COUNTER_INC(&gStatRefuseVM86);
1525 Log2(("raw mode refused: VM_MASK\n"));
1526 return false;
1527 }
1528#endif
1529
1530 if (env->state & CPU_EMULATE_SINGLE_INSTR)
1531 {
1532#ifndef DEBUG_bird
1533 Log2(("raw mode refused: CPU_EMULATE_SINGLE_INSTR\n"));
1534#endif
1535 return false;
1536 }
1537
1538 if (env->singlestep_enabled)
1539 {
1540 //Log2(("raw mode refused: Single step\n"));
1541 return false;
1542 }
1543
1544 if (!QTAILQ_EMPTY(&env->breakpoints))
1545 {
1546 //Log2(("raw mode refused: Breakpoints\n"));
1547 return false;
1548 }
1549
1550 if (!QTAILQ_EMPTY(&env->watchpoints))
1551 {
1552 //Log2(("raw mode refused: Watchpoints\n"));
1553 return false;
1554 }
1555
1556 u32CR0 = env->cr[0];
1557 if ((u32CR0 & (X86_CR0_PG | X86_CR0_PE)) != (X86_CR0_PG | X86_CR0_PE))
1558 {
1559 STAM_COUNTER_INC(&gStatRefusePaging);
1560 //Log2(("raw mode refused: %s%s%s\n", (u32CR0 & X86_CR0_PG) ? "" : " !PG", (u32CR0 & X86_CR0_PE) ? "" : " !PE", (u32CR0 & X86_CR0_AM) ? "" : " !AM"));
1561 return false;
1562 }
1563
1564 if (env->cr[4] & CR4_PAE_MASK)
1565 {
1566 if (!(env->cpuid_features & X86_CPUID_FEATURE_EDX_PAE))
1567 {
1568 STAM_COUNTER_INC(&gStatRefusePAE);
1569 return false;
1570 }
1571 }
1572
1573 if (((fFlags >> HF_CPL_SHIFT) & 3) == 3)
1574 {
1575 if (!EMIsRawRing3Enabled(env->pVM))
1576 return false;
1577
1578 if (!(env->eflags & IF_MASK))
1579 {
1580 STAM_COUNTER_INC(&gStatRefuseIF0);
1581 Log2(("raw mode refused: IF (RawR3)\n"));
1582 return false;
1583 }
1584
1585 if (!(u32CR0 & CR0_WP_MASK) && EMIsRawRing0Enabled(env->pVM))
1586 {
1587 STAM_COUNTER_INC(&gStatRefuseWP0);
1588 Log2(("raw mode refused: CR0.WP + RawR0\n"));
1589 return false;
1590 }
1591 }
1592 else
1593 {
1594 if (!EMIsRawRing0Enabled(env->pVM))
1595 return false;
1596
1597 // Let's start with pure 32 bits ring 0 code first
1598 if ((fFlags & (HF_SS32_MASK | HF_CS32_MASK)) != (HF_SS32_MASK | HF_CS32_MASK))
1599 {
1600 STAM_COUNTER_INC(&gStatRefuseCode16);
1601 Log2(("raw r0 mode refused: HF_[S|C]S32_MASK fFlags=%#x\n", fFlags));
1602 return false;
1603 }
1604
1605 if (EMIsRawRing1Enabled(env->pVM))
1606 {
1607 /* Only ring 0 and 1 supervisor code. */
1608 if (((fFlags >> HF_CPL_SHIFT) & 3) == 2) /* ring 1 code is moved into ring 2, so we can't support ring-2 in that case. */
1609 {
1610 Log2(("raw r0 mode refused: CPL %d\n", (fFlags >> HF_CPL_SHIFT) & 3));
1611 return false;
1612 }
1613 }
1614 /* Only R0. */
1615 else if (((fFlags >> HF_CPL_SHIFT) & 3) != 0)
1616 {
1617 STAM_COUNTER_INC(&gStatRefuseRing1or2);
1618 Log2(("raw r0 mode refused: CPL %d\n", ((fFlags >> HF_CPL_SHIFT) & 3) ));
1619 return false;
1620 }
1621
1622 if (!(u32CR0 & CR0_WP_MASK))
1623 {
1624 STAM_COUNTER_INC(&gStatRefuseWP0);
1625 Log2(("raw r0 mode refused: CR0.WP=0!\n"));
1626 return false;
1627 }
1628
1629#ifdef VBOX_WITH_RAW_MODE
1630 if (PATMIsPatchGCAddr(env->pVM, eip))
1631 {
1632 Log2(("raw r0 mode forced: patch code\n"));
1633 *piException = EXCP_EXECUTE_RAW;
1634 return true;
1635 }
1636#endif
1637
1638#if !defined(VBOX_ALLOW_IF0) && !defined(VBOX_RUN_INTERRUPT_GATE_HANDLERS)
1639 if (!(env->eflags & IF_MASK))
1640 {
1641 STAM_COUNTER_INC(&gStatRefuseIF0);
1642 ////Log2(("R0: IF=0 VIF=%d %08X\n", eip, *env->pVMeflags));
1643 //Log2(("RR0: Interrupts turned off; fall back to emulation\n"));
1644 return false;
1645 }
1646#endif
1647
1648#ifndef VBOX_WITH_RAW_RING1
1649 if (((env->eflags >> IOPL_SHIFT) & 3) != 0)
1650 {
1651 Log2(("raw r0 mode refused: IOPL %d\n", ((env->eflags >> IOPL_SHIFT) & 3)));
1652 return false;
1653 }
1654#endif
1655 env->state |= CPU_RAW_RING0;
1656 }
1657
1658 /*
1659 * Don't reschedule the first time we're called, because there might be
1660 * special reasons why we're here that is not covered by the above checks.
1661 */
1662 if (env->pVM->rem.s.cCanExecuteRaw == 1)
1663 {
1664 Log2(("raw mode refused: first scheduling\n"));
1665 STAM_COUNTER_INC(&gStatRefuseCanExecute);
1666 return false;
1667 }
1668
1669 /*
1670 * Stale hidden selectors means raw-mode is unsafe (being very careful).
1671 */
1672 if (env->segs[R_CS].fVBoxFlags & CPUMSELREG_FLAGS_STALE)
1673 {
1674 Log2(("raw mode refused: stale CS (%#x)\n", env->segs[R_CS].selector));
1675 STAM_COUNTER_INC(&gaStatRefuseStale[R_CS]);
1676 return false;
1677 }
1678 if (env->segs[R_SS].fVBoxFlags & CPUMSELREG_FLAGS_STALE)
1679 {
1680 Log2(("raw mode refused: stale SS (%#x)\n", env->segs[R_SS].selector));
1681 STAM_COUNTER_INC(&gaStatRefuseStale[R_SS]);
1682 return false;
1683 }
1684 if (env->segs[R_DS].fVBoxFlags & CPUMSELREG_FLAGS_STALE)
1685 {
1686 Log2(("raw mode refused: stale DS (%#x)\n", env->segs[R_DS].selector));
1687 STAM_COUNTER_INC(&gaStatRefuseStale[R_DS]);
1688 return false;
1689 }
1690 if (env->segs[R_ES].fVBoxFlags & CPUMSELREG_FLAGS_STALE)
1691 {
1692 Log2(("raw mode refused: stale ES (%#x)\n", env->segs[R_ES].selector));
1693 STAM_COUNTER_INC(&gaStatRefuseStale[R_ES]);
1694 return false;
1695 }
1696 if (env->segs[R_FS].fVBoxFlags & CPUMSELREG_FLAGS_STALE)
1697 {
1698 Log2(("raw mode refused: stale FS (%#x)\n", env->segs[R_FS].selector));
1699 STAM_COUNTER_INC(&gaStatRefuseStale[R_FS]);
1700 return false;
1701 }
1702 if (env->segs[R_GS].fVBoxFlags & CPUMSELREG_FLAGS_STALE)
1703 {
1704 Log2(("raw mode refused: stale GS (%#x)\n", env->segs[R_GS].selector));
1705 STAM_COUNTER_INC(&gaStatRefuseStale[R_GS]);
1706 return false;
1707 }
1708
1709/* Assert(env->pVCpu && PGMPhysIsA20Enabled(env->pVCpu));*/
1710 *piException = EXCP_EXECUTE_RAW;
1711 return true;
1712}
1713
1714
1715#ifdef VBOX_WITH_RAW_MODE
1716/**
1717 * Fetches a code byte.
1718 *
1719 * @returns Success indicator (bool) for ease of use.
1720 * @param env The CPU environment structure.
1721 * @param GCPtrInstr Where to fetch code.
1722 * @param pu8Byte Where to store the byte on success
1723 */
1724bool remR3GetOpcode(CPUX86State *env, RTGCPTR GCPtrInstr, uint8_t *pu8Byte)
1725{
1726 int rc = PATMR3QueryOpcode(env->pVM, GCPtrInstr, pu8Byte);
1727 if (RT_SUCCESS(rc))
1728 return true;
1729 return false;
1730}
1731#endif /* VBOX_WITH_RAW_MODE */
1732
1733
1734/**
1735 * Flush (or invalidate if you like) page table/dir entry.
1736 *
1737 * (invlpg instruction; tlb_flush_page)
1738 *
1739 * @param env Pointer to cpu environment.
1740 * @param GCPtr The virtual address which page table/dir entry should be invalidated.
1741 */
1742void remR3FlushPage(CPUX86State *env, RTGCPTR GCPtr)
1743{
1744 PVM pVM = env->pVM;
1745 PCPUMCTX pCtx;
1746 int rc;
1747
1748 Assert(EMRemIsLockOwner(env->pVM));
1749
1750 /*
1751 * When we're replaying invlpg instructions or restoring a saved
1752 * state we disable this path.
1753 */
1754 if (pVM->rem.s.fIgnoreInvlPg || pVM->rem.s.cIgnoreAll)
1755 return;
1756 LogFlow(("remR3FlushPage: GCPtr=%RGv\n", GCPtr));
1757 Assert(pVM->rem.s.fInREM || pVM->rem.s.fInStateSync);
1758
1759 //RAWEx_ProfileStop(env, STATS_QEMU_TOTAL);
1760
1761 /*
1762 * Update the control registers before calling PGMFlushPage.
1763 */
1764 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1765 Assert(pCtx);
1766 pCtx->cr0 = env->cr[0];
1767 pCtx->cr3 = env->cr[3];
1768#ifdef VBOX_WITH_RAW_MODE
1769 if (((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME) && !HMIsEnabled(pVM))
1770 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1771#endif
1772 pCtx->cr4 = env->cr[4];
1773
1774 /*
1775 * Let PGM do the rest.
1776 */
1777 Assert(env->pVCpu);
1778 rc = PGMInvalidatePage(env->pVCpu, GCPtr);
1779 if (RT_FAILURE(rc))
1780 {
1781 AssertMsgFailed(("remR3FlushPage %RGv failed with %d!!\n", GCPtr, rc));
1782 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_PGM_SYNC_CR3);
1783 }
1784 //RAWEx_ProfileStart(env, STATS_QEMU_TOTAL);
1785}
1786
1787
1788#ifndef REM_PHYS_ADDR_IN_TLB
1789/** Wrapper for PGMR3PhysTlbGCPhys2Ptr. */
1790void *remR3TlbGCPhys2Ptr(CPUX86State *env1, target_ulong physAddr, int fWritable)
1791{
1792 void *pv;
1793 int rc;
1794
1795
1796 /* Address must be aligned enough to fiddle with lower bits */
1797 Assert((physAddr & 0x3) == 0);
1798 /*AssertMsg((env1->a20_mask & physAddr) == physAddr, ("%llx\n", (uint64_t)physAddr));*/
1799
1800 STAM_PROFILE_START(&gStatGCPhys2HCVirt, a);
1801 rc = PGMR3PhysTlbGCPhys2Ptr(env1->pVM, physAddr, true /*fWritable*/, &pv);
1802 STAM_PROFILE_STOP(&gStatGCPhys2HCVirt, a);
1803 Assert( rc == VINF_SUCCESS
1804 || rc == VINF_PGM_PHYS_TLB_CATCH_WRITE
1805 || rc == VERR_PGM_PHYS_TLB_CATCH_ALL
1806 || rc == VERR_PGM_PHYS_TLB_UNASSIGNED);
1807 if (RT_FAILURE(rc))
1808 return (void *)1;
1809 if (rc == VINF_PGM_PHYS_TLB_CATCH_WRITE)
1810 return (void *)((uintptr_t)pv | 2);
1811 return pv;
1812}
1813#endif /* REM_PHYS_ADDR_IN_TLB */
1814
1815
1816/**
1817 * Called from tlb_protect_code in order to write monitor a code page.
1818 *
1819 * @param env Pointer to the CPU environment.
1820 * @param GCPtr Code page to monitor
1821 */
1822void remR3ProtectCode(CPUX86State *env, RTGCPTR GCPtr)
1823{
1824#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
1825 Assert(env->pVM->rem.s.fInREM);
1826 if ( (env->cr[0] & X86_CR0_PG) /* paging must be enabled */
1827 && !(env->state & CPU_EMULATE_SINGLE_INSTR) /* ignore during single instruction execution */
1828 && (((env->hflags >> HF_CPL_SHIFT) & 3) == 0) /* supervisor mode only */
1829 && !(env->eflags & VM_MASK) /* no V86 mode */
1830 && !HMIsEnabled(env->pVM))
1831 CSAMR3MonitorPage(env->pVM, GCPtr, CSAM_TAG_REM);
1832#endif
1833}
1834
1835
1836/**
1837 * Called from tlb_unprotect_code in order to clear write monitoring for a code page.
1838 *
1839 * @param env Pointer to the CPU environment.
1840 * @param GCPtr Code page to monitor
1841 */
1842void remR3UnprotectCode(CPUX86State *env, RTGCPTR GCPtr)
1843{
1844 Assert(env->pVM->rem.s.fInREM);
1845#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
1846 if ( (env->cr[0] & X86_CR0_PG) /* paging must be enabled */
1847 && !(env->state & CPU_EMULATE_SINGLE_INSTR) /* ignore during single instruction execution */
1848 && (((env->hflags >> HF_CPL_SHIFT) & 3) == 0) /* supervisor mode only */
1849 && !(env->eflags & VM_MASK) /* no V86 mode */
1850 && !HMIsEnabled(env->pVM))
1851 CSAMR3UnmonitorPage(env->pVM, GCPtr, CSAM_TAG_REM);
1852#endif
1853}
1854
1855
1856/**
1857 * Called when the CPU is initialized, any of the CRx registers are changed or
1858 * when the A20 line is modified.
1859 *
1860 * @param env Pointer to the CPU environment.
1861 * @param fGlobal Set if the flush is global.
1862 */
1863void remR3FlushTLB(CPUX86State *env, bool fGlobal)
1864{
1865 PVM pVM = env->pVM;
1866 PCPUMCTX pCtx;
1867 Assert(EMRemIsLockOwner(pVM));
1868
1869 /*
1870 * When we're replaying invlpg instructions or restoring a saved
1871 * state we disable this path.
1872 */
1873 if (pVM->rem.s.fIgnoreCR3Load || pVM->rem.s.cIgnoreAll)
1874 return;
1875 Assert(pVM->rem.s.fInREM);
1876
1877 /*
1878 * The caller doesn't check cr4, so we have to do that for ourselves.
1879 */
1880 if (!fGlobal && !(env->cr[4] & X86_CR4_PGE))
1881 fGlobal = true;
1882 Log(("remR3FlushTLB: CR0=%08RX64 CR3=%08RX64 CR4=%08RX64 %s\n", (uint64_t)env->cr[0], (uint64_t)env->cr[3], (uint64_t)env->cr[4], fGlobal ? " global" : ""));
1883
1884 /*
1885 * Update the control registers before calling PGMR3FlushTLB.
1886 */
1887 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1888 Assert(pCtx);
1889 pCtx->cr0 = env->cr[0];
1890 pCtx->cr3 = env->cr[3];
1891#ifdef VBOX_WITH_RAW_MODE
1892 if (((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME) && !HMIsEnabled(pVM))
1893 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1894#endif
1895 pCtx->cr4 = env->cr[4];
1896
1897 /*
1898 * Let PGM do the rest.
1899 */
1900 Assert(env->pVCpu);
1901 PGMFlushTLB(env->pVCpu, env->cr[3], fGlobal);
1902}
1903
1904
1905/**
1906 * Called when any of the cr0, cr4 or efer registers is updated.
1907 *
1908 * @param env Pointer to the CPU environment.
1909 */
1910void remR3ChangeCpuMode(CPUX86State *env)
1911{
1912 PVM pVM = env->pVM;
1913 uint64_t efer;
1914 PCPUMCTX pCtx;
1915 int rc;
1916
1917 /*
1918 * When we're replaying loads or restoring a saved
1919 * state this path is disabled.
1920 */
1921 if (pVM->rem.s.fIgnoreCpuMode || pVM->rem.s.cIgnoreAll)
1922 return;
1923 Assert(pVM->rem.s.fInREM);
1924
1925 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1926 Assert(pCtx);
1927
1928 /*
1929 * Notify PGM about WP0 being enabled (like CPUSetGuestCR0 does).
1930 */
1931 if (((env->cr[0] ^ pCtx->cr0) & X86_CR0_WP) && (env->cr[0] & X86_CR0_WP))
1932 PGMCr0WpEnabled(env->pVCpu);
1933
1934 /*
1935 * Update the control registers before calling PGMChangeMode()
1936 * as it may need to map whatever cr3 is pointing to.
1937 */
1938 pCtx->cr0 = env->cr[0];
1939 pCtx->cr3 = env->cr[3];
1940#ifdef VBOX_WITH_RAW_MODE
1941 if (((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME) && !HMIsEnabled(pVM))
1942 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1943#endif
1944 pCtx->cr4 = env->cr[4];
1945#ifdef TARGET_X86_64
1946 efer = env->efer;
1947 pCtx->msrEFER = efer;
1948#else
1949 efer = 0;
1950#endif
1951 Assert(env->pVCpu);
1952 rc = PGMChangeMode(env->pVCpu, env->cr[0], env->cr[4], efer);
1953 if (rc != VINF_SUCCESS)
1954 {
1955 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
1956 {
1957 Log(("PGMChangeMode(, %RX64, %RX64, %RX64) -> %Rrc -> remR3RaiseRC\n", env->cr[0], env->cr[4], efer, rc));
1958 remR3RaiseRC(env->pVM, rc);
1959 }
1960 else
1961 cpu_abort(env, "PGMChangeMode(, %RX64, %RX64, %RX64) -> %Rrc\n", env->cr[0], env->cr[4], efer, rc);
1962 }
1963}
1964
1965
1966/**
1967 * Called from compiled code to run dma.
1968 *
1969 * @param env Pointer to the CPU environment.
1970 */
1971void remR3DmaRun(CPUX86State *env)
1972{
1973 remR3ProfileStop(STATS_QEMU_RUN_EMULATED_CODE);
1974 PDMR3DmaRun(env->pVM);
1975 remR3ProfileStart(STATS_QEMU_RUN_EMULATED_CODE);
1976}
1977
1978
1979/**
1980 * Called from compiled code to schedule pending timers in VMM
1981 *
1982 * @param env Pointer to the CPU environment.
1983 */
1984void remR3TimersRun(CPUX86State *env)
1985{
1986 LogFlow(("remR3TimersRun:\n"));
1987 LogIt(RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("remR3TimersRun\n"));
1988 remR3ProfileStop(STATS_QEMU_RUN_EMULATED_CODE);
1989 remR3ProfileStart(STATS_QEMU_RUN_TIMERS);
1990 TMR3TimerQueuesDo(env->pVM);
1991 remR3ProfileStop(STATS_QEMU_RUN_TIMERS);
1992 remR3ProfileStart(STATS_QEMU_RUN_EMULATED_CODE);
1993}
1994
1995
1996/**
1997 * Record trap occurrence
1998 *
1999 * @returns VBox status code
2000 * @param env Pointer to the CPU environment.
2001 * @param uTrap Trap nr
2002 * @param uErrorCode Error code
2003 * @param pvNextEIP Next EIP
2004 */
2005int remR3NotifyTrap(CPUX86State *env, uint32_t uTrap, uint32_t uErrorCode, RTGCPTR pvNextEIP)
2006{
2007 PVM pVM = env->pVM;
2008#ifdef VBOX_WITH_STATISTICS
2009 static STAMCOUNTER s_aStatTrap[255];
2010 static bool s_aRegisters[RT_ELEMENTS(s_aStatTrap)];
2011#endif
2012
2013#ifdef VBOX_WITH_STATISTICS
2014 if (uTrap < 255)
2015 {
2016 if (!s_aRegisters[uTrap])
2017 {
2018 char szStatName[64];
2019 s_aRegisters[uTrap] = true;
2020 RTStrPrintf(szStatName, sizeof(szStatName), "/REM/Trap/0x%02X", uTrap);
2021 STAM_REG(env->pVM, &s_aStatTrap[uTrap], STAMTYPE_COUNTER, szStatName, STAMUNIT_OCCURENCES, "Trap stats.");
2022 }
2023 STAM_COUNTER_INC(&s_aStatTrap[uTrap]);
2024 }
2025#endif
2026 Log(("remR3NotifyTrap: uTrap=%x error=%x next_eip=%RGv eip=%RGv cr2=%RGv\n", uTrap, uErrorCode, pvNextEIP, (RTGCPTR)env->eip, (RTGCPTR)env->cr[2]));
2027 if( uTrap < 0x20
2028 && (env->cr[0] & X86_CR0_PE)
2029 && !(env->eflags & X86_EFL_VM))
2030 {
2031#ifdef DEBUG
2032 remR3DisasInstr(env, 1, "remR3NotifyTrap: ");
2033#endif
2034 if(pVM->rem.s.uPendingException == uTrap && ++pVM->rem.s.cPendingExceptions > 512)
2035 {
2036 LogRel(("VERR_REM_TOO_MANY_TRAPS -> uTrap=%x error=%x next_eip=%RGv eip=%RGv cr2=%RGv\n", uTrap, uErrorCode, pvNextEIP, (RTGCPTR)env->eip, (RTGCPTR)env->cr[2]));
2037 remR3RaiseRC(env->pVM, VERR_REM_TOO_MANY_TRAPS);
2038 return VERR_REM_TOO_MANY_TRAPS;
2039 }
2040 if(pVM->rem.s.uPendingException != uTrap || pVM->rem.s.uPendingExcptEIP != env->eip || pVM->rem.s.uPendingExcptCR2 != env->cr[2])
2041 {
2042 Log(("remR3NotifyTrap: uTrap=%#x set as pending\n", uTrap));
2043 pVM->rem.s.cPendingExceptions = 1;
2044 }
2045 pVM->rem.s.uPendingException = uTrap;
2046 pVM->rem.s.uPendingExcptEIP = env->eip;
2047 pVM->rem.s.uPendingExcptCR2 = env->cr[2];
2048 }
2049 else
2050 {
2051 pVM->rem.s.cPendingExceptions = 0;
2052 pVM->rem.s.uPendingException = uTrap;
2053 pVM->rem.s.uPendingExcptEIP = env->eip;
2054 pVM->rem.s.uPendingExcptCR2 = env->cr[2];
2055 }
2056 return VINF_SUCCESS;
2057}
2058
2059
2060/*
2061 * Clear current active trap
2062 *
2063 * @param pVM VM Handle.
2064 */
2065void remR3TrapClear(PVM pVM)
2066{
2067 pVM->rem.s.cPendingExceptions = 0;
2068 pVM->rem.s.uPendingException = 0;
2069 pVM->rem.s.uPendingExcptEIP = 0;
2070 pVM->rem.s.uPendingExcptCR2 = 0;
2071}
2072
2073
2074/*
2075 * Record previous call instruction addresses
2076 *
2077 * @param env Pointer to the CPU environment.
2078 */
2079void remR3RecordCall(CPUX86State *env)
2080{
2081#ifdef VBOX_WITH_RAW_MODE
2082 CSAMR3RecordCallAddress(env->pVM, env->eip);
2083#endif
2084}
2085
2086
2087/**
2088 * Syncs the internal REM state with the VM.
2089 *
2090 * This must be called before REMR3Run() is invoked whenever when the REM
2091 * state is not up to date. Calling it several times in a row is not
2092 * permitted.
2093 *
2094 * @returns VBox status code.
2095 *
2096 * @param pVM VM Handle.
2097 * @param pVCpu VMCPU Handle.
2098 *
2099 * @remark The caller has to check for important FFs before calling REMR3Run. REMR3State will
2100 * no do this since the majority of the callers don't want any unnecessary of events
2101 * pending that would immediately interrupt execution.
2102 */
2103REMR3DECL(int) REMR3State(PVM pVM, PVMCPU pVCpu)
2104{
2105 register const CPUMCTX *pCtx;
2106 register unsigned fFlags;
2107 unsigned i;
2108 TRPMEVENT enmType;
2109 uint8_t u8TrapNo;
2110 uint32_t uCpl;
2111 int rc;
2112
2113 STAM_PROFILE_START(&pVM->rem.s.StatsState, a);
2114 Log2(("REMR3State:\n"));
2115
2116 pVM->rem.s.Env.pVCpu = pVCpu;
2117 pCtx = pVM->rem.s.pCtx = CPUMQueryGuestCtxPtr(pVCpu);
2118
2119 Assert(!pVM->rem.s.fInREM);
2120 pVM->rem.s.fInStateSync = true;
2121
2122 /*
2123 * If we have to flush TBs, do that immediately.
2124 */
2125 if (pVM->rem.s.fFlushTBs)
2126 {
2127 STAM_COUNTER_INC(&gStatFlushTBs);
2128 tb_flush(&pVM->rem.s.Env);
2129 pVM->rem.s.fFlushTBs = false;
2130 }
2131
2132 /*
2133 * Copy the registers which require no special handling.
2134 */
2135#ifdef TARGET_X86_64
2136 /* Note that the high dwords of 64 bits registers are undefined in 32 bits mode and are undefined after a mode change. */
2137 Assert(R_EAX == 0);
2138 pVM->rem.s.Env.regs[R_EAX] = pCtx->rax;
2139 Assert(R_ECX == 1);
2140 pVM->rem.s.Env.regs[R_ECX] = pCtx->rcx;
2141 Assert(R_EDX == 2);
2142 pVM->rem.s.Env.regs[R_EDX] = pCtx->rdx;
2143 Assert(R_EBX == 3);
2144 pVM->rem.s.Env.regs[R_EBX] = pCtx->rbx;
2145 Assert(R_ESP == 4);
2146 pVM->rem.s.Env.regs[R_ESP] = pCtx->rsp;
2147 Assert(R_EBP == 5);
2148 pVM->rem.s.Env.regs[R_EBP] = pCtx->rbp;
2149 Assert(R_ESI == 6);
2150 pVM->rem.s.Env.regs[R_ESI] = pCtx->rsi;
2151 Assert(R_EDI == 7);
2152 pVM->rem.s.Env.regs[R_EDI] = pCtx->rdi;
2153 pVM->rem.s.Env.regs[8] = pCtx->r8;
2154 pVM->rem.s.Env.regs[9] = pCtx->r9;
2155 pVM->rem.s.Env.regs[10] = pCtx->r10;
2156 pVM->rem.s.Env.regs[11] = pCtx->r11;
2157 pVM->rem.s.Env.regs[12] = pCtx->r12;
2158 pVM->rem.s.Env.regs[13] = pCtx->r13;
2159 pVM->rem.s.Env.regs[14] = pCtx->r14;
2160 pVM->rem.s.Env.regs[15] = pCtx->r15;
2161
2162 pVM->rem.s.Env.eip = pCtx->rip;
2163
2164 pVM->rem.s.Env.eflags = pCtx->rflags.u64;
2165#else
2166 Assert(R_EAX == 0);
2167 pVM->rem.s.Env.regs[R_EAX] = pCtx->eax;
2168 Assert(R_ECX == 1);
2169 pVM->rem.s.Env.regs[R_ECX] = pCtx->ecx;
2170 Assert(R_EDX == 2);
2171 pVM->rem.s.Env.regs[R_EDX] = pCtx->edx;
2172 Assert(R_EBX == 3);
2173 pVM->rem.s.Env.regs[R_EBX] = pCtx->ebx;
2174 Assert(R_ESP == 4);
2175 pVM->rem.s.Env.regs[R_ESP] = pCtx->esp;
2176 Assert(R_EBP == 5);
2177 pVM->rem.s.Env.regs[R_EBP] = pCtx->ebp;
2178 Assert(R_ESI == 6);
2179 pVM->rem.s.Env.regs[R_ESI] = pCtx->esi;
2180 Assert(R_EDI == 7);
2181 pVM->rem.s.Env.regs[R_EDI] = pCtx->edi;
2182 pVM->rem.s.Env.eip = pCtx->eip;
2183
2184 pVM->rem.s.Env.eflags = pCtx->eflags.u32;
2185#endif
2186
2187 pVM->rem.s.Env.cr[2] = pCtx->cr2;
2188
2189 /** @todo we could probably benefit from using a CPUM_CHANGED_DRx flag too! */
2190 for (i=0;i<8;i++)
2191 pVM->rem.s.Env.dr[i] = pCtx->dr[i];
2192
2193#ifdef HF_HALTED_MASK /** @todo remove me when we're up to date again. */
2194 /*
2195 * Clear the halted hidden flag (the interrupt waking up the CPU can
2196 * have been dispatched in raw mode).
2197 */
2198 pVM->rem.s.Env.hflags &= ~HF_HALTED_MASK;
2199#endif
2200
2201 /*
2202 * Replay invlpg? Only if we're not flushing the TLB.
2203 */
2204 fFlags = CPUMR3RemEnter(pVCpu, &uCpl);
2205 LogFlow(("CPUMR3RemEnter %x %x\n", fFlags, uCpl));
2206 if (pVM->rem.s.cInvalidatedPages)
2207 {
2208 if (!(fFlags & CPUM_CHANGED_GLOBAL_TLB_FLUSH))
2209 {
2210 RTUINT i;
2211
2212 pVM->rem.s.fIgnoreCR3Load = true;
2213 pVM->rem.s.fIgnoreInvlPg = true;
2214 for (i = 0; i < pVM->rem.s.cInvalidatedPages; i++)
2215 {
2216 Log2(("REMR3State: invlpg %RGv\n", pVM->rem.s.aGCPtrInvalidatedPages[i]));
2217 tlb_flush_page(&pVM->rem.s.Env, pVM->rem.s.aGCPtrInvalidatedPages[i]);
2218 }
2219 pVM->rem.s.fIgnoreInvlPg = false;
2220 pVM->rem.s.fIgnoreCR3Load = false;
2221 }
2222 pVM->rem.s.cInvalidatedPages = 0;
2223 }
2224
2225 /* Replay notification changes. */
2226 REMR3ReplayHandlerNotifications(pVM);
2227
2228 /* Update MSRs; before CRx registers! */
2229 pVM->rem.s.Env.efer = pCtx->msrEFER;
2230 pVM->rem.s.Env.star = pCtx->msrSTAR;
2231 pVM->rem.s.Env.pat = pCtx->msrPAT;
2232#ifdef TARGET_X86_64
2233 pVM->rem.s.Env.lstar = pCtx->msrLSTAR;
2234 pVM->rem.s.Env.cstar = pCtx->msrCSTAR;
2235 pVM->rem.s.Env.fmask = pCtx->msrSFMASK;
2236 pVM->rem.s.Env.kernelgsbase = pCtx->msrKERNELGSBASE;
2237
2238 /* Update the internal long mode activate flag according to the new EFER value. */
2239 if (pCtx->msrEFER & MSR_K6_EFER_LMA)
2240 pVM->rem.s.Env.hflags |= HF_LMA_MASK;
2241 else
2242 pVM->rem.s.Env.hflags &= ~(HF_LMA_MASK | HF_CS64_MASK);
2243#endif
2244
2245 /* Update the inhibit IRQ mask. */
2246 pVM->rem.s.Env.hflags &= ~HF_INHIBIT_IRQ_MASK;
2247 if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS))
2248 {
2249 RTGCPTR InhibitPC = EMGetInhibitInterruptsPC(pVCpu);
2250 if (InhibitPC == pCtx->rip)
2251 pVM->rem.s.Env.hflags |= HF_INHIBIT_IRQ_MASK;
2252 else
2253 {
2254 Log(("Clearing VMCPU_FF_INHIBIT_INTERRUPTS at %RGv - successor %RGv (REM#1)\n", (RTGCPTR)pCtx->rip, InhibitPC));
2255 VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
2256 }
2257 }
2258
2259 /* Update the inhibit NMI mask. */
2260 pVM->rem.s.Env.hflags2 &= ~HF2_NMI_MASK;
2261 if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS))
2262 pVM->rem.s.Env.hflags2 |= HF2_NMI_MASK;
2263
2264 /*
2265 * Sync the A20 gate.
2266 */
2267 bool fA20State = PGMPhysIsA20Enabled(pVCpu);
2268 if (fA20State != RT_BOOL(pVM->rem.s.Env.a20_mask & RT_BIT(20)))
2269 {
2270 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
2271 cpu_x86_set_a20(&pVM->rem.s.Env, fA20State);
2272 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
2273 }
2274
2275 /*
2276 * Registers which are rarely changed and require special handling / order when changed.
2277 */
2278 if (fFlags & ( CPUM_CHANGED_GLOBAL_TLB_FLUSH
2279 | CPUM_CHANGED_CR4
2280 | CPUM_CHANGED_CR0
2281 | CPUM_CHANGED_CR3
2282 | CPUM_CHANGED_GDTR
2283 | CPUM_CHANGED_IDTR
2284 | CPUM_CHANGED_SYSENTER_MSR
2285 | CPUM_CHANGED_LDTR
2286 | CPUM_CHANGED_CPUID
2287 | CPUM_CHANGED_FPU_REM
2288 )
2289 )
2290 {
2291 if (fFlags & CPUM_CHANGED_GLOBAL_TLB_FLUSH)
2292 {
2293 pVM->rem.s.fIgnoreCR3Load = true;
2294 tlb_flush(&pVM->rem.s.Env, true);
2295 pVM->rem.s.fIgnoreCR3Load = false;
2296 }
2297
2298 /* CR4 before CR0! */
2299 if (fFlags & CPUM_CHANGED_CR4)
2300 {
2301 pVM->rem.s.fIgnoreCR3Load = true;
2302 pVM->rem.s.fIgnoreCpuMode = true;
2303 cpu_x86_update_cr4(&pVM->rem.s.Env, pCtx->cr4);
2304 pVM->rem.s.fIgnoreCpuMode = false;
2305 pVM->rem.s.fIgnoreCR3Load = false;
2306 }
2307
2308 if (fFlags & CPUM_CHANGED_CR0)
2309 {
2310 pVM->rem.s.fIgnoreCR3Load = true;
2311 pVM->rem.s.fIgnoreCpuMode = true;
2312 cpu_x86_update_cr0(&pVM->rem.s.Env, pCtx->cr0);
2313 pVM->rem.s.fIgnoreCpuMode = false;
2314 pVM->rem.s.fIgnoreCR3Load = false;
2315 }
2316
2317 if (fFlags & CPUM_CHANGED_CR3)
2318 {
2319 pVM->rem.s.fIgnoreCR3Load = true;
2320 cpu_x86_update_cr3(&pVM->rem.s.Env, pCtx->cr3);
2321 pVM->rem.s.fIgnoreCR3Load = false;
2322 }
2323
2324 if (fFlags & CPUM_CHANGED_GDTR)
2325 {
2326 pVM->rem.s.Env.gdt.base = pCtx->gdtr.pGdt;
2327 pVM->rem.s.Env.gdt.limit = pCtx->gdtr.cbGdt;
2328 }
2329
2330 if (fFlags & CPUM_CHANGED_IDTR)
2331 {
2332 pVM->rem.s.Env.idt.base = pCtx->idtr.pIdt;
2333 pVM->rem.s.Env.idt.limit = pCtx->idtr.cbIdt;
2334 }
2335
2336 if (fFlags & CPUM_CHANGED_SYSENTER_MSR)
2337 {
2338 pVM->rem.s.Env.sysenter_cs = pCtx->SysEnter.cs;
2339 pVM->rem.s.Env.sysenter_eip = pCtx->SysEnter.eip;
2340 pVM->rem.s.Env.sysenter_esp = pCtx->SysEnter.esp;
2341 }
2342
2343 if (fFlags & CPUM_CHANGED_LDTR)
2344 {
2345 if (pCtx->ldtr.fFlags & CPUMSELREG_FLAGS_VALID)
2346 {
2347 pVM->rem.s.Env.ldt.selector = pCtx->ldtr.Sel;
2348 pVM->rem.s.Env.ldt.newselector = 0;
2349 pVM->rem.s.Env.ldt.fVBoxFlags = pCtx->ldtr.fFlags;
2350 pVM->rem.s.Env.ldt.base = pCtx->ldtr.u64Base;
2351 pVM->rem.s.Env.ldt.limit = pCtx->ldtr.u32Limit;
2352 pVM->rem.s.Env.ldt.flags = (pCtx->ldtr.Attr.u & SEL_FLAGS_SMASK) << SEL_FLAGS_SHIFT;
2353 }
2354 else
2355 {
2356 AssertFailed(); /* Shouldn't happen, see cpumR3LoadExec. */
2357 sync_ldtr(&pVM->rem.s.Env, pCtx->ldtr.Sel);
2358 }
2359 }
2360
2361 if (fFlags & CPUM_CHANGED_CPUID)
2362 {
2363 uint32_t u32Dummy;
2364
2365 /*
2366 * Get the CPUID features.
2367 */
2368 CPUMGetGuestCpuId(pVCpu, 1, 0, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
2369 CPUMGetGuestCpuId(pVCpu, 0x80000001, 0, &u32Dummy, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext2_features);
2370 }
2371
2372 /* Sync FPU state after CR4, CPUID and EFER (!). */
2373 if (fFlags & CPUM_CHANGED_FPU_REM)
2374 save_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->pXStateR3->x87); /* 'save' is an excellent name. */
2375 }
2376
2377 /*
2378 * Sync TR unconditionally to make life simpler.
2379 */
2380 pVM->rem.s.Env.tr.selector = pCtx->tr.Sel;
2381 pVM->rem.s.Env.tr.newselector = 0;
2382 pVM->rem.s.Env.tr.fVBoxFlags = pCtx->tr.fFlags;
2383 pVM->rem.s.Env.tr.base = pCtx->tr.u64Base;
2384 pVM->rem.s.Env.tr.limit = pCtx->tr.u32Limit;
2385 pVM->rem.s.Env.tr.flags = (pCtx->tr.Attr.u & SEL_FLAGS_SMASK) << SEL_FLAGS_SHIFT;
2386 /* Note! do_interrupt will fault if the busy flag is still set... */ /** @todo so fix do_interrupt then! */
2387 pVM->rem.s.Env.tr.flags &= ~DESC_TSS_BUSY_MASK;
2388
2389 /*
2390 * Update selector registers.
2391 *
2392 * This must be done *after* we've synced gdt, ldt and crX registers
2393 * since we're reading the GDT/LDT om sync_seg. This will happen with
2394 * saved state which takes a quick dip into rawmode for instance.
2395 *
2396 * CPL/Stack; Note first check this one as the CPL might have changed.
2397 * The wrong CPL can cause QEmu to raise an exception in sync_seg!!
2398 */
2399 cpu_x86_set_cpl(&pVM->rem.s.Env, uCpl);
2400 /* Note! QEmu saves the 2nd dword of the descriptor; we should convert the attribute word back! */
2401#define SYNC_IN_SREG(a_pEnv, a_SReg, a_pRemSReg, a_pVBoxSReg) \
2402 do \
2403 { \
2404 if (CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, a_pVBoxSReg)) \
2405 { \
2406 cpu_x86_load_seg_cache(a_pEnv, R_##a_SReg, \
2407 (a_pVBoxSReg)->Sel, \
2408 (a_pVBoxSReg)->u64Base, \
2409 (a_pVBoxSReg)->u32Limit, \
2410 ((a_pVBoxSReg)->Attr.u & SEL_FLAGS_SMASK) << SEL_FLAGS_SHIFT); \
2411 (a_pRemSReg)->fVBoxFlags = (a_pVBoxSReg)->fFlags; \
2412 } \
2413 /* This only-reload-if-changed stuff is the old approach, we should ditch it. */ \
2414 else if ((a_pRemSReg)->selector != (a_pVBoxSReg)->Sel) \
2415 { \
2416 Log2(("REMR3State: " #a_SReg " changed from %04x to %04x!\n", \
2417 (a_pRemSReg)->selector, (a_pVBoxSReg)->Sel)); \
2418 sync_seg(a_pEnv, R_##a_SReg, (a_pVBoxSReg)->Sel); \
2419 if ((a_pRemSReg)->newselector) \
2420 STAM_COUNTER_INC(&gStatSelOutOfSync[R_##a_SReg]); \
2421 } \
2422 else \
2423 (a_pRemSReg)->newselector = 0; \
2424 } while (0)
2425
2426 SYNC_IN_SREG(&pVM->rem.s.Env, CS, &pVM->rem.s.Env.segs[R_CS], &pCtx->cs);
2427 SYNC_IN_SREG(&pVM->rem.s.Env, SS, &pVM->rem.s.Env.segs[R_SS], &pCtx->ss);
2428 SYNC_IN_SREG(&pVM->rem.s.Env, DS, &pVM->rem.s.Env.segs[R_DS], &pCtx->ds);
2429 SYNC_IN_SREG(&pVM->rem.s.Env, ES, &pVM->rem.s.Env.segs[R_ES], &pCtx->es);
2430 SYNC_IN_SREG(&pVM->rem.s.Env, FS, &pVM->rem.s.Env.segs[R_FS], &pCtx->fs);
2431 SYNC_IN_SREG(&pVM->rem.s.Env, GS, &pVM->rem.s.Env.segs[R_GS], &pCtx->gs);
2432 /** @todo need to find a way to communicate potential GDT/LDT changes and thread switches. The selector might
2433 * be the same but not the base/limit. */
2434
2435 /*
2436 * Check for traps.
2437 */
2438 pVM->rem.s.Env.exception_index = -1; /** @todo this won't work :/ */
2439 rc = TRPMQueryTrap(pVCpu, &u8TrapNo, &enmType);
2440 if (RT_SUCCESS(rc))
2441 {
2442#ifdef DEBUG
2443 if (u8TrapNo == 0x80)
2444 {
2445 remR3DumpLnxSyscall(pVCpu);
2446 remR3DumpOBsdSyscall(pVCpu);
2447 }
2448#endif
2449
2450 pVM->rem.s.Env.exception_index = u8TrapNo;
2451 if (enmType != TRPM_SOFTWARE_INT)
2452 {
2453 pVM->rem.s.Env.exception_is_int = 0;
2454#ifdef IEM_VERIFICATION_MODE /* Ugly hack, needs proper fixing. */
2455 pVM->rem.s.Env.exception_is_int = enmType == TRPM_HARDWARE_INT ? 0x42 : 0;
2456#endif
2457 pVM->rem.s.Env.exception_next_eip = pVM->rem.s.Env.eip;
2458 }
2459 else
2460 {
2461 /*
2462 * The there are two 1 byte opcodes and one 2 byte opcode for software interrupts.
2463 * We ASSUME that there are no prefixes and sets the default to 2 byte, and checks
2464 * for int03 and into.
2465 */
2466 pVM->rem.s.Env.exception_is_int = 1;
2467 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 2;
2468 /* int 3 may be generated by one-byte 0xcc */
2469 if (u8TrapNo == 3)
2470 {
2471 if (read_byte(&pVM->rem.s.Env, pVM->rem.s.Env.segs[R_CS].base + pCtx->rip) == 0xcc)
2472 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 1;
2473 }
2474 /* int 4 may be generated by one-byte 0xce */
2475 else if (u8TrapNo == 4)
2476 {
2477 if (read_byte(&pVM->rem.s.Env, pVM->rem.s.Env.segs[R_CS].base + pCtx->rip) == 0xce)
2478 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 1;
2479 }
2480 }
2481
2482 /* get error code and cr2 if needed. */
2483 if (enmType == TRPM_TRAP)
2484 {
2485 switch (u8TrapNo)
2486 {
2487 case X86_XCPT_PF:
2488 pVM->rem.s.Env.cr[2] = TRPMGetFaultAddress(pVCpu);
2489 /* fallthru */
2490 case X86_XCPT_TS: case X86_XCPT_NP: case X86_XCPT_SS: case X86_XCPT_GP:
2491 pVM->rem.s.Env.error_code = TRPMGetErrorCode(pVCpu);
2492 break;
2493
2494 case X86_XCPT_AC: case X86_XCPT_DF:
2495 default:
2496 pVM->rem.s.Env.error_code = 0;
2497 break;
2498 }
2499 }
2500 else
2501 pVM->rem.s.Env.error_code = 0;
2502
2503 /*
2504 * We can now reset the active trap since the recompiler is gonna have a go at it.
2505 */
2506 rc = TRPMResetTrap(pVCpu);
2507 AssertRC(rc);
2508 Log2(("REMR3State: trap=%02x errcd=%RGv cr2=%RGv nexteip=%RGv%s\n", pVM->rem.s.Env.exception_index, (RTGCPTR)pVM->rem.s.Env.error_code,
2509 (RTGCPTR)pVM->rem.s.Env.cr[2], (RTGCPTR)pVM->rem.s.Env.exception_next_eip, pVM->rem.s.Env.exception_is_int ? " software" : ""));
2510 }
2511
2512 /*
2513 * Clear old interrupt request flags; Check for pending hardware interrupts.
2514 * (See @remark for why we don't check for other FFs.)
2515 */
2516 pVM->rem.s.Env.interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER);
2517 if ( pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ
2518 || VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC))
2519 pVM->rem.s.Env.interrupt_request |= CPU_INTERRUPT_HARD;
2520
2521 /*
2522 * We're now in REM mode.
2523 */
2524 VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC_REM);
2525 pVM->rem.s.fInREM = true;
2526 pVM->rem.s.fInStateSync = false;
2527 pVM->rem.s.cCanExecuteRaw = 0;
2528 STAM_PROFILE_STOP(&pVM->rem.s.StatsState, a);
2529 Log2(("REMR3State: returns VINF_SUCCESS\n"));
2530 return VINF_SUCCESS;
2531}
2532
2533
2534/**
2535 * Syncs back changes in the REM state to the the VM state.
2536 *
2537 * This must be called after invoking REMR3Run().
2538 * Calling it several times in a row is not permitted.
2539 *
2540 * @returns VBox status code.
2541 *
2542 * @param pVM VM Handle.
2543 * @param pVCpu VMCPU Handle.
2544 */
2545REMR3DECL(int) REMR3StateBack(PVM pVM, PVMCPU pVCpu)
2546{
2547 register PCPUMCTX pCtx = pVM->rem.s.pCtx;
2548 Assert(pCtx);
2549 unsigned i;
2550
2551 STAM_PROFILE_START(&pVM->rem.s.StatsStateBack, a);
2552 Log2(("REMR3StateBack:\n"));
2553 Assert(pVM->rem.s.fInREM);
2554
2555 /*
2556 * Copy back the registers.
2557 * This is done in the order they are declared in the CPUMCTX structure.
2558 */
2559
2560 /** @todo FOP */
2561 /** @todo FPUIP */
2562 /** @todo CS */
2563 /** @todo FPUDP */
2564 /** @todo DS */
2565
2566 /** @todo check if FPU/XMM was actually used in the recompiler */
2567 restore_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->pXStateR3->x87);
2568//// dprintf2(("FPU state CW=%04X TT=%04X SW=%04X (%04X)\n", env->fpuc, env->fpstt, env->fpus, pVMCtx->fpu.FSW));
2569
2570#ifdef TARGET_X86_64
2571 /* Note that the high dwords of 64 bits registers are undefined in 32 bits mode and are undefined after a mode change. */
2572 pCtx->rdi = pVM->rem.s.Env.regs[R_EDI];
2573 pCtx->rsi = pVM->rem.s.Env.regs[R_ESI];
2574 pCtx->rbp = pVM->rem.s.Env.regs[R_EBP];
2575 pCtx->rax = pVM->rem.s.Env.regs[R_EAX];
2576 pCtx->rbx = pVM->rem.s.Env.regs[R_EBX];
2577 pCtx->rdx = pVM->rem.s.Env.regs[R_EDX];
2578 pCtx->rcx = pVM->rem.s.Env.regs[R_ECX];
2579 pCtx->r8 = pVM->rem.s.Env.regs[8];
2580 pCtx->r9 = pVM->rem.s.Env.regs[9];
2581 pCtx->r10 = pVM->rem.s.Env.regs[10];
2582 pCtx->r11 = pVM->rem.s.Env.regs[11];
2583 pCtx->r12 = pVM->rem.s.Env.regs[12];
2584 pCtx->r13 = pVM->rem.s.Env.regs[13];
2585 pCtx->r14 = pVM->rem.s.Env.regs[14];
2586 pCtx->r15 = pVM->rem.s.Env.regs[15];
2587
2588 pCtx->rsp = pVM->rem.s.Env.regs[R_ESP];
2589
2590#else
2591 pCtx->edi = pVM->rem.s.Env.regs[R_EDI];
2592 pCtx->esi = pVM->rem.s.Env.regs[R_ESI];
2593 pCtx->ebp = pVM->rem.s.Env.regs[R_EBP];
2594 pCtx->eax = pVM->rem.s.Env.regs[R_EAX];
2595 pCtx->ebx = pVM->rem.s.Env.regs[R_EBX];
2596 pCtx->edx = pVM->rem.s.Env.regs[R_EDX];
2597 pCtx->ecx = pVM->rem.s.Env.regs[R_ECX];
2598
2599 pCtx->esp = pVM->rem.s.Env.regs[R_ESP];
2600#endif
2601
2602#define SYNC_BACK_SREG(a_sreg, a_SREG) \
2603 do \
2604 { \
2605 pCtx->a_sreg.Sel = pVM->rem.s.Env.segs[R_##a_SREG].selector; \
2606 if (!pVM->rem.s.Env.segs[R_SS].newselector) \
2607 { \
2608 pCtx->a_sreg.ValidSel = pVM->rem.s.Env.segs[R_##a_SREG].selector; \
2609 pCtx->a_sreg.fFlags = CPUMSELREG_FLAGS_VALID; \
2610 pCtx->a_sreg.u64Base = pVM->rem.s.Env.segs[R_##a_SREG].base; \
2611 pCtx->a_sreg.u32Limit = pVM->rem.s.Env.segs[R_##a_SREG].limit; \
2612 /* Note! QEmu saves the 2nd dword of the descriptor; we (VT-x/AMD-V) keep only the attributes! */ \
2613 pCtx->a_sreg.Attr.u = (pVM->rem.s.Env.segs[R_##a_SREG].flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK; \
2614 } \
2615 else \
2616 { \
2617 pCtx->a_sreg.fFlags = 0; \
2618 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_##a_SREG]); \
2619 } \
2620 } while (0)
2621
2622 SYNC_BACK_SREG(es, ES);
2623 SYNC_BACK_SREG(cs, CS);
2624 SYNC_BACK_SREG(ss, SS);
2625 SYNC_BACK_SREG(ds, DS);
2626 SYNC_BACK_SREG(fs, FS);
2627 SYNC_BACK_SREG(gs, GS);
2628
2629#ifdef TARGET_X86_64
2630 pCtx->rip = pVM->rem.s.Env.eip;
2631 pCtx->rflags.u64 = pVM->rem.s.Env.eflags;
2632#else
2633 pCtx->eip = pVM->rem.s.Env.eip;
2634 pCtx->eflags.u32 = pVM->rem.s.Env.eflags;
2635#endif
2636
2637 pCtx->cr0 = pVM->rem.s.Env.cr[0];
2638 pCtx->cr2 = pVM->rem.s.Env.cr[2];
2639 pCtx->cr3 = pVM->rem.s.Env.cr[3];
2640#ifdef VBOX_WITH_RAW_MODE
2641 if (((pVM->rem.s.Env.cr[4] ^ pCtx->cr4) & X86_CR4_VME) && !HMIsEnabled(pVM))
2642 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2643#endif
2644 pCtx->cr4 = pVM->rem.s.Env.cr[4];
2645
2646 for (i = 0; i < 8; i++)
2647 pCtx->dr[i] = pVM->rem.s.Env.dr[i];
2648
2649 pCtx->gdtr.cbGdt = pVM->rem.s.Env.gdt.limit;
2650 if (pCtx->gdtr.pGdt != pVM->rem.s.Env.gdt.base)
2651 {
2652 pCtx->gdtr.pGdt = pVM->rem.s.Env.gdt.base;
2653 STAM_COUNTER_INC(&gStatREMGDTChange);
2654#ifdef VBOX_WITH_RAW_MODE
2655 if (!HMIsEnabled(pVM))
2656 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_GDT);
2657#endif
2658 }
2659
2660 pCtx->idtr.cbIdt = pVM->rem.s.Env.idt.limit;
2661 if (pCtx->idtr.pIdt != pVM->rem.s.Env.idt.base)
2662 {
2663 pCtx->idtr.pIdt = pVM->rem.s.Env.idt.base;
2664 STAM_COUNTER_INC(&gStatREMIDTChange);
2665#ifdef VBOX_WITH_RAW_MODE
2666 if (!HMIsEnabled(pVM))
2667 VMCPU_FF_SET(pVCpu, VMCPU_FF_TRPM_SYNC_IDT);
2668#endif
2669 }
2670
2671 if ( pCtx->ldtr.Sel != pVM->rem.s.Env.ldt.selector
2672 || pCtx->ldtr.ValidSel != pVM->rem.s.Env.ldt.selector
2673 || pCtx->ldtr.u64Base != pVM->rem.s.Env.ldt.base
2674 || pCtx->ldtr.u32Limit != pVM->rem.s.Env.ldt.limit
2675 || pCtx->ldtr.Attr.u != ((pVM->rem.s.Env.ldt.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK)
2676 || !(pCtx->ldtr.fFlags & CPUMSELREG_FLAGS_VALID)
2677 )
2678 {
2679 pCtx->ldtr.Sel = pVM->rem.s.Env.ldt.selector;
2680 pCtx->ldtr.ValidSel = pVM->rem.s.Env.ldt.selector;
2681 pCtx->ldtr.fFlags = CPUMSELREG_FLAGS_VALID;
2682 pCtx->ldtr.u64Base = pVM->rem.s.Env.ldt.base;
2683 pCtx->ldtr.u32Limit = pVM->rem.s.Env.ldt.limit;
2684 pCtx->ldtr.Attr.u = (pVM->rem.s.Env.ldt.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
2685 STAM_COUNTER_INC(&gStatREMLDTRChange);
2686#ifdef VBOX_WITH_RAW_MODE
2687 if (!HMIsEnabled(pVM))
2688 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_LDT);
2689#endif
2690 }
2691
2692 if ( pCtx->tr.Sel != pVM->rem.s.Env.tr.selector
2693 || pCtx->tr.ValidSel != pVM->rem.s.Env.tr.selector
2694 || pCtx->tr.u64Base != pVM->rem.s.Env.tr.base
2695 || pCtx->tr.u32Limit != pVM->rem.s.Env.tr.limit
2696 /* Qemu and AMD/Intel have different ideas about the busy flag ... */ /** @todo just fix qemu! */
2697 || pCtx->tr.Attr.u != ( (pVM->rem.s.Env.tr.flags >> SEL_FLAGS_SHIFT) & (SEL_FLAGS_SMASK & ~DESC_INTEL_UNUSABLE)
2698 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> SEL_FLAGS_SHIFT
2699 : 0)
2700 || !(pCtx->tr.fFlags & CPUMSELREG_FLAGS_VALID)
2701 )
2702 {
2703 Log(("REM: TR changed! %#x{%#llx,%#x,%#x} -> %#x{%llx,%#x,%#x}\n",
2704 pCtx->tr.Sel, pCtx->tr.u64Base, pCtx->tr.u32Limit, pCtx->tr.Attr.u,
2705 pVM->rem.s.Env.tr.selector, (uint64_t)pVM->rem.s.Env.tr.base, pVM->rem.s.Env.tr.limit,
2706 (pVM->rem.s.Env.tr.flags >> SEL_FLAGS_SHIFT) & (SEL_FLAGS_SMASK & ~DESC_INTEL_UNUSABLE)
2707 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> SEL_FLAGS_SHIFT : 0));
2708 pCtx->tr.Sel = pVM->rem.s.Env.tr.selector;
2709 pCtx->tr.ValidSel = pVM->rem.s.Env.tr.selector;
2710 pCtx->tr.fFlags = CPUMSELREG_FLAGS_VALID;
2711 pCtx->tr.u64Base = pVM->rem.s.Env.tr.base;
2712 pCtx->tr.u32Limit = pVM->rem.s.Env.tr.limit;
2713 pCtx->tr.Attr.u = (pVM->rem.s.Env.tr.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
2714 if (pCtx->tr.Attr.u & ~DESC_INTEL_UNUSABLE)
2715 pCtx->tr.Attr.u |= DESC_TSS_BUSY_MASK >> SEL_FLAGS_SHIFT;
2716 STAM_COUNTER_INC(&gStatREMTRChange);
2717#ifdef VBOX_WITH_RAW_MODE
2718 if (!HMIsEnabled(pVM))
2719 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2720#endif
2721 }
2722
2723 /* Sysenter MSR */
2724 pCtx->SysEnter.cs = pVM->rem.s.Env.sysenter_cs;
2725 pCtx->SysEnter.eip = pVM->rem.s.Env.sysenter_eip;
2726 pCtx->SysEnter.esp = pVM->rem.s.Env.sysenter_esp;
2727
2728 /* System MSRs. */
2729 pCtx->msrEFER = pVM->rem.s.Env.efer;
2730 pCtx->msrSTAR = pVM->rem.s.Env.star;
2731 pCtx->msrPAT = pVM->rem.s.Env.pat;
2732#ifdef TARGET_X86_64
2733 pCtx->msrLSTAR = pVM->rem.s.Env.lstar;
2734 pCtx->msrCSTAR = pVM->rem.s.Env.cstar;
2735 pCtx->msrSFMASK = pVM->rem.s.Env.fmask;
2736 pCtx->msrKERNELGSBASE = pVM->rem.s.Env.kernelgsbase;
2737#endif
2738
2739 /* Inhibit interrupt flag. */
2740 if (pVM->rem.s.Env.hflags & HF_INHIBIT_IRQ_MASK)
2741 {
2742 Log(("Settings VMCPU_FF_INHIBIT_INTERRUPTS at %RGv (REM)\n", (RTGCPTR)pCtx->rip));
2743 EMSetInhibitInterruptsPC(pVCpu, pCtx->rip);
2744 VMCPU_FF_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
2745 }
2746 else if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS))
2747 {
2748 Log(("Clearing VMCPU_FF_INHIBIT_INTERRUPTS at %RGv - successor %RGv (REM#2)\n", (RTGCPTR)pCtx->rip, EMGetInhibitInterruptsPC(pVCpu)));
2749 VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
2750 }
2751
2752 /* Inhibit NMI flag. */
2753 if (pVM->rem.s.Env.hflags2 & HF2_NMI_MASK)
2754 {
2755 Log(("Settings VMCPU_FF_BLOCK_NMIS at %RGv (REM)\n", (RTGCPTR)pCtx->rip));
2756 VMCPU_FF_SET(pVCpu, VMCPU_FF_BLOCK_NMIS);
2757 }
2758 else if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS))
2759 {
2760 Log(("Clearing VMCPU_FF_BLOCK_NMIS at %RGv (REM)\n", (RTGCPTR)pCtx->rip));
2761 VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_BLOCK_NMIS);
2762 }
2763
2764 remR3TrapClear(pVM);
2765
2766 /*
2767 * Check for traps.
2768 */
2769 if ( pVM->rem.s.Env.exception_index >= 0
2770 && pVM->rem.s.Env.exception_index < 256)
2771 {
2772 /* This cannot be a hardware-interrupt because exception_index < EXCP_INTERRUPT. */
2773 int rc;
2774
2775 Log(("REMR3StateBack: Pending trap %x %d\n", pVM->rem.s.Env.exception_index, pVM->rem.s.Env.exception_is_int));
2776 TRPMEVENT enmType = pVM->rem.s.Env.exception_is_int ? TRPM_SOFTWARE_INT : TRPM_TRAP;
2777 rc = TRPMAssertTrap(pVCpu, pVM->rem.s.Env.exception_index, enmType);
2778 AssertRC(rc);
2779 if (enmType == TRPM_TRAP)
2780 {
2781 switch (pVM->rem.s.Env.exception_index)
2782 {
2783 case X86_XCPT_PF:
2784 TRPMSetFaultAddress(pVCpu, pCtx->cr2);
2785 /* fallthru */
2786 case X86_XCPT_TS: case X86_XCPT_NP: case X86_XCPT_SS: case X86_XCPT_GP:
2787 case X86_XCPT_AC: case X86_XCPT_DF: /* 0 */
2788 TRPMSetErrorCode(pVCpu, pVM->rem.s.Env.error_code);
2789 break;
2790 }
2791 }
2792 }
2793
2794 /*
2795 * We're not longer in REM mode.
2796 */
2797 CPUMR3RemLeave(pVCpu,
2798 HMIsEnabled(pVM)
2799 || ( pVM->rem.s.Env.segs[R_SS].newselector
2800 | pVM->rem.s.Env.segs[R_GS].newselector
2801 | pVM->rem.s.Env.segs[R_FS].newselector
2802 | pVM->rem.s.Env.segs[R_ES].newselector
2803 | pVM->rem.s.Env.segs[R_DS].newselector
2804 | pVM->rem.s.Env.segs[R_CS].newselector) == 0
2805 );
2806 VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED, VMCPUSTATE_STARTED_EXEC_REM);
2807 pVM->rem.s.fInREM = false;
2808 pVM->rem.s.pCtx = NULL;
2809 pVM->rem.s.Env.pVCpu = NULL;
2810 STAM_PROFILE_STOP(&pVM->rem.s.StatsStateBack, a);
2811 Log2(("REMR3StateBack: returns VINF_SUCCESS\n"));
2812 return VINF_SUCCESS;
2813}
2814
2815
2816/**
2817 * This is called by the disassembler when it wants to update the cpu state
2818 * before for instance doing a register dump.
2819 */
2820static void remR3StateUpdate(PVM pVM, PVMCPU pVCpu)
2821{
2822 register PCPUMCTX pCtx = pVM->rem.s.pCtx;
2823 unsigned i;
2824
2825 Assert(pVM->rem.s.fInREM);
2826
2827 /*
2828 * Copy back the registers.
2829 * This is done in the order they are declared in the CPUMCTX structure.
2830 */
2831
2832 PX86FXSTATE pFpuCtx = &pCtx->pXStateR3->x87;
2833 /** @todo FOP */
2834 /** @todo FPUIP */
2835 /** @todo CS */
2836 /** @todo FPUDP */
2837 /** @todo DS */
2838 /** @todo Fix MXCSR support in QEMU so we don't overwrite MXCSR with 0 when we shouldn't! */
2839 pFpuCtx->MXCSR = 0;
2840 pFpuCtx->MXCSR_MASK = 0;
2841
2842 /** @todo check if FPU/XMM was actually used in the recompiler */
2843 restore_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)pFpuCtx);
2844//// dprintf2(("FPU state CW=%04X TT=%04X SW=%04X (%04X)\n", env->fpuc, env->fpstt, env->fpus, pVMCtx->fpu.FSW));
2845
2846#ifdef TARGET_X86_64
2847 pCtx->rdi = pVM->rem.s.Env.regs[R_EDI];
2848 pCtx->rsi = pVM->rem.s.Env.regs[R_ESI];
2849 pCtx->rbp = pVM->rem.s.Env.regs[R_EBP];
2850 pCtx->rax = pVM->rem.s.Env.regs[R_EAX];
2851 pCtx->rbx = pVM->rem.s.Env.regs[R_EBX];
2852 pCtx->rdx = pVM->rem.s.Env.regs[R_EDX];
2853 pCtx->rcx = pVM->rem.s.Env.regs[R_ECX];
2854 pCtx->r8 = pVM->rem.s.Env.regs[8];
2855 pCtx->r9 = pVM->rem.s.Env.regs[9];
2856 pCtx->r10 = pVM->rem.s.Env.regs[10];
2857 pCtx->r11 = pVM->rem.s.Env.regs[11];
2858 pCtx->r12 = pVM->rem.s.Env.regs[12];
2859 pCtx->r13 = pVM->rem.s.Env.regs[13];
2860 pCtx->r14 = pVM->rem.s.Env.regs[14];
2861 pCtx->r15 = pVM->rem.s.Env.regs[15];
2862
2863 pCtx->rsp = pVM->rem.s.Env.regs[R_ESP];
2864#else
2865 pCtx->edi = pVM->rem.s.Env.regs[R_EDI];
2866 pCtx->esi = pVM->rem.s.Env.regs[R_ESI];
2867 pCtx->ebp = pVM->rem.s.Env.regs[R_EBP];
2868 pCtx->eax = pVM->rem.s.Env.regs[R_EAX];
2869 pCtx->ebx = pVM->rem.s.Env.regs[R_EBX];
2870 pCtx->edx = pVM->rem.s.Env.regs[R_EDX];
2871 pCtx->ecx = pVM->rem.s.Env.regs[R_ECX];
2872
2873 pCtx->esp = pVM->rem.s.Env.regs[R_ESP];
2874#endif
2875
2876 SYNC_BACK_SREG(es, ES);
2877 SYNC_BACK_SREG(cs, CS);
2878 SYNC_BACK_SREG(ss, SS);
2879 SYNC_BACK_SREG(ds, DS);
2880 SYNC_BACK_SREG(fs, FS);
2881 SYNC_BACK_SREG(gs, GS);
2882
2883#ifdef TARGET_X86_64
2884 pCtx->rip = pVM->rem.s.Env.eip;
2885 pCtx->rflags.u64 = pVM->rem.s.Env.eflags;
2886#else
2887 pCtx->eip = pVM->rem.s.Env.eip;
2888 pCtx->eflags.u32 = pVM->rem.s.Env.eflags;
2889#endif
2890
2891 pCtx->cr0 = pVM->rem.s.Env.cr[0];
2892 pCtx->cr2 = pVM->rem.s.Env.cr[2];
2893 pCtx->cr3 = pVM->rem.s.Env.cr[3];
2894#ifdef VBOX_WITH_RAW_MODE
2895 if (((pVM->rem.s.Env.cr[4] ^ pCtx->cr4) & X86_CR4_VME) && !HMIsEnabled(pVM))
2896 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2897#endif
2898 pCtx->cr4 = pVM->rem.s.Env.cr[4];
2899
2900 for (i = 0; i < 8; i++)
2901 pCtx->dr[i] = pVM->rem.s.Env.dr[i];
2902
2903 pCtx->gdtr.cbGdt = pVM->rem.s.Env.gdt.limit;
2904 if (pCtx->gdtr.pGdt != (RTGCPTR)pVM->rem.s.Env.gdt.base)
2905 {
2906 pCtx->gdtr.pGdt = (RTGCPTR)pVM->rem.s.Env.gdt.base;
2907 STAM_COUNTER_INC(&gStatREMGDTChange);
2908#ifdef VBOX_WITH_RAW_MODE
2909 if (!HMIsEnabled(pVM))
2910 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_GDT);
2911#endif
2912 }
2913
2914 pCtx->idtr.cbIdt = pVM->rem.s.Env.idt.limit;
2915 if (pCtx->idtr.pIdt != (RTGCPTR)pVM->rem.s.Env.idt.base)
2916 {
2917 pCtx->idtr.pIdt = (RTGCPTR)pVM->rem.s.Env.idt.base;
2918 STAM_COUNTER_INC(&gStatREMIDTChange);
2919#ifdef VBOX_WITH_RAW_MODE
2920 if (!HMIsEnabled(pVM))
2921 VMCPU_FF_SET(pVCpu, VMCPU_FF_TRPM_SYNC_IDT);
2922#endif
2923 }
2924
2925 if ( pCtx->ldtr.Sel != pVM->rem.s.Env.ldt.selector
2926 || pCtx->ldtr.ValidSel != pVM->rem.s.Env.ldt.selector
2927 || pCtx->ldtr.u64Base != pVM->rem.s.Env.ldt.base
2928 || pCtx->ldtr.u32Limit != pVM->rem.s.Env.ldt.limit
2929 || pCtx->ldtr.Attr.u != ((pVM->rem.s.Env.ldt.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK)
2930 || !(pCtx->ldtr.fFlags & CPUMSELREG_FLAGS_VALID)
2931 )
2932 {
2933 pCtx->ldtr.Sel = pVM->rem.s.Env.ldt.selector;
2934 pCtx->ldtr.ValidSel = pVM->rem.s.Env.ldt.selector;
2935 pCtx->ldtr.fFlags = CPUMSELREG_FLAGS_VALID;
2936 pCtx->ldtr.u64Base = pVM->rem.s.Env.ldt.base;
2937 pCtx->ldtr.u32Limit = pVM->rem.s.Env.ldt.limit;
2938 pCtx->ldtr.Attr.u = (pVM->rem.s.Env.ldt.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
2939 STAM_COUNTER_INC(&gStatREMLDTRChange);
2940#ifdef VBOX_WITH_RAW_MODE
2941 if (!HMIsEnabled(pVM))
2942 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_LDT);
2943#endif
2944 }
2945
2946 if ( pCtx->tr.Sel != pVM->rem.s.Env.tr.selector
2947 || pCtx->tr.ValidSel != pVM->rem.s.Env.tr.selector
2948 || pCtx->tr.u64Base != pVM->rem.s.Env.tr.base
2949 || pCtx->tr.u32Limit != pVM->rem.s.Env.tr.limit
2950 /* Qemu and AMD/Intel have different ideas about the busy flag ... */
2951 || pCtx->tr.Attr.u != ( (pVM->rem.s.Env.tr.flags >> SEL_FLAGS_SHIFT) & (SEL_FLAGS_SMASK & ~DESC_INTEL_UNUSABLE)
2952 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> SEL_FLAGS_SHIFT
2953 : 0)
2954 || !(pCtx->tr.fFlags & CPUMSELREG_FLAGS_VALID)
2955 )
2956 {
2957 Log(("REM: TR changed! %#x{%#llx,%#x,%#x} -> %#x{%llx,%#x,%#x}\n",
2958 pCtx->tr.Sel, pCtx->tr.u64Base, pCtx->tr.u32Limit, pCtx->tr.Attr.u,
2959 pVM->rem.s.Env.tr.selector, (uint64_t)pVM->rem.s.Env.tr.base, pVM->rem.s.Env.tr.limit,
2960 (pVM->rem.s.Env.tr.flags >> SEL_FLAGS_SHIFT) & (SEL_FLAGS_SMASK & ~DESC_INTEL_UNUSABLE)
2961 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> SEL_FLAGS_SHIFT : 0));
2962 pCtx->tr.Sel = pVM->rem.s.Env.tr.selector;
2963 pCtx->tr.ValidSel = pVM->rem.s.Env.tr.selector;
2964 pCtx->tr.fFlags = CPUMSELREG_FLAGS_VALID;
2965 pCtx->tr.u64Base = pVM->rem.s.Env.tr.base;
2966 pCtx->tr.u32Limit = pVM->rem.s.Env.tr.limit;
2967 pCtx->tr.Attr.u = (pVM->rem.s.Env.tr.flags >> SEL_FLAGS_SHIFT) & SEL_FLAGS_SMASK;
2968 if (pCtx->tr.Attr.u & ~DESC_INTEL_UNUSABLE)
2969 pCtx->tr.Attr.u |= DESC_TSS_BUSY_MASK >> SEL_FLAGS_SHIFT;
2970 STAM_COUNTER_INC(&gStatREMTRChange);
2971#ifdef VBOX_WITH_RAW_MODE
2972 if (!HMIsEnabled(pVM))
2973 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2974#endif
2975 }
2976
2977 /* Sysenter MSR */
2978 pCtx->SysEnter.cs = pVM->rem.s.Env.sysenter_cs;
2979 pCtx->SysEnter.eip = pVM->rem.s.Env.sysenter_eip;
2980 pCtx->SysEnter.esp = pVM->rem.s.Env.sysenter_esp;
2981
2982 /* System MSRs. */
2983 pCtx->msrEFER = pVM->rem.s.Env.efer;
2984 pCtx->msrSTAR = pVM->rem.s.Env.star;
2985 pCtx->msrPAT = pVM->rem.s.Env.pat;
2986#ifdef TARGET_X86_64
2987 pCtx->msrLSTAR = pVM->rem.s.Env.lstar;
2988 pCtx->msrCSTAR = pVM->rem.s.Env.cstar;
2989 pCtx->msrSFMASK = pVM->rem.s.Env.fmask;
2990 pCtx->msrKERNELGSBASE = pVM->rem.s.Env.kernelgsbase;
2991#endif
2992
2993}
2994
2995
2996/**
2997 * Update the VMM state information if we're currently in REM.
2998 *
2999 * This method is used by the DBGF and PDMDevice when there is any uncertainty of whether
3000 * we're currently executing in REM and the VMM state is invalid. This method will of
3001 * course check that we're executing in REM before syncing any data over to the VMM.
3002 *
3003 * @param pVM The VM handle.
3004 * @param pVCpu The VMCPU handle.
3005 */
3006REMR3DECL(void) REMR3StateUpdate(PVM pVM, PVMCPU pVCpu)
3007{
3008 if (pVM->rem.s.fInREM)
3009 remR3StateUpdate(pVM, pVCpu);
3010}
3011
3012
3013#undef LOG_GROUP
3014#define LOG_GROUP LOG_GROUP_REM
3015
3016
3017/**
3018 * Notify the recompiler about Address Gate 20 state change.
3019 *
3020 * This notification is required since A20 gate changes are
3021 * initialized from a device driver and the VM might just as
3022 * well be in REM mode as in RAW mode.
3023 *
3024 * @param pVM VM handle.
3025 * @param pVCpu VMCPU handle.
3026 * @param fEnable True if the gate should be enabled.
3027 * False if the gate should be disabled.
3028 */
3029REMR3DECL(void) REMR3A20Set(PVM pVM, PVMCPU pVCpu, bool fEnable)
3030{
3031 LogFlow(("REMR3A20Set: fEnable=%d\n", fEnable));
3032 VM_ASSERT_EMT(pVM);
3033
3034 /** @todo SMP and the A20 gate... */
3035 if (pVM->rem.s.Env.pVCpu == pVCpu)
3036 {
3037 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3038 cpu_x86_set_a20(&pVM->rem.s.Env, fEnable);
3039 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3040 }
3041}
3042
3043
3044/**
3045 * Replays the handler notification changes
3046 * Called in response to VM_FF_REM_HANDLER_NOTIFY from the RAW execution loop.
3047 *
3048 * @param pVM VM handle.
3049 */
3050REMR3DECL(void) REMR3ReplayHandlerNotifications(PVM pVM)
3051{
3052 /*
3053 * Replay the flushes.
3054 */
3055 LogFlow(("REMR3ReplayHandlerNotifications:\n"));
3056 VM_ASSERT_EMT(pVM);
3057
3058 /** @todo this isn't ensuring correct replay order. */
3059 if (VM_FF_TEST_AND_CLEAR(pVM, VM_FF_REM_HANDLER_NOTIFY))
3060 {
3061 uint32_t idxNext;
3062 uint32_t idxRevHead;
3063 uint32_t idxHead;
3064#ifdef VBOX_STRICT
3065 int32_t c = 0;
3066#endif
3067
3068 /* Lockless purging of pending notifications. */
3069 idxHead = ASMAtomicXchgU32(&pVM->rem.s.idxPendingList, UINT32_MAX);
3070 if (idxHead == UINT32_MAX)
3071 return;
3072 Assert(idxHead < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications));
3073
3074 /*
3075 * Reverse the list to process it in FIFO order.
3076 */
3077 idxRevHead = UINT32_MAX;
3078 do
3079 {
3080 /* Save the index of the next rec. */
3081 idxNext = pVM->rem.s.aHandlerNotifications[idxHead].idxNext;
3082 Assert(idxNext < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications) || idxNext == UINT32_MAX);
3083 /* Push the record onto the reversed list. */
3084 pVM->rem.s.aHandlerNotifications[idxHead].idxNext = idxRevHead;
3085 idxRevHead = idxHead;
3086 Assert(++c <= RT_ELEMENTS(pVM->rem.s.aHandlerNotifications));
3087 /* Advance. */
3088 idxHead = idxNext;
3089 } while (idxHead != UINT32_MAX);
3090
3091 /*
3092 * Loop thru the list, reinserting the record into the free list as they are
3093 * processed to avoid having other EMTs running out of entries while we're flushing.
3094 */
3095 idxHead = idxRevHead;
3096 do
3097 {
3098 PREMHANDLERNOTIFICATION pCur = &pVM->rem.s.aHandlerNotifications[idxHead];
3099 uint32_t idxCur;
3100 Assert(--c >= 0);
3101
3102 switch (pCur->enmKind)
3103 {
3104 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_REGISTER:
3105 remR3NotifyHandlerPhysicalRegister(pVM,
3106 pCur->u.PhysicalRegister.enmKind,
3107 pCur->u.PhysicalRegister.GCPhys,
3108 pCur->u.PhysicalRegister.cb,
3109 pCur->u.PhysicalRegister.fHasHCHandler);
3110 break;
3111
3112 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_DEREGISTER:
3113 remR3NotifyHandlerPhysicalDeregister(pVM,
3114 pCur->u.PhysicalDeregister.enmKind,
3115 pCur->u.PhysicalDeregister.GCPhys,
3116 pCur->u.PhysicalDeregister.cb,
3117 pCur->u.PhysicalDeregister.fHasHCHandler,
3118 pCur->u.PhysicalDeregister.fRestoreAsRAM);
3119 break;
3120
3121 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_MODIFY:
3122 remR3NotifyHandlerPhysicalModify(pVM,
3123 pCur->u.PhysicalModify.enmKind,
3124 pCur->u.PhysicalModify.GCPhysOld,
3125 pCur->u.PhysicalModify.GCPhysNew,
3126 pCur->u.PhysicalModify.cb,
3127 pCur->u.PhysicalModify.fHasHCHandler,
3128 pCur->u.PhysicalModify.fRestoreAsRAM);
3129 break;
3130
3131 default:
3132 AssertReleaseMsgFailed(("enmKind=%d\n", pCur->enmKind));
3133 break;
3134 }
3135
3136 /*
3137 * Advance idxHead.
3138 */
3139 idxCur = idxHead;
3140 idxHead = pCur->idxNext;
3141 Assert(idxHead < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications) || (idxHead == UINT32_MAX && c == 0));
3142
3143 /*
3144 * Put the record back into the free list.
3145 */
3146 do
3147 {
3148 idxNext = ASMAtomicUoReadU32(&pVM->rem.s.idxFreeList);
3149 ASMAtomicWriteU32(&pCur->idxNext, idxNext);
3150 ASMCompilerBarrier();
3151 } while (!ASMAtomicCmpXchgU32(&pVM->rem.s.idxFreeList, idxCur, idxNext));
3152 } while (idxHead != UINT32_MAX);
3153
3154#ifdef VBOX_STRICT
3155 if (pVM->cCpus == 1)
3156 {
3157 unsigned c;
3158 /* Check that all records are now on the free list. */
3159 for (c = 0, idxNext = pVM->rem.s.idxFreeList; idxNext != UINT32_MAX;
3160 idxNext = pVM->rem.s.aHandlerNotifications[idxNext].idxNext)
3161 c++;
3162 AssertReleaseMsg(c == RT_ELEMENTS(pVM->rem.s.aHandlerNotifications), ("%#x != %#x, idxFreeList=%#x\n", c, RT_ELEMENTS(pVM->rem.s.aHandlerNotifications), pVM->rem.s.idxFreeList));
3163 }
3164#endif
3165 }
3166}
3167
3168
3169/**
3170 * Notify REM about changed code page.
3171 *
3172 * @returns VBox status code.
3173 * @param pVM VM handle.
3174 * @param pVCpu VMCPU handle.
3175 * @param pvCodePage Code page address
3176 */
3177REMR3DECL(int) REMR3NotifyCodePageChanged(PVM pVM, PVMCPU pVCpu, RTGCPTR pvCodePage)
3178{
3179#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
3180 int rc;
3181 RTGCPHYS PhysGC;
3182 uint64_t flags;
3183
3184 VM_ASSERT_EMT(pVM);
3185
3186 /*
3187 * Get the physical page address.
3188 */
3189 rc = PGMGstGetPage(pVM, pvCodePage, &flags, &PhysGC);
3190 if (rc == VINF_SUCCESS)
3191 {
3192 /*
3193 * Sync the required registers and flush the whole page.
3194 * (Easier to do the whole page than notifying it about each physical
3195 * byte that was changed.
3196 */
3197 pVM->rem.s.Env.cr[0] = pVM->rem.s.pCtx->cr0;
3198 pVM->rem.s.Env.cr[2] = pVM->rem.s.pCtx->cr2;
3199 pVM->rem.s.Env.cr[3] = pVM->rem.s.pCtx->cr3;
3200 pVM->rem.s.Env.cr[4] = pVM->rem.s.pCtx->cr4;
3201
3202 tb_invalidate_phys_page_range(PhysGC, PhysGC + PAGE_SIZE - 1, 0);
3203 }
3204#endif
3205 return VINF_SUCCESS;
3206}
3207
3208
3209/**
3210 * Notification about a successful MMR3PhysRegister() call.
3211 *
3212 * @param pVM VM handle.
3213 * @param GCPhys The physical address the RAM.
3214 * @param cb Size of the memory.
3215 * @param fFlags Flags of the REM_NOTIFY_PHYS_RAM_FLAGS_* defines.
3216 */
3217REMR3DECL(void) REMR3NotifyPhysRamRegister(PVM pVM, RTGCPHYS GCPhys, RTGCPHYS cb, unsigned fFlags)
3218{
3219 Log(("REMR3NotifyPhysRamRegister: GCPhys=%RGp cb=%RGp fFlags=%#x\n", GCPhys, cb, fFlags));
3220 VM_ASSERT_EMT(pVM);
3221
3222 /*
3223 * Validate input - we trust the caller.
3224 */
3225 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3226 Assert(cb);
3227 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
3228 AssertMsg(fFlags == REM_NOTIFY_PHYS_RAM_FLAGS_RAM || fFlags == REM_NOTIFY_PHYS_RAM_FLAGS_MMIO2, ("%#x\n", fFlags));
3229
3230 /*
3231 * Base ram? Update GCPhysLastRam.
3232 */
3233 if (fFlags & REM_NOTIFY_PHYS_RAM_FLAGS_RAM)
3234 {
3235 if (GCPhys + (cb - 1) > pVM->rem.s.GCPhysLastRam)
3236 {
3237 AssertReleaseMsg(!pVM->rem.s.fGCPhysLastRamFixed, ("GCPhys=%RGp cb=%RGp\n", GCPhys, cb));
3238 pVM->rem.s.GCPhysLastRam = GCPhys + (cb - 1);
3239 }
3240 }
3241
3242 /*
3243 * Register the ram.
3244 */
3245 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3246
3247 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3248 cpu_register_physical_memory_offset(GCPhys, cb, GCPhys, GCPhys);
3249 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3250
3251 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3252}
3253
3254
3255/**
3256 * Notification about a successful MMR3PhysRomRegister() call.
3257 *
3258 * @param pVM VM handle.
3259 * @param GCPhys The physical address of the ROM.
3260 * @param cb The size of the ROM.
3261 * @param pvCopy Pointer to the ROM copy.
3262 * @param fShadow Whether it's currently writable shadow ROM or normal readonly ROM.
3263 * This function will be called when ever the protection of the
3264 * shadow ROM changes (at reset and end of POST).
3265 */
3266REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy, bool fShadow)
3267{
3268 Log(("REMR3NotifyPhysRomRegister: GCPhys=%RGp cb=%d fShadow=%RTbool\n", GCPhys, cb, fShadow));
3269 VM_ASSERT_EMT(pVM);
3270
3271 /*
3272 * Validate input - we trust the caller.
3273 */
3274 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3275 Assert(cb);
3276 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
3277
3278 /*
3279 * Register the rom.
3280 */
3281 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3282
3283 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3284 cpu_register_physical_memory_offset(GCPhys, cb, GCPhys | (fShadow ? 0 : IO_MEM_ROM), GCPhys);
3285 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3286
3287 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3288}
3289
3290
3291/**
3292 * Notification about a successful memory deregistration or reservation.
3293 *
3294 * @param pVM VM Handle.
3295 * @param GCPhys Start physical address.
3296 * @param cb The size of the range.
3297 */
3298REMR3DECL(void) REMR3NotifyPhysRamDeregister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb)
3299{
3300 Log(("REMR3NotifyPhysRamDeregister: GCPhys=%RGp cb=%d\n", GCPhys, cb));
3301 VM_ASSERT_EMT(pVM);
3302
3303 /*
3304 * Validate input - we trust the caller.
3305 */
3306 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3307 Assert(cb);
3308 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
3309
3310 /*
3311 * Unassigning the memory.
3312 */
3313 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3314
3315 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3316 cpu_register_physical_memory_offset(GCPhys, cb, IO_MEM_UNASSIGNED, GCPhys);
3317 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3318
3319 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3320}
3321
3322
3323/**
3324 * Notification about a successful PGMR3HandlerPhysicalRegister() call.
3325 *
3326 * @param pVM VM Handle.
3327 * @param enmKind Kind of access handler.
3328 * @param GCPhys Handler range address.
3329 * @param cb Size of the handler range.
3330 * @param fHasHCHandler Set if the handler has a HC callback function.
3331 *
3332 * @remark MMR3PhysRomRegister assumes that this function will not apply the
3333 * Handler memory type to memory which has no HC handler.
3334 */
3335static void remR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhys, RTGCPHYS cb,
3336 bool fHasHCHandler)
3337{
3338 Log(("REMR3NotifyHandlerPhysicalRegister: enmKind=%d GCPhys=%RGp cb=%RGp fHasHCHandler=%d\n",
3339 enmKind, GCPhys, cb, fHasHCHandler));
3340
3341 VM_ASSERT_EMT(pVM);
3342 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3343 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3344
3345
3346 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3347
3348 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3349 if (enmKind == PGMPHYSHANDLERKIND_MMIO)
3350 cpu_register_physical_memory_offset(GCPhys, cb, pVM->rem.s.iMMIOMemType, GCPhys);
3351 else if (fHasHCHandler)
3352 cpu_register_physical_memory_offset(GCPhys, cb, pVM->rem.s.iHandlerMemType, GCPhys);
3353 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3354
3355 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3356}
3357
3358/**
3359 * Notification about a successful PGMR3HandlerPhysicalRegister() call.
3360 *
3361 * @param pVM VM Handle.
3362 * @param enmKind Kind of access handler.
3363 * @param GCPhys Handler range address.
3364 * @param cb Size of the handler range.
3365 * @param fHasHCHandler Set if the handler has a HC callback function.
3366 *
3367 * @remark MMR3PhysRomRegister assumes that this function will not apply the
3368 * Handler memory type to memory which has no HC handler.
3369 */
3370REMR3DECL(void) REMR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhys, RTGCPHYS cb,
3371 bool fHasHCHandler)
3372{
3373 REMR3ReplayHandlerNotifications(pVM);
3374
3375 remR3NotifyHandlerPhysicalRegister(pVM, enmKind, GCPhys, cb, fHasHCHandler);
3376}
3377
3378/**
3379 * Notification about a successful PGMR3HandlerPhysicalDeregister() operation.
3380 *
3381 * @param pVM VM Handle.
3382 * @param enmKind Kind of access handler.
3383 * @param GCPhys Handler range address.
3384 * @param cb Size of the handler range.
3385 * @param fHasHCHandler Set if the handler has a HC callback function.
3386 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3387 */
3388static void remR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhys, RTGCPHYS cb,
3389 bool fHasHCHandler, bool fRestoreAsRAM)
3390{
3391 Log(("REMR3NotifyHandlerPhysicalDeregister: enmKind=%d GCPhys=%RGp cb=%RGp fHasHCHandler=%RTbool fRestoreAsRAM=%RTbool RAM=%08x\n",
3392 enmKind, GCPhys, cb, fHasHCHandler, fRestoreAsRAM, MMR3PhysGetRamSize(pVM)));
3393 VM_ASSERT_EMT(pVM);
3394
3395
3396 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3397
3398 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3399 /** @todo this isn't right, MMIO can (in theory) be restored as RAM. */
3400 if (enmKind == PGMPHYSHANDLERKIND_MMIO)
3401 cpu_register_physical_memory_offset(GCPhys, cb, IO_MEM_UNASSIGNED, GCPhys);
3402 else if (fHasHCHandler)
3403 {
3404 if (!fRestoreAsRAM)
3405 {
3406 Assert(GCPhys > MMR3PhysGetRamSize(pVM));
3407 cpu_register_physical_memory_offset(GCPhys, cb, IO_MEM_UNASSIGNED, GCPhys);
3408 }
3409 else
3410 {
3411 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3412 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3413 cpu_register_physical_memory_offset(GCPhys, cb, GCPhys, GCPhys);
3414 }
3415 }
3416 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3417
3418 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3419}
3420
3421/**
3422 * Notification about a successful PGMR3HandlerPhysicalDeregister() operation.
3423 *
3424 * @param pVM VM Handle.
3425 * @param enmKind Kind of access handler.
3426 * @param GCPhys Handler range address.
3427 * @param cb Size of the handler range.
3428 * @param fHasHCHandler Set if the handler has a HC callback function.
3429 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3430 */
3431REMR3DECL(void) REMR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3432{
3433 REMR3ReplayHandlerNotifications(pVM);
3434 remR3NotifyHandlerPhysicalDeregister(pVM, enmKind, GCPhys, cb, fHasHCHandler, fRestoreAsRAM);
3435}
3436
3437
3438/**
3439 * Notification about a successful PGMR3HandlerPhysicalModify() call.
3440 *
3441 * @param pVM VM Handle.
3442 * @param enmKind Kind of access handler.
3443 * @param GCPhysOld Old handler range address.
3444 * @param GCPhysNew New handler range address.
3445 * @param cb Size of the handler range.
3446 * @param fHasHCHandler Set if the handler has a HC callback function.
3447 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3448 */
3449static void remR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3450{
3451 Log(("REMR3NotifyHandlerPhysicalModify: enmKind=%d GCPhysOld=%RGp GCPhysNew=%RGp cb=%RGp fHasHCHandler=%RTbool fRestoreAsRAM=%RTbool\n",
3452 enmKind, GCPhysOld, GCPhysNew, cb, fHasHCHandler, fRestoreAsRAM));
3453 VM_ASSERT_EMT(pVM);
3454 AssertReleaseMsg(enmKind != PGMPHYSHANDLERKIND_MMIO, ("enmKind=%d\n", enmKind));
3455
3456 if (fHasHCHandler)
3457 {
3458 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3459
3460 /*
3461 * Reset the old page.
3462 */
3463 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3464 if (!fRestoreAsRAM)
3465 cpu_register_physical_memory_offset(GCPhysOld, cb, IO_MEM_UNASSIGNED, GCPhysOld);
3466 else
3467 {
3468 /* This is not perfect, but it'll do for PD monitoring... */
3469 Assert(cb == PAGE_SIZE);
3470 Assert(RT_ALIGN_T(GCPhysOld, PAGE_SIZE, RTGCPHYS) == GCPhysOld);
3471 cpu_register_physical_memory_offset(GCPhysOld, cb, GCPhysOld, GCPhysOld);
3472 }
3473
3474 /*
3475 * Update the new page.
3476 */
3477 Assert(RT_ALIGN_T(GCPhysNew, PAGE_SIZE, RTGCPHYS) == GCPhysNew);
3478 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3479 cpu_register_physical_memory_offset(GCPhysNew, cb, pVM->rem.s.iHandlerMemType, GCPhysNew);
3480 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3481
3482 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3483 }
3484}
3485
3486/**
3487 * Notification about a successful PGMR3HandlerPhysicalModify() call.
3488 *
3489 * @param pVM VM Handle.
3490 * @param enmKind Kind of access handler.
3491 * @param GCPhysOld Old handler range address.
3492 * @param GCPhysNew New handler range address.
3493 * @param cb Size of the handler range.
3494 * @param fHasHCHandler Set if the handler has a HC callback function.
3495 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3496 */
3497REMR3DECL(void) REMR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERKIND enmKind, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3498{
3499 REMR3ReplayHandlerNotifications(pVM);
3500
3501 remR3NotifyHandlerPhysicalModify(pVM, enmKind, GCPhysOld, GCPhysNew, cb, fHasHCHandler, fRestoreAsRAM);
3502}
3503
3504/**
3505 * Checks if we're handling access to this page or not.
3506 *
3507 * @returns true if we're trapping access.
3508 * @returns false if we aren't.
3509 * @param pVM The VM handle.
3510 * @param GCPhys The physical address.
3511 *
3512 * @remark This function will only work correctly in VBOX_STRICT builds!
3513 */
3514REMR3DECL(bool) REMR3IsPageAccessHandled(PVM pVM, RTGCPHYS GCPhys)
3515{
3516#ifdef VBOX_STRICT
3517 ram_addr_t off;
3518 REMR3ReplayHandlerNotifications(pVM);
3519
3520 off = get_phys_page_offset(GCPhys);
3521 return (off & PAGE_OFFSET_MASK) == pVM->rem.s.iHandlerMemType
3522 || (off & PAGE_OFFSET_MASK) == pVM->rem.s.iMMIOMemType
3523 || (off & PAGE_OFFSET_MASK) == IO_MEM_ROM;
3524#else
3525 return false;
3526#endif
3527}
3528
3529
3530/**
3531 * Deals with a rare case in get_phys_addr_code where the code
3532 * is being monitored.
3533 *
3534 * It could also be an MMIO page, in which case we will raise a fatal error.
3535 *
3536 * @returns The physical address corresponding to addr.
3537 * @param env The cpu environment.
3538 * @param addr The virtual address.
3539 * @param pTLBEntry The TLB entry.
3540 * @param IoTlbEntry The I/O TLB entry address.
3541 */
3542target_ulong remR3PhysGetPhysicalAddressCode(CPUX86State *env,
3543 target_ulong addr,
3544 CPUTLBEntry *pTLBEntry,
3545 target_phys_addr_t IoTlbEntry)
3546{
3547 PVM pVM = env->pVM;
3548
3549 if ((IoTlbEntry & ~TARGET_PAGE_MASK) == pVM->rem.s.iHandlerMemType)
3550 {
3551 /* If code memory is being monitored, appropriate IOTLB entry will have
3552 handler IO type, and addend will provide real physical address, no
3553 matter if we store VA in TLB or not, as handlers are always passed PA */
3554 target_ulong ret = (IoTlbEntry & TARGET_PAGE_MASK) + addr;
3555 return ret;
3556 }
3557 LogRel(("\nTrying to execute code with memory type addr_code=%RGv addend=%RGp at %RGv! (iHandlerMemType=%#x iMMIOMemType=%#x IOTLB=%RGp)\n"
3558 "*** handlers\n",
3559 (RTGCPTR)pTLBEntry->addr_code, (RTGCPHYS)pTLBEntry->addend, (RTGCPTR)addr, pVM->rem.s.iHandlerMemType, pVM->rem.s.iMMIOMemType, (RTGCPHYS)IoTlbEntry));
3560 DBGFR3Info(pVM->pUVM, "handlers", NULL, DBGFR3InfoLogRelHlp());
3561 LogRel(("*** mmio\n"));
3562 DBGFR3Info(pVM->pUVM, "mmio", NULL, DBGFR3InfoLogRelHlp());
3563 LogRel(("*** phys\n"));
3564 DBGFR3Info(pVM->pUVM, "phys", NULL, DBGFR3InfoLogRelHlp());
3565 cpu_abort(env, "Trying to execute code with memory type addr_code=%RGv addend=%RGp at %RGv. (iHandlerMemType=%#x iMMIOMemType=%#x)\n",
3566 (RTGCPTR)pTLBEntry->addr_code, (RTGCPHYS)pTLBEntry->addend, (RTGCPTR)addr, pVM->rem.s.iHandlerMemType, pVM->rem.s.iMMIOMemType);
3567 AssertFatalFailed();
3568}
3569
3570/**
3571 * Read guest RAM and ROM.
3572 *
3573 * @param SrcGCPhys The source address (guest physical).
3574 * @param pvDst The destination address.
3575 * @param cb Number of bytes
3576 */
3577void remR3PhysRead(RTGCPHYS SrcGCPhys, void *pvDst, unsigned cb)
3578{
3579 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3580 VBOX_CHECK_ADDR(SrcGCPhys);
3581 VBOXSTRICTRC rcStrict = PGMPhysRead(cpu_single_env->pVM, SrcGCPhys, pvDst, cb, PGMACCESSORIGIN_REM);
3582 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3583#ifdef VBOX_DEBUG_PHYS
3584 LogRel(("read(%d): %08x\n", cb, (uint32_t)SrcGCPhys));
3585#endif
3586 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3587}
3588
3589
3590/**
3591 * Read guest RAM and ROM, unsigned 8-bit.
3592 *
3593 * @param SrcGCPhys The source address (guest physical).
3594 */
3595RTCCUINTREG remR3PhysReadU8(RTGCPHYS SrcGCPhys)
3596{
3597 uint8_t val;
3598 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3599 VBOX_CHECK_ADDR(SrcGCPhys);
3600 val = PGMR3PhysReadU8(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3601 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3602#ifdef VBOX_DEBUG_PHYS
3603 LogRel(("readu8: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3604#endif
3605 return val;
3606}
3607
3608
3609/**
3610 * Read guest RAM and ROM, signed 8-bit.
3611 *
3612 * @param SrcGCPhys The source address (guest physical).
3613 */
3614RTCCINTREG remR3PhysReadS8(RTGCPHYS SrcGCPhys)
3615{
3616 int8_t val;
3617 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3618 VBOX_CHECK_ADDR(SrcGCPhys);
3619 val = PGMR3PhysReadU8(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3620 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3621#ifdef VBOX_DEBUG_PHYS
3622 LogRel(("reads8: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3623#endif
3624 return val;
3625}
3626
3627
3628/**
3629 * Read guest RAM and ROM, unsigned 16-bit.
3630 *
3631 * @param SrcGCPhys The source address (guest physical).
3632 */
3633RTCCUINTREG remR3PhysReadU16(RTGCPHYS SrcGCPhys)
3634{
3635 uint16_t val;
3636 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3637 VBOX_CHECK_ADDR(SrcGCPhys);
3638 val = PGMR3PhysReadU16(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3639 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3640#ifdef VBOX_DEBUG_PHYS
3641 LogRel(("readu16: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3642#endif
3643 return val;
3644}
3645
3646
3647/**
3648 * Read guest RAM and ROM, signed 16-bit.
3649 *
3650 * @param SrcGCPhys The source address (guest physical).
3651 */
3652RTCCINTREG remR3PhysReadS16(RTGCPHYS SrcGCPhys)
3653{
3654 int16_t val;
3655 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3656 VBOX_CHECK_ADDR(SrcGCPhys);
3657 val = PGMR3PhysReadU16(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3658 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3659#ifdef VBOX_DEBUG_PHYS
3660 LogRel(("reads16: %x <- %08x\n", (uint16_t)val, (uint32_t)SrcGCPhys));
3661#endif
3662 return val;
3663}
3664
3665
3666/**
3667 * Read guest RAM and ROM, unsigned 32-bit.
3668 *
3669 * @param SrcGCPhys The source address (guest physical).
3670 */
3671RTCCUINTREG remR3PhysReadU32(RTGCPHYS SrcGCPhys)
3672{
3673 uint32_t val;
3674 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3675 VBOX_CHECK_ADDR(SrcGCPhys);
3676 val = PGMR3PhysReadU32(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3677 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3678#ifdef VBOX_DEBUG_PHYS
3679 LogRel(("readu32: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3680#endif
3681 return val;
3682}
3683
3684
3685/**
3686 * Read guest RAM and ROM, signed 32-bit.
3687 *
3688 * @param SrcGCPhys The source address (guest physical).
3689 */
3690RTCCINTREG remR3PhysReadS32(RTGCPHYS SrcGCPhys)
3691{
3692 int32_t val;
3693 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3694 VBOX_CHECK_ADDR(SrcGCPhys);
3695 val = PGMR3PhysReadU32(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3696 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3697#ifdef VBOX_DEBUG_PHYS
3698 LogRel(("reads32: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3699#endif
3700 return val;
3701}
3702
3703
3704/**
3705 * Read guest RAM and ROM, unsigned 64-bit.
3706 *
3707 * @param SrcGCPhys The source address (guest physical).
3708 */
3709uint64_t remR3PhysReadU64(RTGCPHYS SrcGCPhys)
3710{
3711 uint64_t val;
3712 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3713 VBOX_CHECK_ADDR(SrcGCPhys);
3714 val = PGMR3PhysReadU64(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3715 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3716#ifdef VBOX_DEBUG_PHYS
3717 LogRel(("readu64: %llx <- %08x\n", val, (uint32_t)SrcGCPhys));
3718#endif
3719 return val;
3720}
3721
3722
3723/**
3724 * Read guest RAM and ROM, signed 64-bit.
3725 *
3726 * @param SrcGCPhys The source address (guest physical).
3727 */
3728int64_t remR3PhysReadS64(RTGCPHYS SrcGCPhys)
3729{
3730 int64_t val;
3731 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3732 VBOX_CHECK_ADDR(SrcGCPhys);
3733 val = PGMR3PhysReadU64(cpu_single_env->pVM, SrcGCPhys, PGMACCESSORIGIN_REM);
3734 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3735#ifdef VBOX_DEBUG_PHYS
3736 LogRel(("reads64: %llx <- %08x\n", val, (uint32_t)SrcGCPhys));
3737#endif
3738 return val;
3739}
3740
3741
3742/**
3743 * Write guest RAM.
3744 *
3745 * @param DstGCPhys The destination address (guest physical).
3746 * @param pvSrc The source address.
3747 * @param cb Number of bytes to write
3748 */
3749void remR3PhysWrite(RTGCPHYS DstGCPhys, const void *pvSrc, unsigned cb)
3750{
3751 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3752 VBOX_CHECK_ADDR(DstGCPhys);
3753 VBOXSTRICTRC rcStrict = PGMPhysWrite(cpu_single_env->pVM, DstGCPhys, pvSrc, cb, PGMACCESSORIGIN_REM);
3754 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3755 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3756#ifdef VBOX_DEBUG_PHYS
3757 LogRel(("write(%d): %08x\n", cb, (uint32_t)DstGCPhys));
3758#endif
3759}
3760
3761
3762/**
3763 * Write guest RAM, unsigned 8-bit.
3764 *
3765 * @param DstGCPhys The destination address (guest physical).
3766 * @param val Value
3767 */
3768void remR3PhysWriteU8(RTGCPHYS DstGCPhys, uint8_t val)
3769{
3770 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3771 VBOX_CHECK_ADDR(DstGCPhys);
3772 PGMR3PhysWriteU8(cpu_single_env->pVM, DstGCPhys, val, PGMACCESSORIGIN_REM);
3773 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3774#ifdef VBOX_DEBUG_PHYS
3775 LogRel(("writeu8: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3776#endif
3777}
3778
3779
3780/**
3781 * Write guest RAM, unsigned 8-bit.
3782 *
3783 * @param DstGCPhys The destination address (guest physical).
3784 * @param val Value
3785 */
3786void remR3PhysWriteU16(RTGCPHYS DstGCPhys, uint16_t val)
3787{
3788 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3789 VBOX_CHECK_ADDR(DstGCPhys);
3790 PGMR3PhysWriteU16(cpu_single_env->pVM, DstGCPhys, val, PGMACCESSORIGIN_REM);
3791 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3792#ifdef VBOX_DEBUG_PHYS
3793 LogRel(("writeu16: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3794#endif
3795}
3796
3797
3798/**
3799 * Write guest RAM, unsigned 32-bit.
3800 *
3801 * @param DstGCPhys The destination address (guest physical).
3802 * @param val Value
3803 */
3804void remR3PhysWriteU32(RTGCPHYS DstGCPhys, uint32_t val)
3805{
3806 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3807 VBOX_CHECK_ADDR(DstGCPhys);
3808 PGMR3PhysWriteU32(cpu_single_env->pVM, DstGCPhys, val, PGMACCESSORIGIN_REM);
3809 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3810#ifdef VBOX_DEBUG_PHYS
3811 LogRel(("writeu32: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3812#endif
3813}
3814
3815
3816/**
3817 * Write guest RAM, unsigned 64-bit.
3818 *
3819 * @param DstGCPhys The destination address (guest physical).
3820 * @param val Value
3821 */
3822void remR3PhysWriteU64(RTGCPHYS DstGCPhys, uint64_t val)
3823{
3824 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3825 VBOX_CHECK_ADDR(DstGCPhys);
3826 PGMR3PhysWriteU64(cpu_single_env->pVM, DstGCPhys, val, PGMACCESSORIGIN_REM);
3827 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3828#ifdef VBOX_DEBUG_PHYS
3829 LogRel(("writeu64: %llx -> %08x\n", val, (uint32_t)DstGCPhys));
3830#endif
3831}
3832
3833#undef LOG_GROUP
3834#define LOG_GROUP LOG_GROUP_REM_MMIO
3835
3836/** Read MMIO memory. */
3837static uint32_t remR3MMIOReadU8(void *pvEnv, target_phys_addr_t GCPhys)
3838{
3839 CPUX86State *env = (CPUX86State *)pvEnv;
3840 uint32_t u32 = 0;
3841 int rc = IOMMMIORead(env->pVM, env->pVCpu, GCPhys, &u32, 1);
3842 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3843 Log2(("remR3MMIOReadU8: GCPhys=%RGp -> %02x\n", (RTGCPHYS)GCPhys, u32));
3844 return u32;
3845}
3846
3847/** Read MMIO memory. */
3848static uint32_t remR3MMIOReadU16(void *pvEnv, target_phys_addr_t GCPhys)
3849{
3850 CPUX86State *env = (CPUX86State *)pvEnv;
3851 uint32_t u32 = 0;
3852 int rc = IOMMMIORead(env->pVM, env->pVCpu, GCPhys, &u32, 2);
3853 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3854 Log2(("remR3MMIOReadU16: GCPhys=%RGp -> %04x\n", (RTGCPHYS)GCPhys, u32));
3855 return u32;
3856}
3857
3858/** Read MMIO memory. */
3859static uint32_t remR3MMIOReadU32(void *pvEnv, target_phys_addr_t GCPhys)
3860{
3861 CPUX86State *env = (CPUX86State *)pvEnv;
3862 uint32_t u32 = 0;
3863 int rc = IOMMMIORead(env->pVM, env->pVCpu, GCPhys, &u32, 4);
3864 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3865 Log2(("remR3MMIOReadU32: GCPhys=%RGp -> %08x\n", (RTGCPHYS)GCPhys, u32));
3866 return u32;
3867}
3868
3869/** Write to MMIO memory. */
3870static void remR3MMIOWriteU8(void *pvEnv, target_phys_addr_t GCPhys, uint32_t u32)
3871{
3872 CPUX86State *env = (CPUX86State *)pvEnv;
3873 int rc;
3874 Log2(("remR3MMIOWriteU8: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3875 rc = IOMMMIOWrite(env->pVM, env->pVCpu, GCPhys, u32, 1);
3876 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3877}
3878
3879/** Write to MMIO memory. */
3880static void remR3MMIOWriteU16(void *pvEnv, target_phys_addr_t GCPhys, uint32_t u32)
3881{
3882 CPUX86State *env = (CPUX86State *)pvEnv;
3883 int rc;
3884 Log2(("remR3MMIOWriteU16: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3885 rc = IOMMMIOWrite(env->pVM, env->pVCpu, GCPhys, u32, 2);
3886 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3887}
3888
3889/** Write to MMIO memory. */
3890static void remR3MMIOWriteU32(void *pvEnv, target_phys_addr_t GCPhys, uint32_t u32)
3891{
3892 CPUX86State *env = (CPUX86State *)pvEnv;
3893 int rc;
3894 Log2(("remR3MMIOWriteU32: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3895 rc = IOMMMIOWrite(env->pVM, env->pVCpu, GCPhys, u32, 4);
3896 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3897}
3898
3899
3900#undef LOG_GROUP
3901#define LOG_GROUP LOG_GROUP_REM_HANDLER
3902
3903/* !!!WARNING!!! This is extremely hackish right now, we assume it's only for LFB access! !!!WARNING!!! */
3904
3905static uint32_t remR3HandlerReadU8(void *pvVM, target_phys_addr_t GCPhys)
3906{
3907 uint8_t u8;
3908 Log2(("remR3HandlerReadU8: GCPhys=%RGp\n", (RTGCPHYS)GCPhys));
3909 VBOXSTRICTRC rcStrict = PGMPhysRead((PVM)pvVM, GCPhys, &u8, sizeof(u8), PGMACCESSORIGIN_REM);
3910 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3911 return u8;
3912}
3913
3914static uint32_t remR3HandlerReadU16(void *pvVM, target_phys_addr_t GCPhys)
3915{
3916 uint16_t u16;
3917 Log2(("remR3HandlerReadU16: GCPhys=%RGp\n", (RTGCPHYS)GCPhys));
3918 VBOXSTRICTRC rcStrict = PGMPhysRead((PVM)pvVM, GCPhys, &u16, sizeof(u16), PGMACCESSORIGIN_REM);
3919 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3920 return u16;
3921}
3922
3923static uint32_t remR3HandlerReadU32(void *pvVM, target_phys_addr_t GCPhys)
3924{
3925 uint32_t u32;
3926 Log2(("remR3HandlerReadU32: GCPhys=%RGp\n", (RTGCPHYS)GCPhys));
3927 VBOXSTRICTRC rcStrict = PGMPhysRead((PVM)pvVM, GCPhys, &u32, sizeof(u32), PGMACCESSORIGIN_REM);
3928 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3929 return u32;
3930}
3931
3932static void remR3HandlerWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3933{
3934 Log2(("remR3HandlerWriteU8: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3935 VBOXSTRICTRC rcStrict = PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint8_t), PGMACCESSORIGIN_REM);
3936 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3937}
3938
3939static void remR3HandlerWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3940{
3941 Log2(("remR3HandlerWriteU16: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3942 VBOXSTRICTRC rcStrict = PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint16_t), PGMACCESSORIGIN_REM);
3943 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3944}
3945
3946static void remR3HandlerWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3947{
3948 Log2(("remR3HandlerWriteU32: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3949 VBOXSTRICTRC rcStrict = PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint32_t), PGMACCESSORIGIN_REM);
3950 AssertMsg(rcStrict == VINF_SUCCESS, ("%Rrc\n", VBOXSTRICTRC_VAL(rcStrict))); NOREF(rcStrict);
3951}
3952
3953/* -+- disassembly -+- */
3954
3955#undef LOG_GROUP
3956#define LOG_GROUP LOG_GROUP_REM_DISAS
3957
3958
3959/**
3960 * Enables or disables singled stepped disassembly.
3961 *
3962 * @returns VBox status code.
3963 * @param pVM VM handle.
3964 * @param fEnable To enable set this flag, to disable clear it.
3965 */
3966static DECLCALLBACK(int) remR3DisasEnableStepping(PVM pVM, bool fEnable)
3967{
3968 LogFlow(("remR3DisasEnableStepping: fEnable=%d\n", fEnable));
3969 VM_ASSERT_EMT(pVM);
3970
3971 if (fEnable)
3972 pVM->rem.s.Env.state |= CPU_EMULATE_SINGLE_STEP;
3973 else
3974 pVM->rem.s.Env.state &= ~CPU_EMULATE_SINGLE_STEP;
3975#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
3976 cpu_single_step(&pVM->rem.s.Env, fEnable);
3977#endif
3978 return VINF_SUCCESS;
3979}
3980
3981
3982/**
3983 * Enables or disables singled stepped disassembly.
3984 *
3985 * @returns VBox status code.
3986 * @param pVM VM handle.
3987 * @param fEnable To enable set this flag, to disable clear it.
3988 */
3989REMR3DECL(int) REMR3DisasEnableStepping(PVM pVM, bool fEnable)
3990{
3991 int rc;
3992
3993 LogFlow(("REMR3DisasEnableStepping: fEnable=%d\n", fEnable));
3994 if (VM_IS_EMT(pVM))
3995 return remR3DisasEnableStepping(pVM, fEnable);
3996
3997 rc = VMR3ReqPriorityCallWait(pVM, VMCPUID_ANY, (PFNRT)remR3DisasEnableStepping, 2, pVM, fEnable);
3998 AssertRC(rc);
3999 return rc;
4000}
4001
4002
4003#ifdef VBOX_WITH_DEBUGGER
4004/**
4005 * External Debugger Command: .remstep [on|off|1|0]
4006 */
4007static DECLCALLBACK(int) remR3CmdDisasEnableStepping(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PUVM pUVM,
4008 PCDBGCVAR paArgs, unsigned cArgs)
4009{
4010 int rc;
4011 PVM pVM = pUVM->pVM;
4012
4013 if (cArgs == 0)
4014 /*
4015 * Print the current status.
4016 */
4017 rc = DBGCCmdHlpPrintf(pCmdHlp, "DisasStepping is %s\n",
4018 pVM->rem.s.Env.state & CPU_EMULATE_SINGLE_STEP ? "enabled" : "disabled");
4019 else
4020 {
4021 /*
4022 * Convert the argument and change the mode.
4023 */
4024 bool fEnable;
4025 rc = DBGCCmdHlpVarToBool(pCmdHlp, &paArgs[0], &fEnable);
4026 if (RT_SUCCESS(rc))
4027 {
4028 rc = REMR3DisasEnableStepping(pVM, fEnable);
4029 if (RT_SUCCESS(rc))
4030 rc = DBGCCmdHlpPrintf(pCmdHlp, "DisasStepping was %s\n", fEnable ? "enabled" : "disabled");
4031 else
4032 rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "REMR3DisasEnableStepping");
4033 }
4034 else
4035 rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "DBGCCmdHlpVarToBool");
4036 }
4037 return rc;
4038}
4039#endif /* VBOX_WITH_DEBUGGER */
4040
4041
4042/**
4043 * Disassembles one instruction and prints it to the log.
4044 *
4045 * @returns Success indicator.
4046 * @param env Pointer to the recompiler CPU structure.
4047 * @param f32BitCode Indicates that whether or not the code should
4048 * be disassembled as 16 or 32 bit. If -1 the CS
4049 * selector will be inspected.
4050 * @param pszPrefix
4051 */
4052bool remR3DisasInstr(CPUX86State *env, int f32BitCode, char *pszPrefix)
4053{
4054 PVM pVM = env->pVM;
4055 const bool fLog = LogIsEnabled();
4056 const bool fLog2 = LogIs2Enabled();
4057 int rc = VINF_SUCCESS;
4058
4059 /*
4060 * Don't bother if there ain't any log output to do.
4061 */
4062 if (!fLog && !fLog2)
4063 return true;
4064
4065 /*
4066 * Update the state so DBGF reads the correct register values.
4067 */
4068 remR3StateUpdate(pVM, env->pVCpu);
4069
4070 /*
4071 * Log registers if requested.
4072 */
4073 if (fLog2)
4074 DBGFR3_INFO_LOG(pVM, "cpumguest", pszPrefix);
4075
4076 /*
4077 * Disassemble to log.
4078 */
4079 if (fLog)
4080 {
4081 PVMCPU pVCpu = VMMGetCpu(pVM);
4082 char szBuf[256];
4083 szBuf[0] = '\0';
4084 int rc = DBGFR3DisasInstrEx(pVCpu->pVMR3->pUVM,
4085 pVCpu->idCpu,
4086 0, /* Sel */ 0, /* GCPtr */
4087 DBGF_DISAS_FLAGS_CURRENT_GUEST | DBGF_DISAS_FLAGS_DEFAULT_MODE,
4088 szBuf,
4089 sizeof(szBuf),
4090 NULL);
4091 if (RT_FAILURE(rc))
4092 RTStrPrintf(szBuf, sizeof(szBuf), "DBGFR3DisasInstrEx failed with rc=%Rrc\n", rc);
4093 if (pszPrefix && *pszPrefix)
4094 RTLogPrintf("%s-CPU%d: %s\n", pszPrefix, pVCpu->idCpu, szBuf);
4095 else
4096 RTLogPrintf("CPU%d: %s\n", pVCpu->idCpu, szBuf);
4097 }
4098
4099 return RT_SUCCESS(rc);
4100}
4101
4102
4103/**
4104 * Disassemble recompiled code.
4105 *
4106 * @param phFileIgnored Ignored, logfile usually.
4107 * @param pvCode Pointer to the code block.
4108 * @param cb Size of the code block.
4109 */
4110void disas(FILE *phFileIgnored, void *pvCode, unsigned long cb)
4111{
4112 if (LogIs2Enabled())
4113 {
4114 unsigned off = 0;
4115 char szOutput[256];
4116 DISCPUSTATE Cpu;
4117#ifdef RT_ARCH_X86
4118 DISCPUMODE enmCpuMode = DISCPUMODE_32BIT;
4119#else
4120 DISCPUMODE enmCpuMode = DISCPUMODE_64BIT;
4121#endif
4122
4123 RTLogPrintf("Recompiled Code: %p %#lx (%ld) bytes\n", pvCode, cb, cb);
4124 while (off < cb)
4125 {
4126 uint32_t cbInstr;
4127 int rc = DISInstrToStr((uint8_t const *)pvCode + off, enmCpuMode,
4128 &Cpu, &cbInstr, szOutput, sizeof(szOutput));
4129 if (RT_SUCCESS(rc))
4130 RTLogPrintf("%s", szOutput);
4131 else
4132 {
4133 RTLogPrintf("disas error %Rrc\n", rc);
4134 cbInstr = 1;
4135 }
4136 off += cbInstr;
4137 }
4138 }
4139}
4140
4141
4142/**
4143 * Disassemble guest code.
4144 *
4145 * @param phFileIgnored Ignored, logfile usually.
4146 * @param uCode The guest address of the code to disassemble. (flat?)
4147 * @param cb Number of bytes to disassemble.
4148 * @param fFlags Flags, probably something which tells if this is 16, 32 or 64 bit code.
4149 */
4150void target_disas(FILE *phFileIgnored, target_ulong uCode, target_ulong cb, int fFlags)
4151{
4152 if (LogIs2Enabled())
4153 {
4154 PVM pVM = cpu_single_env->pVM;
4155 PVMCPU pVCpu = cpu_single_env->pVCpu;
4156 RTSEL cs;
4157 RTGCUINTPTR eip;
4158
4159 Assert(pVCpu);
4160
4161 /*
4162 * Update the state so DBGF reads the correct register values (flags).
4163 */
4164 remR3StateUpdate(pVM, pVCpu);
4165
4166 /*
4167 * Do the disassembling.
4168 */
4169 RTLogPrintf("Guest Code: PC=%llx %llx bytes fFlags=%d\n", (uint64_t)uCode, (uint64_t)cb, fFlags);
4170 cs = cpu_single_env->segs[R_CS].selector;
4171 eip = uCode - cpu_single_env->segs[R_CS].base;
4172 for (;;)
4173 {
4174 char szBuf[256];
4175 uint32_t cbInstr;
4176 int rc = DBGFR3DisasInstrEx(pVM->pUVM,
4177 pVCpu->idCpu,
4178 cs,
4179 eip,
4180 DBGF_DISAS_FLAGS_DEFAULT_MODE,
4181 szBuf, sizeof(szBuf),
4182 &cbInstr);
4183 if (RT_SUCCESS(rc))
4184 RTLogPrintf("%llx %s\n", (uint64_t)uCode, szBuf);
4185 else
4186 {
4187 RTLogPrintf("%llx %04x:%llx: %s\n", (uint64_t)uCode, cs, (uint64_t)eip, szBuf);
4188 cbInstr = 1;
4189 }
4190
4191 /* next */
4192 if (cb <= cbInstr)
4193 break;
4194 cb -= cbInstr;
4195 uCode += cbInstr;
4196 eip += cbInstr;
4197 }
4198 }
4199}
4200
4201
4202/**
4203 * Looks up a guest symbol.
4204 *
4205 * @returns Pointer to symbol name. This is a static buffer.
4206 * @param orig_addr The address in question.
4207 */
4208const char *lookup_symbol(target_ulong orig_addr)
4209{
4210 PVM pVM = cpu_single_env->pVM;
4211 RTGCINTPTR off = 0;
4212 RTDBGSYMBOL Sym;
4213 DBGFADDRESS Addr;
4214
4215 int rc = DBGFR3AsSymbolByAddr(pVM->pUVM, DBGF_AS_GLOBAL, DBGFR3AddrFromFlat(pVM->pUVM, &Addr, orig_addr),
4216 RTDBGSYMADDR_FLAGS_LESS_OR_EQUAL, &off, &Sym, NULL /*phMod*/);
4217 if (RT_SUCCESS(rc))
4218 {
4219 static char szSym[sizeof(Sym.szName) + 48];
4220 if (!off)
4221 RTStrPrintf(szSym, sizeof(szSym), "%s\n", Sym.szName);
4222 else if (off > 0)
4223 RTStrPrintf(szSym, sizeof(szSym), "%s+%x\n", Sym.szName, off);
4224 else
4225 RTStrPrintf(szSym, sizeof(szSym), "%s-%x\n", Sym.szName, -off);
4226 return szSym;
4227 }
4228 return "<N/A>";
4229}
4230
4231
4232#undef LOG_GROUP
4233#define LOG_GROUP LOG_GROUP_REM
4234
4235
4236/* -+- FF notifications -+- */
4237
4238
4239/**
4240 * Notification about a pending interrupt.
4241 *
4242 * @param pVM VM Handle.
4243 * @param pVCpu VMCPU Handle.
4244 * @param u8Interrupt Interrupt
4245 * @thread The emulation thread.
4246 */
4247REMR3DECL(void) REMR3NotifyPendingInterrupt(PVM pVM, PVMCPU pVCpu, uint8_t u8Interrupt)
4248{
4249 Assert(pVM->rem.s.u32PendingInterrupt == REM_NO_PENDING_IRQ);
4250 pVM->rem.s.u32PendingInterrupt = u8Interrupt;
4251}
4252
4253/**
4254 * Notification about a pending interrupt.
4255 *
4256 * @returns Pending interrupt or REM_NO_PENDING_IRQ
4257 * @param pVM VM Handle.
4258 * @param pVCpu VMCPU Handle.
4259 * @thread The emulation thread.
4260 */
4261REMR3DECL(uint32_t) REMR3QueryPendingInterrupt(PVM pVM, PVMCPU pVCpu)
4262{
4263 return pVM->rem.s.u32PendingInterrupt;
4264}
4265
4266/**
4267 * Notification about the interrupt FF being set.
4268 *
4269 * @param pVM VM Handle.
4270 * @param pVCpu VMCPU Handle.
4271 * @thread The emulation thread.
4272 */
4273REMR3DECL(void) REMR3NotifyInterruptSet(PVM pVM, PVMCPU pVCpu)
4274{
4275#ifndef IEM_VERIFICATION_MODE
4276 LogFlow(("REMR3NotifyInterruptSet: fInRem=%d interrupts %s\n", pVM->rem.s.fInREM,
4277 (pVM->rem.s.Env.eflags & IF_MASK) && !(pVM->rem.s.Env.hflags & HF_INHIBIT_IRQ_MASK) ? "enabled" : "disabled"));
4278 if (pVM->rem.s.fInREM)
4279 {
4280 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4281 CPU_INTERRUPT_EXTERNAL_HARD);
4282 }
4283#endif
4284}
4285
4286
4287/**
4288 * Notification about the interrupt FF being set.
4289 *
4290 * @param pVM VM Handle.
4291 * @param pVCpu VMCPU Handle.
4292 * @thread Any.
4293 */
4294REMR3DECL(void) REMR3NotifyInterruptClear(PVM pVM, PVMCPU pVCpu)
4295{
4296 LogFlow(("REMR3NotifyInterruptClear:\n"));
4297 if (pVM->rem.s.fInREM)
4298 cpu_reset_interrupt(cpu_single_env, CPU_INTERRUPT_HARD);
4299}
4300
4301
4302/**
4303 * Notification about pending timer(s).
4304 *
4305 * @param pVM VM Handle.
4306 * @param pVCpuDst The target cpu for this notification.
4307 * TM will not broadcast pending timer events, but use
4308 * a dedicated EMT for them. So, only interrupt REM
4309 * execution if the given CPU is executing in REM.
4310 * @thread Any.
4311 */
4312REMR3DECL(void) REMR3NotifyTimerPending(PVM pVM, PVMCPU pVCpuDst)
4313{
4314#ifndef IEM_VERIFICATION_MODE
4315#ifndef DEBUG_bird
4316 LogFlow(("REMR3NotifyTimerPending: fInRem=%d\n", pVM->rem.s.fInREM));
4317#endif
4318 if (pVM->rem.s.fInREM)
4319 {
4320 if (pVM->rem.s.Env.pVCpu == pVCpuDst)
4321 {
4322 LogIt(RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: setting\n"));
4323 ASMAtomicOrS32((int32_t volatile *)&pVM->rem.s.Env.interrupt_request,
4324 CPU_INTERRUPT_EXTERNAL_TIMER);
4325 }
4326 else
4327 LogIt(RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: pVCpu:%p != pVCpuDst:%p\n", pVM->rem.s.Env.pVCpu, pVCpuDst));
4328 }
4329 else
4330 LogIt(RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: !fInREM; cpu state=%d\n", VMCPU_GET_STATE(pVCpuDst)));
4331#endif
4332}
4333
4334
4335/**
4336 * Notification about pending DMA transfers.
4337 *
4338 * @param pVM VM Handle.
4339 * @thread Any.
4340 */
4341REMR3DECL(void) REMR3NotifyDmaPending(PVM pVM)
4342{
4343#ifndef IEM_VERIFICATION_MODE
4344 LogFlow(("REMR3NotifyDmaPending: fInRem=%d\n", pVM->rem.s.fInREM));
4345 if (pVM->rem.s.fInREM)
4346 {
4347 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4348 CPU_INTERRUPT_EXTERNAL_DMA);
4349 }
4350#endif
4351}
4352
4353
4354/**
4355 * Notification about pending timer(s).
4356 *
4357 * @param pVM VM Handle.
4358 * @thread Any.
4359 */
4360REMR3DECL(void) REMR3NotifyQueuePending(PVM pVM)
4361{
4362#ifndef IEM_VERIFICATION_MODE
4363 LogFlow(("REMR3NotifyQueuePending: fInRem=%d\n", pVM->rem.s.fInREM));
4364 if (pVM->rem.s.fInREM)
4365 {
4366 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4367 CPU_INTERRUPT_EXTERNAL_EXIT);
4368 }
4369#endif
4370}
4371
4372
4373/**
4374 * Notification about pending FF set by an external thread.
4375 *
4376 * @param pVM VM handle.
4377 * @thread Any.
4378 */
4379REMR3DECL(void) REMR3NotifyFF(PVM pVM)
4380{
4381#ifndef IEM_VERIFICATION_MODE
4382 LogFlow(("REMR3NotifyFF: fInRem=%d\n", pVM->rem.s.fInREM));
4383 if (pVM->rem.s.fInREM)
4384 {
4385 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4386 CPU_INTERRUPT_EXTERNAL_EXIT);
4387 }
4388#endif
4389}
4390
4391
4392#ifdef VBOX_WITH_STATISTICS
4393void remR3ProfileStart(int statcode)
4394{
4395 STAMPROFILEADV *pStat;
4396 switch(statcode)
4397 {
4398 case STATS_EMULATE_SINGLE_INSTR:
4399 pStat = &gStatExecuteSingleInstr;
4400 break;
4401 case STATS_QEMU_COMPILATION:
4402 pStat = &gStatCompilationQEmu;
4403 break;
4404 case STATS_QEMU_RUN_EMULATED_CODE:
4405 pStat = &gStatRunCodeQEmu;
4406 break;
4407 case STATS_QEMU_TOTAL:
4408 pStat = &gStatTotalTimeQEmu;
4409 break;
4410 case STATS_QEMU_RUN_TIMERS:
4411 pStat = &gStatTimers;
4412 break;
4413 case STATS_TLB_LOOKUP:
4414 pStat= &gStatTBLookup;
4415 break;
4416 case STATS_IRQ_HANDLING:
4417 pStat= &gStatIRQ;
4418 break;
4419 case STATS_RAW_CHECK:
4420 pStat = &gStatRawCheck;
4421 break;
4422
4423 default:
4424 AssertMsgFailed(("unknown stat %d\n", statcode));
4425 return;
4426 }
4427 STAM_PROFILE_ADV_START(pStat, a);
4428}
4429
4430
4431void remR3ProfileStop(int statcode)
4432{
4433 STAMPROFILEADV *pStat;
4434 switch(statcode)
4435 {
4436 case STATS_EMULATE_SINGLE_INSTR:
4437 pStat = &gStatExecuteSingleInstr;
4438 break;
4439 case STATS_QEMU_COMPILATION:
4440 pStat = &gStatCompilationQEmu;
4441 break;
4442 case STATS_QEMU_RUN_EMULATED_CODE:
4443 pStat = &gStatRunCodeQEmu;
4444 break;
4445 case STATS_QEMU_TOTAL:
4446 pStat = &gStatTotalTimeQEmu;
4447 break;
4448 case STATS_QEMU_RUN_TIMERS:
4449 pStat = &gStatTimers;
4450 break;
4451 case STATS_TLB_LOOKUP:
4452 pStat= &gStatTBLookup;
4453 break;
4454 case STATS_IRQ_HANDLING:
4455 pStat= &gStatIRQ;
4456 break;
4457 case STATS_RAW_CHECK:
4458 pStat = &gStatRawCheck;
4459 break;
4460 default:
4461 AssertMsgFailed(("unknown stat %d\n", statcode));
4462 return;
4463 }
4464 STAM_PROFILE_ADV_STOP(pStat, a);
4465}
4466#endif
4467
4468/**
4469 * Raise an RC, force rem exit.
4470 *
4471 * @param pVM VM handle.
4472 * @param rc The rc.
4473 */
4474void remR3RaiseRC(PVM pVM, int rc)
4475{
4476 Log(("remR3RaiseRC: rc=%Rrc\n", rc));
4477 Assert(pVM->rem.s.fInREM);
4478 VM_ASSERT_EMT(pVM);
4479 pVM->rem.s.rc = rc;
4480 cpu_interrupt(&pVM->rem.s.Env, CPU_INTERRUPT_RC);
4481}
4482
4483
4484/* -+- timers -+- */
4485
4486uint64_t cpu_get_tsc(CPUX86State *env)
4487{
4488 STAM_COUNTER_INC(&gStatCpuGetTSC);
4489 return TMCpuTickGet(env->pVCpu);
4490}
4491
4492
4493/* -+- interrupts -+- */
4494
4495void cpu_set_ferr(CPUX86State *env)
4496{
4497 int rc = PDMIsaSetIrq(env->pVM, 13, 1, 0 /*uTagSrc*/);
4498 LogFlow(("cpu_set_ferr: rc=%d\n", rc)); NOREF(rc);
4499}
4500
4501int cpu_get_pic_interrupt(CPUX86State *env)
4502{
4503 uint8_t u8Interrupt;
4504 int rc;
4505
4506 /* When we fail to forward interrupts directly in raw mode, we fall back to the recompiler.
4507 * In that case we can't call PDMGetInterrupt anymore, because it has already cleared the interrupt
4508 * with the (a)pic.
4509 */
4510 /* Note! We assume we will go directly to the recompiler to handle the pending interrupt! */
4511 /** @todo r=bird: In the long run we should just do the interrupt handling in EM/CPUM/TRPM/somewhere and
4512 * if we cannot execute the interrupt handler in raw-mode just reschedule to REM. Once that is done we
4513 * remove this kludge. */
4514 if (env->pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ)
4515 {
4516 rc = VINF_SUCCESS;
4517 Assert(env->pVM->rem.s.u32PendingInterrupt <= 255);
4518 u8Interrupt = env->pVM->rem.s.u32PendingInterrupt;
4519 env->pVM->rem.s.u32PendingInterrupt = REM_NO_PENDING_IRQ;
4520 }
4521 else
4522 rc = PDMGetInterrupt(env->pVCpu, &u8Interrupt);
4523
4524 LogFlow(("cpu_get_pic_interrupt: u8Interrupt=%d rc=%Rrc pc=%04x:%08llx ~flags=%08llx\n",
4525 u8Interrupt, rc, env->segs[R_CS].selector, (uint64_t)env->eip, (uint64_t)env->eflags));
4526 if (RT_SUCCESS(rc))
4527 {
4528 if (VMCPU_FF_IS_PENDING(env->pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC))
4529 env->interrupt_request |= CPU_INTERRUPT_HARD;
4530 return u8Interrupt;
4531 }
4532 return -1;
4533}
4534
4535
4536/* -+- local apic -+- */
4537
4538#if 0 /* CPUMSetGuestMsr does this now. */
4539void cpu_set_apic_base(CPUX86State *env, uint64_t val)
4540{
4541 int rc = PDMApicSetBase(env->pVM, val);
4542 LogFlow(("cpu_set_apic_base: val=%#llx rc=%Rrc\n", val, rc)); NOREF(rc);
4543}
4544#endif
4545
4546uint64_t cpu_get_apic_base(CPUX86State *env)
4547{
4548 uint64_t u64;
4549 VBOXSTRICTRC rcStrict = CPUMQueryGuestMsr(env->pVCpu, MSR_IA32_APICBASE, &u64);
4550 if (RT_SUCCESS(rcStrict))
4551 {
4552 LogFlow(("cpu_get_apic_base: returns %#llx \n", u64));
4553 return u64;
4554 }
4555 LogFlow(("cpu_get_apic_base: returns 0 (rc=%Rrc)\n", VBOXSTRICTRC_VAL(rcStrict)));
4556 return 0;
4557}
4558
4559void cpu_set_apic_tpr(CPUX86State *env, uint8_t val)
4560{
4561 int rc = PDMApicSetTPR(env->pVCpu, val << 4); /* cr8 bits 3-0 correspond to bits 7-4 of the task priority mmio register. */
4562 LogFlow(("cpu_set_apic_tpr: val=%#x rc=%Rrc\n", val, rc)); NOREF(rc);
4563}
4564
4565uint8_t cpu_get_apic_tpr(CPUX86State *env)
4566{
4567 uint8_t u8;
4568 int rc = PDMApicGetTPR(env->pVCpu, &u8, NULL, NULL);
4569 if (RT_SUCCESS(rc))
4570 {
4571 LogFlow(("cpu_get_apic_tpr: returns %#x\n", u8));
4572 return u8 >> 4; /* cr8 bits 3-0 correspond to bits 7-4 of the task priority mmio register. */
4573 }
4574 LogFlow(("cpu_get_apic_tpr: returns 0 (rc=%Rrc)\n", rc));
4575 return 0;
4576}
4577
4578/**
4579 * Read an MSR.
4580 *
4581 * @retval 0 success.
4582 * @retval -1 failure, raise \#GP(0).
4583 * @param env The cpu state.
4584 * @param idMsr The MSR to read.
4585 * @param puValue Where to return the value.
4586 */
4587int cpu_rdmsr(CPUX86State *env, uint32_t idMsr, uint64_t *puValue)
4588{
4589 Assert(env->pVCpu);
4590 return CPUMQueryGuestMsr(env->pVCpu, idMsr, puValue) == VINF_SUCCESS ? 0 : -1;
4591}
4592
4593/**
4594 * Write to an MSR.
4595 *
4596 * @retval 0 success.
4597 * @retval -1 failure, raise \#GP(0).
4598 * @param env The cpu state.
4599 * @param idMsr The MSR to write to.
4600 * @param uValue The value to write.
4601 */
4602int cpu_wrmsr(CPUX86State *env, uint32_t idMsr, uint64_t uValue)
4603{
4604 Assert(env->pVCpu);
4605 return CPUMSetGuestMsr(env->pVCpu, idMsr, uValue) == VINF_SUCCESS ? 0 : -1;
4606}
4607
4608/* -+- I/O Ports -+- */
4609
4610#undef LOG_GROUP
4611#define LOG_GROUP LOG_GROUP_REM_IOPORT
4612
4613void cpu_outb(CPUX86State *env, pio_addr_t addr, uint8_t val)
4614{
4615 int rc;
4616
4617 if (addr != 0x80 && addr != 0x70 && addr != 0x61)
4618 Log2(("cpu_outb: addr=%#06x val=%#x\n", addr, val));
4619
4620 rc = IOMIOPortWrite(env->pVM, env->pVCpu, (RTIOPORT)addr, val, 1);
4621 if (RT_LIKELY(rc == VINF_SUCCESS))
4622 return;
4623 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4624 {
4625 Log(("cpu_outb: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4626 remR3RaiseRC(env->pVM, rc);
4627 return;
4628 }
4629 remAbort(rc, __FUNCTION__);
4630}
4631
4632void cpu_outw(CPUX86State *env, pio_addr_t addr, uint16_t val)
4633{
4634 //Log2(("cpu_outw: addr=%#06x val=%#x\n", addr, val));
4635 int rc = IOMIOPortWrite(env->pVM, env->pVCpu, (RTIOPORT)addr, val, 2);
4636 if (RT_LIKELY(rc == VINF_SUCCESS))
4637 return;
4638 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4639 {
4640 Log(("cpu_outw: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4641 remR3RaiseRC(env->pVM, rc);
4642 return;
4643 }
4644 remAbort(rc, __FUNCTION__);
4645}
4646
4647void cpu_outl(CPUX86State *env, pio_addr_t addr, uint32_t val)
4648{
4649 int rc;
4650 Log2(("cpu_outl: addr=%#06x val=%#x\n", addr, val));
4651 rc = IOMIOPortWrite(env->pVM, env->pVCpu, (RTIOPORT)addr, val, 4);
4652 if (RT_LIKELY(rc == VINF_SUCCESS))
4653 return;
4654 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4655 {
4656 Log(("cpu_outl: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4657 remR3RaiseRC(env->pVM, rc);
4658 return;
4659 }
4660 remAbort(rc, __FUNCTION__);
4661}
4662
4663uint8_t cpu_inb(CPUX86State *env, pio_addr_t addr)
4664{
4665 uint32_t u32 = 0;
4666 int rc = IOMIOPortRead(env->pVM, env->pVCpu, (RTIOPORT)addr, &u32, 1);
4667 if (RT_LIKELY(rc == VINF_SUCCESS))
4668 {
4669 if (/*addr != 0x61 && */addr != 0x71)
4670 Log2(("cpu_inb: addr=%#06x -> %#x\n", addr, u32));
4671 return (uint8_t)u32;
4672 }
4673 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4674 {
4675 Log(("cpu_inb: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4676 remR3RaiseRC(env->pVM, rc);
4677 return (uint8_t)u32;
4678 }
4679 remAbort(rc, __FUNCTION__);
4680 return UINT8_C(0xff);
4681}
4682
4683uint16_t cpu_inw(CPUX86State *env, pio_addr_t addr)
4684{
4685 uint32_t u32 = 0;
4686 int rc = IOMIOPortRead(env->pVM, env->pVCpu, (RTIOPORT)addr, &u32, 2);
4687 if (RT_LIKELY(rc == VINF_SUCCESS))
4688 {
4689 Log2(("cpu_inw: addr=%#06x -> %#x\n", addr, u32));
4690 return (uint16_t)u32;
4691 }
4692 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4693 {
4694 Log(("cpu_inw: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4695 remR3RaiseRC(env->pVM, rc);
4696 return (uint16_t)u32;
4697 }
4698 remAbort(rc, __FUNCTION__);
4699 return UINT16_C(0xffff);
4700}
4701
4702uint32_t cpu_inl(CPUX86State *env, pio_addr_t addr)
4703{
4704 uint32_t u32 = 0;
4705 int rc = IOMIOPortRead(env->pVM, env->pVCpu, (RTIOPORT)addr, &u32, 4);
4706 if (RT_LIKELY(rc == VINF_SUCCESS))
4707 {
4708 Log2(("cpu_inl: addr=%#06x -> %#x\n", addr, u32));
4709 return u32;
4710 }
4711 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4712 {
4713 Log(("cpu_inl: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4714 remR3RaiseRC(env->pVM, rc);
4715 return u32;
4716 }
4717 remAbort(rc, __FUNCTION__);
4718 return UINT32_C(0xffffffff);
4719}
4720
4721#undef LOG_GROUP
4722#define LOG_GROUP LOG_GROUP_REM
4723
4724
4725/* -+- helpers and misc other interfaces -+- */
4726
4727/**
4728 * Perform the CPUID instruction.
4729 *
4730 * @param env Pointer to the recompiler CPU structure.
4731 * @param idx The CPUID leaf (eax).
4732 * @param idxSub The CPUID sub-leaf (ecx) where applicable.
4733 * @param pEAX Where to store eax.
4734 * @param pEBX Where to store ebx.
4735 * @param pECX Where to store ecx.
4736 * @param pEDX Where to store edx.
4737 */
4738void cpu_x86_cpuid(CPUX86State *env, uint32_t idx, uint32_t idxSub,
4739 uint32_t *pEAX, uint32_t *pEBX, uint32_t *pECX, uint32_t *pEDX)
4740{
4741 NOREF(idxSub);
4742 CPUMGetGuestCpuId(env->pVCpu, idx, idxSub, pEAX, pEBX, pECX, pEDX);
4743}
4744
4745
4746#if 0 /* not used */
4747/**
4748 * Interface for qemu hardware to report back fatal errors.
4749 */
4750void hw_error(const char *pszFormat, ...)
4751{
4752 /*
4753 * Bitch about it.
4754 */
4755 /** @todo Add support for nested arg lists in the LogPrintfV routine! I've code for
4756 * this in my Odin32 tree at home! */
4757 va_list args;
4758 va_start(args, pszFormat);
4759 RTLogPrintf("fatal error in virtual hardware:");
4760 RTLogPrintfV(pszFormat, args);
4761 va_end(args);
4762 AssertReleaseMsgFailed(("fatal error in virtual hardware: %s\n", pszFormat));
4763
4764 /*
4765 * If we're in REM context we'll sync back the state before 'jumping' to
4766 * the EMs failure handling.
4767 */
4768 PVM pVM = cpu_single_env->pVM;
4769 if (pVM->rem.s.fInREM)
4770 REMR3StateBack(pVM);
4771 EMR3FatalError(pVM, VERR_REM_VIRTUAL_HARDWARE_ERROR);
4772 AssertMsgFailed(("EMR3FatalError returned!\n"));
4773}
4774#endif
4775
4776/**
4777 * Interface for the qemu cpu to report unhandled situation
4778 * raising a fatal VM error.
4779 */
4780void cpu_abort(CPUX86State *env, const char *pszFormat, ...)
4781{
4782 va_list va;
4783 PVM pVM;
4784 PVMCPU pVCpu;
4785 char szMsg[256];
4786
4787 /*
4788 * Bitch about it.
4789 */
4790 RTLogFlags(NULL, "nodisabled nobuffered");
4791 RTLogFlush(NULL);
4792
4793 va_start(va, pszFormat);
4794#if defined(RT_OS_WINDOWS) && ARCH_BITS == 64
4795 /* It's a bit complicated when mixing MSC and GCC on AMD64. This is a bit ugly, but it works. */
4796 unsigned cArgs = 0;
4797 uintptr_t auArgs[6] = {0,0,0,0,0,0};
4798 const char *psz = strchr(pszFormat, '%');
4799 while (psz && cArgs < 6)
4800 {
4801 auArgs[cArgs++] = va_arg(va, uintptr_t);
4802 psz = strchr(psz + 1, '%');
4803 }
4804 switch (cArgs)
4805 {
4806 case 1: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0]); break;
4807 case 2: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1]); break;
4808 case 3: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2]); break;
4809 case 4: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3]); break;
4810 case 5: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3], auArgs[4]); break;
4811 case 6: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3], auArgs[4], auArgs[5]); break;
4812 default:
4813 case 0: RTStrPrintf(szMsg, sizeof(szMsg), "%s", pszFormat); break;
4814 }
4815#else
4816 RTStrPrintfV(szMsg, sizeof(szMsg), pszFormat, va);
4817#endif
4818 va_end(va);
4819
4820 RTLogPrintf("fatal error in recompiler cpu: %s\n", szMsg);
4821 RTLogRelPrintf("fatal error in recompiler cpu: %s\n", szMsg);
4822
4823 /*
4824 * If we're in REM context we'll sync back the state before 'jumping' to
4825 * the EMs failure handling.
4826 */
4827 pVM = cpu_single_env->pVM;
4828 pVCpu = cpu_single_env->pVCpu;
4829 Assert(pVCpu);
4830
4831 if (pVM->rem.s.fInREM)
4832 REMR3StateBack(pVM, pVCpu);
4833 EMR3FatalError(pVCpu, VERR_REM_VIRTUAL_CPU_ERROR);
4834 AssertMsgFailed(("EMR3FatalError returned!\n"));
4835}
4836
4837
4838/**
4839 * Aborts the VM.
4840 *
4841 * @param rc VBox error code.
4842 * @param pszTip Hint about why/when this happened.
4843 */
4844void remAbort(int rc, const char *pszTip)
4845{
4846 PVM pVM;
4847 PVMCPU pVCpu;
4848
4849 /*
4850 * Bitch about it.
4851 */
4852 RTLogPrintf("internal REM fatal error: rc=%Rrc %s\n", rc, pszTip);
4853 AssertReleaseMsgFailed(("internal REM fatal error: rc=%Rrc %s\n", rc, pszTip));
4854
4855 /*
4856 * Jump back to where we entered the recompiler.
4857 */
4858 pVM = cpu_single_env->pVM;
4859 pVCpu = cpu_single_env->pVCpu;
4860 Assert(pVCpu);
4861
4862 if (pVM->rem.s.fInREM)
4863 REMR3StateBack(pVM, pVCpu);
4864
4865 EMR3FatalError(pVCpu, rc);
4866 AssertMsgFailed(("EMR3FatalError returned!\n"));
4867}
4868
4869
4870/**
4871 * Dumps a linux system call.
4872 * @param pVCpu VMCPU handle.
4873 */
4874void remR3DumpLnxSyscall(PVMCPU pVCpu)
4875{
4876 static const char *apsz[] =
4877 {
4878 "sys_restart_syscall", /* 0 - old "setup()" system call, used for restarting */
4879 "sys_exit",
4880 "sys_fork",
4881 "sys_read",
4882 "sys_write",
4883 "sys_open", /* 5 */
4884 "sys_close",
4885 "sys_waitpid",
4886 "sys_creat",
4887 "sys_link",
4888 "sys_unlink", /* 10 */
4889 "sys_execve",
4890 "sys_chdir",
4891 "sys_time",
4892 "sys_mknod",
4893 "sys_chmod", /* 15 */
4894 "sys_lchown16",
4895 "sys_ni_syscall", /* old break syscall holder */
4896 "sys_stat",
4897 "sys_lseek",
4898 "sys_getpid", /* 20 */
4899 "sys_mount",
4900 "sys_oldumount",
4901 "sys_setuid16",
4902 "sys_getuid16",
4903 "sys_stime", /* 25 */
4904 "sys_ptrace",
4905 "sys_alarm",
4906 "sys_fstat",
4907 "sys_pause",
4908 "sys_utime", /* 30 */
4909 "sys_ni_syscall", /* old stty syscall holder */
4910 "sys_ni_syscall", /* old gtty syscall holder */
4911 "sys_access",
4912 "sys_nice",
4913 "sys_ni_syscall", /* 35 - old ftime syscall holder */
4914 "sys_sync",
4915 "sys_kill",
4916 "sys_rename",
4917 "sys_mkdir",
4918 "sys_rmdir", /* 40 */
4919 "sys_dup",
4920 "sys_pipe",
4921 "sys_times",
4922 "sys_ni_syscall", /* old prof syscall holder */
4923 "sys_brk", /* 45 */
4924 "sys_setgid16",
4925 "sys_getgid16",
4926 "sys_signal",
4927 "sys_geteuid16",
4928 "sys_getegid16", /* 50 */
4929 "sys_acct",
4930 "sys_umount", /* recycled never used phys() */
4931 "sys_ni_syscall", /* old lock syscall holder */
4932 "sys_ioctl",
4933 "sys_fcntl", /* 55 */
4934 "sys_ni_syscall", /* old mpx syscall holder */
4935 "sys_setpgid",
4936 "sys_ni_syscall", /* old ulimit syscall holder */
4937 "sys_olduname",
4938 "sys_umask", /* 60 */
4939 "sys_chroot",
4940 "sys_ustat",
4941 "sys_dup2",
4942 "sys_getppid",
4943 "sys_getpgrp", /* 65 */
4944 "sys_setsid",
4945 "sys_sigaction",
4946 "sys_sgetmask",
4947 "sys_ssetmask",
4948 "sys_setreuid16", /* 70 */
4949 "sys_setregid16",
4950 "sys_sigsuspend",
4951 "sys_sigpending",
4952 "sys_sethostname",
4953 "sys_setrlimit", /* 75 */
4954 "sys_old_getrlimit",
4955 "sys_getrusage",
4956 "sys_gettimeofday",
4957 "sys_settimeofday",
4958 "sys_getgroups16", /* 80 */
4959 "sys_setgroups16",
4960 "old_select",
4961 "sys_symlink",
4962 "sys_lstat",
4963 "sys_readlink", /* 85 */
4964 "sys_uselib",
4965 "sys_swapon",
4966 "sys_reboot",
4967 "old_readdir",
4968 "old_mmap", /* 90 */
4969 "sys_munmap",
4970 "sys_truncate",
4971 "sys_ftruncate",
4972 "sys_fchmod",
4973 "sys_fchown16", /* 95 */
4974 "sys_getpriority",
4975 "sys_setpriority",
4976 "sys_ni_syscall", /* old profil syscall holder */
4977 "sys_statfs",
4978 "sys_fstatfs", /* 100 */
4979 "sys_ioperm",
4980 "sys_socketcall",
4981 "sys_syslog",
4982 "sys_setitimer",
4983 "sys_getitimer", /* 105 */
4984 "sys_newstat",
4985 "sys_newlstat",
4986 "sys_newfstat",
4987 "sys_uname",
4988 "sys_iopl", /* 110 */
4989 "sys_vhangup",
4990 "sys_ni_syscall", /* old "idle" system call */
4991 "sys_vm86old",
4992 "sys_wait4",
4993 "sys_swapoff", /* 115 */
4994 "sys_sysinfo",
4995 "sys_ipc",
4996 "sys_fsync",
4997 "sys_sigreturn",
4998 "sys_clone", /* 120 */
4999 "sys_setdomainname",
5000 "sys_newuname",
5001 "sys_modify_ldt",
5002 "sys_adjtimex",
5003 "sys_mprotect", /* 125 */
5004 "sys_sigprocmask",
5005 "sys_ni_syscall", /* old "create_module" */
5006 "sys_init_module",
5007 "sys_delete_module",
5008 "sys_ni_syscall", /* 130: old "get_kernel_syms" */
5009 "sys_quotactl",
5010 "sys_getpgid",
5011 "sys_fchdir",
5012 "sys_bdflush",
5013 "sys_sysfs", /* 135 */
5014 "sys_personality",
5015 "sys_ni_syscall", /* reserved for afs_syscall */
5016 "sys_setfsuid16",
5017 "sys_setfsgid16",
5018 "sys_llseek", /* 140 */
5019 "sys_getdents",
5020 "sys_select",
5021 "sys_flock",
5022 "sys_msync",
5023 "sys_readv", /* 145 */
5024 "sys_writev",
5025 "sys_getsid",
5026 "sys_fdatasync",
5027 "sys_sysctl",
5028 "sys_mlock", /* 150 */
5029 "sys_munlock",
5030 "sys_mlockall",
5031 "sys_munlockall",
5032 "sys_sched_setparam",
5033 "sys_sched_getparam", /* 155 */
5034 "sys_sched_setscheduler",
5035 "sys_sched_getscheduler",
5036 "sys_sched_yield",
5037 "sys_sched_get_priority_max",
5038 "sys_sched_get_priority_min", /* 160 */
5039 "sys_sched_rr_get_interval",
5040 "sys_nanosleep",
5041 "sys_mremap",
5042 "sys_setresuid16",
5043 "sys_getresuid16", /* 165 */
5044 "sys_vm86",
5045 "sys_ni_syscall", /* Old sys_query_module */
5046 "sys_poll",
5047 "sys_nfsservctl",
5048 "sys_setresgid16", /* 170 */
5049 "sys_getresgid16",
5050 "sys_prctl",
5051 "sys_rt_sigreturn",
5052 "sys_rt_sigaction",
5053 "sys_rt_sigprocmask", /* 175 */
5054 "sys_rt_sigpending",
5055 "sys_rt_sigtimedwait",
5056 "sys_rt_sigqueueinfo",
5057 "sys_rt_sigsuspend",
5058 "sys_pread64", /* 180 */
5059 "sys_pwrite64",
5060 "sys_chown16",
5061 "sys_getcwd",
5062 "sys_capget",
5063 "sys_capset", /* 185 */
5064 "sys_sigaltstack",
5065 "sys_sendfile",
5066 "sys_ni_syscall", /* reserved for streams1 */
5067 "sys_ni_syscall", /* reserved for streams2 */
5068 "sys_vfork", /* 190 */
5069 "sys_getrlimit",
5070 "sys_mmap2",
5071 "sys_truncate64",
5072 "sys_ftruncate64",
5073 "sys_stat64", /* 195 */
5074 "sys_lstat64",
5075 "sys_fstat64",
5076 "sys_lchown",
5077 "sys_getuid",
5078 "sys_getgid", /* 200 */
5079 "sys_geteuid",
5080 "sys_getegid",
5081 "sys_setreuid",
5082 "sys_setregid",
5083 "sys_getgroups", /* 205 */
5084 "sys_setgroups",
5085 "sys_fchown",
5086 "sys_setresuid",
5087 "sys_getresuid",
5088 "sys_setresgid", /* 210 */
5089 "sys_getresgid",
5090 "sys_chown",
5091 "sys_setuid",
5092 "sys_setgid",
5093 "sys_setfsuid", /* 215 */
5094 "sys_setfsgid",
5095 "sys_pivot_root",
5096 "sys_mincore",
5097 "sys_madvise",
5098 "sys_getdents64", /* 220 */
5099 "sys_fcntl64",
5100 "sys_ni_syscall", /* reserved for TUX */
5101 "sys_ni_syscall",
5102 "sys_gettid",
5103 "sys_readahead", /* 225 */
5104 "sys_setxattr",
5105 "sys_lsetxattr",
5106 "sys_fsetxattr",
5107 "sys_getxattr",
5108 "sys_lgetxattr", /* 230 */
5109 "sys_fgetxattr",
5110 "sys_listxattr",
5111 "sys_llistxattr",
5112 "sys_flistxattr",
5113 "sys_removexattr", /* 235 */
5114 "sys_lremovexattr",
5115 "sys_fremovexattr",
5116 "sys_tkill",
5117 "sys_sendfile64",
5118 "sys_futex", /* 240 */
5119 "sys_sched_setaffinity",
5120 "sys_sched_getaffinity",
5121 "sys_set_thread_area",
5122 "sys_get_thread_area",
5123 "sys_io_setup", /* 245 */
5124 "sys_io_destroy",
5125 "sys_io_getevents",
5126 "sys_io_submit",
5127 "sys_io_cancel",
5128 "sys_fadvise64", /* 250 */
5129 "sys_ni_syscall",
5130 "sys_exit_group",
5131 "sys_lookup_dcookie",
5132 "sys_epoll_create",
5133 "sys_epoll_ctl", /* 255 */
5134 "sys_epoll_wait",
5135 "sys_remap_file_pages",
5136 "sys_set_tid_address",
5137 "sys_timer_create",
5138 "sys_timer_settime", /* 260 */
5139 "sys_timer_gettime",
5140 "sys_timer_getoverrun",
5141 "sys_timer_delete",
5142 "sys_clock_settime",
5143 "sys_clock_gettime", /* 265 */
5144 "sys_clock_getres",
5145 "sys_clock_nanosleep",
5146 "sys_statfs64",
5147 "sys_fstatfs64",
5148 "sys_tgkill", /* 270 */
5149 "sys_utimes",
5150 "sys_fadvise64_64",
5151 "sys_ni_syscall" /* sys_vserver */
5152 };
5153
5154 uint32_t uEAX = CPUMGetGuestEAX(pVCpu);
5155 switch (uEAX)
5156 {
5157 default:
5158 if (uEAX < RT_ELEMENTS(apsz))
5159 Log(("REM: linux syscall %3d: %s (eip=%08x ebx=%08x ecx=%08x edx=%08x esi=%08x edi=%08x ebp=%08x)\n",
5160 uEAX, apsz[uEAX], CPUMGetGuestEIP(pVCpu), CPUMGetGuestEBX(pVCpu), CPUMGetGuestECX(pVCpu),
5161 CPUMGetGuestEDX(pVCpu), CPUMGetGuestESI(pVCpu), CPUMGetGuestEDI(pVCpu), CPUMGetGuestEBP(pVCpu)));
5162 else
5163 Log(("eip=%08x: linux syscall %d (#%x) unknown\n", CPUMGetGuestEIP(pVCpu), uEAX, uEAX));
5164 break;
5165
5166 }
5167}
5168
5169
5170/**
5171 * Dumps an OpenBSD system call.
5172 * @param pVCpu VMCPU handle.
5173 */
5174void remR3DumpOBsdSyscall(PVMCPU pVCpu)
5175{
5176 static const char *apsz[] =
5177 {
5178 "SYS_syscall", //0
5179 "SYS_exit", //1
5180 "SYS_fork", //2
5181 "SYS_read", //3
5182 "SYS_write", //4
5183 "SYS_open", //5
5184 "SYS_close", //6
5185 "SYS_wait4", //7
5186 "SYS_8",
5187 "SYS_link", //9
5188 "SYS_unlink", //10
5189 "SYS_11",
5190 "SYS_chdir", //12
5191 "SYS_fchdir", //13
5192 "SYS_mknod", //14
5193 "SYS_chmod", //15
5194 "SYS_chown", //16
5195 "SYS_break", //17
5196 "SYS_18",
5197 "SYS_19",
5198 "SYS_getpid", //20
5199 "SYS_mount", //21
5200 "SYS_unmount", //22
5201 "SYS_setuid", //23
5202 "SYS_getuid", //24
5203 "SYS_geteuid", //25
5204 "SYS_ptrace", //26
5205 "SYS_recvmsg", //27
5206 "SYS_sendmsg", //28
5207 "SYS_recvfrom", //29
5208 "SYS_accept", //30
5209 "SYS_getpeername", //31
5210 "SYS_getsockname", //32
5211 "SYS_access", //33
5212 "SYS_chflags", //34
5213 "SYS_fchflags", //35
5214 "SYS_sync", //36
5215 "SYS_kill", //37
5216 "SYS_38",
5217 "SYS_getppid", //39
5218 "SYS_40",
5219 "SYS_dup", //41
5220 "SYS_opipe", //42
5221 "SYS_getegid", //43
5222 "SYS_profil", //44
5223 "SYS_ktrace", //45
5224 "SYS_sigaction", //46
5225 "SYS_getgid", //47
5226 "SYS_sigprocmask", //48
5227 "SYS_getlogin", //49
5228 "SYS_setlogin", //50
5229 "SYS_acct", //51
5230 "SYS_sigpending", //52
5231 "SYS_osigaltstack", //53
5232 "SYS_ioctl", //54
5233 "SYS_reboot", //55
5234 "SYS_revoke", //56
5235 "SYS_symlink", //57
5236 "SYS_readlink", //58
5237 "SYS_execve", //59
5238 "SYS_umask", //60
5239 "SYS_chroot", //61
5240 "SYS_62",
5241 "SYS_63",
5242 "SYS_64",
5243 "SYS_65",
5244 "SYS_vfork", //66
5245 "SYS_67",
5246 "SYS_68",
5247 "SYS_sbrk", //69
5248 "SYS_sstk", //70
5249 "SYS_61",
5250 "SYS_vadvise", //72
5251 "SYS_munmap", //73
5252 "SYS_mprotect", //74
5253 "SYS_madvise", //75
5254 "SYS_76",
5255 "SYS_77",
5256 "SYS_mincore", //78
5257 "SYS_getgroups", //79
5258 "SYS_setgroups", //80
5259 "SYS_getpgrp", //81
5260 "SYS_setpgid", //82
5261 "SYS_setitimer", //83
5262 "SYS_84",
5263 "SYS_85",
5264 "SYS_getitimer", //86
5265 "SYS_87",
5266 "SYS_88",
5267 "SYS_89",
5268 "SYS_dup2", //90
5269 "SYS_91",
5270 "SYS_fcntl", //92
5271 "SYS_select", //93
5272 "SYS_94",
5273 "SYS_fsync", //95
5274 "SYS_setpriority", //96
5275 "SYS_socket", //97
5276 "SYS_connect", //98
5277 "SYS_99",
5278 "SYS_getpriority", //100
5279 "SYS_101",
5280 "SYS_102",
5281 "SYS_sigreturn", //103
5282 "SYS_bind", //104
5283 "SYS_setsockopt", //105
5284 "SYS_listen", //106
5285 "SYS_107",
5286 "SYS_108",
5287 "SYS_109",
5288 "SYS_110",
5289 "SYS_sigsuspend", //111
5290 "SYS_112",
5291 "SYS_113",
5292 "SYS_114",
5293 "SYS_115",
5294 "SYS_gettimeofday", //116
5295 "SYS_getrusage", //117
5296 "SYS_getsockopt", //118
5297 "SYS_119",
5298 "SYS_readv", //120
5299 "SYS_writev", //121
5300 "SYS_settimeofday", //122
5301 "SYS_fchown", //123
5302 "SYS_fchmod", //124
5303 "SYS_125",
5304 "SYS_setreuid", //126
5305 "SYS_setregid", //127
5306 "SYS_rename", //128
5307 "SYS_129",
5308 "SYS_130",
5309 "SYS_flock", //131
5310 "SYS_mkfifo", //132
5311 "SYS_sendto", //133
5312 "SYS_shutdown", //134
5313 "SYS_socketpair", //135
5314 "SYS_mkdir", //136
5315 "SYS_rmdir", //137
5316 "SYS_utimes", //138
5317 "SYS_139",
5318 "SYS_adjtime", //140
5319 "SYS_141",
5320 "SYS_142",
5321 "SYS_143",
5322 "SYS_144",
5323 "SYS_145",
5324 "SYS_146",
5325 "SYS_setsid", //147
5326 "SYS_quotactl", //148
5327 "SYS_149",
5328 "SYS_150",
5329 "SYS_151",
5330 "SYS_152",
5331 "SYS_153",
5332 "SYS_154",
5333 "SYS_nfssvc", //155
5334 "SYS_156",
5335 "SYS_157",
5336 "SYS_158",
5337 "SYS_159",
5338 "SYS_160",
5339 "SYS_getfh", //161
5340 "SYS_162",
5341 "SYS_163",
5342 "SYS_164",
5343 "SYS_sysarch", //165
5344 "SYS_166",
5345 "SYS_167",
5346 "SYS_168",
5347 "SYS_169",
5348 "SYS_170",
5349 "SYS_171",
5350 "SYS_172",
5351 "SYS_pread", //173
5352 "SYS_pwrite", //174
5353 "SYS_175",
5354 "SYS_176",
5355 "SYS_177",
5356 "SYS_178",
5357 "SYS_179",
5358 "SYS_180",
5359 "SYS_setgid", //181
5360 "SYS_setegid", //182
5361 "SYS_seteuid", //183
5362 "SYS_lfs_bmapv", //184
5363 "SYS_lfs_markv", //185
5364 "SYS_lfs_segclean", //186
5365 "SYS_lfs_segwait", //187
5366 "SYS_188",
5367 "SYS_189",
5368 "SYS_190",
5369 "SYS_pathconf", //191
5370 "SYS_fpathconf", //192
5371 "SYS_swapctl", //193
5372 "SYS_getrlimit", //194
5373 "SYS_setrlimit", //195
5374 "SYS_getdirentries", //196
5375 "SYS_mmap", //197
5376 "SYS___syscall", //198
5377 "SYS_lseek", //199
5378 "SYS_truncate", //200
5379 "SYS_ftruncate", //201
5380 "SYS___sysctl", //202
5381 "SYS_mlock", //203
5382 "SYS_munlock", //204
5383 "SYS_205",
5384 "SYS_futimes", //206
5385 "SYS_getpgid", //207
5386 "SYS_xfspioctl", //208
5387 "SYS_209",
5388 "SYS_210",
5389 "SYS_211",
5390 "SYS_212",
5391 "SYS_213",
5392 "SYS_214",
5393 "SYS_215",
5394 "SYS_216",
5395 "SYS_217",
5396 "SYS_218",
5397 "SYS_219",
5398 "SYS_220",
5399 "SYS_semget", //221
5400 "SYS_222",
5401 "SYS_223",
5402 "SYS_224",
5403 "SYS_msgget", //225
5404 "SYS_msgsnd", //226
5405 "SYS_msgrcv", //227
5406 "SYS_shmat", //228
5407 "SYS_229",
5408 "SYS_shmdt", //230
5409 "SYS_231",
5410 "SYS_clock_gettime", //232
5411 "SYS_clock_settime", //233
5412 "SYS_clock_getres", //234
5413 "SYS_235",
5414 "SYS_236",
5415 "SYS_237",
5416 "SYS_238",
5417 "SYS_239",
5418 "SYS_nanosleep", //240
5419 "SYS_241",
5420 "SYS_242",
5421 "SYS_243",
5422 "SYS_244",
5423 "SYS_245",
5424 "SYS_246",
5425 "SYS_247",
5426 "SYS_248",
5427 "SYS_249",
5428 "SYS_minherit", //250
5429 "SYS_rfork", //251
5430 "SYS_poll", //252
5431 "SYS_issetugid", //253
5432 "SYS_lchown", //254
5433 "SYS_getsid", //255
5434 "SYS_msync", //256
5435 "SYS_257",
5436 "SYS_258",
5437 "SYS_259",
5438 "SYS_getfsstat", //260
5439 "SYS_statfs", //261
5440 "SYS_fstatfs", //262
5441 "SYS_pipe", //263
5442 "SYS_fhopen", //264
5443 "SYS_265",
5444 "SYS_fhstatfs", //266
5445 "SYS_preadv", //267
5446 "SYS_pwritev", //268
5447 "SYS_kqueue", //269
5448 "SYS_kevent", //270
5449 "SYS_mlockall", //271
5450 "SYS_munlockall", //272
5451 "SYS_getpeereid", //273
5452 "SYS_274",
5453 "SYS_275",
5454 "SYS_276",
5455 "SYS_277",
5456 "SYS_278",
5457 "SYS_279",
5458 "SYS_280",
5459 "SYS_getresuid", //281
5460 "SYS_setresuid", //282
5461 "SYS_getresgid", //283
5462 "SYS_setresgid", //284
5463 "SYS_285",
5464 "SYS_mquery", //286
5465 "SYS_closefrom", //287
5466 "SYS_sigaltstack", //288
5467 "SYS_shmget", //289
5468 "SYS_semop", //290
5469 "SYS_stat", //291
5470 "SYS_fstat", //292
5471 "SYS_lstat", //293
5472 "SYS_fhstat", //294
5473 "SYS___semctl", //295
5474 "SYS_shmctl", //296
5475 "SYS_msgctl", //297
5476 "SYS_MAXSYSCALL", //298
5477 //299
5478 //300
5479 };
5480 uint32_t uEAX;
5481 if (!LogIsEnabled())
5482 return;
5483 uEAX = CPUMGetGuestEAX(pVCpu);
5484 switch (uEAX)
5485 {
5486 default:
5487 if (uEAX < RT_ELEMENTS(apsz))
5488 {
5489 uint32_t au32Args[8] = {0};
5490 PGMPhysSimpleReadGCPtr(pVCpu, au32Args, CPUMGetGuestESP(pVCpu), sizeof(au32Args));
5491 RTLogPrintf("REM: OpenBSD syscall %3d: %s (eip=%08x %08x %08x %08x %08x %08x %08x %08x %08x)\n",
5492 uEAX, apsz[uEAX], CPUMGetGuestEIP(pVCpu), au32Args[0], au32Args[1], au32Args[2], au32Args[3],
5493 au32Args[4], au32Args[5], au32Args[6], au32Args[7]);
5494 }
5495 else
5496 RTLogPrintf("eip=%08x: OpenBSD syscall %d (#%x) unknown!!\n", CPUMGetGuestEIP(pVCpu), uEAX, uEAX);
5497 break;
5498 }
5499}
5500
5501
5502#if defined(IPRT_NO_CRT) && defined(RT_OS_WINDOWS) && defined(RT_ARCH_X86)
5503/**
5504 * The Dll main entry point (stub).
5505 */
5506bool __stdcall _DllMainCRTStartup(void *hModule, uint32_t dwReason, void *pvReserved)
5507{
5508 return true;
5509}
5510
5511void *memcpy(void *dst, const void *src, size_t size)
5512{
5513 uint8_t*pbDst = dst, *pbSrc = src;
5514 while (size-- > 0)
5515 *pbDst++ = *pbSrc++;
5516 return dst;
5517}
5518
5519#endif
5520
5521void cpu_smm_update(CPUX86State *env)
5522{
5523}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette