VirtualBox

source: vbox/trunk/src/recompiler/VBoxRecompiler.c@ 29853

Last change on this file since 29853 was 29333, checked in by vboxsync, 15 years ago

removed VBOX_WITH_VMI

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 168.9 KB
Line 
1/* $Id: VBoxRecompiler.c 29333 2010-05-11 10:28:57Z vboxsync $ */
2/** @file
3 * VBox Recompiler - QEMU.
4 */
5
6/*
7 * Copyright (C) 2006-2007 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*******************************************************************************
20* Header Files *
21*******************************************************************************/
22#define LOG_GROUP LOG_GROUP_REM
23#include "vl.h"
24#include "osdep.h"
25#include "exec-all.h"
26#include "config.h"
27#include "cpu-all.h"
28
29#include <VBox/rem.h>
30#include <VBox/vmapi.h>
31#include <VBox/tm.h>
32#include <VBox/ssm.h>
33#include <VBox/em.h>
34#include <VBox/trpm.h>
35#include <VBox/iom.h>
36#include <VBox/mm.h>
37#include <VBox/pgm.h>
38#include <VBox/pdm.h>
39#include <VBox/dbgf.h>
40#include <VBox/dbg.h>
41#include <VBox/hwaccm.h>
42#include <VBox/patm.h>
43#include <VBox/csam.h>
44#include "REMInternal.h"
45#include <VBox/vm.h>
46#include <VBox/param.h>
47#include <VBox/err.h>
48
49#include <VBox/log.h>
50#include <iprt/semaphore.h>
51#include <iprt/asm.h>
52#include <iprt/assert.h>
53#include <iprt/thread.h>
54#include <iprt/string.h>
55
56/* Don't wanna include everything. */
57extern void cpu_exec_init_all(unsigned long tb_size);
58extern void cpu_x86_update_cr3(CPUX86State *env, target_ulong new_cr3);
59extern void cpu_x86_update_cr0(CPUX86State *env, uint32_t new_cr0);
60extern void cpu_x86_update_cr4(CPUX86State *env, uint32_t new_cr4);
61extern void tlb_flush_page(CPUX86State *env, target_ulong addr);
62extern void tlb_flush(CPUState *env, int flush_global);
63extern void sync_seg(CPUX86State *env1, int seg_reg, int selector);
64extern void sync_ldtr(CPUX86State *env1, int selector);
65
66#ifdef VBOX_STRICT
67unsigned long get_phys_page_offset(target_ulong addr);
68#endif
69
70
71/*******************************************************************************
72* Defined Constants And Macros *
73*******************************************************************************/
74
75/** Copy 80-bit fpu register at pSrc to pDst.
76 * This is probably faster than *calling* memcpy.
77 */
78#define REM_COPY_FPU_REG(pDst, pSrc) \
79 do { *(PX86FPUMMX)(pDst) = *(const X86FPUMMX *)(pSrc); } while (0)
80
81
82/*******************************************************************************
83* Internal Functions *
84*******************************************************************************/
85static DECLCALLBACK(int) remR3Save(PVM pVM, PSSMHANDLE pSSM);
86static DECLCALLBACK(int) remR3Load(PVM pVM, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass);
87static void remR3StateUpdate(PVM pVM, PVMCPU pVCpu);
88static int remR3InitPhysRamSizeAndDirtyMap(PVM pVM, bool fGuarded);
89
90static uint32_t remR3MMIOReadU8(void *pvVM, target_phys_addr_t GCPhys);
91static uint32_t remR3MMIOReadU16(void *pvVM, target_phys_addr_t GCPhys);
92static uint32_t remR3MMIOReadU32(void *pvVM, target_phys_addr_t GCPhys);
93static void remR3MMIOWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
94static void remR3MMIOWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
95static void remR3MMIOWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
96
97static uint32_t remR3HandlerReadU8(void *pvVM, target_phys_addr_t GCPhys);
98static uint32_t remR3HandlerReadU16(void *pvVM, target_phys_addr_t GCPhys);
99static uint32_t remR3HandlerReadU32(void *pvVM, target_phys_addr_t GCPhys);
100static void remR3HandlerWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
101static void remR3HandlerWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
102static void remR3HandlerWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
103
104static void remR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM);
105static void remR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler);
106static void remR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM);
107
108/*******************************************************************************
109* Global Variables *
110*******************************************************************************/
111
112/** @todo Move stats to REM::s some rainy day we have nothing do to. */
113#ifdef VBOX_WITH_STATISTICS
114static STAMPROFILEADV gStatExecuteSingleInstr;
115static STAMPROFILEADV gStatCompilationQEmu;
116static STAMPROFILEADV gStatRunCodeQEmu;
117static STAMPROFILEADV gStatTotalTimeQEmu;
118static STAMPROFILEADV gStatTimers;
119static STAMPROFILEADV gStatTBLookup;
120static STAMPROFILEADV gStatIRQ;
121static STAMPROFILEADV gStatRawCheck;
122static STAMPROFILEADV gStatMemRead;
123static STAMPROFILEADV gStatMemWrite;
124static STAMPROFILE gStatGCPhys2HCVirt;
125static STAMPROFILE gStatHCVirt2GCPhys;
126static STAMCOUNTER gStatCpuGetTSC;
127static STAMCOUNTER gStatRefuseTFInhibit;
128static STAMCOUNTER gStatRefuseVM86;
129static STAMCOUNTER gStatRefusePaging;
130static STAMCOUNTER gStatRefusePAE;
131static STAMCOUNTER gStatRefuseIOPLNot0;
132static STAMCOUNTER gStatRefuseIF0;
133static STAMCOUNTER gStatRefuseCode16;
134static STAMCOUNTER gStatRefuseWP0;
135static STAMCOUNTER gStatRefuseRing1or2;
136static STAMCOUNTER gStatRefuseCanExecute;
137static STAMCOUNTER gStatREMGDTChange;
138static STAMCOUNTER gStatREMIDTChange;
139static STAMCOUNTER gStatREMLDTRChange;
140static STAMCOUNTER gStatREMTRChange;
141static STAMCOUNTER gStatSelOutOfSync[6];
142static STAMCOUNTER gStatSelOutOfSyncStateBack[6];
143static STAMCOUNTER gStatFlushTBs;
144#endif
145/* in exec.c */
146extern uint32_t tlb_flush_count;
147extern uint32_t tb_flush_count;
148extern uint32_t tb_phys_invalidate_count;
149
150/*
151 * Global stuff.
152 */
153
154/** MMIO read callbacks. */
155CPUReadMemoryFunc *g_apfnMMIORead[3] =
156{
157 remR3MMIOReadU8,
158 remR3MMIOReadU16,
159 remR3MMIOReadU32
160};
161
162/** MMIO write callbacks. */
163CPUWriteMemoryFunc *g_apfnMMIOWrite[3] =
164{
165 remR3MMIOWriteU8,
166 remR3MMIOWriteU16,
167 remR3MMIOWriteU32
168};
169
170/** Handler read callbacks. */
171CPUReadMemoryFunc *g_apfnHandlerRead[3] =
172{
173 remR3HandlerReadU8,
174 remR3HandlerReadU16,
175 remR3HandlerReadU32
176};
177
178/** Handler write callbacks. */
179CPUWriteMemoryFunc *g_apfnHandlerWrite[3] =
180{
181 remR3HandlerWriteU8,
182 remR3HandlerWriteU16,
183 remR3HandlerWriteU32
184};
185
186
187#if defined(VBOX_WITH_DEBUGGER) && !(defined(RT_OS_WINDOWS) && defined(RT_ARCH_AMD64))
188/*
189 * Debugger commands.
190 */
191static DECLCALLBACK(int) remR3CmdDisasEnableStepping(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PVM pVM, PCDBGCVAR paArgs, unsigned cArgs, PDBGCVAR pResult);
192
193/** '.remstep' arguments. */
194static const DBGCVARDESC g_aArgRemStep[] =
195{
196 /* cTimesMin, cTimesMax, enmCategory, fFlags, pszName, pszDescription */
197 { 0, ~0, DBGCVAR_CAT_NUMBER, 0, "on/off", "Boolean value/mnemonic indicating the new state." },
198};
199
200/** Command descriptors. */
201static const DBGCCMD g_aCmds[] =
202{
203 {
204 .pszCmd ="remstep",
205 .cArgsMin = 0,
206 .cArgsMax = 1,
207 .paArgDescs = &g_aArgRemStep[0],
208 .cArgDescs = RT_ELEMENTS(g_aArgRemStep),
209 .pResultDesc = NULL,
210 .fFlags = 0,
211 .pfnHandler = remR3CmdDisasEnableStepping,
212 .pszSyntax = "[on/off]",
213 .pszDescription = "Enable or disable the single stepping with logged disassembly. "
214 "If no arguments show the current state."
215 }
216};
217#endif
218
219/** Prologue code, must be in lower 4G to simplify jumps to/from generated code. */
220uint8_t *code_gen_prologue;
221
222
223/*******************************************************************************
224* Internal Functions *
225*******************************************************************************/
226void remAbort(int rc, const char *pszTip);
227extern int testmath(void);
228
229/* Put them here to avoid unused variable warning. */
230AssertCompile(RT_SIZEOFMEMB(VM, rem.padding) >= RT_SIZEOFMEMB(VM, rem.s));
231#if !defined(IPRT_NO_CRT) && (defined(RT_OS_LINUX) || defined(RT_OS_DARWIN) || defined(RT_OS_WINDOWS))
232//AssertCompileMemberSize(REM, Env, REM_ENV_SIZE);
233/* Why did this have to be identical?? */
234AssertCompile(RT_SIZEOFMEMB(REM, Env) <= REM_ENV_SIZE);
235#else
236AssertCompile(RT_SIZEOFMEMB(REM, Env) <= REM_ENV_SIZE);
237#endif
238
239
240/**
241 * Initializes the REM.
242 *
243 * @returns VBox status code.
244 * @param pVM The VM to operate on.
245 */
246REMR3DECL(int) REMR3Init(PVM pVM)
247{
248 PREMHANDLERNOTIFICATION pCur;
249 uint32_t u32Dummy;
250 int rc;
251 unsigned i;
252
253#ifdef VBOX_ENABLE_VBOXREM64
254 LogRel(("Using 64-bit aware REM\n"));
255#endif
256
257 /*
258 * Assert sanity.
259 */
260 AssertReleaseMsg(sizeof(pVM->rem.padding) >= sizeof(pVM->rem.s), ("%#x >= %#x; sizeof(Env)=%#x\n", sizeof(pVM->rem.padding), sizeof(pVM->rem.s), sizeof(pVM->rem.s.Env)));
261 AssertReleaseMsg(sizeof(pVM->rem.s.Env) <= REM_ENV_SIZE, ("%#x == %#x\n", sizeof(pVM->rem.s.Env), REM_ENV_SIZE));
262 AssertReleaseMsg(!(RT_OFFSETOF(VM, rem) & 31), ("off=%#x\n", RT_OFFSETOF(VM, rem)));
263#if defined(DEBUG) && !defined(RT_OS_SOLARIS) && !defined(RT_OS_FREEBSD) /// @todo fix the solaris and freebsd math stuff.
264 Assert(!testmath());
265#endif
266
267 /*
268 * Init some internal data members.
269 */
270 pVM->rem.s.offVM = RT_OFFSETOF(VM, rem.s);
271 pVM->rem.s.Env.pVM = pVM;
272#ifdef CPU_RAW_MODE_INIT
273 pVM->rem.s.state |= CPU_RAW_MODE_INIT;
274#endif
275
276 /*
277 * Initialize the REM critical section.
278 *
279 * Note: This is not a 100% safe solution as updating the internal memory state while another VCPU
280 * is executing code could be dangerous. Taking the REM lock is not an option due to the danger of
281 * deadlocks. (mostly pgm vs rem locking)
282 */
283 rc = PDMR3CritSectInit(pVM, &pVM->rem.s.CritSectRegister, RT_SRC_POS, "REM-Register");
284 AssertRCReturn(rc, rc);
285
286 /* ctx. */
287 pVM->rem.s.pCtx = NULL; /* set when executing code. */
288 AssertMsg(MMR3PhysGetRamSize(pVM) == 0, ("Init order has changed! REM depends on notification about ALL physical memory registrations\n"));
289
290 /* ignore all notifications */
291 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
292
293 code_gen_prologue = RTMemExecAlloc(_1K);
294 AssertLogRelReturn(code_gen_prologue, VERR_NO_MEMORY);
295
296 cpu_exec_init_all(0);
297
298 /*
299 * Init the recompiler.
300 */
301 if (!cpu_x86_init(&pVM->rem.s.Env, "vbox"))
302 {
303 AssertMsgFailed(("cpu_x86_init failed - impossible!\n"));
304 return VERR_GENERAL_FAILURE;
305 }
306 PVMCPU pVCpu = VMMGetCpu(pVM);
307 CPUMGetGuestCpuId(pVCpu, 1, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
308 CPUMGetGuestCpuId(pVCpu, 0x80000001, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext3_features, &pVM->rem.s.Env.cpuid_ext2_features);
309
310 /* allocate code buffer for single instruction emulation. */
311 pVM->rem.s.Env.cbCodeBuffer = 4096;
312 pVM->rem.s.Env.pvCodeBuffer = RTMemExecAlloc(pVM->rem.s.Env.cbCodeBuffer);
313 AssertMsgReturn(pVM->rem.s.Env.pvCodeBuffer, ("Failed to allocate code buffer!\n"), VERR_NO_MEMORY);
314
315 /* finally, set the cpu_single_env global. */
316 cpu_single_env = &pVM->rem.s.Env;
317
318 /* Nothing is pending by default */
319 pVM->rem.s.u32PendingInterrupt = REM_NO_PENDING_IRQ;
320
321 /*
322 * Register ram types.
323 */
324 pVM->rem.s.iMMIOMemType = cpu_register_io_memory(-1, g_apfnMMIORead, g_apfnMMIOWrite, pVM);
325 AssertReleaseMsg(pVM->rem.s.iMMIOMemType >= 0, ("pVM->rem.s.iMMIOMemType=%d\n", pVM->rem.s.iMMIOMemType));
326 pVM->rem.s.iHandlerMemType = cpu_register_io_memory(-1, g_apfnHandlerRead, g_apfnHandlerWrite, pVM);
327 AssertReleaseMsg(pVM->rem.s.iHandlerMemType >= 0, ("pVM->rem.s.iHandlerMemType=%d\n", pVM->rem.s.iHandlerMemType));
328 Log2(("REM: iMMIOMemType=%d iHandlerMemType=%d\n", pVM->rem.s.iMMIOMemType, pVM->rem.s.iHandlerMemType));
329
330 /* stop ignoring. */
331 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
332
333 /*
334 * Register the saved state data unit.
335 */
336 rc = SSMR3RegisterInternal(pVM, "rem", 1, REM_SAVED_STATE_VERSION, sizeof(uint32_t) * 10,
337 NULL, NULL, NULL,
338 NULL, remR3Save, NULL,
339 NULL, remR3Load, NULL);
340 if (RT_FAILURE(rc))
341 return rc;
342
343#if defined(VBOX_WITH_DEBUGGER) && !(defined(RT_OS_WINDOWS) && defined(RT_ARCH_AMD64))
344 /*
345 * Debugger commands.
346 */
347 static bool fRegisteredCmds = false;
348 if (!fRegisteredCmds)
349 {
350 int rc = DBGCRegisterCommands(&g_aCmds[0], RT_ELEMENTS(g_aCmds));
351 if (RT_SUCCESS(rc))
352 fRegisteredCmds = true;
353 }
354#endif
355
356#ifdef VBOX_WITH_STATISTICS
357 /*
358 * Statistics.
359 */
360 STAM_REG(pVM, &gStatExecuteSingleInstr, STAMTYPE_PROFILE, "/PROF/REM/SingleInstr",STAMUNIT_TICKS_PER_CALL, "Profiling single instruction emulation.");
361 STAM_REG(pVM, &gStatCompilationQEmu, STAMTYPE_PROFILE, "/PROF/REM/Compile", STAMUNIT_TICKS_PER_CALL, "Profiling QEmu compilation.");
362 STAM_REG(pVM, &gStatRunCodeQEmu, STAMTYPE_PROFILE, "/PROF/REM/Runcode", STAMUNIT_TICKS_PER_CALL, "Profiling QEmu code execution.");
363 STAM_REG(pVM, &gStatTotalTimeQEmu, STAMTYPE_PROFILE, "/PROF/REM/Emulate", STAMUNIT_TICKS_PER_CALL, "Profiling code emulation.");
364 STAM_REG(pVM, &gStatTimers, STAMTYPE_PROFILE, "/PROF/REM/Timers", STAMUNIT_TICKS_PER_CALL, "Profiling timer scheduling.");
365 STAM_REG(pVM, &gStatTBLookup, STAMTYPE_PROFILE, "/PROF/REM/TBLookup", STAMUNIT_TICKS_PER_CALL, "Profiling timer scheduling.");
366 STAM_REG(pVM, &gStatIRQ, STAMTYPE_PROFILE, "/PROF/REM/IRQ", STAMUNIT_TICKS_PER_CALL, "Profiling timer scheduling.");
367 STAM_REG(pVM, &gStatRawCheck, STAMTYPE_PROFILE, "/PROF/REM/RawCheck", STAMUNIT_TICKS_PER_CALL, "Profiling timer scheduling.");
368 STAM_REG(pVM, &gStatMemRead, STAMTYPE_PROFILE, "/PROF/REM/MemRead", STAMUNIT_TICKS_PER_CALL, "Profiling memory access.");
369 STAM_REG(pVM, &gStatMemWrite, STAMTYPE_PROFILE, "/PROF/REM/MemWrite", STAMUNIT_TICKS_PER_CALL, "Profiling memory access.");
370 STAM_REG(pVM, &gStatHCVirt2GCPhys, STAMTYPE_PROFILE, "/PROF/REM/HCVirt2GCPhys", STAMUNIT_TICKS_PER_CALL, "Profiling memory convertion.");
371 STAM_REG(pVM, &gStatGCPhys2HCVirt, STAMTYPE_PROFILE, "/PROF/REM/GCPhys2HCVirt", STAMUNIT_TICKS_PER_CALL, "Profiling memory convertion.");
372
373 STAM_REG(pVM, &gStatCpuGetTSC, STAMTYPE_COUNTER, "/REM/CpuGetTSC", STAMUNIT_OCCURENCES, "cpu_get_tsc calls");
374
375 STAM_REG(pVM, &gStatRefuseTFInhibit, STAMTYPE_COUNTER, "/REM/Refuse/TFInibit", STAMUNIT_OCCURENCES, "Raw mode refused because of TF or irq inhibit");
376 STAM_REG(pVM, &gStatRefuseVM86, STAMTYPE_COUNTER, "/REM/Refuse/VM86", STAMUNIT_OCCURENCES, "Raw mode refused because of VM86");
377 STAM_REG(pVM, &gStatRefusePaging, STAMTYPE_COUNTER, "/REM/Refuse/Paging", STAMUNIT_OCCURENCES, "Raw mode refused because of disabled paging/pm");
378 STAM_REG(pVM, &gStatRefusePAE, STAMTYPE_COUNTER, "/REM/Refuse/PAE", STAMUNIT_OCCURENCES, "Raw mode refused because of PAE");
379 STAM_REG(pVM, &gStatRefuseIOPLNot0, STAMTYPE_COUNTER, "/REM/Refuse/IOPLNot0", STAMUNIT_OCCURENCES, "Raw mode refused because of IOPL != 0");
380 STAM_REG(pVM, &gStatRefuseIF0, STAMTYPE_COUNTER, "/REM/Refuse/IF0", STAMUNIT_OCCURENCES, "Raw mode refused because of IF=0");
381 STAM_REG(pVM, &gStatRefuseCode16, STAMTYPE_COUNTER, "/REM/Refuse/Code16", STAMUNIT_OCCURENCES, "Raw mode refused because of 16 bit code");
382 STAM_REG(pVM, &gStatRefuseWP0, STAMTYPE_COUNTER, "/REM/Refuse/WP0", STAMUNIT_OCCURENCES, "Raw mode refused because of WP=0");
383 STAM_REG(pVM, &gStatRefuseRing1or2, STAMTYPE_COUNTER, "/REM/Refuse/Ring1or2", STAMUNIT_OCCURENCES, "Raw mode refused because of ring 1/2 execution");
384 STAM_REG(pVM, &gStatRefuseCanExecute, STAMTYPE_COUNTER, "/REM/Refuse/CanExecuteRaw", STAMUNIT_OCCURENCES, "Raw mode refused because of cCanExecuteRaw");
385 STAM_REG(pVM, &gStatFlushTBs, STAMTYPE_COUNTER, "/REM/FlushTB", STAMUNIT_OCCURENCES, "Number of TB flushes");
386
387 STAM_REG(pVM, &gStatREMGDTChange, STAMTYPE_COUNTER, "/REM/Change/GDTBase", STAMUNIT_OCCURENCES, "GDT base changes");
388 STAM_REG(pVM, &gStatREMLDTRChange, STAMTYPE_COUNTER, "/REM/Change/LDTR", STAMUNIT_OCCURENCES, "LDTR changes");
389 STAM_REG(pVM, &gStatREMIDTChange, STAMTYPE_COUNTER, "/REM/Change/IDTBase", STAMUNIT_OCCURENCES, "IDT base changes");
390 STAM_REG(pVM, &gStatREMTRChange, STAMTYPE_COUNTER, "/REM/Change/TR", STAMUNIT_OCCURENCES, "TR selector changes");
391
392 STAM_REG(pVM, &gStatSelOutOfSync[0], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/ES", STAMUNIT_OCCURENCES, "ES out of sync");
393 STAM_REG(pVM, &gStatSelOutOfSync[1], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/CS", STAMUNIT_OCCURENCES, "CS out of sync");
394 STAM_REG(pVM, &gStatSelOutOfSync[2], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/SS", STAMUNIT_OCCURENCES, "SS out of sync");
395 STAM_REG(pVM, &gStatSelOutOfSync[3], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/DS", STAMUNIT_OCCURENCES, "DS out of sync");
396 STAM_REG(pVM, &gStatSelOutOfSync[4], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/FS", STAMUNIT_OCCURENCES, "FS out of sync");
397 STAM_REG(pVM, &gStatSelOutOfSync[5], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/GS", STAMUNIT_OCCURENCES, "GS out of sync");
398
399 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[0], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/ES", STAMUNIT_OCCURENCES, "ES out of sync");
400 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[1], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/CS", STAMUNIT_OCCURENCES, "CS out of sync");
401 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[2], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/SS", STAMUNIT_OCCURENCES, "SS out of sync");
402 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[3], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/DS", STAMUNIT_OCCURENCES, "DS out of sync");
403 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[4], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/FS", STAMUNIT_OCCURENCES, "FS out of sync");
404 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[5], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/GS", STAMUNIT_OCCURENCES, "GS out of sync");
405
406 STAM_REG(pVM, &pVM->rem.s.Env.StatTbFlush, STAMTYPE_PROFILE, "/REM/TbFlush", STAMUNIT_TICKS_PER_CALL, "profiling tb_flush().");
407#endif /* VBOX_WITH_STATISTICS */
408
409 STAM_REL_REG(pVM, &tb_flush_count, STAMTYPE_U32_RESET, "/REM/TbFlushCount", STAMUNIT_OCCURENCES, "tb_flush() calls");
410 STAM_REL_REG(pVM, &tb_phys_invalidate_count, STAMTYPE_U32_RESET, "/REM/TbPhysInvldCount", STAMUNIT_OCCURENCES, "tb_phys_invalidate() calls");
411 STAM_REL_REG(pVM, &tlb_flush_count, STAMTYPE_U32_RESET, "/REM/TlbFlushCount", STAMUNIT_OCCURENCES, "tlb_flush() calls");
412
413
414#ifdef DEBUG_ALL_LOGGING
415 loglevel = ~0;
416# ifdef DEBUG_TMP_LOGGING
417 logfile = fopen("/tmp/vbox-qemu.log", "w");
418# endif
419#endif
420
421 /*
422 * Init the handler notification lists.
423 */
424 pVM->rem.s.idxPendingList = UINT32_MAX;
425 pVM->rem.s.idxFreeList = 0;
426
427 for (i = 0 ; i < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications); i++)
428 {
429 pCur = &pVM->rem.s.aHandlerNotifications[i];
430 pCur->idxNext = i + 1;
431 pCur->idxSelf = i;
432 }
433 pCur->idxNext = UINT32_MAX; /* the last record. */
434
435 return rc;
436}
437
438
439/**
440 * Finalizes the REM initialization.
441 *
442 * This is called after all components, devices and drivers has
443 * been initialized. Its main purpose it to finish the RAM related
444 * initialization.
445 *
446 * @returns VBox status code.
447 *
448 * @param pVM The VM handle.
449 */
450REMR3DECL(int) REMR3InitFinalize(PVM pVM)
451{
452 int rc;
453
454 /*
455 * Ram size & dirty bit map.
456 */
457 Assert(!pVM->rem.s.fGCPhysLastRamFixed);
458 pVM->rem.s.fGCPhysLastRamFixed = true;
459#ifdef RT_STRICT
460 rc = remR3InitPhysRamSizeAndDirtyMap(pVM, true /* fGuarded */);
461#else
462 rc = remR3InitPhysRamSizeAndDirtyMap(pVM, false /* fGuarded */);
463#endif
464 return rc;
465}
466
467
468/**
469 * Initializes phys_ram_size, phys_ram_dirty and phys_ram_dirty_size.
470 *
471 * @returns VBox status code.
472 * @param pVM The VM handle.
473 * @param fGuarded Whether to guard the map.
474 */
475static int remR3InitPhysRamSizeAndDirtyMap(PVM pVM, bool fGuarded)
476{
477 int rc = VINF_SUCCESS;
478 RTGCPHYS cb;
479
480 cb = pVM->rem.s.GCPhysLastRam + 1;
481 AssertLogRelMsgReturn(cb > pVM->rem.s.GCPhysLastRam,
482 ("GCPhysLastRam=%RGp - out of range\n", pVM->rem.s.GCPhysLastRam),
483 VERR_OUT_OF_RANGE);
484 phys_ram_size = cb;
485 phys_ram_dirty_size = cb >> PAGE_SHIFT;
486 AssertMsg(((RTGCPHYS)phys_ram_dirty_size << PAGE_SHIFT) == cb, ("%RGp\n", cb));
487
488 if (!fGuarded)
489 {
490 phys_ram_dirty = MMR3HeapAlloc(pVM, MM_TAG_REM, phys_ram_dirty_size);
491 AssertLogRelMsgReturn(phys_ram_dirty, ("Failed to allocate %u bytes of dirty page map bytes\n", phys_ram_dirty_size), VERR_NO_MEMORY);
492 }
493 else
494 {
495 /*
496 * Fill it up the nearest 4GB RAM and leave at least _64KB of guard after it.
497 */
498 uint32_t cbBitmapAligned = RT_ALIGN_32(phys_ram_dirty_size, PAGE_SIZE);
499 uint32_t cbBitmapFull = RT_ALIGN_32(phys_ram_dirty_size, (_4G >> PAGE_SHIFT));
500 if (cbBitmapFull == cbBitmapAligned)
501 cbBitmapFull += _4G >> PAGE_SHIFT;
502 else if (cbBitmapFull - cbBitmapAligned < _64K)
503 cbBitmapFull += _64K;
504
505 phys_ram_dirty = RTMemPageAlloc(cbBitmapFull);
506 AssertLogRelMsgReturn(phys_ram_dirty, ("Failed to allocate %u bytes of dirty page map bytes\n", cbBitmapFull), VERR_NO_MEMORY);
507
508 rc = RTMemProtect(phys_ram_dirty + cbBitmapAligned, cbBitmapFull - cbBitmapAligned, RTMEM_PROT_NONE);
509 if (RT_FAILURE(rc))
510 {
511 RTMemPageFree(phys_ram_dirty, cbBitmapFull);
512 AssertLogRelRCReturn(rc, rc);
513 }
514
515 phys_ram_dirty += cbBitmapAligned - phys_ram_dirty_size;
516 }
517
518 /* initialize it. */
519 memset(phys_ram_dirty, 0xff, phys_ram_dirty_size);
520 return rc;
521}
522
523
524/**
525 * Terminates the REM.
526 *
527 * Termination means cleaning up and freeing all resources,
528 * the VM it self is at this point powered off or suspended.
529 *
530 * @returns VBox status code.
531 * @param pVM The VM to operate on.
532 */
533REMR3DECL(int) REMR3Term(PVM pVM)
534{
535#ifdef VBOX_WITH_STATISTICS
536 /*
537 * Statistics.
538 */
539 STAM_DEREG(pVM, &gStatExecuteSingleInstr);
540 STAM_DEREG(pVM, &gStatCompilationQEmu);
541 STAM_DEREG(pVM, &gStatRunCodeQEmu);
542 STAM_DEREG(pVM, &gStatTotalTimeQEmu);
543 STAM_DEREG(pVM, &gStatTimers);
544 STAM_DEREG(pVM, &gStatTBLookup);
545 STAM_DEREG(pVM, &gStatIRQ);
546 STAM_DEREG(pVM, &gStatRawCheck);
547 STAM_DEREG(pVM, &gStatMemRead);
548 STAM_DEREG(pVM, &gStatMemWrite);
549 STAM_DEREG(pVM, &gStatHCVirt2GCPhys);
550 STAM_DEREG(pVM, &gStatGCPhys2HCVirt);
551
552 STAM_DEREG(pVM, &gStatCpuGetTSC);
553
554 STAM_DEREG(pVM, &gStatRefuseTFInhibit);
555 STAM_DEREG(pVM, &gStatRefuseVM86);
556 STAM_DEREG(pVM, &gStatRefusePaging);
557 STAM_DEREG(pVM, &gStatRefusePAE);
558 STAM_DEREG(pVM, &gStatRefuseIOPLNot0);
559 STAM_DEREG(pVM, &gStatRefuseIF0);
560 STAM_DEREG(pVM, &gStatRefuseCode16);
561 STAM_DEREG(pVM, &gStatRefuseWP0);
562 STAM_DEREG(pVM, &gStatRefuseRing1or2);
563 STAM_DEREG(pVM, &gStatRefuseCanExecute);
564 STAM_DEREG(pVM, &gStatFlushTBs);
565
566 STAM_DEREG(pVM, &gStatREMGDTChange);
567 STAM_DEREG(pVM, &gStatREMLDTRChange);
568 STAM_DEREG(pVM, &gStatREMIDTChange);
569 STAM_DEREG(pVM, &gStatREMTRChange);
570
571 STAM_DEREG(pVM, &gStatSelOutOfSync[0]);
572 STAM_DEREG(pVM, &gStatSelOutOfSync[1]);
573 STAM_DEREG(pVM, &gStatSelOutOfSync[2]);
574 STAM_DEREG(pVM, &gStatSelOutOfSync[3]);
575 STAM_DEREG(pVM, &gStatSelOutOfSync[4]);
576 STAM_DEREG(pVM, &gStatSelOutOfSync[5]);
577
578 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[0]);
579 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[1]);
580 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[2]);
581 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[3]);
582 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[4]);
583 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[5]);
584
585 STAM_DEREG(pVM, &pVM->rem.s.Env.StatTbFlush);
586#endif /* VBOX_WITH_STATISTICS */
587
588 STAM_REL_DEREG(pVM, &tb_flush_count);
589 STAM_REL_DEREG(pVM, &tb_phys_invalidate_count);
590 STAM_REL_DEREG(pVM, &tlb_flush_count);
591
592 return VINF_SUCCESS;
593}
594
595
596/**
597 * The VM is being reset.
598 *
599 * For the REM component this means to call the cpu_reset() and
600 * reinitialize some state variables.
601 *
602 * @param pVM VM handle.
603 */
604REMR3DECL(void) REMR3Reset(PVM pVM)
605{
606 /*
607 * Reset the REM cpu.
608 */
609 Assert(pVM->rem.s.cIgnoreAll == 0);
610 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
611 cpu_reset(&pVM->rem.s.Env);
612 pVM->rem.s.cInvalidatedPages = 0;
613 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
614 Assert(pVM->rem.s.cIgnoreAll == 0);
615
616 /* Clear raw ring 0 init state */
617 pVM->rem.s.Env.state &= ~CPU_RAW_RING0;
618
619 /* Flush the TBs the next time we execute code here. */
620 pVM->rem.s.fFlushTBs = true;
621}
622
623
624/**
625 * Execute state save operation.
626 *
627 * @returns VBox status code.
628 * @param pVM VM Handle.
629 * @param pSSM SSM operation handle.
630 */
631static DECLCALLBACK(int) remR3Save(PVM pVM, PSSMHANDLE pSSM)
632{
633 PREM pRem = &pVM->rem.s;
634
635 /*
636 * Save the required CPU Env bits.
637 * (Not much because we're never in REM when doing the save.)
638 */
639 LogFlow(("remR3Save:\n"));
640 Assert(!pRem->fInREM);
641 SSMR3PutU32(pSSM, pRem->Env.hflags);
642 SSMR3PutU32(pSSM, ~0); /* separator */
643
644 /* Remember if we've entered raw mode (vital for ring 1 checks in e.g. iret emulation). */
645 SSMR3PutU32(pSSM, !!(pRem->Env.state & CPU_RAW_RING0));
646 SSMR3PutU32(pSSM, pVM->rem.s.u32PendingInterrupt);
647
648 return SSMR3PutU32(pSSM, ~0); /* terminator */
649}
650
651
652/**
653 * Execute state load operation.
654 *
655 * @returns VBox status code.
656 * @param pVM VM Handle.
657 * @param pSSM SSM operation handle.
658 * @param uVersion Data layout version.
659 * @param uPass The data pass.
660 */
661static DECLCALLBACK(int) remR3Load(PVM pVM, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
662{
663 uint32_t u32Dummy;
664 uint32_t fRawRing0 = false;
665 uint32_t u32Sep;
666 uint32_t i;
667 int rc;
668 PREM pRem;
669
670 LogFlow(("remR3Load:\n"));
671 Assert(uPass == SSM_PASS_FINAL); NOREF(uPass);
672
673 /*
674 * Validate version.
675 */
676 if ( uVersion != REM_SAVED_STATE_VERSION
677 && uVersion != REM_SAVED_STATE_VERSION_VER1_6)
678 {
679 AssertMsgFailed(("remR3Load: Invalid version uVersion=%d!\n", uVersion));
680 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
681 }
682
683 /*
684 * Do a reset to be on the safe side...
685 */
686 REMR3Reset(pVM);
687
688 /*
689 * Ignore all ignorable notifications.
690 * (Not doing this will cause serious trouble.)
691 */
692 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
693
694 /*
695 * Load the required CPU Env bits.
696 * (Not much because we're never in REM when doing the save.)
697 */
698 pRem = &pVM->rem.s;
699 Assert(!pRem->fInREM);
700 SSMR3GetU32(pSSM, &pRem->Env.hflags);
701 if (uVersion == REM_SAVED_STATE_VERSION_VER1_6)
702 {
703 /* Redundant REM CPU state has to be loaded, but can be ignored. */
704 CPUX86State_Ver16 temp;
705 SSMR3GetMem(pSSM, &temp, RT_OFFSETOF(CPUX86State_Ver16, jmp_env));
706 }
707
708 rc = SSMR3GetU32(pSSM, &u32Sep); /* separator */
709 if (RT_FAILURE(rc))
710 return rc;
711 if (u32Sep != ~0U)
712 {
713 AssertMsgFailed(("u32Sep=%#x\n", u32Sep));
714 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
715 }
716
717 /* Remember if we've entered raw mode (vital for ring 1 checks in e.g. iret emulation). */
718 SSMR3GetUInt(pSSM, &fRawRing0);
719 if (fRawRing0)
720 pRem->Env.state |= CPU_RAW_RING0;
721
722 if (uVersion == REM_SAVED_STATE_VERSION_VER1_6)
723 {
724 /*
725 * Load the REM stuff.
726 */
727 /** @todo r=bird: We should just drop all these items, restoring doesn't make
728 * sense. */
729 rc = SSMR3GetU32(pSSM, (uint32_t *)&pRem->cInvalidatedPages);
730 if (RT_FAILURE(rc))
731 return rc;
732 if (pRem->cInvalidatedPages > RT_ELEMENTS(pRem->aGCPtrInvalidatedPages))
733 {
734 AssertMsgFailed(("cInvalidatedPages=%#x\n", pRem->cInvalidatedPages));
735 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
736 }
737 for (i = 0; i < pRem->cInvalidatedPages; i++)
738 SSMR3GetGCPtr(pSSM, &pRem->aGCPtrInvalidatedPages[i]);
739 }
740
741 rc = SSMR3GetUInt(pSSM, &pVM->rem.s.u32PendingInterrupt);
742 if (RT_FAILURE(rc))
743 return rc;
744
745 /* check the terminator. */
746 rc = SSMR3GetU32(pSSM, &u32Sep);
747 if (RT_FAILURE(rc))
748 return rc;
749 if (u32Sep != ~0U)
750 {
751 AssertMsgFailed(("u32Sep=%#x (term)\n", u32Sep));
752 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
753 }
754
755 /*
756 * Get the CPUID features.
757 */
758 PVMCPU pVCpu = VMMGetCpu(pVM);
759 CPUMGetGuestCpuId(pVCpu, 1, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
760 CPUMGetGuestCpuId(pVCpu, 0x80000001, &u32Dummy, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext2_features);
761
762 /*
763 * Sync the Load Flush the TLB
764 */
765 tlb_flush(&pRem->Env, 1);
766
767 /*
768 * Stop ignoring ignornable notifications.
769 */
770 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
771
772 /*
773 * Sync the whole CPU state when executing code in the recompiler.
774 */
775 for (i = 0; i < pVM->cCpus; i++)
776 {
777 PVMCPU pVCpu = &pVM->aCpus[i];
778 CPUMSetChangedFlags(pVCpu, CPUM_CHANGED_ALL);
779 }
780 return VINF_SUCCESS;
781}
782
783
784
785#undef LOG_GROUP
786#define LOG_GROUP LOG_GROUP_REM_RUN
787
788/**
789 * Single steps an instruction in recompiled mode.
790 *
791 * Before calling this function the REM state needs to be in sync with
792 * the VM. Call REMR3State() to perform the sync. It's only necessary
793 * (and permitted) to sync at the first call to REMR3Step()/REMR3Run()
794 * and after calling REMR3StateBack().
795 *
796 * @returns VBox status code.
797 *
798 * @param pVM VM Handle.
799 * @param pVCpu VMCPU Handle.
800 */
801REMR3DECL(int) REMR3Step(PVM pVM, PVMCPU pVCpu)
802{
803 int rc, interrupt_request;
804 RTGCPTR GCPtrPC;
805 bool fBp;
806
807 /*
808 * Lock the REM - we don't wanna have anyone interrupting us
809 * while stepping - and enabled single stepping. We also ignore
810 * pending interrupts and suchlike.
811 */
812 interrupt_request = pVM->rem.s.Env.interrupt_request;
813 Assert(!(interrupt_request & ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXIT | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER | CPU_INTERRUPT_EXTERNAL_HARD | CPU_INTERRUPT_EXTERNAL_EXIT | CPU_INTERRUPT_EXTERNAL_TIMER)));
814 pVM->rem.s.Env.interrupt_request = 0;
815 cpu_single_step(&pVM->rem.s.Env, 1);
816
817 /*
818 * If we're standing at a breakpoint, that have to be disabled before we start stepping.
819 */
820 GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
821 fBp = !cpu_breakpoint_remove(&pVM->rem.s.Env, GCPtrPC);
822
823 /*
824 * Execute and handle the return code.
825 * We execute without enabling the cpu tick, so on success we'll
826 * just flip it on and off to make sure it moves
827 */
828 rc = cpu_exec(&pVM->rem.s.Env);
829 if (rc == EXCP_DEBUG)
830 {
831 TMR3NotifyResume(pVM, pVCpu);
832 TMR3NotifySuspend(pVM, pVCpu);
833 rc = VINF_EM_DBG_STEPPED;
834 }
835 else
836 {
837 switch (rc)
838 {
839 case EXCP_INTERRUPT: rc = VINF_SUCCESS; break;
840 case EXCP_HLT:
841 case EXCP_HALTED: rc = VINF_EM_HALT; break;
842 case EXCP_RC:
843 rc = pVM->rem.s.rc;
844 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
845 break;
846 case EXCP_EXECUTE_RAW:
847 case EXCP_EXECUTE_HWACC:
848 /** @todo: is it correct? No! */
849 rc = VINF_SUCCESS;
850 break;
851 default:
852 AssertReleaseMsgFailed(("This really shouldn't happen, rc=%d!\n", rc));
853 rc = VERR_INTERNAL_ERROR;
854 break;
855 }
856 }
857
858 /*
859 * Restore the stuff we changed to prevent interruption.
860 * Unlock the REM.
861 */
862 if (fBp)
863 {
864 int rc2 = cpu_breakpoint_insert(&pVM->rem.s.Env, GCPtrPC);
865 Assert(rc2 == 0); NOREF(rc2);
866 }
867 cpu_single_step(&pVM->rem.s.Env, 0);
868 pVM->rem.s.Env.interrupt_request = interrupt_request;
869
870 return rc;
871}
872
873
874/**
875 * Set a breakpoint using the REM facilities.
876 *
877 * @returns VBox status code.
878 * @param pVM The VM handle.
879 * @param Address The breakpoint address.
880 * @thread The emulation thread.
881 */
882REMR3DECL(int) REMR3BreakpointSet(PVM pVM, RTGCUINTPTR Address)
883{
884 VM_ASSERT_EMT(pVM);
885 if (!cpu_breakpoint_insert(&pVM->rem.s.Env, Address))
886 {
887 LogFlow(("REMR3BreakpointSet: Address=%RGv\n", Address));
888 return VINF_SUCCESS;
889 }
890 LogFlow(("REMR3BreakpointSet: Address=%RGv - failed!\n", Address));
891 return VERR_REM_NO_MORE_BP_SLOTS;
892}
893
894
895/**
896 * Clears a breakpoint set by REMR3BreakpointSet().
897 *
898 * @returns VBox status code.
899 * @param pVM The VM handle.
900 * @param Address The breakpoint address.
901 * @thread The emulation thread.
902 */
903REMR3DECL(int) REMR3BreakpointClear(PVM pVM, RTGCUINTPTR Address)
904{
905 VM_ASSERT_EMT(pVM);
906 if (!cpu_breakpoint_remove(&pVM->rem.s.Env, Address))
907 {
908 LogFlow(("REMR3BreakpointClear: Address=%RGv\n", Address));
909 return VINF_SUCCESS;
910 }
911 LogFlow(("REMR3BreakpointClear: Address=%RGv - not found!\n", Address));
912 return VERR_REM_BP_NOT_FOUND;
913}
914
915
916/**
917 * Emulate an instruction.
918 *
919 * This function executes one instruction without letting anyone
920 * interrupt it. This is intended for being called while being in
921 * raw mode and thus will take care of all the state syncing between
922 * REM and the rest.
923 *
924 * @returns VBox status code.
925 * @param pVM VM handle.
926 * @param pVCpu VMCPU Handle.
927 */
928REMR3DECL(int) REMR3EmulateInstruction(PVM pVM, PVMCPU pVCpu)
929{
930 bool fFlushTBs;
931
932 int rc, rc2;
933 Log2(("REMR3EmulateInstruction: (cs:eip=%04x:%08x)\n", CPUMGetGuestCS(pVCpu), CPUMGetGuestEIP(pVCpu)));
934
935 /* Make sure this flag is set; we might never execute remR3CanExecuteRaw in the AMD-V case.
936 * CPU_RAW_HWACC makes sure we never execute interrupt handlers in the recompiler.
937 */
938 if (HWACCMIsEnabled(pVM))
939 pVM->rem.s.Env.state |= CPU_RAW_HWACC;
940
941 /* Skip the TB flush as that's rather expensive and not necessary for single instruction emulation. */
942 fFlushTBs = pVM->rem.s.fFlushTBs;
943 pVM->rem.s.fFlushTBs = false;
944
945 /*
946 * Sync the state and enable single instruction / single stepping.
947 */
948 rc = REMR3State(pVM, pVCpu);
949 pVM->rem.s.fFlushTBs = fFlushTBs;
950 if (RT_SUCCESS(rc))
951 {
952 int interrupt_request = pVM->rem.s.Env.interrupt_request;
953 Assert(!(interrupt_request & ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXIT | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER | CPU_INTERRUPT_EXTERNAL_HARD | CPU_INTERRUPT_EXTERNAL_EXIT | CPU_INTERRUPT_EXTERNAL_TIMER)));
954 Assert(!pVM->rem.s.Env.singlestep_enabled);
955 /*
956 * Now we set the execute single instruction flag and enter the cpu_exec loop.
957 */
958 TMNotifyStartOfExecution(pVCpu);
959 pVM->rem.s.Env.interrupt_request = CPU_INTERRUPT_SINGLE_INSTR;
960 rc = cpu_exec(&pVM->rem.s.Env);
961 TMNotifyEndOfExecution(pVCpu);
962 switch (rc)
963 {
964 /*
965 * Executed without anything out of the way happening.
966 */
967 case EXCP_SINGLE_INSTR:
968 rc = VINF_EM_RESCHEDULE;
969 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_SINGLE_INSTR\n"));
970 break;
971
972 /*
973 * If we take a trap or start servicing a pending interrupt, we might end up here.
974 * (Timer thread or some other thread wishing EMT's attention.)
975 */
976 case EXCP_INTERRUPT:
977 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_INTERRUPT\n"));
978 rc = VINF_EM_RESCHEDULE;
979 break;
980
981 /*
982 * Single step, we assume!
983 * If there was a breakpoint there we're fucked now.
984 */
985 case EXCP_DEBUG:
986 {
987 /* breakpoint or single step? */
988 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
989 int iBP;
990 rc = VINF_EM_DBG_STEPPED;
991 for (iBP = 0; iBP < pVM->rem.s.Env.nb_breakpoints; iBP++)
992 if (pVM->rem.s.Env.breakpoints[iBP] == GCPtrPC)
993 {
994 rc = VINF_EM_DBG_BREAKPOINT;
995 break;
996 }
997 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_DEBUG rc=%Rrc iBP=%d GCPtrPC=%RGv\n", rc, iBP, GCPtrPC));
998 break;
999 }
1000
1001 /*
1002 * hlt instruction.
1003 */
1004 case EXCP_HLT:
1005 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_HLT\n"));
1006 rc = VINF_EM_HALT;
1007 break;
1008
1009 /*
1010 * The VM has halted.
1011 */
1012 case EXCP_HALTED:
1013 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_HALTED\n"));
1014 rc = VINF_EM_HALT;
1015 break;
1016
1017 /*
1018 * Switch to RAW-mode.
1019 */
1020 case EXCP_EXECUTE_RAW:
1021 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_EXECUTE_RAW\n"));
1022 rc = VINF_EM_RESCHEDULE_RAW;
1023 break;
1024
1025 /*
1026 * Switch to hardware accelerated RAW-mode.
1027 */
1028 case EXCP_EXECUTE_HWACC:
1029 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_EXECUTE_HWACC\n"));
1030 rc = VINF_EM_RESCHEDULE_HWACC;
1031 break;
1032
1033 /*
1034 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1035 */
1036 case EXCP_RC:
1037 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_RC\n"));
1038 rc = pVM->rem.s.rc;
1039 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1040 break;
1041
1042 /*
1043 * Figure out the rest when they arrive....
1044 */
1045 default:
1046 AssertMsgFailed(("rc=%d\n", rc));
1047 Log2(("REMR3EmulateInstruction: cpu_exec -> %d\n", rc));
1048 rc = VINF_EM_RESCHEDULE;
1049 break;
1050 }
1051
1052 /*
1053 * Switch back the state.
1054 */
1055 pVM->rem.s.Env.interrupt_request = interrupt_request;
1056 rc2 = REMR3StateBack(pVM, pVCpu);
1057 AssertRC(rc2);
1058 }
1059
1060 Log2(("REMR3EmulateInstruction: returns %Rrc (cs:eip=%04x:%RGv)\n",
1061 rc, pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1062 return rc;
1063}
1064
1065
1066/**
1067 * Runs code in recompiled mode.
1068 *
1069 * Before calling this function the REM state needs to be in sync with
1070 * the VM. Call REMR3State() to perform the sync. It's only necessary
1071 * (and permitted) to sync at the first call to REMR3Step()/REMR3Run()
1072 * and after calling REMR3StateBack().
1073 *
1074 * @returns VBox status code.
1075 *
1076 * @param pVM VM Handle.
1077 * @param pVCpu VMCPU Handle.
1078 */
1079REMR3DECL(int) REMR3Run(PVM pVM, PVMCPU pVCpu)
1080{
1081 int rc;
1082 Log2(("REMR3Run: (cs:eip=%04x:%RGv)\n", pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1083 Assert(pVM->rem.s.fInREM);
1084
1085 TMNotifyStartOfExecution(pVCpu);
1086 rc = cpu_exec(&pVM->rem.s.Env);
1087 TMNotifyEndOfExecution(pVCpu);
1088 switch (rc)
1089 {
1090 /*
1091 * This happens when the execution was interrupted
1092 * by an external event, like pending timers.
1093 */
1094 case EXCP_INTERRUPT:
1095 Log2(("REMR3Run: cpu_exec -> EXCP_INTERRUPT\n"));
1096 rc = VINF_SUCCESS;
1097 break;
1098
1099 /*
1100 * hlt instruction.
1101 */
1102 case EXCP_HLT:
1103 Log2(("REMR3Run: cpu_exec -> EXCP_HLT\n"));
1104 rc = VINF_EM_HALT;
1105 break;
1106
1107 /*
1108 * The VM has halted.
1109 */
1110 case EXCP_HALTED:
1111 Log2(("REMR3Run: cpu_exec -> EXCP_HALTED\n"));
1112 rc = VINF_EM_HALT;
1113 break;
1114
1115 /*
1116 * Breakpoint/single step.
1117 */
1118 case EXCP_DEBUG:
1119 {
1120#if 0//def DEBUG_bird
1121 static int iBP = 0;
1122 printf("howdy, breakpoint! iBP=%d\n", iBP);
1123 switch (iBP)
1124 {
1125 case 0:
1126 cpu_breakpoint_remove(&pVM->rem.s.Env, pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base);
1127 pVM->rem.s.Env.state |= CPU_EMULATE_SINGLE_STEP;
1128 //pVM->rem.s.Env.interrupt_request = 0;
1129 //pVM->rem.s.Env.exception_index = -1;
1130 //g_fInterruptDisabled = 1;
1131 rc = VINF_SUCCESS;
1132 asm("int3");
1133 break;
1134 default:
1135 asm("int3");
1136 break;
1137 }
1138 iBP++;
1139#else
1140 /* breakpoint or single step? */
1141 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
1142 int iBP;
1143 rc = VINF_EM_DBG_STEPPED;
1144 for (iBP = 0; iBP < pVM->rem.s.Env.nb_breakpoints; iBP++)
1145 if (pVM->rem.s.Env.breakpoints[iBP] == GCPtrPC)
1146 {
1147 rc = VINF_EM_DBG_BREAKPOINT;
1148 break;
1149 }
1150 Log2(("REMR3Run: cpu_exec -> EXCP_DEBUG rc=%Rrc iBP=%d GCPtrPC=%RGv\n", rc, iBP, GCPtrPC));
1151#endif
1152 break;
1153 }
1154
1155 /*
1156 * Switch to RAW-mode.
1157 */
1158 case EXCP_EXECUTE_RAW:
1159 Log2(("REMR3Run: cpu_exec -> EXCP_EXECUTE_RAW\n"));
1160 rc = VINF_EM_RESCHEDULE_RAW;
1161 break;
1162
1163 /*
1164 * Switch to hardware accelerated RAW-mode.
1165 */
1166 case EXCP_EXECUTE_HWACC:
1167 Log2(("REMR3Run: cpu_exec -> EXCP_EXECUTE_HWACC\n"));
1168 rc = VINF_EM_RESCHEDULE_HWACC;
1169 break;
1170
1171 /*
1172 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1173 */
1174 case EXCP_RC:
1175 Log2(("REMR3Run: cpu_exec -> EXCP_RC rc=%Rrc\n", pVM->rem.s.rc));
1176 rc = pVM->rem.s.rc;
1177 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1178 break;
1179
1180 /*
1181 * Figure out the rest when they arrive....
1182 */
1183 default:
1184 AssertMsgFailed(("rc=%d\n", rc));
1185 Log2(("REMR3Run: cpu_exec -> %d\n", rc));
1186 rc = VINF_SUCCESS;
1187 break;
1188 }
1189
1190 Log2(("REMR3Run: returns %Rrc (cs:eip=%04x:%RGv)\n", rc, pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1191 return rc;
1192}
1193
1194
1195/**
1196 * Check if the cpu state is suitable for Raw execution.
1197 *
1198 * @returns boolean
1199 * @param env The CPU env struct.
1200 * @param eip The EIP to check this for (might differ from env->eip).
1201 * @param fFlags hflags OR'ed with IOPL, TF and VM from eflags.
1202 * @param piException Stores EXCP_EXECUTE_RAW/HWACC in case raw mode is supported in this context
1203 *
1204 * @remark This function must be kept in perfect sync with the scheduler in EM.cpp!
1205 */
1206bool remR3CanExecuteRaw(CPUState *env, RTGCPTR eip, unsigned fFlags, int *piException)
1207{
1208 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1209 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1210 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1211 uint32_t u32CR0;
1212
1213 /* Update counter. */
1214 env->pVM->rem.s.cCanExecuteRaw++;
1215
1216 if (HWACCMIsEnabled(env->pVM))
1217 {
1218 CPUMCTX Ctx;
1219
1220 env->state |= CPU_RAW_HWACC;
1221
1222 /*
1223 * Create partial context for HWACCMR3CanExecuteGuest
1224 */
1225 Ctx.cr0 = env->cr[0];
1226 Ctx.cr3 = env->cr[3];
1227 Ctx.cr4 = env->cr[4];
1228
1229 Ctx.tr = env->tr.selector;
1230 Ctx.trHid.u64Base = env->tr.base;
1231 Ctx.trHid.u32Limit = env->tr.limit;
1232 Ctx.trHid.Attr.u = (env->tr.flags >> 8) & 0xF0FF;
1233
1234 Ctx.idtr.cbIdt = env->idt.limit;
1235 Ctx.idtr.pIdt = env->idt.base;
1236
1237 Ctx.gdtr.cbGdt = env->gdt.limit;
1238 Ctx.gdtr.pGdt = env->gdt.base;
1239
1240 Ctx.rsp = env->regs[R_ESP];
1241 Ctx.rip = env->eip;
1242
1243 Ctx.eflags.u32 = env->eflags;
1244
1245 Ctx.cs = env->segs[R_CS].selector;
1246 Ctx.csHid.u64Base = env->segs[R_CS].base;
1247 Ctx.csHid.u32Limit = env->segs[R_CS].limit;
1248 Ctx.csHid.Attr.u = (env->segs[R_CS].flags >> 8) & 0xF0FF;
1249
1250 Ctx.ds = env->segs[R_DS].selector;
1251 Ctx.dsHid.u64Base = env->segs[R_DS].base;
1252 Ctx.dsHid.u32Limit = env->segs[R_DS].limit;
1253 Ctx.dsHid.Attr.u = (env->segs[R_DS].flags >> 8) & 0xF0FF;
1254
1255 Ctx.es = env->segs[R_ES].selector;
1256 Ctx.esHid.u64Base = env->segs[R_ES].base;
1257 Ctx.esHid.u32Limit = env->segs[R_ES].limit;
1258 Ctx.esHid.Attr.u = (env->segs[R_ES].flags >> 8) & 0xF0FF;
1259
1260 Ctx.fs = env->segs[R_FS].selector;
1261 Ctx.fsHid.u64Base = env->segs[R_FS].base;
1262 Ctx.fsHid.u32Limit = env->segs[R_FS].limit;
1263 Ctx.fsHid.Attr.u = (env->segs[R_FS].flags >> 8) & 0xF0FF;
1264
1265 Ctx.gs = env->segs[R_GS].selector;
1266 Ctx.gsHid.u64Base = env->segs[R_GS].base;
1267 Ctx.gsHid.u32Limit = env->segs[R_GS].limit;
1268 Ctx.gsHid.Attr.u = (env->segs[R_GS].flags >> 8) & 0xF0FF;
1269
1270 Ctx.ss = env->segs[R_SS].selector;
1271 Ctx.ssHid.u64Base = env->segs[R_SS].base;
1272 Ctx.ssHid.u32Limit = env->segs[R_SS].limit;
1273 Ctx.ssHid.Attr.u = (env->segs[R_SS].flags >> 8) & 0xF0FF;
1274
1275 Ctx.msrEFER = env->efer;
1276
1277 /* Hardware accelerated raw-mode:
1278 *
1279 * Typically only 32-bits protected mode, with paging enabled, code is allowed here.
1280 */
1281 if (HWACCMR3CanExecuteGuest(env->pVM, &Ctx) == true)
1282 {
1283 *piException = EXCP_EXECUTE_HWACC;
1284 return true;
1285 }
1286 return false;
1287 }
1288
1289 /*
1290 * Here we only support 16 & 32 bits protected mode ring 3 code that has no IO privileges
1291 * or 32 bits protected mode ring 0 code
1292 *
1293 * The tests are ordered by the likelyhood of being true during normal execution.
1294 */
1295 if (fFlags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK))
1296 {
1297 STAM_COUNTER_INC(&gStatRefuseTFInhibit);
1298 Log2(("raw mode refused: fFlags=%#x\n", fFlags));
1299 return false;
1300 }
1301
1302#ifndef VBOX_RAW_V86
1303 if (fFlags & VM_MASK) {
1304 STAM_COUNTER_INC(&gStatRefuseVM86);
1305 Log2(("raw mode refused: VM_MASK\n"));
1306 return false;
1307 }
1308#endif
1309
1310 if (env->state & CPU_EMULATE_SINGLE_INSTR)
1311 {
1312#ifndef DEBUG_bird
1313 Log2(("raw mode refused: CPU_EMULATE_SINGLE_INSTR\n"));
1314#endif
1315 return false;
1316 }
1317
1318 if (env->singlestep_enabled)
1319 {
1320 //Log2(("raw mode refused: Single step\n"));
1321 return false;
1322 }
1323
1324 if (env->nb_breakpoints > 0)
1325 {
1326 //Log2(("raw mode refused: Breakpoints\n"));
1327 return false;
1328 }
1329
1330 u32CR0 = env->cr[0];
1331 if ((u32CR0 & (X86_CR0_PG | X86_CR0_PE)) != (X86_CR0_PG | X86_CR0_PE))
1332 {
1333 STAM_COUNTER_INC(&gStatRefusePaging);
1334 //Log2(("raw mode refused: %s%s%s\n", (u32CR0 & X86_CR0_PG) ? "" : " !PG", (u32CR0 & X86_CR0_PE) ? "" : " !PE", (u32CR0 & X86_CR0_AM) ? "" : " !AM"));
1335 return false;
1336 }
1337
1338 if (env->cr[4] & CR4_PAE_MASK)
1339 {
1340 if (!(env->cpuid_features & X86_CPUID_FEATURE_EDX_PAE))
1341 {
1342 STAM_COUNTER_INC(&gStatRefusePAE);
1343 return false;
1344 }
1345 }
1346
1347 if (((fFlags >> HF_CPL_SHIFT) & 3) == 3)
1348 {
1349 if (!EMIsRawRing3Enabled(env->pVM))
1350 return false;
1351
1352 if (!(env->eflags & IF_MASK))
1353 {
1354 STAM_COUNTER_INC(&gStatRefuseIF0);
1355 Log2(("raw mode refused: IF (RawR3)\n"));
1356 return false;
1357 }
1358
1359 if (!(u32CR0 & CR0_WP_MASK) && EMIsRawRing0Enabled(env->pVM))
1360 {
1361 STAM_COUNTER_INC(&gStatRefuseWP0);
1362 Log2(("raw mode refused: CR0.WP + RawR0\n"));
1363 return false;
1364 }
1365 }
1366 else
1367 {
1368 if (!EMIsRawRing0Enabled(env->pVM))
1369 return false;
1370
1371 // Let's start with pure 32 bits ring 0 code first
1372 if ((fFlags & (HF_SS32_MASK | HF_CS32_MASK)) != (HF_SS32_MASK | HF_CS32_MASK))
1373 {
1374 STAM_COUNTER_INC(&gStatRefuseCode16);
1375 Log2(("raw r0 mode refused: HF_[S|C]S32_MASK fFlags=%#x\n", fFlags));
1376 return false;
1377 }
1378
1379 // Only R0
1380 if (((fFlags >> HF_CPL_SHIFT) & 3) != 0)
1381 {
1382 STAM_COUNTER_INC(&gStatRefuseRing1or2);
1383 Log2(("raw r0 mode refused: CPL %d\n", ((fFlags >> HF_CPL_SHIFT) & 3) ));
1384 return false;
1385 }
1386
1387 if (!(u32CR0 & CR0_WP_MASK))
1388 {
1389 STAM_COUNTER_INC(&gStatRefuseWP0);
1390 Log2(("raw r0 mode refused: CR0.WP=0!\n"));
1391 return false;
1392 }
1393
1394 if (PATMIsPatchGCAddr(env->pVM, eip))
1395 {
1396 Log2(("raw r0 mode forced: patch code\n"));
1397 *piException = EXCP_EXECUTE_RAW;
1398 return true;
1399 }
1400
1401#if !defined(VBOX_ALLOW_IF0) && !defined(VBOX_RUN_INTERRUPT_GATE_HANDLERS)
1402 if (!(env->eflags & IF_MASK))
1403 {
1404 STAM_COUNTER_INC(&gStatRefuseIF0);
1405 ////Log2(("R0: IF=0 VIF=%d %08X\n", eip, *env->pVMeflags));
1406 //Log2(("RR0: Interrupts turned off; fall back to emulation\n"));
1407 return false;
1408 }
1409#endif
1410
1411 env->state |= CPU_RAW_RING0;
1412 }
1413
1414 /*
1415 * Don't reschedule the first time we're called, because there might be
1416 * special reasons why we're here that is not covered by the above checks.
1417 */
1418 if (env->pVM->rem.s.cCanExecuteRaw == 1)
1419 {
1420 Log2(("raw mode refused: first scheduling\n"));
1421 STAM_COUNTER_INC(&gStatRefuseCanExecute);
1422 return false;
1423 }
1424
1425 Assert(env->pVCpu && PGMPhysIsA20Enabled(env->pVCpu));
1426 *piException = EXCP_EXECUTE_RAW;
1427 return true;
1428}
1429
1430
1431/**
1432 * Fetches a code byte.
1433 *
1434 * @returns Success indicator (bool) for ease of use.
1435 * @param env The CPU environment structure.
1436 * @param GCPtrInstr Where to fetch code.
1437 * @param pu8Byte Where to store the byte on success
1438 */
1439bool remR3GetOpcode(CPUState *env, RTGCPTR GCPtrInstr, uint8_t *pu8Byte)
1440{
1441 int rc = PATMR3QueryOpcode(env->pVM, GCPtrInstr, pu8Byte);
1442 if (RT_SUCCESS(rc))
1443 return true;
1444 return false;
1445}
1446
1447
1448/**
1449 * Flush (or invalidate if you like) page table/dir entry.
1450 *
1451 * (invlpg instruction; tlb_flush_page)
1452 *
1453 * @param env Pointer to cpu environment.
1454 * @param GCPtr The virtual address which page table/dir entry should be invalidated.
1455 */
1456void remR3FlushPage(CPUState *env, RTGCPTR GCPtr)
1457{
1458 PVM pVM = env->pVM;
1459 PCPUMCTX pCtx;
1460 int rc;
1461
1462 /*
1463 * When we're replaying invlpg instructions or restoring a saved
1464 * state we disable this path.
1465 */
1466 if (pVM->rem.s.fIgnoreInvlPg || pVM->rem.s.cIgnoreAll)
1467 return;
1468 Log(("remR3FlushPage: GCPtr=%RGv\n", GCPtr));
1469 Assert(pVM->rem.s.fInREM || pVM->rem.s.fInStateSync);
1470
1471 //RAWEx_ProfileStop(env, STATS_QEMU_TOTAL);
1472
1473 /*
1474 * Update the control registers before calling PGMFlushPage.
1475 */
1476 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1477 Assert(pCtx);
1478 pCtx->cr0 = env->cr[0];
1479 pCtx->cr3 = env->cr[3];
1480 if ((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME)
1481 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1482 pCtx->cr4 = env->cr[4];
1483
1484 /*
1485 * Let PGM do the rest.
1486 */
1487 Assert(env->pVCpu);
1488 rc = PGMInvalidatePage(env->pVCpu, GCPtr);
1489 if (RT_FAILURE(rc))
1490 {
1491 AssertMsgFailed(("remR3FlushPage %RGv failed with %d!!\n", GCPtr, rc));
1492 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_PGM_SYNC_CR3);
1493 }
1494 //RAWEx_ProfileStart(env, STATS_QEMU_TOTAL);
1495}
1496
1497
1498#ifndef REM_PHYS_ADDR_IN_TLB
1499/** Wrapper for PGMR3PhysTlbGCPhys2Ptr. */
1500void *remR3TlbGCPhys2Ptr(CPUState *env1, target_ulong physAddr, int fWritable)
1501{
1502 void *pv;
1503 int rc;
1504
1505 /* Address must be aligned enough to fiddle with lower bits */
1506 Assert((physAddr & 0x3) == 0);
1507
1508 rc = PGMR3PhysTlbGCPhys2Ptr(env1->pVM, physAddr, true /*fWritable*/, &pv);
1509 Assert( rc == VINF_SUCCESS
1510 || rc == VINF_PGM_PHYS_TLB_CATCH_WRITE
1511 || rc == VERR_PGM_PHYS_TLB_CATCH_ALL
1512 || rc == VERR_PGM_PHYS_TLB_UNASSIGNED);
1513 if (RT_FAILURE(rc))
1514 return (void *)1;
1515 if (rc == VINF_PGM_PHYS_TLB_CATCH_WRITE)
1516 return (void *)((uintptr_t)pv | 2);
1517 return pv;
1518}
1519#endif /* REM_PHYS_ADDR_IN_TLB */
1520
1521
1522/**
1523 * Called from tlb_protect_code in order to write monitor a code page.
1524 *
1525 * @param env Pointer to the CPU environment.
1526 * @param GCPtr Code page to monitor
1527 */
1528void remR3ProtectCode(CPUState *env, RTGCPTR GCPtr)
1529{
1530#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
1531 Assert(env->pVM->rem.s.fInREM);
1532 if ( (env->cr[0] & X86_CR0_PG) /* paging must be enabled */
1533 && !(env->state & CPU_EMULATE_SINGLE_INSTR) /* ignore during single instruction execution */
1534 && (((env->hflags >> HF_CPL_SHIFT) & 3) == 0) /* supervisor mode only */
1535 && !(env->eflags & VM_MASK) /* no V86 mode */
1536 && !HWACCMIsEnabled(env->pVM))
1537 CSAMR3MonitorPage(env->pVM, GCPtr, CSAM_TAG_REM);
1538#endif
1539}
1540
1541
1542/**
1543 * Called from tlb_unprotect_code in order to clear write monitoring for a code page.
1544 *
1545 * @param env Pointer to the CPU environment.
1546 * @param GCPtr Code page to monitor
1547 */
1548void remR3UnprotectCode(CPUState *env, RTGCPTR GCPtr)
1549{
1550 Assert(env->pVM->rem.s.fInREM);
1551#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
1552 if ( (env->cr[0] & X86_CR0_PG) /* paging must be enabled */
1553 && !(env->state & CPU_EMULATE_SINGLE_INSTR) /* ignore during single instruction execution */
1554 && (((env->hflags >> HF_CPL_SHIFT) & 3) == 0) /* supervisor mode only */
1555 && !(env->eflags & VM_MASK) /* no V86 mode */
1556 && !HWACCMIsEnabled(env->pVM))
1557 CSAMR3UnmonitorPage(env->pVM, GCPtr, CSAM_TAG_REM);
1558#endif
1559}
1560
1561
1562/**
1563 * Called when the CPU is initialized, any of the CRx registers are changed or
1564 * when the A20 line is modified.
1565 *
1566 * @param env Pointer to the CPU environment.
1567 * @param fGlobal Set if the flush is global.
1568 */
1569void remR3FlushTLB(CPUState *env, bool fGlobal)
1570{
1571 PVM pVM = env->pVM;
1572 PCPUMCTX pCtx;
1573
1574 /*
1575 * When we're replaying invlpg instructions or restoring a saved
1576 * state we disable this path.
1577 */
1578 if (pVM->rem.s.fIgnoreCR3Load || pVM->rem.s.cIgnoreAll)
1579 return;
1580 Assert(pVM->rem.s.fInREM);
1581
1582 /*
1583 * The caller doesn't check cr4, so we have to do that for ourselves.
1584 */
1585 if (!fGlobal && !(env->cr[4] & X86_CR4_PGE))
1586 fGlobal = true;
1587 Log(("remR3FlushTLB: CR0=%08RX64 CR3=%08RX64 CR4=%08RX64 %s\n", (uint64_t)env->cr[0], (uint64_t)env->cr[3], (uint64_t)env->cr[4], fGlobal ? " global" : ""));
1588
1589 /*
1590 * Update the control registers before calling PGMR3FlushTLB.
1591 */
1592 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1593 Assert(pCtx);
1594 pCtx->cr0 = env->cr[0];
1595 pCtx->cr3 = env->cr[3];
1596 if ((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME)
1597 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1598 pCtx->cr4 = env->cr[4];
1599
1600 /*
1601 * Let PGM do the rest.
1602 */
1603 Assert(env->pVCpu);
1604 PGMFlushTLB(env->pVCpu, env->cr[3], fGlobal);
1605}
1606
1607
1608/**
1609 * Called when any of the cr0, cr4 or efer registers is updated.
1610 *
1611 * @param env Pointer to the CPU environment.
1612 */
1613void remR3ChangeCpuMode(CPUState *env)
1614{
1615 PVM pVM = env->pVM;
1616 uint64_t efer;
1617 PCPUMCTX pCtx;
1618 int rc;
1619
1620 /*
1621 * When we're replaying loads or restoring a saved
1622 * state this path is disabled.
1623 */
1624 if (pVM->rem.s.fIgnoreCpuMode || pVM->rem.s.cIgnoreAll)
1625 return;
1626 Assert(pVM->rem.s.fInREM);
1627
1628 /*
1629 * Update the control registers before calling PGMChangeMode()
1630 * as it may need to map whatever cr3 is pointing to.
1631 */
1632 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1633 Assert(pCtx);
1634 pCtx->cr0 = env->cr[0];
1635 pCtx->cr3 = env->cr[3];
1636 if ((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME)
1637 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1638 pCtx->cr4 = env->cr[4];
1639
1640#ifdef TARGET_X86_64
1641 efer = env->efer;
1642#else
1643 efer = 0;
1644#endif
1645 Assert(env->pVCpu);
1646 rc = PGMChangeMode(env->pVCpu, env->cr[0], env->cr[4], efer);
1647 if (rc != VINF_SUCCESS)
1648 {
1649 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
1650 {
1651 Log(("PGMChangeMode(, %RX64, %RX64, %RX64) -> %Rrc -> remR3RaiseRC\n", env->cr[0], env->cr[4], efer, rc));
1652 remR3RaiseRC(env->pVM, rc);
1653 }
1654 else
1655 cpu_abort(env, "PGMChangeMode(, %RX64, %RX64, %RX64) -> %Rrc\n", env->cr[0], env->cr[4], efer, rc);
1656 }
1657}
1658
1659
1660/**
1661 * Called from compiled code to run dma.
1662 *
1663 * @param env Pointer to the CPU environment.
1664 */
1665void remR3DmaRun(CPUState *env)
1666{
1667 remR3ProfileStop(STATS_QEMU_RUN_EMULATED_CODE);
1668 PDMR3DmaRun(env->pVM);
1669 remR3ProfileStart(STATS_QEMU_RUN_EMULATED_CODE);
1670}
1671
1672
1673/**
1674 * Called from compiled code to schedule pending timers in VMM
1675 *
1676 * @param env Pointer to the CPU environment.
1677 */
1678void remR3TimersRun(CPUState *env)
1679{
1680 LogFlow(("remR3TimersRun:\n"));
1681 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("remR3TimersRun\n"));
1682 remR3ProfileStop(STATS_QEMU_RUN_EMULATED_CODE);
1683 remR3ProfileStart(STATS_QEMU_RUN_TIMERS);
1684 TMR3TimerQueuesDo(env->pVM);
1685 remR3ProfileStop(STATS_QEMU_RUN_TIMERS);
1686 remR3ProfileStart(STATS_QEMU_RUN_EMULATED_CODE);
1687}
1688
1689
1690/**
1691 * Record trap occurance
1692 *
1693 * @returns VBox status code
1694 * @param env Pointer to the CPU environment.
1695 * @param uTrap Trap nr
1696 * @param uErrorCode Error code
1697 * @param pvNextEIP Next EIP
1698 */
1699int remR3NotifyTrap(CPUState *env, uint32_t uTrap, uint32_t uErrorCode, RTGCPTR pvNextEIP)
1700{
1701 PVM pVM = env->pVM;
1702#ifdef VBOX_WITH_STATISTICS
1703 static STAMCOUNTER s_aStatTrap[255];
1704 static bool s_aRegisters[RT_ELEMENTS(s_aStatTrap)];
1705#endif
1706
1707#ifdef VBOX_WITH_STATISTICS
1708 if (uTrap < 255)
1709 {
1710 if (!s_aRegisters[uTrap])
1711 {
1712 char szStatName[64];
1713 s_aRegisters[uTrap] = true;
1714 RTStrPrintf(szStatName, sizeof(szStatName), "/REM/Trap/0x%02X", uTrap);
1715 STAM_REG(env->pVM, &s_aStatTrap[uTrap], STAMTYPE_COUNTER, szStatName, STAMUNIT_OCCURENCES, "Trap stats.");
1716 }
1717 STAM_COUNTER_INC(&s_aStatTrap[uTrap]);
1718 }
1719#endif
1720 Log(("remR3NotifyTrap: uTrap=%x error=%x next_eip=%RGv eip=%RGv cr2=%RGv\n", uTrap, uErrorCode, pvNextEIP, (RTGCPTR)env->eip, (RTGCPTR)env->cr[2]));
1721 if( uTrap < 0x20
1722 && (env->cr[0] & X86_CR0_PE)
1723 && !(env->eflags & X86_EFL_VM))
1724 {
1725#ifdef DEBUG
1726 remR3DisasInstr(env, 1, "remR3NotifyTrap: ");
1727#endif
1728 if(pVM->rem.s.uPendingException == uTrap && ++pVM->rem.s.cPendingExceptions > 512)
1729 {
1730 LogRel(("VERR_REM_TOO_MANY_TRAPS -> uTrap=%x error=%x next_eip=%RGv eip=%RGv cr2=%RGv\n", uTrap, uErrorCode, pvNextEIP, (RTGCPTR)env->eip, (RTGCPTR)env->cr[2]));
1731 remR3RaiseRC(env->pVM, VERR_REM_TOO_MANY_TRAPS);
1732 return VERR_REM_TOO_MANY_TRAPS;
1733 }
1734 if(pVM->rem.s.uPendingException != uTrap || pVM->rem.s.uPendingExcptEIP != env->eip || pVM->rem.s.uPendingExcptCR2 != env->cr[2])
1735 pVM->rem.s.cPendingExceptions = 1;
1736 pVM->rem.s.uPendingException = uTrap;
1737 pVM->rem.s.uPendingExcptEIP = env->eip;
1738 pVM->rem.s.uPendingExcptCR2 = env->cr[2];
1739 }
1740 else
1741 {
1742 pVM->rem.s.cPendingExceptions = 0;
1743 pVM->rem.s.uPendingException = uTrap;
1744 pVM->rem.s.uPendingExcptEIP = env->eip;
1745 pVM->rem.s.uPendingExcptCR2 = env->cr[2];
1746 }
1747 return VINF_SUCCESS;
1748}
1749
1750
1751/*
1752 * Clear current active trap
1753 *
1754 * @param pVM VM Handle.
1755 */
1756void remR3TrapClear(PVM pVM)
1757{
1758 pVM->rem.s.cPendingExceptions = 0;
1759 pVM->rem.s.uPendingException = 0;
1760 pVM->rem.s.uPendingExcptEIP = 0;
1761 pVM->rem.s.uPendingExcptCR2 = 0;
1762}
1763
1764
1765/*
1766 * Record previous call instruction addresses
1767 *
1768 * @param env Pointer to the CPU environment.
1769 */
1770void remR3RecordCall(CPUState *env)
1771{
1772 CSAMR3RecordCallAddress(env->pVM, env->eip);
1773}
1774
1775
1776/**
1777 * Syncs the internal REM state with the VM.
1778 *
1779 * This must be called before REMR3Run() is invoked whenever when the REM
1780 * state is not up to date. Calling it several times in a row is not
1781 * permitted.
1782 *
1783 * @returns VBox status code.
1784 *
1785 * @param pVM VM Handle.
1786 * @param pVCpu VMCPU Handle.
1787 *
1788 * @remark The caller has to check for important FFs before calling REMR3Run. REMR3State will
1789 * no do this since the majority of the callers don't want any unnecessary of events
1790 * pending that would immediatly interrupt execution.
1791 */
1792REMR3DECL(int) REMR3State(PVM pVM, PVMCPU pVCpu)
1793{
1794 register const CPUMCTX *pCtx;
1795 register unsigned fFlags;
1796 bool fHiddenSelRegsValid;
1797 unsigned i;
1798 TRPMEVENT enmType;
1799 uint8_t u8TrapNo;
1800 int rc;
1801
1802 STAM_PROFILE_START(&pVM->rem.s.StatsState, a);
1803 Log2(("REMR3State:\n"));
1804
1805 pVM->rem.s.Env.pVCpu = pVCpu;
1806 pCtx = pVM->rem.s.pCtx = CPUMQueryGuestCtxPtr(pVCpu);
1807 fHiddenSelRegsValid = CPUMAreHiddenSelRegsValid(pVM);
1808
1809 Assert(!pVM->rem.s.fInREM);
1810 pVM->rem.s.fInStateSync = true;
1811
1812 /*
1813 * If we have to flush TBs, do that immediately.
1814 */
1815 if (pVM->rem.s.fFlushTBs)
1816 {
1817 STAM_COUNTER_INC(&gStatFlushTBs);
1818 tb_flush(&pVM->rem.s.Env);
1819 pVM->rem.s.fFlushTBs = false;
1820 }
1821
1822 /*
1823 * Copy the registers which require no special handling.
1824 */
1825#ifdef TARGET_X86_64
1826 /* Note that the high dwords of 64 bits registers are undefined in 32 bits mode and are undefined after a mode change. */
1827 Assert(R_EAX == 0);
1828 pVM->rem.s.Env.regs[R_EAX] = pCtx->rax;
1829 Assert(R_ECX == 1);
1830 pVM->rem.s.Env.regs[R_ECX] = pCtx->rcx;
1831 Assert(R_EDX == 2);
1832 pVM->rem.s.Env.regs[R_EDX] = pCtx->rdx;
1833 Assert(R_EBX == 3);
1834 pVM->rem.s.Env.regs[R_EBX] = pCtx->rbx;
1835 Assert(R_ESP == 4);
1836 pVM->rem.s.Env.regs[R_ESP] = pCtx->rsp;
1837 Assert(R_EBP == 5);
1838 pVM->rem.s.Env.regs[R_EBP] = pCtx->rbp;
1839 Assert(R_ESI == 6);
1840 pVM->rem.s.Env.regs[R_ESI] = pCtx->rsi;
1841 Assert(R_EDI == 7);
1842 pVM->rem.s.Env.regs[R_EDI] = pCtx->rdi;
1843 pVM->rem.s.Env.regs[8] = pCtx->r8;
1844 pVM->rem.s.Env.regs[9] = pCtx->r9;
1845 pVM->rem.s.Env.regs[10] = pCtx->r10;
1846 pVM->rem.s.Env.regs[11] = pCtx->r11;
1847 pVM->rem.s.Env.regs[12] = pCtx->r12;
1848 pVM->rem.s.Env.regs[13] = pCtx->r13;
1849 pVM->rem.s.Env.regs[14] = pCtx->r14;
1850 pVM->rem.s.Env.regs[15] = pCtx->r15;
1851
1852 pVM->rem.s.Env.eip = pCtx->rip;
1853
1854 pVM->rem.s.Env.eflags = pCtx->rflags.u64;
1855#else
1856 Assert(R_EAX == 0);
1857 pVM->rem.s.Env.regs[R_EAX] = pCtx->eax;
1858 Assert(R_ECX == 1);
1859 pVM->rem.s.Env.regs[R_ECX] = pCtx->ecx;
1860 Assert(R_EDX == 2);
1861 pVM->rem.s.Env.regs[R_EDX] = pCtx->edx;
1862 Assert(R_EBX == 3);
1863 pVM->rem.s.Env.regs[R_EBX] = pCtx->ebx;
1864 Assert(R_ESP == 4);
1865 pVM->rem.s.Env.regs[R_ESP] = pCtx->esp;
1866 Assert(R_EBP == 5);
1867 pVM->rem.s.Env.regs[R_EBP] = pCtx->ebp;
1868 Assert(R_ESI == 6);
1869 pVM->rem.s.Env.regs[R_ESI] = pCtx->esi;
1870 Assert(R_EDI == 7);
1871 pVM->rem.s.Env.regs[R_EDI] = pCtx->edi;
1872 pVM->rem.s.Env.eip = pCtx->eip;
1873
1874 pVM->rem.s.Env.eflags = pCtx->eflags.u32;
1875#endif
1876
1877 pVM->rem.s.Env.cr[2] = pCtx->cr2;
1878
1879 /** @todo we could probably benefit from using a CPUM_CHANGED_DRx flag too! */
1880 for (i=0;i<8;i++)
1881 pVM->rem.s.Env.dr[i] = pCtx->dr[i];
1882
1883 /*
1884 * Clear the halted hidden flag (the interrupt waking up the CPU can
1885 * have been dispatched in raw mode).
1886 */
1887 pVM->rem.s.Env.hflags &= ~HF_HALTED_MASK;
1888
1889 /*
1890 * Replay invlpg?
1891 */
1892 if (pVM->rem.s.cInvalidatedPages)
1893 {
1894 RTUINT i;
1895
1896 pVM->rem.s.fIgnoreInvlPg = true;
1897 for (i = 0; i < pVM->rem.s.cInvalidatedPages; i++)
1898 {
1899 Log2(("REMR3State: invlpg %RGv\n", pVM->rem.s.aGCPtrInvalidatedPages[i]));
1900 tlb_flush_page(&pVM->rem.s.Env, pVM->rem.s.aGCPtrInvalidatedPages[i]);
1901 }
1902 pVM->rem.s.fIgnoreInvlPg = false;
1903 pVM->rem.s.cInvalidatedPages = 0;
1904 }
1905
1906 /* Replay notification changes. */
1907 REMR3ReplayHandlerNotifications(pVM);
1908
1909 /* Update MSRs; before CRx registers! */
1910 pVM->rem.s.Env.efer = pCtx->msrEFER;
1911 pVM->rem.s.Env.star = pCtx->msrSTAR;
1912 pVM->rem.s.Env.pat = pCtx->msrPAT;
1913#ifdef TARGET_X86_64
1914 pVM->rem.s.Env.lstar = pCtx->msrLSTAR;
1915 pVM->rem.s.Env.cstar = pCtx->msrCSTAR;
1916 pVM->rem.s.Env.fmask = pCtx->msrSFMASK;
1917 pVM->rem.s.Env.kernelgsbase = pCtx->msrKERNELGSBASE;
1918
1919 /* Update the internal long mode activate flag according to the new EFER value. */
1920 if (pCtx->msrEFER & MSR_K6_EFER_LMA)
1921 pVM->rem.s.Env.hflags |= HF_LMA_MASK;
1922 else
1923 pVM->rem.s.Env.hflags &= ~(HF_LMA_MASK | HF_CS64_MASK);
1924#endif
1925
1926 /*
1927 * Registers which are rarely changed and require special handling / order when changed.
1928 */
1929 fFlags = CPUMGetAndClearChangedFlagsREM(pVCpu);
1930 LogFlow(("CPUMGetAndClearChangedFlagsREM %x\n", fFlags));
1931 if (fFlags & ( CPUM_CHANGED_CR4 | CPUM_CHANGED_CR3 | CPUM_CHANGED_CR0
1932 | CPUM_CHANGED_GDTR | CPUM_CHANGED_IDTR | CPUM_CHANGED_LDTR
1933 | CPUM_CHANGED_FPU_REM | CPUM_CHANGED_SYSENTER_MSR | CPUM_CHANGED_CPUID))
1934 {
1935 if (fFlags & CPUM_CHANGED_GLOBAL_TLB_FLUSH)
1936 {
1937 pVM->rem.s.fIgnoreCR3Load = true;
1938 tlb_flush(&pVM->rem.s.Env, true);
1939 pVM->rem.s.fIgnoreCR3Load = false;
1940 }
1941
1942 /* CR4 before CR0! */
1943 if (fFlags & CPUM_CHANGED_CR4)
1944 {
1945 pVM->rem.s.fIgnoreCR3Load = true;
1946 pVM->rem.s.fIgnoreCpuMode = true;
1947 cpu_x86_update_cr4(&pVM->rem.s.Env, pCtx->cr4);
1948 pVM->rem.s.fIgnoreCpuMode = false;
1949 pVM->rem.s.fIgnoreCR3Load = false;
1950 }
1951
1952 if (fFlags & CPUM_CHANGED_CR0)
1953 {
1954 pVM->rem.s.fIgnoreCR3Load = true;
1955 pVM->rem.s.fIgnoreCpuMode = true;
1956 cpu_x86_update_cr0(&pVM->rem.s.Env, pCtx->cr0);
1957 pVM->rem.s.fIgnoreCpuMode = false;
1958 pVM->rem.s.fIgnoreCR3Load = false;
1959 }
1960
1961 if (fFlags & CPUM_CHANGED_CR3)
1962 {
1963 pVM->rem.s.fIgnoreCR3Load = true;
1964 cpu_x86_update_cr3(&pVM->rem.s.Env, pCtx->cr3);
1965 pVM->rem.s.fIgnoreCR3Load = false;
1966 }
1967
1968 if (fFlags & CPUM_CHANGED_GDTR)
1969 {
1970 pVM->rem.s.Env.gdt.base = pCtx->gdtr.pGdt;
1971 pVM->rem.s.Env.gdt.limit = pCtx->gdtr.cbGdt;
1972 }
1973
1974 if (fFlags & CPUM_CHANGED_IDTR)
1975 {
1976 pVM->rem.s.Env.idt.base = pCtx->idtr.pIdt;
1977 pVM->rem.s.Env.idt.limit = pCtx->idtr.cbIdt;
1978 }
1979
1980 if (fFlags & CPUM_CHANGED_SYSENTER_MSR)
1981 {
1982 pVM->rem.s.Env.sysenter_cs = pCtx->SysEnter.cs;
1983 pVM->rem.s.Env.sysenter_eip = pCtx->SysEnter.eip;
1984 pVM->rem.s.Env.sysenter_esp = pCtx->SysEnter.esp;
1985 }
1986
1987 if (fFlags & CPUM_CHANGED_LDTR)
1988 {
1989 if (fHiddenSelRegsValid)
1990 {
1991 pVM->rem.s.Env.ldt.selector = pCtx->ldtr;
1992 pVM->rem.s.Env.ldt.base = pCtx->ldtrHid.u64Base;
1993 pVM->rem.s.Env.ldt.limit = pCtx->ldtrHid.u32Limit;
1994 pVM->rem.s.Env.ldt.flags = (pCtx->ldtrHid.Attr.u << 8) & 0xFFFFFF;
1995 }
1996 else
1997 sync_ldtr(&pVM->rem.s.Env, pCtx->ldtr);
1998 }
1999
2000 if (fFlags & CPUM_CHANGED_CPUID)
2001 {
2002 uint32_t u32Dummy;
2003
2004 /*
2005 * Get the CPUID features.
2006 */
2007 CPUMGetGuestCpuId(pVCpu, 1, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
2008 CPUMGetGuestCpuId(pVCpu, 0x80000001, &u32Dummy, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext2_features);
2009 }
2010
2011 /* Sync FPU state after CR4, CPUID and EFER (!). */
2012 if (fFlags & CPUM_CHANGED_FPU_REM)
2013 save_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->fpu); /* 'save' is an excellent name. */
2014 }
2015
2016 /*
2017 * Sync TR unconditionally to make life simpler.
2018 */
2019 pVM->rem.s.Env.tr.selector = pCtx->tr;
2020 pVM->rem.s.Env.tr.base = pCtx->trHid.u64Base;
2021 pVM->rem.s.Env.tr.limit = pCtx->trHid.u32Limit;
2022 pVM->rem.s.Env.tr.flags = (pCtx->trHid.Attr.u << 8) & 0xFFFFFF;
2023 /* Note! do_interrupt will fault if the busy flag is still set... */
2024 pVM->rem.s.Env.tr.flags &= ~DESC_TSS_BUSY_MASK;
2025
2026 /*
2027 * Update selector registers.
2028 * This must be done *after* we've synced gdt, ldt and crX registers
2029 * since we're reading the GDT/LDT om sync_seg. This will happen with
2030 * saved state which takes a quick dip into rawmode for instance.
2031 */
2032 /*
2033 * Stack; Note first check this one as the CPL might have changed. The
2034 * wrong CPL can cause QEmu to raise an exception in sync_seg!!
2035 */
2036
2037 if (fHiddenSelRegsValid)
2038 {
2039 /* The hidden selector registers are valid in the CPU context. */
2040 /** @note QEmu saves the 2nd dword of the descriptor; we should convert the attribute word back! */
2041
2042 /* Set current CPL */
2043 cpu_x86_set_cpl(&pVM->rem.s.Env, CPUMGetGuestCPL(pVCpu, CPUMCTX2CORE(pCtx)));
2044
2045 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_CS, pCtx->cs, pCtx->csHid.u64Base, pCtx->csHid.u32Limit, (pCtx->csHid.Attr.u << 8) & 0xFFFFFF);
2046 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_SS, pCtx->ss, pCtx->ssHid.u64Base, pCtx->ssHid.u32Limit, (pCtx->ssHid.Attr.u << 8) & 0xFFFFFF);
2047 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_DS, pCtx->ds, pCtx->dsHid.u64Base, pCtx->dsHid.u32Limit, (pCtx->dsHid.Attr.u << 8) & 0xFFFFFF);
2048 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_ES, pCtx->es, pCtx->esHid.u64Base, pCtx->esHid.u32Limit, (pCtx->esHid.Attr.u << 8) & 0xFFFFFF);
2049 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_FS, pCtx->fs, pCtx->fsHid.u64Base, pCtx->fsHid.u32Limit, (pCtx->fsHid.Attr.u << 8) & 0xFFFFFF);
2050 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_GS, pCtx->gs, pCtx->gsHid.u64Base, pCtx->gsHid.u32Limit, (pCtx->gsHid.Attr.u << 8) & 0xFFFFFF);
2051 }
2052 else
2053 {
2054 /* In 'normal' raw mode we don't have access to the hidden selector registers. */
2055 if (pVM->rem.s.Env.segs[R_SS].selector != pCtx->ss)
2056 {
2057 Log2(("REMR3State: SS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_SS].selector, pCtx->ss));
2058
2059 cpu_x86_set_cpl(&pVM->rem.s.Env, CPUMGetGuestCPL(pVCpu, CPUMCTX2CORE(pCtx)));
2060 sync_seg(&pVM->rem.s.Env, R_SS, pCtx->ss);
2061#ifdef VBOX_WITH_STATISTICS
2062 if (pVM->rem.s.Env.segs[R_SS].newselector)
2063 {
2064 STAM_COUNTER_INC(&gStatSelOutOfSync[R_SS]);
2065 }
2066#endif
2067 }
2068 else
2069 pVM->rem.s.Env.segs[R_SS].newselector = 0;
2070
2071 if (pVM->rem.s.Env.segs[R_ES].selector != pCtx->es)
2072 {
2073 Log2(("REMR3State: ES changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_ES].selector, pCtx->es));
2074 sync_seg(&pVM->rem.s.Env, R_ES, pCtx->es);
2075#ifdef VBOX_WITH_STATISTICS
2076 if (pVM->rem.s.Env.segs[R_ES].newselector)
2077 {
2078 STAM_COUNTER_INC(&gStatSelOutOfSync[R_ES]);
2079 }
2080#endif
2081 }
2082 else
2083 pVM->rem.s.Env.segs[R_ES].newselector = 0;
2084
2085 if (pVM->rem.s.Env.segs[R_CS].selector != pCtx->cs)
2086 {
2087 Log2(("REMR3State: CS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_CS].selector, pCtx->cs));
2088 sync_seg(&pVM->rem.s.Env, R_CS, pCtx->cs);
2089#ifdef VBOX_WITH_STATISTICS
2090 if (pVM->rem.s.Env.segs[R_CS].newselector)
2091 {
2092 STAM_COUNTER_INC(&gStatSelOutOfSync[R_CS]);
2093 }
2094#endif
2095 }
2096 else
2097 pVM->rem.s.Env.segs[R_CS].newselector = 0;
2098
2099 if (pVM->rem.s.Env.segs[R_DS].selector != pCtx->ds)
2100 {
2101 Log2(("REMR3State: DS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_DS].selector, pCtx->ds));
2102 sync_seg(&pVM->rem.s.Env, R_DS, pCtx->ds);
2103#ifdef VBOX_WITH_STATISTICS
2104 if (pVM->rem.s.Env.segs[R_DS].newselector)
2105 {
2106 STAM_COUNTER_INC(&gStatSelOutOfSync[R_DS]);
2107 }
2108#endif
2109 }
2110 else
2111 pVM->rem.s.Env.segs[R_DS].newselector = 0;
2112
2113 /** @todo need to find a way to communicate potential GDT/LDT changes and thread switches. The selector might
2114 * be the same but not the base/limit. */
2115 if (pVM->rem.s.Env.segs[R_FS].selector != pCtx->fs)
2116 {
2117 Log2(("REMR3State: FS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_FS].selector, pCtx->fs));
2118 sync_seg(&pVM->rem.s.Env, R_FS, pCtx->fs);
2119#ifdef VBOX_WITH_STATISTICS
2120 if (pVM->rem.s.Env.segs[R_FS].newselector)
2121 {
2122 STAM_COUNTER_INC(&gStatSelOutOfSync[R_FS]);
2123 }
2124#endif
2125 }
2126 else
2127 pVM->rem.s.Env.segs[R_FS].newselector = 0;
2128
2129 if (pVM->rem.s.Env.segs[R_GS].selector != pCtx->gs)
2130 {
2131 Log2(("REMR3State: GS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_GS].selector, pCtx->gs));
2132 sync_seg(&pVM->rem.s.Env, R_GS, pCtx->gs);
2133#ifdef VBOX_WITH_STATISTICS
2134 if (pVM->rem.s.Env.segs[R_GS].newselector)
2135 {
2136 STAM_COUNTER_INC(&gStatSelOutOfSync[R_GS]);
2137 }
2138#endif
2139 }
2140 else
2141 pVM->rem.s.Env.segs[R_GS].newselector = 0;
2142 }
2143
2144 /*
2145 * Check for traps.
2146 */
2147 pVM->rem.s.Env.exception_index = -1; /** @todo this won't work :/ */
2148 rc = TRPMQueryTrap(pVCpu, &u8TrapNo, &enmType);
2149 if (RT_SUCCESS(rc))
2150 {
2151#ifdef DEBUG
2152 if (u8TrapNo == 0x80)
2153 {
2154 remR3DumpLnxSyscall(pVCpu);
2155 remR3DumpOBsdSyscall(pVCpu);
2156 }
2157#endif
2158
2159 pVM->rem.s.Env.exception_index = u8TrapNo;
2160 if (enmType != TRPM_SOFTWARE_INT)
2161 {
2162 pVM->rem.s.Env.exception_is_int = 0;
2163 pVM->rem.s.Env.exception_next_eip = pVM->rem.s.Env.eip;
2164 }
2165 else
2166 {
2167 /*
2168 * The there are two 1 byte opcodes and one 2 byte opcode for software interrupts.
2169 * We ASSUME that there are no prefixes and sets the default to 2 byte, and checks
2170 * for int03 and into.
2171 */
2172 pVM->rem.s.Env.exception_is_int = 1;
2173 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 2;
2174 /* int 3 may be generated by one-byte 0xcc */
2175 if (u8TrapNo == 3)
2176 {
2177 if (read_byte(&pVM->rem.s.Env, pVM->rem.s.Env.segs[R_CS].base + pCtx->rip) == 0xcc)
2178 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 1;
2179 }
2180 /* int 4 may be generated by one-byte 0xce */
2181 else if (u8TrapNo == 4)
2182 {
2183 if (read_byte(&pVM->rem.s.Env, pVM->rem.s.Env.segs[R_CS].base + pCtx->rip) == 0xce)
2184 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 1;
2185 }
2186 }
2187
2188 /* get error code and cr2 if needed. */
2189 switch (u8TrapNo)
2190 {
2191 case 0x0e:
2192 pVM->rem.s.Env.cr[2] = TRPMGetFaultAddress(pVCpu);
2193 /* fallthru */
2194 case 0x0a: case 0x0b: case 0x0c: case 0x0d:
2195 pVM->rem.s.Env.error_code = TRPMGetErrorCode(pVCpu);
2196 break;
2197
2198 case 0x11: case 0x08:
2199 default:
2200 pVM->rem.s.Env.error_code = 0;
2201 break;
2202 }
2203
2204 /*
2205 * We can now reset the active trap since the recompiler is gonna have a go at it.
2206 */
2207 rc = TRPMResetTrap(pVCpu);
2208 AssertRC(rc);
2209 Log2(("REMR3State: trap=%02x errcd=%RGv cr2=%RGv nexteip=%RGv%s\n", pVM->rem.s.Env.exception_index, (RTGCPTR)pVM->rem.s.Env.error_code,
2210 (RTGCPTR)pVM->rem.s.Env.cr[2], (RTGCPTR)pVM->rem.s.Env.exception_next_eip, pVM->rem.s.Env.exception_is_int ? " software" : ""));
2211 }
2212
2213 /*
2214 * Clear old interrupt request flags; Check for pending hardware interrupts.
2215 * (See @remark for why we don't check for other FFs.)
2216 */
2217 pVM->rem.s.Env.interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXIT | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER);
2218 if ( pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ
2219 || VMCPU_FF_ISPENDING(pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC))
2220 pVM->rem.s.Env.interrupt_request |= CPU_INTERRUPT_HARD;
2221
2222 /*
2223 * We're now in REM mode.
2224 */
2225 VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC_REM);
2226 pVM->rem.s.fInREM = true;
2227 pVM->rem.s.fInStateSync = false;
2228 pVM->rem.s.cCanExecuteRaw = 0;
2229 STAM_PROFILE_STOP(&pVM->rem.s.StatsState, a);
2230 Log2(("REMR3State: returns VINF_SUCCESS\n"));
2231 return VINF_SUCCESS;
2232}
2233
2234
2235/**
2236 * Syncs back changes in the REM state to the the VM state.
2237 *
2238 * This must be called after invoking REMR3Run().
2239 * Calling it several times in a row is not permitted.
2240 *
2241 * @returns VBox status code.
2242 *
2243 * @param pVM VM Handle.
2244 * @param pVCpu VMCPU Handle.
2245 */
2246REMR3DECL(int) REMR3StateBack(PVM pVM, PVMCPU pVCpu)
2247{
2248 register PCPUMCTX pCtx = pVM->rem.s.pCtx;
2249 Assert(pCtx);
2250 unsigned i;
2251
2252 STAM_PROFILE_START(&pVM->rem.s.StatsStateBack, a);
2253 Log2(("REMR3StateBack:\n"));
2254 Assert(pVM->rem.s.fInREM);
2255
2256 /*
2257 * Copy back the registers.
2258 * This is done in the order they are declared in the CPUMCTX structure.
2259 */
2260
2261 /** @todo FOP */
2262 /** @todo FPUIP */
2263 /** @todo CS */
2264 /** @todo FPUDP */
2265 /** @todo DS */
2266
2267 /** @todo check if FPU/XMM was actually used in the recompiler */
2268 restore_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->fpu);
2269//// dprintf2(("FPU state CW=%04X TT=%04X SW=%04X (%04X)\n", env->fpuc, env->fpstt, env->fpus, pVMCtx->fpu.FSW));
2270
2271#ifdef TARGET_X86_64
2272 /* Note that the high dwords of 64 bits registers are undefined in 32 bits mode and are undefined after a mode change. */
2273 pCtx->rdi = pVM->rem.s.Env.regs[R_EDI];
2274 pCtx->rsi = pVM->rem.s.Env.regs[R_ESI];
2275 pCtx->rbp = pVM->rem.s.Env.regs[R_EBP];
2276 pCtx->rax = pVM->rem.s.Env.regs[R_EAX];
2277 pCtx->rbx = pVM->rem.s.Env.regs[R_EBX];
2278 pCtx->rdx = pVM->rem.s.Env.regs[R_EDX];
2279 pCtx->rcx = pVM->rem.s.Env.regs[R_ECX];
2280 pCtx->r8 = pVM->rem.s.Env.regs[8];
2281 pCtx->r9 = pVM->rem.s.Env.regs[9];
2282 pCtx->r10 = pVM->rem.s.Env.regs[10];
2283 pCtx->r11 = pVM->rem.s.Env.regs[11];
2284 pCtx->r12 = pVM->rem.s.Env.regs[12];
2285 pCtx->r13 = pVM->rem.s.Env.regs[13];
2286 pCtx->r14 = pVM->rem.s.Env.regs[14];
2287 pCtx->r15 = pVM->rem.s.Env.regs[15];
2288
2289 pCtx->rsp = pVM->rem.s.Env.regs[R_ESP];
2290
2291#else
2292 pCtx->edi = pVM->rem.s.Env.regs[R_EDI];
2293 pCtx->esi = pVM->rem.s.Env.regs[R_ESI];
2294 pCtx->ebp = pVM->rem.s.Env.regs[R_EBP];
2295 pCtx->eax = pVM->rem.s.Env.regs[R_EAX];
2296 pCtx->ebx = pVM->rem.s.Env.regs[R_EBX];
2297 pCtx->edx = pVM->rem.s.Env.regs[R_EDX];
2298 pCtx->ecx = pVM->rem.s.Env.regs[R_ECX];
2299
2300 pCtx->esp = pVM->rem.s.Env.regs[R_ESP];
2301#endif
2302
2303 pCtx->ss = pVM->rem.s.Env.segs[R_SS].selector;
2304
2305#ifdef VBOX_WITH_STATISTICS
2306 if (pVM->rem.s.Env.segs[R_SS].newselector)
2307 {
2308 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_SS]);
2309 }
2310 if (pVM->rem.s.Env.segs[R_GS].newselector)
2311 {
2312 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_GS]);
2313 }
2314 if (pVM->rem.s.Env.segs[R_FS].newselector)
2315 {
2316 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_FS]);
2317 }
2318 if (pVM->rem.s.Env.segs[R_ES].newselector)
2319 {
2320 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_ES]);
2321 }
2322 if (pVM->rem.s.Env.segs[R_DS].newselector)
2323 {
2324 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_DS]);
2325 }
2326 if (pVM->rem.s.Env.segs[R_CS].newselector)
2327 {
2328 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_CS]);
2329 }
2330#endif
2331 pCtx->gs = pVM->rem.s.Env.segs[R_GS].selector;
2332 pCtx->fs = pVM->rem.s.Env.segs[R_FS].selector;
2333 pCtx->es = pVM->rem.s.Env.segs[R_ES].selector;
2334 pCtx->ds = pVM->rem.s.Env.segs[R_DS].selector;
2335 pCtx->cs = pVM->rem.s.Env.segs[R_CS].selector;
2336
2337#ifdef TARGET_X86_64
2338 pCtx->rip = pVM->rem.s.Env.eip;
2339 pCtx->rflags.u64 = pVM->rem.s.Env.eflags;
2340#else
2341 pCtx->eip = pVM->rem.s.Env.eip;
2342 pCtx->eflags.u32 = pVM->rem.s.Env.eflags;
2343#endif
2344
2345 pCtx->cr0 = pVM->rem.s.Env.cr[0];
2346 pCtx->cr2 = pVM->rem.s.Env.cr[2];
2347 pCtx->cr3 = pVM->rem.s.Env.cr[3];
2348 if ((pVM->rem.s.Env.cr[4] ^ pCtx->cr4) & X86_CR4_VME)
2349 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2350 pCtx->cr4 = pVM->rem.s.Env.cr[4];
2351
2352 for (i = 0; i < 8; i++)
2353 pCtx->dr[i] = pVM->rem.s.Env.dr[i];
2354
2355 pCtx->gdtr.cbGdt = pVM->rem.s.Env.gdt.limit;
2356 if (pCtx->gdtr.pGdt != pVM->rem.s.Env.gdt.base)
2357 {
2358 pCtx->gdtr.pGdt = pVM->rem.s.Env.gdt.base;
2359 STAM_COUNTER_INC(&gStatREMGDTChange);
2360 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_GDT);
2361 }
2362
2363 pCtx->idtr.cbIdt = pVM->rem.s.Env.idt.limit;
2364 if (pCtx->idtr.pIdt != pVM->rem.s.Env.idt.base)
2365 {
2366 pCtx->idtr.pIdt = pVM->rem.s.Env.idt.base;
2367 STAM_COUNTER_INC(&gStatREMIDTChange);
2368 VMCPU_FF_SET(pVCpu, VMCPU_FF_TRPM_SYNC_IDT);
2369 }
2370
2371 if ( pCtx->ldtr != pVM->rem.s.Env.ldt.selector
2372 || pCtx->ldtrHid.u64Base != pVM->rem.s.Env.ldt.base
2373 || pCtx->ldtrHid.u32Limit != pVM->rem.s.Env.ldt.limit
2374 || pCtx->ldtrHid.Attr.u != ((pVM->rem.s.Env.ldt.flags >> 8) & 0xF0FF))
2375 {
2376 pCtx->ldtr = pVM->rem.s.Env.ldt.selector;
2377 pCtx->ldtrHid.u64Base = pVM->rem.s.Env.ldt.base;
2378 pCtx->ldtrHid.u32Limit = pVM->rem.s.Env.ldt.limit;
2379 pCtx->ldtrHid.Attr.u = (pVM->rem.s.Env.ldt.flags >> 8) & 0xF0FF;
2380 STAM_COUNTER_INC(&gStatREMLDTRChange);
2381 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_LDT);
2382 }
2383
2384 if ( pCtx->tr != pVM->rem.s.Env.tr.selector
2385 || pCtx->trHid.u64Base != pVM->rem.s.Env.tr.base
2386 || pCtx->trHid.u32Limit != pVM->rem.s.Env.tr.limit
2387 /* Qemu and AMD/Intel have different ideas about the busy flag ... */
2388 || pCtx->trHid.Attr.u != ( (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF
2389 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8
2390 : 0) )
2391 {
2392 Log(("REM: TR changed! %#x{%#llx,%#x,%#x} -> %#x{%llx,%#x,%#x}\n",
2393 pCtx->tr, pCtx->trHid.u64Base, pCtx->trHid.u32Limit, pCtx->trHid.Attr.u,
2394 pVM->rem.s.Env.tr.selector, (uint64_t)pVM->rem.s.Env.tr.base, pVM->rem.s.Env.tr.limit,
2395 (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8 : 0));
2396 pCtx->tr = pVM->rem.s.Env.tr.selector;
2397 pCtx->trHid.u64Base = pVM->rem.s.Env.tr.base;
2398 pCtx->trHid.u32Limit = pVM->rem.s.Env.tr.limit;
2399 pCtx->trHid.Attr.u = (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF;
2400 if (pCtx->trHid.Attr.u)
2401 pCtx->trHid.Attr.u |= DESC_TSS_BUSY_MASK >> 8;
2402 STAM_COUNTER_INC(&gStatREMTRChange);
2403 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2404 }
2405
2406 /** @todo These values could still be out of sync! */
2407 pCtx->csHid.u64Base = pVM->rem.s.Env.segs[R_CS].base;
2408 pCtx->csHid.u32Limit = pVM->rem.s.Env.segs[R_CS].limit;
2409 /* Note! QEmu saves the 2nd dword of the descriptor; we should store the attribute word only! */
2410 pCtx->csHid.Attr.u = (pVM->rem.s.Env.segs[R_CS].flags >> 8) & 0xF0FF;
2411
2412 pCtx->dsHid.u64Base = pVM->rem.s.Env.segs[R_DS].base;
2413 pCtx->dsHid.u32Limit = pVM->rem.s.Env.segs[R_DS].limit;
2414 pCtx->dsHid.Attr.u = (pVM->rem.s.Env.segs[R_DS].flags >> 8) & 0xF0FF;
2415
2416 pCtx->esHid.u64Base = pVM->rem.s.Env.segs[R_ES].base;
2417 pCtx->esHid.u32Limit = pVM->rem.s.Env.segs[R_ES].limit;
2418 pCtx->esHid.Attr.u = (pVM->rem.s.Env.segs[R_ES].flags >> 8) & 0xF0FF;
2419
2420 pCtx->fsHid.u64Base = pVM->rem.s.Env.segs[R_FS].base;
2421 pCtx->fsHid.u32Limit = pVM->rem.s.Env.segs[R_FS].limit;
2422 pCtx->fsHid.Attr.u = (pVM->rem.s.Env.segs[R_FS].flags >> 8) & 0xF0FF;
2423
2424 pCtx->gsHid.u64Base = pVM->rem.s.Env.segs[R_GS].base;
2425 pCtx->gsHid.u32Limit = pVM->rem.s.Env.segs[R_GS].limit;
2426 pCtx->gsHid.Attr.u = (pVM->rem.s.Env.segs[R_GS].flags >> 8) & 0xF0FF;
2427
2428 pCtx->ssHid.u64Base = pVM->rem.s.Env.segs[R_SS].base;
2429 pCtx->ssHid.u32Limit = pVM->rem.s.Env.segs[R_SS].limit;
2430 pCtx->ssHid.Attr.u = (pVM->rem.s.Env.segs[R_SS].flags >> 8) & 0xF0FF;
2431
2432 /* Sysenter MSR */
2433 pCtx->SysEnter.cs = pVM->rem.s.Env.sysenter_cs;
2434 pCtx->SysEnter.eip = pVM->rem.s.Env.sysenter_eip;
2435 pCtx->SysEnter.esp = pVM->rem.s.Env.sysenter_esp;
2436
2437 /* System MSRs. */
2438 pCtx->msrEFER = pVM->rem.s.Env.efer;
2439 pCtx->msrSTAR = pVM->rem.s.Env.star;
2440 pCtx->msrPAT = pVM->rem.s.Env.pat;
2441#ifdef TARGET_X86_64
2442 pCtx->msrLSTAR = pVM->rem.s.Env.lstar;
2443 pCtx->msrCSTAR = pVM->rem.s.Env.cstar;
2444 pCtx->msrSFMASK = pVM->rem.s.Env.fmask;
2445 pCtx->msrKERNELGSBASE = pVM->rem.s.Env.kernelgsbase;
2446#endif
2447
2448 remR3TrapClear(pVM);
2449
2450 /*
2451 * Check for traps.
2452 */
2453 if ( pVM->rem.s.Env.exception_index >= 0
2454 && pVM->rem.s.Env.exception_index < 256)
2455 {
2456 int rc;
2457
2458 Log(("REMR3StateBack: Pending trap %x %d\n", pVM->rem.s.Env.exception_index, pVM->rem.s.Env.exception_is_int));
2459 rc = TRPMAssertTrap(pVCpu, pVM->rem.s.Env.exception_index, (pVM->rem.s.Env.exception_is_int) ? TRPM_SOFTWARE_INT : TRPM_HARDWARE_INT);
2460 AssertRC(rc);
2461 switch (pVM->rem.s.Env.exception_index)
2462 {
2463 case 0x0e:
2464 TRPMSetFaultAddress(pVCpu, pCtx->cr2);
2465 /* fallthru */
2466 case 0x0a: case 0x0b: case 0x0c: case 0x0d:
2467 case 0x11: case 0x08: /* 0 */
2468 TRPMSetErrorCode(pVCpu, pVM->rem.s.Env.error_code);
2469 break;
2470 }
2471
2472 }
2473
2474 /*
2475 * We're not longer in REM mode.
2476 */
2477 VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED, VMCPUSTATE_STARTED_EXEC_REM);
2478 pVM->rem.s.fInREM = false;
2479 pVM->rem.s.pCtx = NULL;
2480 pVM->rem.s.Env.pVCpu = NULL;
2481 STAM_PROFILE_STOP(&pVM->rem.s.StatsStateBack, a);
2482 Log2(("REMR3StateBack: returns VINF_SUCCESS\n"));
2483 return VINF_SUCCESS;
2484}
2485
2486
2487/**
2488 * This is called by the disassembler when it wants to update the cpu state
2489 * before for instance doing a register dump.
2490 */
2491static void remR3StateUpdate(PVM pVM, PVMCPU pVCpu)
2492{
2493 register PCPUMCTX pCtx = pVM->rem.s.pCtx;
2494 unsigned i;
2495
2496 Assert(pVM->rem.s.fInREM);
2497
2498 /*
2499 * Copy back the registers.
2500 * This is done in the order they are declared in the CPUMCTX structure.
2501 */
2502
2503 /** @todo FOP */
2504 /** @todo FPUIP */
2505 /** @todo CS */
2506 /** @todo FPUDP */
2507 /** @todo DS */
2508 /** @todo Fix MXCSR support in QEMU so we don't overwrite MXCSR with 0 when we shouldn't! */
2509 pCtx->fpu.MXCSR = 0;
2510 pCtx->fpu.MXCSR_MASK = 0;
2511
2512 /** @todo check if FPU/XMM was actually used in the recompiler */
2513 restore_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->fpu);
2514//// dprintf2(("FPU state CW=%04X TT=%04X SW=%04X (%04X)\n", env->fpuc, env->fpstt, env->fpus, pVMCtx->fpu.FSW));
2515
2516#ifdef TARGET_X86_64
2517 pCtx->rdi = pVM->rem.s.Env.regs[R_EDI];
2518 pCtx->rsi = pVM->rem.s.Env.regs[R_ESI];
2519 pCtx->rbp = pVM->rem.s.Env.regs[R_EBP];
2520 pCtx->rax = pVM->rem.s.Env.regs[R_EAX];
2521 pCtx->rbx = pVM->rem.s.Env.regs[R_EBX];
2522 pCtx->rdx = pVM->rem.s.Env.regs[R_EDX];
2523 pCtx->rcx = pVM->rem.s.Env.regs[R_ECX];
2524 pCtx->r8 = pVM->rem.s.Env.regs[8];
2525 pCtx->r9 = pVM->rem.s.Env.regs[9];
2526 pCtx->r10 = pVM->rem.s.Env.regs[10];
2527 pCtx->r11 = pVM->rem.s.Env.regs[11];
2528 pCtx->r12 = pVM->rem.s.Env.regs[12];
2529 pCtx->r13 = pVM->rem.s.Env.regs[13];
2530 pCtx->r14 = pVM->rem.s.Env.regs[14];
2531 pCtx->r15 = pVM->rem.s.Env.regs[15];
2532
2533 pCtx->rsp = pVM->rem.s.Env.regs[R_ESP];
2534#else
2535 pCtx->edi = pVM->rem.s.Env.regs[R_EDI];
2536 pCtx->esi = pVM->rem.s.Env.regs[R_ESI];
2537 pCtx->ebp = pVM->rem.s.Env.regs[R_EBP];
2538 pCtx->eax = pVM->rem.s.Env.regs[R_EAX];
2539 pCtx->ebx = pVM->rem.s.Env.regs[R_EBX];
2540 pCtx->edx = pVM->rem.s.Env.regs[R_EDX];
2541 pCtx->ecx = pVM->rem.s.Env.regs[R_ECX];
2542
2543 pCtx->esp = pVM->rem.s.Env.regs[R_ESP];
2544#endif
2545
2546 pCtx->ss = pVM->rem.s.Env.segs[R_SS].selector;
2547
2548 pCtx->gs = pVM->rem.s.Env.segs[R_GS].selector;
2549 pCtx->fs = pVM->rem.s.Env.segs[R_FS].selector;
2550 pCtx->es = pVM->rem.s.Env.segs[R_ES].selector;
2551 pCtx->ds = pVM->rem.s.Env.segs[R_DS].selector;
2552 pCtx->cs = pVM->rem.s.Env.segs[R_CS].selector;
2553
2554#ifdef TARGET_X86_64
2555 pCtx->rip = pVM->rem.s.Env.eip;
2556 pCtx->rflags.u64 = pVM->rem.s.Env.eflags;
2557#else
2558 pCtx->eip = pVM->rem.s.Env.eip;
2559 pCtx->eflags.u32 = pVM->rem.s.Env.eflags;
2560#endif
2561
2562 pCtx->cr0 = pVM->rem.s.Env.cr[0];
2563 pCtx->cr2 = pVM->rem.s.Env.cr[2];
2564 pCtx->cr3 = pVM->rem.s.Env.cr[3];
2565 if ((pVM->rem.s.Env.cr[4] ^ pCtx->cr4) & X86_CR4_VME)
2566 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2567 pCtx->cr4 = pVM->rem.s.Env.cr[4];
2568
2569 for (i = 0; i < 8; i++)
2570 pCtx->dr[i] = pVM->rem.s.Env.dr[i];
2571
2572 pCtx->gdtr.cbGdt = pVM->rem.s.Env.gdt.limit;
2573 if (pCtx->gdtr.pGdt != (RTGCPTR)pVM->rem.s.Env.gdt.base)
2574 {
2575 pCtx->gdtr.pGdt = (RTGCPTR)pVM->rem.s.Env.gdt.base;
2576 STAM_COUNTER_INC(&gStatREMGDTChange);
2577 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_GDT);
2578 }
2579
2580 pCtx->idtr.cbIdt = pVM->rem.s.Env.idt.limit;
2581 if (pCtx->idtr.pIdt != (RTGCPTR)pVM->rem.s.Env.idt.base)
2582 {
2583 pCtx->idtr.pIdt = (RTGCPTR)pVM->rem.s.Env.idt.base;
2584 STAM_COUNTER_INC(&gStatREMIDTChange);
2585 VMCPU_FF_SET(pVCpu, VMCPU_FF_TRPM_SYNC_IDT);
2586 }
2587
2588 if ( pCtx->ldtr != pVM->rem.s.Env.ldt.selector
2589 || pCtx->ldtrHid.u64Base != pVM->rem.s.Env.ldt.base
2590 || pCtx->ldtrHid.u32Limit != pVM->rem.s.Env.ldt.limit
2591 || pCtx->ldtrHid.Attr.u != ((pVM->rem.s.Env.ldt.flags >> 8) & 0xF0FF))
2592 {
2593 pCtx->ldtr = pVM->rem.s.Env.ldt.selector;
2594 pCtx->ldtrHid.u64Base = pVM->rem.s.Env.ldt.base;
2595 pCtx->ldtrHid.u32Limit = pVM->rem.s.Env.ldt.limit;
2596 pCtx->ldtrHid.Attr.u = (pVM->rem.s.Env.ldt.flags >> 8) & 0xFFFF;
2597 STAM_COUNTER_INC(&gStatREMLDTRChange);
2598 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_LDT);
2599 }
2600
2601 if ( pCtx->tr != pVM->rem.s.Env.tr.selector
2602 || pCtx->trHid.u64Base != pVM->rem.s.Env.tr.base
2603 || pCtx->trHid.u32Limit != pVM->rem.s.Env.tr.limit
2604 /* Qemu and AMD/Intel have different ideas about the busy flag ... */
2605 || pCtx->trHid.Attr.u != ( (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF
2606 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8
2607 : 0) )
2608 {
2609 Log(("REM: TR changed! %#x{%#llx,%#x,%#x} -> %#x{%llx,%#x,%#x}\n",
2610 pCtx->tr, pCtx->trHid.u64Base, pCtx->trHid.u32Limit, pCtx->trHid.Attr.u,
2611 pVM->rem.s.Env.tr.selector, (uint64_t)pVM->rem.s.Env.tr.base, pVM->rem.s.Env.tr.limit,
2612 (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8 : 0));
2613 pCtx->tr = pVM->rem.s.Env.tr.selector;
2614 pCtx->trHid.u64Base = pVM->rem.s.Env.tr.base;
2615 pCtx->trHid.u32Limit = pVM->rem.s.Env.tr.limit;
2616 pCtx->trHid.Attr.u = (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF;
2617 if (pCtx->trHid.Attr.u)
2618 pCtx->trHid.Attr.u |= DESC_TSS_BUSY_MASK >> 8;
2619 STAM_COUNTER_INC(&gStatREMTRChange);
2620 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2621 }
2622
2623 /** @todo These values could still be out of sync! */
2624 pCtx->csHid.u64Base = pVM->rem.s.Env.segs[R_CS].base;
2625 pCtx->csHid.u32Limit = pVM->rem.s.Env.segs[R_CS].limit;
2626 /** @note QEmu saves the 2nd dword of the descriptor; we should store the attribute word only! */
2627 pCtx->csHid.Attr.u = (pVM->rem.s.Env.segs[R_CS].flags >> 8) & 0xFFFF;
2628
2629 pCtx->dsHid.u64Base = pVM->rem.s.Env.segs[R_DS].base;
2630 pCtx->dsHid.u32Limit = pVM->rem.s.Env.segs[R_DS].limit;
2631 pCtx->dsHid.Attr.u = (pVM->rem.s.Env.segs[R_DS].flags >> 8) & 0xFFFF;
2632
2633 pCtx->esHid.u64Base = pVM->rem.s.Env.segs[R_ES].base;
2634 pCtx->esHid.u32Limit = pVM->rem.s.Env.segs[R_ES].limit;
2635 pCtx->esHid.Attr.u = (pVM->rem.s.Env.segs[R_ES].flags >> 8) & 0xFFFF;
2636
2637 pCtx->fsHid.u64Base = pVM->rem.s.Env.segs[R_FS].base;
2638 pCtx->fsHid.u32Limit = pVM->rem.s.Env.segs[R_FS].limit;
2639 pCtx->fsHid.Attr.u = (pVM->rem.s.Env.segs[R_FS].flags >> 8) & 0xFFFF;
2640
2641 pCtx->gsHid.u64Base = pVM->rem.s.Env.segs[R_GS].base;
2642 pCtx->gsHid.u32Limit = pVM->rem.s.Env.segs[R_GS].limit;
2643 pCtx->gsHid.Attr.u = (pVM->rem.s.Env.segs[R_GS].flags >> 8) & 0xFFFF;
2644
2645 pCtx->ssHid.u64Base = pVM->rem.s.Env.segs[R_SS].base;
2646 pCtx->ssHid.u32Limit = pVM->rem.s.Env.segs[R_SS].limit;
2647 pCtx->ssHid.Attr.u = (pVM->rem.s.Env.segs[R_SS].flags >> 8) & 0xFFFF;
2648
2649 /* Sysenter MSR */
2650 pCtx->SysEnter.cs = pVM->rem.s.Env.sysenter_cs;
2651 pCtx->SysEnter.eip = pVM->rem.s.Env.sysenter_eip;
2652 pCtx->SysEnter.esp = pVM->rem.s.Env.sysenter_esp;
2653
2654 /* System MSRs. */
2655 pCtx->msrEFER = pVM->rem.s.Env.efer;
2656 pCtx->msrSTAR = pVM->rem.s.Env.star;
2657 pCtx->msrPAT = pVM->rem.s.Env.pat;
2658#ifdef TARGET_X86_64
2659 pCtx->msrLSTAR = pVM->rem.s.Env.lstar;
2660 pCtx->msrCSTAR = pVM->rem.s.Env.cstar;
2661 pCtx->msrSFMASK = pVM->rem.s.Env.fmask;
2662 pCtx->msrKERNELGSBASE = pVM->rem.s.Env.kernelgsbase;
2663#endif
2664
2665}
2666
2667
2668/**
2669 * Update the VMM state information if we're currently in REM.
2670 *
2671 * This method is used by the DBGF and PDMDevice when there is any uncertainty of whether
2672 * we're currently executing in REM and the VMM state is invalid. This method will of
2673 * course check that we're executing in REM before syncing any data over to the VMM.
2674 *
2675 * @param pVM The VM handle.
2676 * @param pVCpu The VMCPU handle.
2677 */
2678REMR3DECL(void) REMR3StateUpdate(PVM pVM, PVMCPU pVCpu)
2679{
2680 if (pVM->rem.s.fInREM)
2681 remR3StateUpdate(pVM, pVCpu);
2682}
2683
2684
2685#undef LOG_GROUP
2686#define LOG_GROUP LOG_GROUP_REM
2687
2688
2689/**
2690 * Notify the recompiler about Address Gate 20 state change.
2691 *
2692 * This notification is required since A20 gate changes are
2693 * initialized from a device driver and the VM might just as
2694 * well be in REM mode as in RAW mode.
2695 *
2696 * @param pVM VM handle.
2697 * @param pVCpu VMCPU handle.
2698 * @param fEnable True if the gate should be enabled.
2699 * False if the gate should be disabled.
2700 */
2701REMR3DECL(void) REMR3A20Set(PVM pVM, PVMCPU pVCpu, bool fEnable)
2702{
2703 LogFlow(("REMR3A20Set: fEnable=%d\n", fEnable));
2704 VM_ASSERT_EMT(pVM);
2705
2706 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
2707 cpu_x86_set_a20(&pVM->rem.s.Env, fEnable);
2708 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
2709}
2710
2711
2712/**
2713 * Replays the handler notification changes
2714 * Called in response to VM_FF_REM_HANDLER_NOTIFY from the RAW execution loop.
2715 *
2716 * @param pVM VM handle.
2717 */
2718REMR3DECL(void) REMR3ReplayHandlerNotifications(PVM pVM)
2719{
2720 /*
2721 * Replay the flushes.
2722 */
2723 LogFlow(("REMR3ReplayHandlerNotifications:\n"));
2724 VM_ASSERT_EMT(pVM);
2725
2726 /** @todo this isn't ensuring correct replay order. */
2727 if (VM_FF_TESTANDCLEAR(pVM, VM_FF_REM_HANDLER_NOTIFY))
2728 {
2729 uint32_t idxNext;
2730 uint32_t idxRevHead;
2731 uint32_t idxHead;
2732#ifdef VBOX_STRICT
2733 int32_t c = 0;
2734#endif
2735
2736 /* Lockless purging of pending notifications. */
2737 idxHead = ASMAtomicXchgU32(&pVM->rem.s.idxPendingList, UINT32_MAX);
2738 if (idxHead == UINT32_MAX)
2739 return;
2740 Assert(idxHead < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications));
2741
2742 /*
2743 * Reverse the list to process it in FIFO order.
2744 */
2745 idxRevHead = UINT32_MAX;
2746 do
2747 {
2748 /* Save the index of the next rec. */
2749 idxNext = pVM->rem.s.aHandlerNotifications[idxHead].idxNext;
2750 Assert(idxNext < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications) || idxNext == UINT32_MAX);
2751 /* Push the record onto the reversed list. */
2752 pVM->rem.s.aHandlerNotifications[idxHead].idxNext = idxRevHead;
2753 idxRevHead = idxHead;
2754 Assert(++c <= RT_ELEMENTS(pVM->rem.s.aHandlerNotifications));
2755 /* Advance. */
2756 idxHead = idxNext;
2757 } while (idxHead != UINT32_MAX);
2758
2759 /*
2760 * Loop thru the list, reinserting the record into the free list as they are
2761 * processed to avoid having other EMTs running out of entries while we're flushing.
2762 */
2763 idxHead = idxRevHead;
2764 do
2765 {
2766 PREMHANDLERNOTIFICATION pCur = &pVM->rem.s.aHandlerNotifications[idxHead];
2767 uint32_t idxCur;
2768 Assert(--c >= 0);
2769
2770 switch (pCur->enmKind)
2771 {
2772 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_REGISTER:
2773 remR3NotifyHandlerPhysicalRegister(pVM,
2774 pCur->u.PhysicalRegister.enmType,
2775 pCur->u.PhysicalRegister.GCPhys,
2776 pCur->u.PhysicalRegister.cb,
2777 pCur->u.PhysicalRegister.fHasHCHandler);
2778 break;
2779
2780 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_DEREGISTER:
2781 remR3NotifyHandlerPhysicalDeregister(pVM,
2782 pCur->u.PhysicalDeregister.enmType,
2783 pCur->u.PhysicalDeregister.GCPhys,
2784 pCur->u.PhysicalDeregister.cb,
2785 pCur->u.PhysicalDeregister.fHasHCHandler,
2786 pCur->u.PhysicalDeregister.fRestoreAsRAM);
2787 break;
2788
2789 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_MODIFY:
2790 remR3NotifyHandlerPhysicalModify(pVM,
2791 pCur->u.PhysicalModify.enmType,
2792 pCur->u.PhysicalModify.GCPhysOld,
2793 pCur->u.PhysicalModify.GCPhysNew,
2794 pCur->u.PhysicalModify.cb,
2795 pCur->u.PhysicalModify.fHasHCHandler,
2796 pCur->u.PhysicalModify.fRestoreAsRAM);
2797 break;
2798
2799 default:
2800 AssertReleaseMsgFailed(("enmKind=%d\n", pCur->enmKind));
2801 break;
2802 }
2803
2804 /*
2805 * Advance idxHead.
2806 */
2807 idxCur = idxHead;
2808 idxHead = pCur->idxNext;
2809 Assert(idxHead < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications) || (idxHead == UINT32_MAX && c == 0));
2810
2811 /*
2812 * Put the record back into the free list.
2813 */
2814 do
2815 {
2816 idxNext = ASMAtomicUoReadU32(&pVM->rem.s.idxFreeList);
2817 ASMAtomicWriteU32(&pCur->idxNext, idxNext);
2818 ASMCompilerBarrier();
2819 } while (!ASMAtomicCmpXchgU32(&pVM->rem.s.idxFreeList, idxCur, idxNext));
2820 } while (idxHead != UINT32_MAX);
2821
2822#ifdef VBOX_STRICT
2823 if (pVM->cCpus == 1)
2824 {
2825 unsigned c;
2826 /* Check that all records are now on the free list. */
2827 for (c = 0, idxNext = pVM->rem.s.idxFreeList; idxNext != UINT32_MAX;
2828 idxNext = pVM->rem.s.aHandlerNotifications[idxNext].idxNext)
2829 c++;
2830 AssertReleaseMsg(c == RT_ELEMENTS(pVM->rem.s.aHandlerNotifications), ("%#x != %#x, idxFreeList=%#x\n", c, RT_ELEMENTS(pVM->rem.s.aHandlerNotifications), pVM->rem.s.idxFreeList));
2831 }
2832#endif
2833 }
2834}
2835
2836
2837/**
2838 * Notify REM about changed code page.
2839 *
2840 * @returns VBox status code.
2841 * @param pVM VM handle.
2842 * @param pVCpu VMCPU handle.
2843 * @param pvCodePage Code page address
2844 */
2845REMR3DECL(int) REMR3NotifyCodePageChanged(PVM pVM, PVMCPU pVCpu, RTGCPTR pvCodePage)
2846{
2847#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
2848 int rc;
2849 RTGCPHYS PhysGC;
2850 uint64_t flags;
2851
2852 VM_ASSERT_EMT(pVM);
2853
2854 /*
2855 * Get the physical page address.
2856 */
2857 rc = PGMGstGetPage(pVM, pvCodePage, &flags, &PhysGC);
2858 if (rc == VINF_SUCCESS)
2859 {
2860 /*
2861 * Sync the required registers and flush the whole page.
2862 * (Easier to do the whole page than notifying it about each physical
2863 * byte that was changed.
2864 */
2865 pVM->rem.s.Env.cr[0] = pVM->rem.s.pCtx->cr0;
2866 pVM->rem.s.Env.cr[2] = pVM->rem.s.pCtx->cr2;
2867 pVM->rem.s.Env.cr[3] = pVM->rem.s.pCtx->cr3;
2868 pVM->rem.s.Env.cr[4] = pVM->rem.s.pCtx->cr4;
2869
2870 tb_invalidate_phys_page_range(PhysGC, PhysGC + PAGE_SIZE - 1, 0);
2871 }
2872#endif
2873 return VINF_SUCCESS;
2874}
2875
2876
2877/**
2878 * Notification about a successful MMR3PhysRegister() call.
2879 *
2880 * @param pVM VM handle.
2881 * @param GCPhys The physical address the RAM.
2882 * @param cb Size of the memory.
2883 * @param fFlags Flags of the REM_NOTIFY_PHYS_RAM_FLAGS_* defines.
2884 */
2885REMR3DECL(void) REMR3NotifyPhysRamRegister(PVM pVM, RTGCPHYS GCPhys, RTGCPHYS cb, unsigned fFlags)
2886{
2887 Log(("REMR3NotifyPhysRamRegister: GCPhys=%RGp cb=%RGp fFlags=%#x\n", GCPhys, cb, fFlags));
2888 VM_ASSERT_EMT(pVM);
2889
2890 /*
2891 * Validate input - we trust the caller.
2892 */
2893 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
2894 Assert(cb);
2895 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
2896 AssertMsg(fFlags == REM_NOTIFY_PHYS_RAM_FLAGS_RAM || fFlags == REM_NOTIFY_PHYS_RAM_FLAGS_MMIO2, ("#x\n", fFlags));
2897
2898 /*
2899 * Base ram? Update GCPhysLastRam.
2900 */
2901 if (fFlags & REM_NOTIFY_PHYS_RAM_FLAGS_RAM)
2902 {
2903 if (GCPhys + (cb - 1) > pVM->rem.s.GCPhysLastRam)
2904 {
2905 AssertReleaseMsg(!pVM->rem.s.fGCPhysLastRamFixed, ("GCPhys=%RGp cb=%RGp\n", GCPhys, cb));
2906 pVM->rem.s.GCPhysLastRam = GCPhys + (cb - 1);
2907 }
2908 }
2909
2910 /*
2911 * Register the ram.
2912 */
2913 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
2914
2915 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
2916 cpu_register_physical_memory(GCPhys, cb, GCPhys);
2917 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
2918
2919 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
2920}
2921
2922
2923/**
2924 * Notification about a successful MMR3PhysRomRegister() call.
2925 *
2926 * @param pVM VM handle.
2927 * @param GCPhys The physical address of the ROM.
2928 * @param cb The size of the ROM.
2929 * @param pvCopy Pointer to the ROM copy.
2930 * @param fShadow Whether it's currently writable shadow ROM or normal readonly ROM.
2931 * This function will be called when ever the protection of the
2932 * shadow ROM changes (at reset and end of POST).
2933 */
2934REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy, bool fShadow)
2935{
2936 Log(("REMR3NotifyPhysRomRegister: GCPhys=%RGp cb=%d fShadow=%RTbool\n", GCPhys, cb, fShadow));
2937 VM_ASSERT_EMT(pVM);
2938
2939 /*
2940 * Validate input - we trust the caller.
2941 */
2942 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
2943 Assert(cb);
2944 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
2945
2946 /*
2947 * Register the rom.
2948 */
2949 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
2950
2951 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
2952 cpu_register_physical_memory(GCPhys, cb, GCPhys | (fShadow ? 0 : IO_MEM_ROM));
2953 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
2954
2955 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
2956}
2957
2958
2959/**
2960 * Notification about a successful memory deregistration or reservation.
2961 *
2962 * @param pVM VM Handle.
2963 * @param GCPhys Start physical address.
2964 * @param cb The size of the range.
2965 */
2966REMR3DECL(void) REMR3NotifyPhysRamDeregister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb)
2967{
2968 Log(("REMR3NotifyPhysRamDeregister: GCPhys=%RGp cb=%d\n", GCPhys, cb));
2969 VM_ASSERT_EMT(pVM);
2970
2971 /*
2972 * Validate input - we trust the caller.
2973 */
2974 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
2975 Assert(cb);
2976 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
2977
2978 /*
2979 * Unassigning the memory.
2980 */
2981 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
2982
2983 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
2984 cpu_register_physical_memory(GCPhys, cb, IO_MEM_UNASSIGNED);
2985 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
2986
2987 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
2988}
2989
2990
2991/**
2992 * Notification about a successful PGMR3HandlerPhysicalRegister() call.
2993 *
2994 * @param pVM VM Handle.
2995 * @param enmType Handler type.
2996 * @param GCPhys Handler range address.
2997 * @param cb Size of the handler range.
2998 * @param fHasHCHandler Set if the handler has a HC callback function.
2999 *
3000 * @remark MMR3PhysRomRegister assumes that this function will not apply the
3001 * Handler memory type to memory which has no HC handler.
3002 */
3003static void remR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler)
3004{
3005 Log(("REMR3NotifyHandlerPhysicalRegister: enmType=%d GCPhys=%RGp cb=%RGp fHasHCHandler=%d\n",
3006 enmType, GCPhys, cb, fHasHCHandler));
3007
3008 VM_ASSERT_EMT(pVM);
3009 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3010 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3011
3012
3013 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3014
3015 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3016 if (enmType == PGMPHYSHANDLERTYPE_MMIO)
3017 cpu_register_physical_memory(GCPhys, cb, pVM->rem.s.iMMIOMemType);
3018 else if (fHasHCHandler)
3019 cpu_register_physical_memory(GCPhys, cb, pVM->rem.s.iHandlerMemType);
3020 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3021
3022 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3023}
3024
3025/**
3026 * Notification about a successful PGMR3HandlerPhysicalRegister() call.
3027 *
3028 * @param pVM VM Handle.
3029 * @param enmType Handler type.
3030 * @param GCPhys Handler range address.
3031 * @param cb Size of the handler range.
3032 * @param fHasHCHandler Set if the handler has a HC callback function.
3033 *
3034 * @remark MMR3PhysRomRegister assumes that this function will not apply the
3035 * Handler memory type to memory which has no HC handler.
3036 */
3037REMR3DECL(void) REMR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler)
3038{
3039 REMR3ReplayHandlerNotifications(pVM);
3040
3041 remR3NotifyHandlerPhysicalRegister(pVM, enmType, GCPhys, cb, fHasHCHandler);
3042}
3043
3044/**
3045 * Notification about a successful PGMR3HandlerPhysicalDeregister() operation.
3046 *
3047 * @param pVM VM Handle.
3048 * @param enmType Handler type.
3049 * @param GCPhys Handler range address.
3050 * @param cb Size of the handler range.
3051 * @param fHasHCHandler Set if the handler has a HC callback function.
3052 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3053 */
3054static void remR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3055{
3056 Log(("REMR3NotifyHandlerPhysicalDeregister: enmType=%d GCPhys=%RGp cb=%RGp fHasHCHandler=%RTbool fRestoreAsRAM=%RTbool RAM=%08x\n",
3057 enmType, GCPhys, cb, fHasHCHandler, fRestoreAsRAM, MMR3PhysGetRamSize(pVM)));
3058 VM_ASSERT_EMT(pVM);
3059
3060
3061 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3062
3063 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3064 /** @todo this isn't right, MMIO can (in theory) be restored as RAM. */
3065 if (enmType == PGMPHYSHANDLERTYPE_MMIO)
3066 cpu_register_physical_memory(GCPhys, cb, IO_MEM_UNASSIGNED);
3067 else if (fHasHCHandler)
3068 {
3069 if (!fRestoreAsRAM)
3070 {
3071 Assert(GCPhys > MMR3PhysGetRamSize(pVM));
3072 cpu_register_physical_memory(GCPhys, cb, IO_MEM_UNASSIGNED);
3073 }
3074 else
3075 {
3076 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3077 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3078 cpu_register_physical_memory(GCPhys, cb, GCPhys);
3079 }
3080 }
3081 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3082
3083 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3084}
3085
3086/**
3087 * Notification about a successful PGMR3HandlerPhysicalDeregister() operation.
3088 *
3089 * @param pVM VM Handle.
3090 * @param enmType Handler type.
3091 * @param GCPhys Handler range address.
3092 * @param cb Size of the handler range.
3093 * @param fHasHCHandler Set if the handler has a HC callback function.
3094 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3095 */
3096REMR3DECL(void) REMR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3097{
3098 REMR3ReplayHandlerNotifications(pVM);
3099 remR3NotifyHandlerPhysicalDeregister(pVM, enmType, GCPhys, cb, fHasHCHandler, fRestoreAsRAM);
3100}
3101
3102
3103/**
3104 * Notification about a successful PGMR3HandlerPhysicalModify() call.
3105 *
3106 * @param pVM VM Handle.
3107 * @param enmType Handler type.
3108 * @param GCPhysOld Old handler range address.
3109 * @param GCPhysNew New handler range address.
3110 * @param cb Size of the handler range.
3111 * @param fHasHCHandler Set if the handler has a HC callback function.
3112 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3113 */
3114static void remR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3115{
3116 Log(("REMR3NotifyHandlerPhysicalModify: enmType=%d GCPhysOld=%RGp GCPhysNew=%RGp cb=%RGp fHasHCHandler=%RTbool fRestoreAsRAM=%RTbool\n",
3117 enmType, GCPhysOld, GCPhysNew, cb, fHasHCHandler, fRestoreAsRAM));
3118 VM_ASSERT_EMT(pVM);
3119 AssertReleaseMsg(enmType != PGMPHYSHANDLERTYPE_MMIO, ("enmType=%d\n", enmType));
3120
3121 if (fHasHCHandler)
3122 {
3123 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3124
3125 /*
3126 * Reset the old page.
3127 */
3128 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3129 if (!fRestoreAsRAM)
3130 cpu_register_physical_memory(GCPhysOld, cb, IO_MEM_UNASSIGNED);
3131 else
3132 {
3133 /* This is not perfect, but it'll do for PD monitoring... */
3134 Assert(cb == PAGE_SIZE);
3135 Assert(RT_ALIGN_T(GCPhysOld, PAGE_SIZE, RTGCPHYS) == GCPhysOld);
3136 cpu_register_physical_memory(GCPhysOld, cb, GCPhysOld);
3137 }
3138
3139 /*
3140 * Update the new page.
3141 */
3142 Assert(RT_ALIGN_T(GCPhysNew, PAGE_SIZE, RTGCPHYS) == GCPhysNew);
3143 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3144 cpu_register_physical_memory(GCPhysNew, cb, pVM->rem.s.iHandlerMemType);
3145 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3146
3147 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3148 }
3149}
3150
3151/**
3152 * Notification about a successful PGMR3HandlerPhysicalModify() call.
3153 *
3154 * @param pVM VM Handle.
3155 * @param enmType Handler type.
3156 * @param GCPhysOld Old handler range address.
3157 * @param GCPhysNew New handler range address.
3158 * @param cb Size of the handler range.
3159 * @param fHasHCHandler Set if the handler has a HC callback function.
3160 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3161 */
3162REMR3DECL(void) REMR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3163{
3164 REMR3ReplayHandlerNotifications(pVM);
3165
3166 remR3NotifyHandlerPhysicalModify(pVM, enmType, GCPhysOld, GCPhysNew, cb, fHasHCHandler, fRestoreAsRAM);
3167}
3168
3169/**
3170 * Checks if we're handling access to this page or not.
3171 *
3172 * @returns true if we're trapping access.
3173 * @returns false if we aren't.
3174 * @param pVM The VM handle.
3175 * @param GCPhys The physical address.
3176 *
3177 * @remark This function will only work correctly in VBOX_STRICT builds!
3178 */
3179REMR3DECL(bool) REMR3IsPageAccessHandled(PVM pVM, RTGCPHYS GCPhys)
3180{
3181#ifdef VBOX_STRICT
3182 unsigned long off;
3183 REMR3ReplayHandlerNotifications(pVM);
3184
3185 off = get_phys_page_offset(GCPhys);
3186 return (off & PAGE_OFFSET_MASK) == pVM->rem.s.iHandlerMemType
3187 || (off & PAGE_OFFSET_MASK) == pVM->rem.s.iMMIOMemType
3188 || (off & PAGE_OFFSET_MASK) == IO_MEM_ROM;
3189#else
3190 return false;
3191#endif
3192}
3193
3194
3195/**
3196 * Deals with a rare case in get_phys_addr_code where the code
3197 * is being monitored.
3198 *
3199 * It could also be an MMIO page, in which case we will raise a fatal error.
3200 *
3201 * @returns The physical address corresponding to addr.
3202 * @param env The cpu environment.
3203 * @param addr The virtual address.
3204 * @param pTLBEntry The TLB entry.
3205 */
3206target_ulong remR3PhysGetPhysicalAddressCode(CPUState* env,
3207 target_ulong addr,
3208 CPUTLBEntry* pTLBEntry,
3209 target_phys_addr_t ioTLBEntry)
3210{
3211 PVM pVM = env->pVM;
3212
3213 if ((ioTLBEntry & ~TARGET_PAGE_MASK) == pVM->rem.s.iHandlerMemType)
3214 {
3215 /* If code memory is being monitored, appropriate IOTLB entry will have
3216 handler IO type, and addend will provide real physical address, no
3217 matter if we store VA in TLB or not, as handlers are always passed PA */
3218 target_ulong ret = (ioTLBEntry & TARGET_PAGE_MASK) + addr;
3219 return ret;
3220 }
3221 LogRel(("\nTrying to execute code with memory type addr_code=%RGv addend=%RGp at %RGv! (iHandlerMemType=%#x iMMIOMemType=%#x IOTLB=%RGp)\n"
3222 "*** handlers\n",
3223 (RTGCPTR)pTLBEntry->addr_code, (RTGCPHYS)pTLBEntry->addend, (RTGCPTR)addr, pVM->rem.s.iHandlerMemType, pVM->rem.s.iMMIOMemType, (RTGCPHYS)ioTLBEntry));
3224 DBGFR3Info(pVM, "handlers", NULL, DBGFR3InfoLogRelHlp());
3225 LogRel(("*** mmio\n"));
3226 DBGFR3Info(pVM, "mmio", NULL, DBGFR3InfoLogRelHlp());
3227 LogRel(("*** phys\n"));
3228 DBGFR3Info(pVM, "phys", NULL, DBGFR3InfoLogRelHlp());
3229 cpu_abort(env, "Trying to execute code with memory type addr_code=%RGv addend=%RGp at %RGv. (iHandlerMemType=%#x iMMIOMemType=%#x)\n",
3230 (RTGCPTR)pTLBEntry->addr_code, (RTGCPHYS)pTLBEntry->addend, (RTGCPTR)addr, pVM->rem.s.iHandlerMemType, pVM->rem.s.iMMIOMemType);
3231 AssertFatalFailed();
3232}
3233
3234/**
3235 * Read guest RAM and ROM.
3236 *
3237 * @param SrcGCPhys The source address (guest physical).
3238 * @param pvDst The destination address.
3239 * @param cb Number of bytes
3240 */
3241void remR3PhysRead(RTGCPHYS SrcGCPhys, void *pvDst, unsigned cb)
3242{
3243 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3244 VBOX_CHECK_ADDR(SrcGCPhys);
3245 PGMPhysRead(cpu_single_env->pVM, SrcGCPhys, pvDst, cb);
3246#ifdef VBOX_DEBUG_PHYS
3247 LogRel(("read(%d): %08x\n", cb, (uint32_t)SrcGCPhys));
3248#endif
3249 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3250}
3251
3252
3253/**
3254 * Read guest RAM and ROM, unsigned 8-bit.
3255 *
3256 * @param SrcGCPhys The source address (guest physical).
3257 */
3258RTCCUINTREG remR3PhysReadU8(RTGCPHYS SrcGCPhys)
3259{
3260 uint8_t val;
3261 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3262 VBOX_CHECK_ADDR(SrcGCPhys);
3263 val = PGMR3PhysReadU8(cpu_single_env->pVM, SrcGCPhys);
3264 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3265#ifdef VBOX_DEBUG_PHYS
3266 LogRel(("readu8: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3267#endif
3268 return val;
3269}
3270
3271
3272/**
3273 * Read guest RAM and ROM, signed 8-bit.
3274 *
3275 * @param SrcGCPhys The source address (guest physical).
3276 */
3277RTCCINTREG remR3PhysReadS8(RTGCPHYS SrcGCPhys)
3278{
3279 int8_t val;
3280 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3281 VBOX_CHECK_ADDR(SrcGCPhys);
3282 val = PGMR3PhysReadU8(cpu_single_env->pVM, SrcGCPhys);
3283 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3284#ifdef VBOX_DEBUG_PHYS
3285 LogRel(("reads8: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3286#endif
3287 return val;
3288}
3289
3290
3291/**
3292 * Read guest RAM and ROM, unsigned 16-bit.
3293 *
3294 * @param SrcGCPhys The source address (guest physical).
3295 */
3296RTCCUINTREG remR3PhysReadU16(RTGCPHYS SrcGCPhys)
3297{
3298 uint16_t val;
3299 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3300 VBOX_CHECK_ADDR(SrcGCPhys);
3301 val = PGMR3PhysReadU16(cpu_single_env->pVM, SrcGCPhys);
3302 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3303#ifdef VBOX_DEBUG_PHYS
3304 LogRel(("readu16: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3305#endif
3306 return val;
3307}
3308
3309
3310/**
3311 * Read guest RAM and ROM, signed 16-bit.
3312 *
3313 * @param SrcGCPhys The source address (guest physical).
3314 */
3315RTCCINTREG remR3PhysReadS16(RTGCPHYS SrcGCPhys)
3316{
3317 int16_t val;
3318 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3319 VBOX_CHECK_ADDR(SrcGCPhys);
3320 val = PGMR3PhysReadU16(cpu_single_env->pVM, SrcGCPhys);
3321 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3322#ifdef VBOX_DEBUG_PHYS
3323 LogRel(("reads16: %x <- %08x\n", (uint16_t)val, (uint32_t)SrcGCPhys));
3324#endif
3325 return val;
3326}
3327
3328
3329/**
3330 * Read guest RAM and ROM, unsigned 32-bit.
3331 *
3332 * @param SrcGCPhys The source address (guest physical).
3333 */
3334RTCCUINTREG remR3PhysReadU32(RTGCPHYS SrcGCPhys)
3335{
3336 uint32_t val;
3337 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3338 VBOX_CHECK_ADDR(SrcGCPhys);
3339 val = PGMR3PhysReadU32(cpu_single_env->pVM, SrcGCPhys);
3340 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3341#ifdef VBOX_DEBUG_PHYS
3342 LogRel(("readu32: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3343#endif
3344 return val;
3345}
3346
3347
3348/**
3349 * Read guest RAM and ROM, signed 32-bit.
3350 *
3351 * @param SrcGCPhys The source address (guest physical).
3352 */
3353RTCCINTREG remR3PhysReadS32(RTGCPHYS SrcGCPhys)
3354{
3355 int32_t val;
3356 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3357 VBOX_CHECK_ADDR(SrcGCPhys);
3358 val = PGMR3PhysReadU32(cpu_single_env->pVM, SrcGCPhys);
3359 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3360#ifdef VBOX_DEBUG_PHYS
3361 LogRel(("reads32: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3362#endif
3363 return val;
3364}
3365
3366
3367/**
3368 * Read guest RAM and ROM, unsigned 64-bit.
3369 *
3370 * @param SrcGCPhys The source address (guest physical).
3371 */
3372uint64_t remR3PhysReadU64(RTGCPHYS SrcGCPhys)
3373{
3374 uint64_t val;
3375 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3376 VBOX_CHECK_ADDR(SrcGCPhys);
3377 val = PGMR3PhysReadU64(cpu_single_env->pVM, SrcGCPhys);
3378 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3379#ifdef VBOX_DEBUG_PHYS
3380 LogRel(("readu64: %llx <- %08x\n", val, (uint32_t)SrcGCPhys));
3381#endif
3382 return val;
3383}
3384
3385
3386/**
3387 * Read guest RAM and ROM, signed 64-bit.
3388 *
3389 * @param SrcGCPhys The source address (guest physical).
3390 */
3391int64_t remR3PhysReadS64(RTGCPHYS SrcGCPhys)
3392{
3393 int64_t val;
3394 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3395 VBOX_CHECK_ADDR(SrcGCPhys);
3396 val = PGMR3PhysReadU64(cpu_single_env->pVM, SrcGCPhys);
3397 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3398#ifdef VBOX_DEBUG_PHYS
3399 LogRel(("reads64: %llx <- %08x\n", val, (uint32_t)SrcGCPhys));
3400#endif
3401 return val;
3402}
3403
3404
3405/**
3406 * Write guest RAM.
3407 *
3408 * @param DstGCPhys The destination address (guest physical).
3409 * @param pvSrc The source address.
3410 * @param cb Number of bytes to write
3411 */
3412void remR3PhysWrite(RTGCPHYS DstGCPhys, const void *pvSrc, unsigned cb)
3413{
3414 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3415 VBOX_CHECK_ADDR(DstGCPhys);
3416 PGMPhysWrite(cpu_single_env->pVM, DstGCPhys, pvSrc, cb);
3417 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3418#ifdef VBOX_DEBUG_PHYS
3419 LogRel(("write(%d): %08x\n", cb, (uint32_t)DstGCPhys));
3420#endif
3421}
3422
3423
3424/**
3425 * Write guest RAM, unsigned 8-bit.
3426 *
3427 * @param DstGCPhys The destination address (guest physical).
3428 * @param val Value
3429 */
3430void remR3PhysWriteU8(RTGCPHYS DstGCPhys, uint8_t val)
3431{
3432 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3433 VBOX_CHECK_ADDR(DstGCPhys);
3434 PGMR3PhysWriteU8(cpu_single_env->pVM, DstGCPhys, val);
3435 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3436#ifdef VBOX_DEBUG_PHYS
3437 LogRel(("writeu8: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3438#endif
3439}
3440
3441
3442/**
3443 * Write guest RAM, unsigned 8-bit.
3444 *
3445 * @param DstGCPhys The destination address (guest physical).
3446 * @param val Value
3447 */
3448void remR3PhysWriteU16(RTGCPHYS DstGCPhys, uint16_t val)
3449{
3450 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3451 VBOX_CHECK_ADDR(DstGCPhys);
3452 PGMR3PhysWriteU16(cpu_single_env->pVM, DstGCPhys, val);
3453 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3454#ifdef VBOX_DEBUG_PHYS
3455 LogRel(("writeu16: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3456#endif
3457}
3458
3459
3460/**
3461 * Write guest RAM, unsigned 32-bit.
3462 *
3463 * @param DstGCPhys The destination address (guest physical).
3464 * @param val Value
3465 */
3466void remR3PhysWriteU32(RTGCPHYS DstGCPhys, uint32_t val)
3467{
3468 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3469 VBOX_CHECK_ADDR(DstGCPhys);
3470 PGMR3PhysWriteU32(cpu_single_env->pVM, DstGCPhys, val);
3471 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3472#ifdef VBOX_DEBUG_PHYS
3473 LogRel(("writeu32: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3474#endif
3475}
3476
3477
3478/**
3479 * Write guest RAM, unsigned 64-bit.
3480 *
3481 * @param DstGCPhys The destination address (guest physical).
3482 * @param val Value
3483 */
3484void remR3PhysWriteU64(RTGCPHYS DstGCPhys, uint64_t val)
3485{
3486 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3487 VBOX_CHECK_ADDR(DstGCPhys);
3488 PGMR3PhysWriteU64(cpu_single_env->pVM, DstGCPhys, val);
3489 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3490#ifdef VBOX_DEBUG_PHYS
3491 LogRel(("writeu64: %llx -> %08x\n", val, (uint32_t)SrcGCPhys));
3492#endif
3493}
3494
3495#undef LOG_GROUP
3496#define LOG_GROUP LOG_GROUP_REM_MMIO
3497
3498/** Read MMIO memory. */
3499static uint32_t remR3MMIOReadU8(void *pvVM, target_phys_addr_t GCPhys)
3500{
3501 uint32_t u32 = 0;
3502 int rc = IOMMMIORead((PVM)pvVM, GCPhys, &u32, 1);
3503 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3504 Log2(("remR3MMIOReadU8: GCPhys=%RGp -> %02x\n", GCPhys, u32));
3505 return u32;
3506}
3507
3508/** Read MMIO memory. */
3509static uint32_t remR3MMIOReadU16(void *pvVM, target_phys_addr_t GCPhys)
3510{
3511 uint32_t u32 = 0;
3512 int rc = IOMMMIORead((PVM)pvVM, GCPhys, &u32, 2);
3513 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3514 Log2(("remR3MMIOReadU16: GCPhys=%RGp -> %04x\n", GCPhys, u32));
3515 return u32;
3516}
3517
3518/** Read MMIO memory. */
3519static uint32_t remR3MMIOReadU32(void *pvVM, target_phys_addr_t GCPhys)
3520{
3521 uint32_t u32 = 0;
3522 int rc = IOMMMIORead((PVM)pvVM, GCPhys, &u32, 4);
3523 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3524 Log2(("remR3MMIOReadU32: GCPhys=%RGp -> %08x\n", GCPhys, u32));
3525 return u32;
3526}
3527
3528/** Write to MMIO memory. */
3529static void remR3MMIOWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3530{
3531 int rc;
3532 Log2(("remR3MMIOWriteU8: GCPhys=%RGp u32=%#x\n", GCPhys, u32));
3533 rc = IOMMMIOWrite((PVM)pvVM, GCPhys, u32, 1);
3534 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3535}
3536
3537/** Write to MMIO memory. */
3538static void remR3MMIOWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3539{
3540 int rc;
3541 Log2(("remR3MMIOWriteU16: GCPhys=%RGp u32=%#x\n", GCPhys, u32));
3542 rc = IOMMMIOWrite((PVM)pvVM, GCPhys, u32, 2);
3543 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3544}
3545
3546/** Write to MMIO memory. */
3547static void remR3MMIOWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3548{
3549 int rc;
3550 Log2(("remR3MMIOWriteU32: GCPhys=%RGp u32=%#x\n", GCPhys, u32));
3551 rc = IOMMMIOWrite((PVM)pvVM, GCPhys, u32, 4);
3552 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3553}
3554
3555
3556#undef LOG_GROUP
3557#define LOG_GROUP LOG_GROUP_REM_HANDLER
3558
3559/* !!!WARNING!!! This is extremely hackish right now, we assume it's only for LFB access! !!!WARNING!!! */
3560
3561static uint32_t remR3HandlerReadU8(void *pvVM, target_phys_addr_t GCPhys)
3562{
3563 uint8_t u8;
3564 Log2(("remR3HandlerReadU8: GCPhys=%RGp\n", GCPhys));
3565 PGMPhysRead((PVM)pvVM, GCPhys, &u8, sizeof(u8));
3566 return u8;
3567}
3568
3569static uint32_t remR3HandlerReadU16(void *pvVM, target_phys_addr_t GCPhys)
3570{
3571 uint16_t u16;
3572 Log2(("remR3HandlerReadU16: GCPhys=%RGp\n", GCPhys));
3573 PGMPhysRead((PVM)pvVM, GCPhys, &u16, sizeof(u16));
3574 return u16;
3575}
3576
3577static uint32_t remR3HandlerReadU32(void *pvVM, target_phys_addr_t GCPhys)
3578{
3579 uint32_t u32;
3580 Log2(("remR3HandlerReadU32: GCPhys=%RGp\n", GCPhys));
3581 PGMPhysRead((PVM)pvVM, GCPhys, &u32, sizeof(u32));
3582 return u32;
3583}
3584
3585static void remR3HandlerWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3586{
3587 Log2(("remR3HandlerWriteU8: GCPhys=%RGp u32=%#x\n", GCPhys, u32));
3588 PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint8_t));
3589}
3590
3591static void remR3HandlerWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3592{
3593 Log2(("remR3HandlerWriteU16: GCPhys=%RGp u32=%#x\n", GCPhys, u32));
3594 PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint16_t));
3595}
3596
3597static void remR3HandlerWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3598{
3599 Log2(("remR3HandlerWriteU32: GCPhys=%RGp u32=%#x\n", GCPhys, u32));
3600 PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint32_t));
3601}
3602
3603/* -+- disassembly -+- */
3604
3605#undef LOG_GROUP
3606#define LOG_GROUP LOG_GROUP_REM_DISAS
3607
3608
3609/**
3610 * Enables or disables singled stepped disassembly.
3611 *
3612 * @returns VBox status code.
3613 * @param pVM VM handle.
3614 * @param fEnable To enable set this flag, to disable clear it.
3615 */
3616static DECLCALLBACK(int) remR3DisasEnableStepping(PVM pVM, bool fEnable)
3617{
3618 LogFlow(("remR3DisasEnableStepping: fEnable=%d\n", fEnable));
3619 VM_ASSERT_EMT(pVM);
3620
3621 if (fEnable)
3622 pVM->rem.s.Env.state |= CPU_EMULATE_SINGLE_STEP;
3623 else
3624 pVM->rem.s.Env.state &= ~CPU_EMULATE_SINGLE_STEP;
3625 return VINF_SUCCESS;
3626}
3627
3628
3629/**
3630 * Enables or disables singled stepped disassembly.
3631 *
3632 * @returns VBox status code.
3633 * @param pVM VM handle.
3634 * @param fEnable To enable set this flag, to disable clear it.
3635 */
3636REMR3DECL(int) REMR3DisasEnableStepping(PVM pVM, bool fEnable)
3637{
3638 int rc;
3639
3640 LogFlow(("REMR3DisasEnableStepping: fEnable=%d\n", fEnable));
3641 if (VM_IS_EMT(pVM))
3642 return remR3DisasEnableStepping(pVM, fEnable);
3643
3644 rc = VMR3ReqCallWait(pVM, VMCPUID_ANY, (PFNRT)remR3DisasEnableStepping, 2, pVM, fEnable);
3645 AssertRC(rc);
3646 return rc;
3647}
3648
3649
3650#if defined(VBOX_WITH_DEBUGGER) && !(defined(RT_OS_WINDOWS) && defined(RT_ARCH_AMD64))
3651/**
3652 * External Debugger Command: .remstep [on|off|1|0]
3653 */
3654static DECLCALLBACK(int) remR3CmdDisasEnableStepping(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PVM pVM, PCDBGCVAR paArgs, unsigned cArgs, PDBGCVAR pResult)
3655{
3656 bool fEnable;
3657 int rc;
3658
3659 /* print status */
3660 if (cArgs == 0)
3661 return pCmdHlp->pfnPrintf(pCmdHlp, NULL, "DisasStepping is %s\n",
3662 pVM->rem.s.Env.state & CPU_EMULATE_SINGLE_STEP ? "enabled" : "disabled");
3663
3664 /* convert the argument and change the mode. */
3665 rc = pCmdHlp->pfnVarToBool(pCmdHlp, &paArgs[0], &fEnable);
3666 if (RT_FAILURE(rc))
3667 return pCmdHlp->pfnVBoxError(pCmdHlp, rc, "boolean conversion failed!\n");
3668 rc = REMR3DisasEnableStepping(pVM, fEnable);
3669 if (RT_FAILURE(rc))
3670 return pCmdHlp->pfnVBoxError(pCmdHlp, rc, "REMR3DisasEnableStepping failed!\n");
3671 return rc;
3672}
3673#endif
3674
3675
3676/**
3677 * Disassembles one instruction and prints it to the log.
3678 *
3679 * @returns Success indicator.
3680 * @param env Pointer to the recompiler CPU structure.
3681 * @param f32BitCode Indicates that whether or not the code should
3682 * be disassembled as 16 or 32 bit. If -1 the CS
3683 * selector will be inspected.
3684 * @param pszPrefix
3685 */
3686bool remR3DisasInstr(CPUState *env, int f32BitCode, char *pszPrefix)
3687{
3688 PVM pVM = env->pVM;
3689 const bool fLog = LogIsEnabled();
3690 const bool fLog2 = LogIs2Enabled();
3691 int rc = VINF_SUCCESS;
3692
3693 /*
3694 * Don't bother if there ain't any log output to do.
3695 */
3696 if (!fLog && !fLog2)
3697 return true;
3698
3699 /*
3700 * Update the state so DBGF reads the correct register values.
3701 */
3702 remR3StateUpdate(pVM, env->pVCpu);
3703
3704 /*
3705 * Log registers if requested.
3706 */
3707 if (!fLog2)
3708 DBGFR3InfoLog(pVM, "cpumguest", pszPrefix);
3709
3710 /*
3711 * Disassemble to log.
3712 */
3713 if (fLog)
3714 rc = DBGFR3DisasInstrCurrentLogInternal(env->pVCpu, pszPrefix);
3715
3716 return RT_SUCCESS(rc);
3717}
3718
3719
3720/**
3721 * Disassemble recompiled code.
3722 *
3723 * @param phFileIgnored Ignored, logfile usually.
3724 * @param pvCode Pointer to the code block.
3725 * @param cb Size of the code block.
3726 */
3727void disas(FILE *phFile, void *pvCode, unsigned long cb)
3728{
3729#ifdef DEBUG_TMP_LOGGING
3730# define DISAS_PRINTF(x...) fprintf(phFile, x)
3731#else
3732# define DISAS_PRINTF(x...) RTLogPrintf(x)
3733 if (LogIs2Enabled())
3734#endif
3735 {
3736 unsigned off = 0;
3737 char szOutput[256];
3738 DISCPUSTATE Cpu;
3739
3740 memset(&Cpu, 0, sizeof(Cpu));
3741#ifdef RT_ARCH_X86
3742 Cpu.mode = CPUMODE_32BIT;
3743#else
3744 Cpu.mode = CPUMODE_64BIT;
3745#endif
3746
3747 DISAS_PRINTF("Recompiled Code: %p %#lx (%ld) bytes\n", pvCode, cb, cb);
3748 while (off < cb)
3749 {
3750 uint32_t cbInstr;
3751 if (RT_SUCCESS(DISInstr(&Cpu, (uintptr_t)pvCode + off, 0, &cbInstr, szOutput)))
3752 DISAS_PRINTF("%s", szOutput);
3753 else
3754 {
3755 DISAS_PRINTF("disas error\n");
3756 cbInstr = 1;
3757#ifdef RT_ARCH_AMD64 /** @todo remove when DISInstr starts supporing 64-bit code. */
3758 break;
3759#endif
3760 }
3761 off += cbInstr;
3762 }
3763 }
3764
3765#undef DISAS_PRINTF
3766}
3767
3768
3769/**
3770 * Disassemble guest code.
3771 *
3772 * @param phFileIgnored Ignored, logfile usually.
3773 * @param uCode The guest address of the code to disassemble. (flat?)
3774 * @param cb Number of bytes to disassemble.
3775 * @param fFlags Flags, probably something which tells if this is 16, 32 or 64 bit code.
3776 */
3777void target_disas(FILE *phFile, target_ulong uCode, target_ulong cb, int fFlags)
3778{
3779#ifdef DEBUG_TMP_LOGGING
3780# define DISAS_PRINTF(x...) fprintf(phFile, x)
3781#else
3782# define DISAS_PRINTF(x...) RTLogPrintf(x)
3783 if (LogIs2Enabled())
3784#endif
3785 {
3786 PVM pVM = cpu_single_env->pVM;
3787 PVMCPU pVCpu = cpu_single_env->pVCpu;
3788 RTSEL cs;
3789 RTGCUINTPTR eip;
3790
3791 Assert(pVCpu);
3792
3793 /*
3794 * Update the state so DBGF reads the correct register values (flags).
3795 */
3796 remR3StateUpdate(pVM, pVCpu);
3797
3798 /*
3799 * Do the disassembling.
3800 */
3801 DISAS_PRINTF("Guest Code: PC=%llx %llx bytes fFlags=%d\n", (uint64_t)uCode, (uint64_t)cb, fFlags);
3802 cs = cpu_single_env->segs[R_CS].selector;
3803 eip = uCode - cpu_single_env->segs[R_CS].base;
3804 for (;;)
3805 {
3806 char szBuf[256];
3807 uint32_t cbInstr;
3808 int rc = DBGFR3DisasInstrEx(pVM,
3809 pVCpu->idCpu,
3810 cs,
3811 eip,
3812 0,
3813 szBuf, sizeof(szBuf),
3814 &cbInstr);
3815 if (RT_SUCCESS(rc))
3816 DISAS_PRINTF("%llx %s\n", (uint64_t)uCode, szBuf);
3817 else
3818 {
3819 DISAS_PRINTF("%llx %04x:%llx: %s\n", (uint64_t)uCode, cs, (uint64_t)eip, szBuf);
3820 cbInstr = 1;
3821 }
3822
3823 /* next */
3824 if (cb <= cbInstr)
3825 break;
3826 cb -= cbInstr;
3827 uCode += cbInstr;
3828 eip += cbInstr;
3829 }
3830 }
3831#undef DISAS_PRINTF
3832}
3833
3834
3835/**
3836 * Looks up a guest symbol.
3837 *
3838 * @returns Pointer to symbol name. This is a static buffer.
3839 * @param orig_addr The address in question.
3840 */
3841const char *lookup_symbol(target_ulong orig_addr)
3842{
3843 PVM pVM = cpu_single_env->pVM;
3844 RTGCINTPTR off = 0;
3845 RTDBGSYMBOL Sym;
3846 DBGFADDRESS Addr;
3847
3848 int rc = DBGFR3AsSymbolByAddr(pVM, DBGF_AS_GLOBAL, DBGFR3AddrFromFlat(pVM, &Addr, orig_addr), &off, &Sym, NULL /*phMod*/);
3849 if (RT_SUCCESS(rc))
3850 {
3851 static char szSym[sizeof(Sym.szName) + 48];
3852 if (!off)
3853 RTStrPrintf(szSym, sizeof(szSym), "%s\n", Sym.szName);
3854 else if (off > 0)
3855 RTStrPrintf(szSym, sizeof(szSym), "%s+%x\n", Sym.szName, off);
3856 else
3857 RTStrPrintf(szSym, sizeof(szSym), "%s-%x\n", Sym.szName, -off);
3858 return szSym;
3859 }
3860 return "<N/A>";
3861}
3862
3863
3864#undef LOG_GROUP
3865#define LOG_GROUP LOG_GROUP_REM
3866
3867
3868/* -+- FF notifications -+- */
3869
3870
3871/**
3872 * Notification about a pending interrupt.
3873 *
3874 * @param pVM VM Handle.
3875 * @param pVCpu VMCPU Handle.
3876 * @param u8Interrupt Interrupt
3877 * @thread The emulation thread.
3878 */
3879REMR3DECL(void) REMR3NotifyPendingInterrupt(PVM pVM, PVMCPU pVCpu, uint8_t u8Interrupt)
3880{
3881 Assert(pVM->rem.s.u32PendingInterrupt == REM_NO_PENDING_IRQ);
3882 pVM->rem.s.u32PendingInterrupt = u8Interrupt;
3883}
3884
3885/**
3886 * Notification about a pending interrupt.
3887 *
3888 * @returns Pending interrupt or REM_NO_PENDING_IRQ
3889 * @param pVM VM Handle.
3890 * @param pVCpu VMCPU Handle.
3891 * @thread The emulation thread.
3892 */
3893REMR3DECL(uint32_t) REMR3QueryPendingInterrupt(PVM pVM, PVMCPU pVCpu)
3894{
3895 return pVM->rem.s.u32PendingInterrupt;
3896}
3897
3898/**
3899 * Notification about the interrupt FF being set.
3900 *
3901 * @param pVM VM Handle.
3902 * @param pVCpu VMCPU Handle.
3903 * @thread The emulation thread.
3904 */
3905REMR3DECL(void) REMR3NotifyInterruptSet(PVM pVM, PVMCPU pVCpu)
3906{
3907 LogFlow(("REMR3NotifyInterruptSet: fInRem=%d interrupts %s\n", pVM->rem.s.fInREM,
3908 (pVM->rem.s.Env.eflags & IF_MASK) && !(pVM->rem.s.Env.hflags & HF_INHIBIT_IRQ_MASK) ? "enabled" : "disabled"));
3909 if (pVM->rem.s.fInREM)
3910 {
3911 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
3912 CPU_INTERRUPT_EXTERNAL_HARD);
3913 }
3914}
3915
3916
3917/**
3918 * Notification about the interrupt FF being set.
3919 *
3920 * @param pVM VM Handle.
3921 * @param pVCpu VMCPU Handle.
3922 * @thread Any.
3923 */
3924REMR3DECL(void) REMR3NotifyInterruptClear(PVM pVM, PVMCPU pVCpu)
3925{
3926 LogFlow(("REMR3NotifyInterruptClear:\n"));
3927 if (pVM->rem.s.fInREM)
3928 cpu_reset_interrupt(cpu_single_env, CPU_INTERRUPT_HARD);
3929}
3930
3931
3932/**
3933 * Notification about pending timer(s).
3934 *
3935 * @param pVM VM Handle.
3936 * @param pVCpuDst The target cpu for this notification.
3937 * TM will not broadcast pending timer events, but use
3938 * a decidated EMT for them. So, only interrupt REM
3939 * execution if the given CPU is executing in REM.
3940 * @thread Any.
3941 */
3942REMR3DECL(void) REMR3NotifyTimerPending(PVM pVM, PVMCPU pVCpuDst)
3943{
3944#ifndef DEBUG_bird
3945 LogFlow(("REMR3NotifyTimerPending: fInRem=%d\n", pVM->rem.s.fInREM));
3946#endif
3947 if (pVM->rem.s.fInREM)
3948 {
3949 if (pVM->rem.s.Env.pVCpu == pVCpuDst)
3950 {
3951 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: setting\n"));
3952 ASMAtomicOrS32((int32_t volatile *)&pVM->rem.s.Env.interrupt_request,
3953 CPU_INTERRUPT_EXTERNAL_TIMER);
3954 }
3955 else
3956 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: pVCpu:%p != pVCpuDst:%p\n", pVM->rem.s.Env.pVCpu, pVCpuDst));
3957 }
3958 else
3959 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: !fInREM; cpu state=%d\n", VMCPU_GET_STATE(pVCpuDst)));
3960}
3961
3962
3963/**
3964 * Notification about pending DMA transfers.
3965 *
3966 * @param pVM VM Handle.
3967 * @thread Any.
3968 */
3969REMR3DECL(void) REMR3NotifyDmaPending(PVM pVM)
3970{
3971 LogFlow(("REMR3NotifyDmaPending: fInRem=%d\n", pVM->rem.s.fInREM));
3972 if (pVM->rem.s.fInREM)
3973 {
3974 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
3975 CPU_INTERRUPT_EXTERNAL_DMA);
3976 }
3977}
3978
3979
3980/**
3981 * Notification about pending timer(s).
3982 *
3983 * @param pVM VM Handle.
3984 * @thread Any.
3985 */
3986REMR3DECL(void) REMR3NotifyQueuePending(PVM pVM)
3987{
3988 LogFlow(("REMR3NotifyQueuePending: fInRem=%d\n", pVM->rem.s.fInREM));
3989 if (pVM->rem.s.fInREM)
3990 {
3991 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
3992 CPU_INTERRUPT_EXTERNAL_EXIT);
3993 }
3994}
3995
3996
3997/**
3998 * Notification about pending FF set by an external thread.
3999 *
4000 * @param pVM VM handle.
4001 * @thread Any.
4002 */
4003REMR3DECL(void) REMR3NotifyFF(PVM pVM)
4004{
4005 LogFlow(("REMR3NotifyFF: fInRem=%d\n", pVM->rem.s.fInREM));
4006 if (pVM->rem.s.fInREM)
4007 {
4008 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4009 CPU_INTERRUPT_EXTERNAL_EXIT);
4010 }
4011}
4012
4013
4014#ifdef VBOX_WITH_STATISTICS
4015void remR3ProfileStart(int statcode)
4016{
4017 STAMPROFILEADV *pStat;
4018 switch(statcode)
4019 {
4020 case STATS_EMULATE_SINGLE_INSTR:
4021 pStat = &gStatExecuteSingleInstr;
4022 break;
4023 case STATS_QEMU_COMPILATION:
4024 pStat = &gStatCompilationQEmu;
4025 break;
4026 case STATS_QEMU_RUN_EMULATED_CODE:
4027 pStat = &gStatRunCodeQEmu;
4028 break;
4029 case STATS_QEMU_TOTAL:
4030 pStat = &gStatTotalTimeQEmu;
4031 break;
4032 case STATS_QEMU_RUN_TIMERS:
4033 pStat = &gStatTimers;
4034 break;
4035 case STATS_TLB_LOOKUP:
4036 pStat= &gStatTBLookup;
4037 break;
4038 case STATS_IRQ_HANDLING:
4039 pStat= &gStatIRQ;
4040 break;
4041 case STATS_RAW_CHECK:
4042 pStat = &gStatRawCheck;
4043 break;
4044
4045 default:
4046 AssertMsgFailed(("unknown stat %d\n", statcode));
4047 return;
4048 }
4049 STAM_PROFILE_ADV_START(pStat, a);
4050}
4051
4052
4053void remR3ProfileStop(int statcode)
4054{
4055 STAMPROFILEADV *pStat;
4056 switch(statcode)
4057 {
4058 case STATS_EMULATE_SINGLE_INSTR:
4059 pStat = &gStatExecuteSingleInstr;
4060 break;
4061 case STATS_QEMU_COMPILATION:
4062 pStat = &gStatCompilationQEmu;
4063 break;
4064 case STATS_QEMU_RUN_EMULATED_CODE:
4065 pStat = &gStatRunCodeQEmu;
4066 break;
4067 case STATS_QEMU_TOTAL:
4068 pStat = &gStatTotalTimeQEmu;
4069 break;
4070 case STATS_QEMU_RUN_TIMERS:
4071 pStat = &gStatTimers;
4072 break;
4073 case STATS_TLB_LOOKUP:
4074 pStat= &gStatTBLookup;
4075 break;
4076 case STATS_IRQ_HANDLING:
4077 pStat= &gStatIRQ;
4078 break;
4079 case STATS_RAW_CHECK:
4080 pStat = &gStatRawCheck;
4081 break;
4082 default:
4083 AssertMsgFailed(("unknown stat %d\n", statcode));
4084 return;
4085 }
4086 STAM_PROFILE_ADV_STOP(pStat, a);
4087}
4088#endif
4089
4090/**
4091 * Raise an RC, force rem exit.
4092 *
4093 * @param pVM VM handle.
4094 * @param rc The rc.
4095 */
4096void remR3RaiseRC(PVM pVM, int rc)
4097{
4098 Log(("remR3RaiseRC: rc=%Rrc\n", rc));
4099 Assert(pVM->rem.s.fInREM);
4100 VM_ASSERT_EMT(pVM);
4101 pVM->rem.s.rc = rc;
4102 cpu_interrupt(&pVM->rem.s.Env, CPU_INTERRUPT_RC);
4103}
4104
4105
4106/* -+- timers -+- */
4107
4108uint64_t cpu_get_tsc(CPUX86State *env)
4109{
4110 STAM_COUNTER_INC(&gStatCpuGetTSC);
4111 return TMCpuTickGet(env->pVCpu);
4112}
4113
4114
4115/* -+- interrupts -+- */
4116
4117void cpu_set_ferr(CPUX86State *env)
4118{
4119 int rc = PDMIsaSetIrq(env->pVM, 13, 1);
4120 LogFlow(("cpu_set_ferr: rc=%d\n", rc)); NOREF(rc);
4121}
4122
4123int cpu_get_pic_interrupt(CPUState *env)
4124{
4125 uint8_t u8Interrupt;
4126 int rc;
4127
4128 /* When we fail to forward interrupts directly in raw mode, we fall back to the recompiler.
4129 * In that case we can't call PDMGetInterrupt anymore, because it has already cleared the interrupt
4130 * with the (a)pic.
4131 */
4132 /** @note We assume we will go directly to the recompiler to handle the pending interrupt! */
4133 /** @todo r=bird: In the long run we should just do the interrupt handling in EM/CPUM/TRPM/somewhere and
4134 * if we cannot execute the interrupt handler in raw-mode just reschedule to REM. Once that is done we
4135 * remove this kludge. */
4136 if (env->pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ)
4137 {
4138 rc = VINF_SUCCESS;
4139 Assert(env->pVM->rem.s.u32PendingInterrupt <= 255);
4140 u8Interrupt = env->pVM->rem.s.u32PendingInterrupt;
4141 env->pVM->rem.s.u32PendingInterrupt = REM_NO_PENDING_IRQ;
4142 }
4143 else
4144 rc = PDMGetInterrupt(env->pVCpu, &u8Interrupt);
4145
4146 LogFlow(("cpu_get_pic_interrupt: u8Interrupt=%d rc=%Rrc\n", u8Interrupt, rc));
4147 if (RT_SUCCESS(rc))
4148 {
4149 if (VMCPU_FF_ISPENDING(env->pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC))
4150 env->interrupt_request |= CPU_INTERRUPT_HARD;
4151 return u8Interrupt;
4152 }
4153 return -1;
4154}
4155
4156
4157/* -+- local apic -+- */
4158
4159void cpu_set_apic_base(CPUX86State *env, uint64_t val)
4160{
4161 int rc = PDMApicSetBase(env->pVM, val);
4162 LogFlow(("cpu_set_apic_base: val=%#llx rc=%Rrc\n", val, rc)); NOREF(rc);
4163}
4164
4165uint64_t cpu_get_apic_base(CPUX86State *env)
4166{
4167 uint64_t u64;
4168 int rc = PDMApicGetBase(env->pVM, &u64);
4169 if (RT_SUCCESS(rc))
4170 {
4171 LogFlow(("cpu_get_apic_base: returns %#llx \n", u64));
4172 return u64;
4173 }
4174 LogFlow(("cpu_get_apic_base: returns 0 (rc=%Rrc)\n", rc));
4175 return 0;
4176}
4177
4178void cpu_set_apic_tpr(CPUX86State *env, uint8_t val)
4179{
4180 int rc = PDMApicSetTPR(env->pVCpu, val << 4); /* cr8 bits 3-0 correspond to bits 7-4 of the task priority mmio register. */
4181 LogFlow(("cpu_set_apic_tpr: val=%#x rc=%Rrc\n", val, rc)); NOREF(rc);
4182}
4183
4184uint8_t cpu_get_apic_tpr(CPUX86State *env)
4185{
4186 uint8_t u8;
4187 int rc = PDMApicGetTPR(env->pVCpu, &u8, NULL);
4188 if (RT_SUCCESS(rc))
4189 {
4190 LogFlow(("cpu_get_apic_tpr: returns %#x\n", u8));
4191 return u8 >> 4; /* cr8 bits 3-0 correspond to bits 7-4 of the task priority mmio register. */
4192 }
4193 LogFlow(("cpu_get_apic_tpr: returns 0 (rc=%Rrc)\n", rc));
4194 return 0;
4195}
4196
4197
4198uint64_t cpu_apic_rdmsr(CPUX86State *env, uint32_t reg)
4199{
4200 uint64_t value;
4201 int rc = PDMApicReadMSR(env->pVM, 0/* cpu */, reg, &value);
4202 if (RT_SUCCESS(rc))
4203 {
4204 LogFlow(("cpu_apic_rdms returns %#x\n", value));
4205 return value;
4206 }
4207 /** @todo: exception ? */
4208 LogFlow(("cpu_apic_rdms returns 0 (rc=%Rrc)\n", rc));
4209 return value;
4210}
4211
4212void cpu_apic_wrmsr(CPUX86State *env, uint32_t reg, uint64_t value)
4213{
4214 int rc = PDMApicWriteMSR(env->pVM, 0 /* cpu */, reg, value);
4215 /** @todo: exception if error ? */
4216 LogFlow(("cpu_apic_wrmsr: rc=%Rrc\n", rc)); NOREF(rc);
4217}
4218
4219uint64_t cpu_rdmsr(CPUX86State *env, uint32_t msr)
4220{
4221 Assert(env->pVCpu);
4222 return CPUMGetGuestMsr(env->pVCpu, msr);
4223}
4224
4225void cpu_wrmsr(CPUX86State *env, uint32_t msr, uint64_t val)
4226{
4227 Assert(env->pVCpu);
4228 CPUMSetGuestMsr(env->pVCpu, msr, val);
4229}
4230
4231/* -+- I/O Ports -+- */
4232
4233#undef LOG_GROUP
4234#define LOG_GROUP LOG_GROUP_REM_IOPORT
4235
4236void cpu_outb(CPUState *env, int addr, int val)
4237{
4238 int rc;
4239
4240 if (addr != 0x80 && addr != 0x70 && addr != 0x61)
4241 Log2(("cpu_outb: addr=%#06x val=%#x\n", addr, val));
4242
4243 rc = IOMIOPortWrite(env->pVM, (RTIOPORT)addr, val, 1);
4244 if (RT_LIKELY(rc == VINF_SUCCESS))
4245 return;
4246 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4247 {
4248 Log(("cpu_outb: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4249 remR3RaiseRC(env->pVM, rc);
4250 return;
4251 }
4252 remAbort(rc, __FUNCTION__);
4253}
4254
4255void cpu_outw(CPUState *env, int addr, int val)
4256{
4257 //Log2(("cpu_outw: addr=%#06x val=%#x\n", addr, val));
4258 int rc = IOMIOPortWrite(env->pVM, (RTIOPORT)addr, val, 2);
4259 if (RT_LIKELY(rc == VINF_SUCCESS))
4260 return;
4261 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4262 {
4263 Log(("cpu_outw: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4264 remR3RaiseRC(env->pVM, rc);
4265 return;
4266 }
4267 remAbort(rc, __FUNCTION__);
4268}
4269
4270void cpu_outl(CPUState *env, int addr, int val)
4271{
4272 int rc;
4273 Log2(("cpu_outl: addr=%#06x val=%#x\n", addr, val));
4274 rc = IOMIOPortWrite(env->pVM, (RTIOPORT)addr, val, 4);
4275 if (RT_LIKELY(rc == VINF_SUCCESS))
4276 return;
4277 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4278 {
4279 Log(("cpu_outl: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4280 remR3RaiseRC(env->pVM, rc);
4281 return;
4282 }
4283 remAbort(rc, __FUNCTION__);
4284}
4285
4286int cpu_inb(CPUState *env, int addr)
4287{
4288 uint32_t u32 = 0;
4289 int rc = IOMIOPortRead(env->pVM, (RTIOPORT)addr, &u32, 1);
4290 if (RT_LIKELY(rc == VINF_SUCCESS))
4291 {
4292 if (/*addr != 0x61 && */addr != 0x71)
4293 Log2(("cpu_inb: addr=%#06x -> %#x\n", addr, u32));
4294 return (int)u32;
4295 }
4296 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4297 {
4298 Log(("cpu_inb: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4299 remR3RaiseRC(env->pVM, rc);
4300 return (int)u32;
4301 }
4302 remAbort(rc, __FUNCTION__);
4303 return 0xff;
4304}
4305
4306int cpu_inw(CPUState *env, int addr)
4307{
4308 uint32_t u32 = 0;
4309 int rc = IOMIOPortRead(env->pVM, (RTIOPORT)addr, &u32, 2);
4310 if (RT_LIKELY(rc == VINF_SUCCESS))
4311 {
4312 Log2(("cpu_inw: addr=%#06x -> %#x\n", addr, u32));
4313 return (int)u32;
4314 }
4315 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4316 {
4317 Log(("cpu_inw: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4318 remR3RaiseRC(env->pVM, rc);
4319 return (int)u32;
4320 }
4321 remAbort(rc, __FUNCTION__);
4322 return 0xffff;
4323}
4324
4325int cpu_inl(CPUState *env, int addr)
4326{
4327 uint32_t u32 = 0;
4328 int rc = IOMIOPortRead(env->pVM, (RTIOPORT)addr, &u32, 4);
4329 if (RT_LIKELY(rc == VINF_SUCCESS))
4330 {
4331//if (addr==0x01f0 && u32 == 0x6b6d)
4332// loglevel = ~0;
4333 Log2(("cpu_inl: addr=%#06x -> %#x\n", addr, u32));
4334 return (int)u32;
4335 }
4336 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4337 {
4338 Log(("cpu_inl: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4339 remR3RaiseRC(env->pVM, rc);
4340 return (int)u32;
4341 }
4342 remAbort(rc, __FUNCTION__);
4343 return 0xffffffff;
4344}
4345
4346#undef LOG_GROUP
4347#define LOG_GROUP LOG_GROUP_REM
4348
4349
4350/* -+- helpers and misc other interfaces -+- */
4351
4352/**
4353 * Perform the CPUID instruction.
4354 *
4355 * ASMCpuId cannot be invoked from some source files where this is used because of global
4356 * register allocations.
4357 *
4358 * @param env Pointer to the recompiler CPU structure.
4359 * @param uOperator CPUID operation (eax).
4360 * @param pvEAX Where to store eax.
4361 * @param pvEBX Where to store ebx.
4362 * @param pvECX Where to store ecx.
4363 * @param pvEDX Where to store edx.
4364 */
4365void remR3CpuId(CPUState *env, unsigned uOperator, void *pvEAX, void *pvEBX, void *pvECX, void *pvEDX)
4366{
4367 CPUMGetGuestCpuId(env->pVCpu, uOperator, (uint32_t *)pvEAX, (uint32_t *)pvEBX, (uint32_t *)pvECX, (uint32_t *)pvEDX);
4368}
4369
4370
4371#if 0 /* not used */
4372/**
4373 * Interface for qemu hardware to report back fatal errors.
4374 */
4375void hw_error(const char *pszFormat, ...)
4376{
4377 /*
4378 * Bitch about it.
4379 */
4380 /** @todo Add support for nested arg lists in the LogPrintfV routine! I've code for
4381 * this in my Odin32 tree at home! */
4382 va_list args;
4383 va_start(args, pszFormat);
4384 RTLogPrintf("fatal error in virtual hardware:");
4385 RTLogPrintfV(pszFormat, args);
4386 va_end(args);
4387 AssertReleaseMsgFailed(("fatal error in virtual hardware: %s\n", pszFormat));
4388
4389 /*
4390 * If we're in REM context we'll sync back the state before 'jumping' to
4391 * the EMs failure handling.
4392 */
4393 PVM pVM = cpu_single_env->pVM;
4394 if (pVM->rem.s.fInREM)
4395 REMR3StateBack(pVM);
4396 EMR3FatalError(pVM, VERR_REM_VIRTUAL_HARDWARE_ERROR);
4397 AssertMsgFailed(("EMR3FatalError returned!\n"));
4398}
4399#endif
4400
4401/**
4402 * Interface for the qemu cpu to report unhandled situation
4403 * raising a fatal VM error.
4404 */
4405void cpu_abort(CPUState *env, const char *pszFormat, ...)
4406{
4407 va_list va;
4408 PVM pVM;
4409 PVMCPU pVCpu;
4410 char szMsg[256];
4411
4412 /*
4413 * Bitch about it.
4414 */
4415 RTLogFlags(NULL, "nodisabled nobuffered");
4416 RTLogFlush(NULL);
4417
4418 va_start(va, pszFormat);
4419#if defined(RT_OS_WINDOWS) && ARCH_BITS == 64
4420 /* It's a bit complicated when mixing MSC and GCC on AMD64. This is a bit ugly, but it works. */
4421 unsigned cArgs = 0;
4422 uintptr_t auArgs[6] = {0,0,0,0,0,0};
4423 const char *psz = strchr(pszFormat, '%');
4424 while (psz && cArgs < 6)
4425 {
4426 auArgs[cArgs++] = va_arg(va, uintptr_t);
4427 psz = strchr(psz + 1, '%');
4428 }
4429 switch (cArgs)
4430 {
4431 case 1: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0]); break;
4432 case 2: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1]); break;
4433 case 3: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2]); break;
4434 case 4: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3]); break;
4435 case 5: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3], auArgs[4]); break;
4436 case 6: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3], auArgs[4], auArgs[5]); break;
4437 default:
4438 case 0: RTStrPrintf(szMsg, sizeof(szMsg), "%s", pszFormat); break;
4439 }
4440#else
4441 RTStrPrintfV(szMsg, sizeof(szMsg), pszFormat, va);
4442#endif
4443 va_end(va);
4444
4445 RTLogPrintf("fatal error in recompiler cpu: %s\n", szMsg);
4446 RTLogRelPrintf("fatal error in recompiler cpu: %s\n", szMsg);
4447
4448 /*
4449 * If we're in REM context we'll sync back the state before 'jumping' to
4450 * the EMs failure handling.
4451 */
4452 pVM = cpu_single_env->pVM;
4453 pVCpu = cpu_single_env->pVCpu;
4454 Assert(pVCpu);
4455
4456 if (pVM->rem.s.fInREM)
4457 REMR3StateBack(pVM, pVCpu);
4458 EMR3FatalError(pVCpu, VERR_REM_VIRTUAL_CPU_ERROR);
4459 AssertMsgFailed(("EMR3FatalError returned!\n"));
4460}
4461
4462
4463/**
4464 * Aborts the VM.
4465 *
4466 * @param rc VBox error code.
4467 * @param pszTip Hint about why/when this happend.
4468 */
4469void remAbort(int rc, const char *pszTip)
4470{
4471 PVM pVM;
4472 PVMCPU pVCpu;
4473
4474 /*
4475 * Bitch about it.
4476 */
4477 RTLogPrintf("internal REM fatal error: rc=%Rrc %s\n", rc, pszTip);
4478 AssertReleaseMsgFailed(("internal REM fatal error: rc=%Rrc %s\n", rc, pszTip));
4479
4480 /*
4481 * Jump back to where we entered the recompiler.
4482 */
4483 pVM = cpu_single_env->pVM;
4484 pVCpu = cpu_single_env->pVCpu;
4485 Assert(pVCpu);
4486
4487 if (pVM->rem.s.fInREM)
4488 REMR3StateBack(pVM, pVCpu);
4489
4490 EMR3FatalError(pVCpu, rc);
4491 AssertMsgFailed(("EMR3FatalError returned!\n"));
4492}
4493
4494
4495/**
4496 * Dumps a linux system call.
4497 * @param pVCpu VMCPU handle.
4498 */
4499void remR3DumpLnxSyscall(PVMCPU pVCpu)
4500{
4501 static const char *apsz[] =
4502 {
4503 "sys_restart_syscall", /* 0 - old "setup()" system call, used for restarting */
4504 "sys_exit",
4505 "sys_fork",
4506 "sys_read",
4507 "sys_write",
4508 "sys_open", /* 5 */
4509 "sys_close",
4510 "sys_waitpid",
4511 "sys_creat",
4512 "sys_link",
4513 "sys_unlink", /* 10 */
4514 "sys_execve",
4515 "sys_chdir",
4516 "sys_time",
4517 "sys_mknod",
4518 "sys_chmod", /* 15 */
4519 "sys_lchown16",
4520 "sys_ni_syscall", /* old break syscall holder */
4521 "sys_stat",
4522 "sys_lseek",
4523 "sys_getpid", /* 20 */
4524 "sys_mount",
4525 "sys_oldumount",
4526 "sys_setuid16",
4527 "sys_getuid16",
4528 "sys_stime", /* 25 */
4529 "sys_ptrace",
4530 "sys_alarm",
4531 "sys_fstat",
4532 "sys_pause",
4533 "sys_utime", /* 30 */
4534 "sys_ni_syscall", /* old stty syscall holder */
4535 "sys_ni_syscall", /* old gtty syscall holder */
4536 "sys_access",
4537 "sys_nice",
4538 "sys_ni_syscall", /* 35 - old ftime syscall holder */
4539 "sys_sync",
4540 "sys_kill",
4541 "sys_rename",
4542 "sys_mkdir",
4543 "sys_rmdir", /* 40 */
4544 "sys_dup",
4545 "sys_pipe",
4546 "sys_times",
4547 "sys_ni_syscall", /* old prof syscall holder */
4548 "sys_brk", /* 45 */
4549 "sys_setgid16",
4550 "sys_getgid16",
4551 "sys_signal",
4552 "sys_geteuid16",
4553 "sys_getegid16", /* 50 */
4554 "sys_acct",
4555 "sys_umount", /* recycled never used phys() */
4556 "sys_ni_syscall", /* old lock syscall holder */
4557 "sys_ioctl",
4558 "sys_fcntl", /* 55 */
4559 "sys_ni_syscall", /* old mpx syscall holder */
4560 "sys_setpgid",
4561 "sys_ni_syscall", /* old ulimit syscall holder */
4562 "sys_olduname",
4563 "sys_umask", /* 60 */
4564 "sys_chroot",
4565 "sys_ustat",
4566 "sys_dup2",
4567 "sys_getppid",
4568 "sys_getpgrp", /* 65 */
4569 "sys_setsid",
4570 "sys_sigaction",
4571 "sys_sgetmask",
4572 "sys_ssetmask",
4573 "sys_setreuid16", /* 70 */
4574 "sys_setregid16",
4575 "sys_sigsuspend",
4576 "sys_sigpending",
4577 "sys_sethostname",
4578 "sys_setrlimit", /* 75 */
4579 "sys_old_getrlimit",
4580 "sys_getrusage",
4581 "sys_gettimeofday",
4582 "sys_settimeofday",
4583 "sys_getgroups16", /* 80 */
4584 "sys_setgroups16",
4585 "old_select",
4586 "sys_symlink",
4587 "sys_lstat",
4588 "sys_readlink", /* 85 */
4589 "sys_uselib",
4590 "sys_swapon",
4591 "sys_reboot",
4592 "old_readdir",
4593 "old_mmap", /* 90 */
4594 "sys_munmap",
4595 "sys_truncate",
4596 "sys_ftruncate",
4597 "sys_fchmod",
4598 "sys_fchown16", /* 95 */
4599 "sys_getpriority",
4600 "sys_setpriority",
4601 "sys_ni_syscall", /* old profil syscall holder */
4602 "sys_statfs",
4603 "sys_fstatfs", /* 100 */
4604 "sys_ioperm",
4605 "sys_socketcall",
4606 "sys_syslog",
4607 "sys_setitimer",
4608 "sys_getitimer", /* 105 */
4609 "sys_newstat",
4610 "sys_newlstat",
4611 "sys_newfstat",
4612 "sys_uname",
4613 "sys_iopl", /* 110 */
4614 "sys_vhangup",
4615 "sys_ni_syscall", /* old "idle" system call */
4616 "sys_vm86old",
4617 "sys_wait4",
4618 "sys_swapoff", /* 115 */
4619 "sys_sysinfo",
4620 "sys_ipc",
4621 "sys_fsync",
4622 "sys_sigreturn",
4623 "sys_clone", /* 120 */
4624 "sys_setdomainname",
4625 "sys_newuname",
4626 "sys_modify_ldt",
4627 "sys_adjtimex",
4628 "sys_mprotect", /* 125 */
4629 "sys_sigprocmask",
4630 "sys_ni_syscall", /* old "create_module" */
4631 "sys_init_module",
4632 "sys_delete_module",
4633 "sys_ni_syscall", /* 130: old "get_kernel_syms" */
4634 "sys_quotactl",
4635 "sys_getpgid",
4636 "sys_fchdir",
4637 "sys_bdflush",
4638 "sys_sysfs", /* 135 */
4639 "sys_personality",
4640 "sys_ni_syscall", /* reserved for afs_syscall */
4641 "sys_setfsuid16",
4642 "sys_setfsgid16",
4643 "sys_llseek", /* 140 */
4644 "sys_getdents",
4645 "sys_select",
4646 "sys_flock",
4647 "sys_msync",
4648 "sys_readv", /* 145 */
4649 "sys_writev",
4650 "sys_getsid",
4651 "sys_fdatasync",
4652 "sys_sysctl",
4653 "sys_mlock", /* 150 */
4654 "sys_munlock",
4655 "sys_mlockall",
4656 "sys_munlockall",
4657 "sys_sched_setparam",
4658 "sys_sched_getparam", /* 155 */
4659 "sys_sched_setscheduler",
4660 "sys_sched_getscheduler",
4661 "sys_sched_yield",
4662 "sys_sched_get_priority_max",
4663 "sys_sched_get_priority_min", /* 160 */
4664 "sys_sched_rr_get_interval",
4665 "sys_nanosleep",
4666 "sys_mremap",
4667 "sys_setresuid16",
4668 "sys_getresuid16", /* 165 */
4669 "sys_vm86",
4670 "sys_ni_syscall", /* Old sys_query_module */
4671 "sys_poll",
4672 "sys_nfsservctl",
4673 "sys_setresgid16", /* 170 */
4674 "sys_getresgid16",
4675 "sys_prctl",
4676 "sys_rt_sigreturn",
4677 "sys_rt_sigaction",
4678 "sys_rt_sigprocmask", /* 175 */
4679 "sys_rt_sigpending",
4680 "sys_rt_sigtimedwait",
4681 "sys_rt_sigqueueinfo",
4682 "sys_rt_sigsuspend",
4683 "sys_pread64", /* 180 */
4684 "sys_pwrite64",
4685 "sys_chown16",
4686 "sys_getcwd",
4687 "sys_capget",
4688 "sys_capset", /* 185 */
4689 "sys_sigaltstack",
4690 "sys_sendfile",
4691 "sys_ni_syscall", /* reserved for streams1 */
4692 "sys_ni_syscall", /* reserved for streams2 */
4693 "sys_vfork", /* 190 */
4694 "sys_getrlimit",
4695 "sys_mmap2",
4696 "sys_truncate64",
4697 "sys_ftruncate64",
4698 "sys_stat64", /* 195 */
4699 "sys_lstat64",
4700 "sys_fstat64",
4701 "sys_lchown",
4702 "sys_getuid",
4703 "sys_getgid", /* 200 */
4704 "sys_geteuid",
4705 "sys_getegid",
4706 "sys_setreuid",
4707 "sys_setregid",
4708 "sys_getgroups", /* 205 */
4709 "sys_setgroups",
4710 "sys_fchown",
4711 "sys_setresuid",
4712 "sys_getresuid",
4713 "sys_setresgid", /* 210 */
4714 "sys_getresgid",
4715 "sys_chown",
4716 "sys_setuid",
4717 "sys_setgid",
4718 "sys_setfsuid", /* 215 */
4719 "sys_setfsgid",
4720 "sys_pivot_root",
4721 "sys_mincore",
4722 "sys_madvise",
4723 "sys_getdents64", /* 220 */
4724 "sys_fcntl64",
4725 "sys_ni_syscall", /* reserved for TUX */
4726 "sys_ni_syscall",
4727 "sys_gettid",
4728 "sys_readahead", /* 225 */
4729 "sys_setxattr",
4730 "sys_lsetxattr",
4731 "sys_fsetxattr",
4732 "sys_getxattr",
4733 "sys_lgetxattr", /* 230 */
4734 "sys_fgetxattr",
4735 "sys_listxattr",
4736 "sys_llistxattr",
4737 "sys_flistxattr",
4738 "sys_removexattr", /* 235 */
4739 "sys_lremovexattr",
4740 "sys_fremovexattr",
4741 "sys_tkill",
4742 "sys_sendfile64",
4743 "sys_futex", /* 240 */
4744 "sys_sched_setaffinity",
4745 "sys_sched_getaffinity",
4746 "sys_set_thread_area",
4747 "sys_get_thread_area",
4748 "sys_io_setup", /* 245 */
4749 "sys_io_destroy",
4750 "sys_io_getevents",
4751 "sys_io_submit",
4752 "sys_io_cancel",
4753 "sys_fadvise64", /* 250 */
4754 "sys_ni_syscall",
4755 "sys_exit_group",
4756 "sys_lookup_dcookie",
4757 "sys_epoll_create",
4758 "sys_epoll_ctl", /* 255 */
4759 "sys_epoll_wait",
4760 "sys_remap_file_pages",
4761 "sys_set_tid_address",
4762 "sys_timer_create",
4763 "sys_timer_settime", /* 260 */
4764 "sys_timer_gettime",
4765 "sys_timer_getoverrun",
4766 "sys_timer_delete",
4767 "sys_clock_settime",
4768 "sys_clock_gettime", /* 265 */
4769 "sys_clock_getres",
4770 "sys_clock_nanosleep",
4771 "sys_statfs64",
4772 "sys_fstatfs64",
4773 "sys_tgkill", /* 270 */
4774 "sys_utimes",
4775 "sys_fadvise64_64",
4776 "sys_ni_syscall" /* sys_vserver */
4777 };
4778
4779 uint32_t uEAX = CPUMGetGuestEAX(pVCpu);
4780 switch (uEAX)
4781 {
4782 default:
4783 if (uEAX < RT_ELEMENTS(apsz))
4784 Log(("REM: linux syscall %3d: %s (eip=%08x ebx=%08x ecx=%08x edx=%08x esi=%08x edi=%08x ebp=%08x)\n",
4785 uEAX, apsz[uEAX], CPUMGetGuestEIP(pVCpu), CPUMGetGuestEBX(pVCpu), CPUMGetGuestECX(pVCpu),
4786 CPUMGetGuestEDX(pVCpu), CPUMGetGuestESI(pVCpu), CPUMGetGuestEDI(pVCpu), CPUMGetGuestEBP(pVCpu)));
4787 else
4788 Log(("eip=%08x: linux syscall %d (#%x) unknown\n", CPUMGetGuestEIP(pVCpu), uEAX, uEAX));
4789 break;
4790
4791 }
4792}
4793
4794
4795/**
4796 * Dumps an OpenBSD system call.
4797 * @param pVCpu VMCPU handle.
4798 */
4799void remR3DumpOBsdSyscall(PVMCPU pVCpu)
4800{
4801 static const char *apsz[] =
4802 {
4803 "SYS_syscall", //0
4804 "SYS_exit", //1
4805 "SYS_fork", //2
4806 "SYS_read", //3
4807 "SYS_write", //4
4808 "SYS_open", //5
4809 "SYS_close", //6
4810 "SYS_wait4", //7
4811 "SYS_8",
4812 "SYS_link", //9
4813 "SYS_unlink", //10
4814 "SYS_11",
4815 "SYS_chdir", //12
4816 "SYS_fchdir", //13
4817 "SYS_mknod", //14
4818 "SYS_chmod", //15
4819 "SYS_chown", //16
4820 "SYS_break", //17
4821 "SYS_18",
4822 "SYS_19",
4823 "SYS_getpid", //20
4824 "SYS_mount", //21
4825 "SYS_unmount", //22
4826 "SYS_setuid", //23
4827 "SYS_getuid", //24
4828 "SYS_geteuid", //25
4829 "SYS_ptrace", //26
4830 "SYS_recvmsg", //27
4831 "SYS_sendmsg", //28
4832 "SYS_recvfrom", //29
4833 "SYS_accept", //30
4834 "SYS_getpeername", //31
4835 "SYS_getsockname", //32
4836 "SYS_access", //33
4837 "SYS_chflags", //34
4838 "SYS_fchflags", //35
4839 "SYS_sync", //36
4840 "SYS_kill", //37
4841 "SYS_38",
4842 "SYS_getppid", //39
4843 "SYS_40",
4844 "SYS_dup", //41
4845 "SYS_opipe", //42
4846 "SYS_getegid", //43
4847 "SYS_profil", //44
4848 "SYS_ktrace", //45
4849 "SYS_sigaction", //46
4850 "SYS_getgid", //47
4851 "SYS_sigprocmask", //48
4852 "SYS_getlogin", //49
4853 "SYS_setlogin", //50
4854 "SYS_acct", //51
4855 "SYS_sigpending", //52
4856 "SYS_osigaltstack", //53
4857 "SYS_ioctl", //54
4858 "SYS_reboot", //55
4859 "SYS_revoke", //56
4860 "SYS_symlink", //57
4861 "SYS_readlink", //58
4862 "SYS_execve", //59
4863 "SYS_umask", //60
4864 "SYS_chroot", //61
4865 "SYS_62",
4866 "SYS_63",
4867 "SYS_64",
4868 "SYS_65",
4869 "SYS_vfork", //66
4870 "SYS_67",
4871 "SYS_68",
4872 "SYS_sbrk", //69
4873 "SYS_sstk", //70
4874 "SYS_61",
4875 "SYS_vadvise", //72
4876 "SYS_munmap", //73
4877 "SYS_mprotect", //74
4878 "SYS_madvise", //75
4879 "SYS_76",
4880 "SYS_77",
4881 "SYS_mincore", //78
4882 "SYS_getgroups", //79
4883 "SYS_setgroups", //80
4884 "SYS_getpgrp", //81
4885 "SYS_setpgid", //82
4886 "SYS_setitimer", //83
4887 "SYS_84",
4888 "SYS_85",
4889 "SYS_getitimer", //86
4890 "SYS_87",
4891 "SYS_88",
4892 "SYS_89",
4893 "SYS_dup2", //90
4894 "SYS_91",
4895 "SYS_fcntl", //92
4896 "SYS_select", //93
4897 "SYS_94",
4898 "SYS_fsync", //95
4899 "SYS_setpriority", //96
4900 "SYS_socket", //97
4901 "SYS_connect", //98
4902 "SYS_99",
4903 "SYS_getpriority", //100
4904 "SYS_101",
4905 "SYS_102",
4906 "SYS_sigreturn", //103
4907 "SYS_bind", //104
4908 "SYS_setsockopt", //105
4909 "SYS_listen", //106
4910 "SYS_107",
4911 "SYS_108",
4912 "SYS_109",
4913 "SYS_110",
4914 "SYS_sigsuspend", //111
4915 "SYS_112",
4916 "SYS_113",
4917 "SYS_114",
4918 "SYS_115",
4919 "SYS_gettimeofday", //116
4920 "SYS_getrusage", //117
4921 "SYS_getsockopt", //118
4922 "SYS_119",
4923 "SYS_readv", //120
4924 "SYS_writev", //121
4925 "SYS_settimeofday", //122
4926 "SYS_fchown", //123
4927 "SYS_fchmod", //124
4928 "SYS_125",
4929 "SYS_setreuid", //126
4930 "SYS_setregid", //127
4931 "SYS_rename", //128
4932 "SYS_129",
4933 "SYS_130",
4934 "SYS_flock", //131
4935 "SYS_mkfifo", //132
4936 "SYS_sendto", //133
4937 "SYS_shutdown", //134
4938 "SYS_socketpair", //135
4939 "SYS_mkdir", //136
4940 "SYS_rmdir", //137
4941 "SYS_utimes", //138
4942 "SYS_139",
4943 "SYS_adjtime", //140
4944 "SYS_141",
4945 "SYS_142",
4946 "SYS_143",
4947 "SYS_144",
4948 "SYS_145",
4949 "SYS_146",
4950 "SYS_setsid", //147
4951 "SYS_quotactl", //148
4952 "SYS_149",
4953 "SYS_150",
4954 "SYS_151",
4955 "SYS_152",
4956 "SYS_153",
4957 "SYS_154",
4958 "SYS_nfssvc", //155
4959 "SYS_156",
4960 "SYS_157",
4961 "SYS_158",
4962 "SYS_159",
4963 "SYS_160",
4964 "SYS_getfh", //161
4965 "SYS_162",
4966 "SYS_163",
4967 "SYS_164",
4968 "SYS_sysarch", //165
4969 "SYS_166",
4970 "SYS_167",
4971 "SYS_168",
4972 "SYS_169",
4973 "SYS_170",
4974 "SYS_171",
4975 "SYS_172",
4976 "SYS_pread", //173
4977 "SYS_pwrite", //174
4978 "SYS_175",
4979 "SYS_176",
4980 "SYS_177",
4981 "SYS_178",
4982 "SYS_179",
4983 "SYS_180",
4984 "SYS_setgid", //181
4985 "SYS_setegid", //182
4986 "SYS_seteuid", //183
4987 "SYS_lfs_bmapv", //184
4988 "SYS_lfs_markv", //185
4989 "SYS_lfs_segclean", //186
4990 "SYS_lfs_segwait", //187
4991 "SYS_188",
4992 "SYS_189",
4993 "SYS_190",
4994 "SYS_pathconf", //191
4995 "SYS_fpathconf", //192
4996 "SYS_swapctl", //193
4997 "SYS_getrlimit", //194
4998 "SYS_setrlimit", //195
4999 "SYS_getdirentries", //196
5000 "SYS_mmap", //197
5001 "SYS___syscall", //198
5002 "SYS_lseek", //199
5003 "SYS_truncate", //200
5004 "SYS_ftruncate", //201
5005 "SYS___sysctl", //202
5006 "SYS_mlock", //203
5007 "SYS_munlock", //204
5008 "SYS_205",
5009 "SYS_futimes", //206
5010 "SYS_getpgid", //207
5011 "SYS_xfspioctl", //208
5012 "SYS_209",
5013 "SYS_210",
5014 "SYS_211",
5015 "SYS_212",
5016 "SYS_213",
5017 "SYS_214",
5018 "SYS_215",
5019 "SYS_216",
5020 "SYS_217",
5021 "SYS_218",
5022 "SYS_219",
5023 "SYS_220",
5024 "SYS_semget", //221
5025 "SYS_222",
5026 "SYS_223",
5027 "SYS_224",
5028 "SYS_msgget", //225
5029 "SYS_msgsnd", //226
5030 "SYS_msgrcv", //227
5031 "SYS_shmat", //228
5032 "SYS_229",
5033 "SYS_shmdt", //230
5034 "SYS_231",
5035 "SYS_clock_gettime", //232
5036 "SYS_clock_settime", //233
5037 "SYS_clock_getres", //234
5038 "SYS_235",
5039 "SYS_236",
5040 "SYS_237",
5041 "SYS_238",
5042 "SYS_239",
5043 "SYS_nanosleep", //240
5044 "SYS_241",
5045 "SYS_242",
5046 "SYS_243",
5047 "SYS_244",
5048 "SYS_245",
5049 "SYS_246",
5050 "SYS_247",
5051 "SYS_248",
5052 "SYS_249",
5053 "SYS_minherit", //250
5054 "SYS_rfork", //251
5055 "SYS_poll", //252
5056 "SYS_issetugid", //253
5057 "SYS_lchown", //254
5058 "SYS_getsid", //255
5059 "SYS_msync", //256
5060 "SYS_257",
5061 "SYS_258",
5062 "SYS_259",
5063 "SYS_getfsstat", //260
5064 "SYS_statfs", //261
5065 "SYS_fstatfs", //262
5066 "SYS_pipe", //263
5067 "SYS_fhopen", //264
5068 "SYS_265",
5069 "SYS_fhstatfs", //266
5070 "SYS_preadv", //267
5071 "SYS_pwritev", //268
5072 "SYS_kqueue", //269
5073 "SYS_kevent", //270
5074 "SYS_mlockall", //271
5075 "SYS_munlockall", //272
5076 "SYS_getpeereid", //273
5077 "SYS_274",
5078 "SYS_275",
5079 "SYS_276",
5080 "SYS_277",
5081 "SYS_278",
5082 "SYS_279",
5083 "SYS_280",
5084 "SYS_getresuid", //281
5085 "SYS_setresuid", //282
5086 "SYS_getresgid", //283
5087 "SYS_setresgid", //284
5088 "SYS_285",
5089 "SYS_mquery", //286
5090 "SYS_closefrom", //287
5091 "SYS_sigaltstack", //288
5092 "SYS_shmget", //289
5093 "SYS_semop", //290
5094 "SYS_stat", //291
5095 "SYS_fstat", //292
5096 "SYS_lstat", //293
5097 "SYS_fhstat", //294
5098 "SYS___semctl", //295
5099 "SYS_shmctl", //296
5100 "SYS_msgctl", //297
5101 "SYS_MAXSYSCALL", //298
5102 //299
5103 //300
5104 };
5105 uint32_t uEAX;
5106 if (!LogIsEnabled())
5107 return;
5108 uEAX = CPUMGetGuestEAX(pVCpu);
5109 switch (uEAX)
5110 {
5111 default:
5112 if (uEAX < RT_ELEMENTS(apsz))
5113 {
5114 uint32_t au32Args[8] = {0};
5115 PGMPhysSimpleReadGCPtr(pVCpu, au32Args, CPUMGetGuestESP(pVCpu), sizeof(au32Args));
5116 RTLogPrintf("REM: OpenBSD syscall %3d: %s (eip=%08x %08x %08x %08x %08x %08x %08x %08x %08x)\n",
5117 uEAX, apsz[uEAX], CPUMGetGuestEIP(pVCpu), au32Args[0], au32Args[1], au32Args[2], au32Args[3],
5118 au32Args[4], au32Args[5], au32Args[6], au32Args[7]);
5119 }
5120 else
5121 RTLogPrintf("eip=%08x: OpenBSD syscall %d (#%x) unknown!!\n", CPUMGetGuestEIP(pVCpu), uEAX, uEAX);
5122 break;
5123 }
5124}
5125
5126
5127#if defined(IPRT_NO_CRT) && defined(RT_OS_WINDOWS) && defined(RT_ARCH_X86)
5128/**
5129 * The Dll main entry point (stub).
5130 */
5131bool __stdcall _DllMainCRTStartup(void *hModule, uint32_t dwReason, void *pvReserved)
5132{
5133 return true;
5134}
5135
5136void *memcpy(void *dst, const void *src, size_t size)
5137{
5138 uint8_t*pbDst = dst, *pbSrc = src;
5139 while (size-- > 0)
5140 *pbDst++ = *pbSrc++;
5141 return dst;
5142}
5143
5144#endif
5145
5146void cpu_smm_update(CPUState *env)
5147{
5148}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette