VirtualBox

source: vbox/trunk/src/VBox/VMM/VMMAll/DBGFAll.cpp@ 106362

Last change on this file since 106362 was 106362, checked in by vboxsync, 6 weeks ago

VMM/DBGF: Prepare DBGF to support ARMv8/A64 style breakpoints for the VMM debugger. This converts the x86 centric int3 naming to software breakpoint, bugref:10393

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id Revision
File size: 29.0 KB
Line 
1/* $Id: DBGFAll.cpp 106362 2024-10-16 13:08:09Z vboxsync $ */
2/** @file
3 * DBGF - Debugger Facility, All Context Code.
4 */
5
6/*
7 * Copyright (C) 2006-2024 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * SPDX-License-Identifier: GPL-3.0-only
26 */
27
28
29/*********************************************************************************************************************************
30* Header Files *
31*********************************************************************************************************************************/
32#define LOG_GROUP LOG_GROUP_DBGF
33#define VMCPU_INCL_CPUM_GST_CTX
34#include <VBox/vmm/dbgf.h>
35#include "DBGFInternal.h"
36#include <VBox/vmm/cpum.h>
37#include <VBox/vmm/vmcc.h>
38#include <VBox/err.h>
39#include <iprt/assert.h>
40#include <iprt/asm.h>
41#include <iprt/stdarg.h>
42
43
44/*
45 * Check the read-only VM members.
46 */
47AssertCompileMembersSameSizeAndOffset(VM, dbgf.s.bmSoftIntBreakpoints, VM, dbgf.ro.bmSoftIntBreakpoints);
48AssertCompileMembersSameSizeAndOffset(VM, dbgf.s.bmHardIntBreakpoints, VM, dbgf.ro.bmHardIntBreakpoints);
49AssertCompileMembersSameSizeAndOffset(VM, dbgf.s.bmSelectedEvents, VM, dbgf.ro.bmSelectedEvents);
50AssertCompileMembersSameSizeAndOffset(VM, dbgf.s.cHardIntBreakpoints, VM, dbgf.ro.cHardIntBreakpoints);
51AssertCompileMembersSameSizeAndOffset(VM, dbgf.s.cSoftIntBreakpoints, VM, dbgf.ro.cSoftIntBreakpoints);
52AssertCompileMembersSameSizeAndOffset(VM, dbgf.s.cSelectedEvents, VM, dbgf.ro.cSelectedEvents);
53
54#if !defined(VBOX_VMM_TARGET_ARMV8)
55
56
57/**
58 * Gets the hardware breakpoint configuration as DR7.
59 *
60 * @returns DR7 from the DBGF point of view.
61 * @param pVM The cross context VM structure.
62 */
63VMM_INT_DECL(RTGCUINTREG) DBGFBpGetDR7(PVM pVM)
64{
65 RTGCUINTREG uDr7 = X86_DR7_GD | X86_DR7_GE | X86_DR7_LE | X86_DR7_RA1_MASK;
66 for (uint32_t i = 0; i < RT_ELEMENTS(pVM->dbgf.s.aHwBreakpoints); i++)
67 {
68 if ( pVM->dbgf.s.aHwBreakpoints[i].fEnabled
69 && pVM->dbgf.s.aHwBreakpoints[i].hBp != NIL_DBGFBP)
70 {
71 static const uint8_t s_au8Sizes[8] =
72 {
73 X86_DR7_LEN_BYTE, X86_DR7_LEN_BYTE, X86_DR7_LEN_WORD, X86_DR7_LEN_BYTE,
74 X86_DR7_LEN_DWORD,X86_DR7_LEN_BYTE, X86_DR7_LEN_BYTE, X86_DR7_LEN_QWORD
75 };
76 uDr7 |= X86_DR7_G(i)
77 | X86_DR7_RW(i, pVM->dbgf.s.aHwBreakpoints[i].fType)
78 | X86_DR7_LEN(i, s_au8Sizes[pVM->dbgf.s.aHwBreakpoints[i].cb]);
79 }
80 }
81 return uDr7;
82}
83
84
85/**
86 * Gets the address of the hardware breakpoint number 0.
87 *
88 * @returns DR0 from the DBGF point of view.
89 * @param pVM The cross context VM structure.
90 */
91VMM_INT_DECL(RTGCUINTREG) DBGFBpGetDR0(PVM pVM)
92{
93 return pVM->dbgf.s.aHwBreakpoints[0].GCPtr;
94}
95
96
97/**
98 * Gets the address of the hardware breakpoint number 1.
99 *
100 * @returns DR1 from the DBGF point of view.
101 * @param pVM The cross context VM structure.
102 */
103VMM_INT_DECL(RTGCUINTREG) DBGFBpGetDR1(PVM pVM)
104{
105 return pVM->dbgf.s.aHwBreakpoints[1].GCPtr;
106}
107
108
109/**
110 * Gets the address of the hardware breakpoint number 2.
111 *
112 * @returns DR2 from the DBGF point of view.
113 * @param pVM The cross context VM structure.
114 */
115VMM_INT_DECL(RTGCUINTREG) DBGFBpGetDR2(PVM pVM)
116{
117 return pVM->dbgf.s.aHwBreakpoints[2].GCPtr;
118}
119
120
121/**
122 * Gets the address of the hardware breakpoint number 3.
123 *
124 * @returns DR3 from the DBGF point of view.
125 * @param pVM The cross context VM structure.
126 */
127VMM_INT_DECL(RTGCUINTREG) DBGFBpGetDR3(PVM pVM)
128{
129 return pVM->dbgf.s.aHwBreakpoints[3].GCPtr;
130}
131
132
133/**
134 * Checks if any of the hardware breakpoints are armed.
135 *
136 * @returns true if armed, false if not.
137 * @param pVM The cross context VM structure.
138 * @remarks Don't call this from CPUMRecalcHyperDRx!
139 */
140VMM_INT_DECL(bool) DBGFBpIsHwArmed(PVM pVM)
141{
142 return pVM->dbgf.s.cEnabledHwBreakpoints > 0;
143}
144
145
146/**
147 * Checks if any of the hardware I/O breakpoints are armed.
148 *
149 * @returns true if armed, false if not.
150 * @param pVM The cross context VM structure.
151 * @remarks Don't call this from CPUMRecalcHyperDRx!
152 */
153VMM_INT_DECL(bool) DBGFBpIsHwIoArmed(PVM pVM)
154{
155 return pVM->dbgf.s.cEnabledHwIoBreakpoints > 0;
156}
157
158
159/**
160 * Checks if any INT3 breakpoints are armed.
161 *
162 * @returns true if armed, false if not.
163 * @param pVM The cross context VM structure.
164 * @remarks Don't call this from CPUMRecalcHyperDRx!
165 */
166VMM_INT_DECL(bool) DBGFBpIsInt3Armed(PVM pVM)
167{
168 /** @todo There was a todo here and returning false when I (bird) removed
169 * VBOX_WITH_LOTS_OF_DBGF_BPS, so this might not be correct. */
170 return pVM->dbgf.s.cEnabledSwBreakpoints > 0;
171}
172
173
174/**
175 * Checks instruction boundrary for guest or hypervisor hardware breakpoints.
176 *
177 * @returns Strict VBox status code. May return DRx register import errors in
178 * addition to the ones detailed.
179 * @retval VINF_SUCCESS no breakpoint.
180 * @retval VINF_EM_DBG_BREAKPOINT hypervisor breakpoint triggered.
181 * @retval VINF_EM_RAW_GUEST_TRAP caller must trigger \#DB trap, DR6 and DR7
182 * have been updated appropriately.
183 *
184 * @param pVM The cross context VM structure.
185 * @param pVCpu The cross context virtual CPU structure of the calling EMT.
186 * @param GCPtrPC The unsegmented PC address.
187 * @param fCheckGuest Whether to include guest breakpoints or not.
188 */
189VMM_INT_DECL(VBOXSTRICTRC) DBGFBpCheckInstruction(PVMCC pVM, PVMCPUCC pVCpu, RTGCPTR GCPtrPC, bool fCheckGuest)
190{
191 CPUM_ASSERT_NOT_EXTRN(pVCpu, CPUMCTX_EXTRN_DR7);
192
193 /*
194 * Check hyper breakpoints first as the VMM debugger has priority over
195 * the guest.
196 */
197 /** @todo we need some kind of resume flag for these. */
198 if (pVM->dbgf.s.cEnabledHwBreakpoints > 0)
199 for (unsigned iBp = 0; iBp < RT_ELEMENTS(pVM->dbgf.s.aHwBreakpoints); iBp++)
200 {
201 if ( pVM->dbgf.s.aHwBreakpoints[iBp].GCPtr != GCPtrPC
202 || pVM->dbgf.s.aHwBreakpoints[iBp].fType != X86_DR7_RW_EO
203 || pVM->dbgf.s.aHwBreakpoints[iBp].cb != 1
204 || !pVM->dbgf.s.aHwBreakpoints[iBp].fEnabled
205 || pVM->dbgf.s.aHwBreakpoints[iBp].hBp == NIL_DBGFBP)
206 { /*likely*/ }
207 else
208 {
209 /* (See also DBGFRZTrap01Handler.) */
210 pVCpu->dbgf.s.hBpActive = pVM->dbgf.s.aHwBreakpoints[iBp].hBp;
211 pVCpu->dbgf.s.fSingleSteppingRaw = false;
212
213 LogFlow(("DBGFBpCheckInstruction: hit hw breakpoint %u at %04x:%RGv (%RGv)\n",
214 iBp, pVCpu->cpum.GstCtx.cs.Sel, pVCpu->cpum.GstCtx.rip, GCPtrPC));
215 return VINF_EM_DBG_BREAKPOINT;
216 }
217 }
218
219 /*
220 * Check the guest.
221 */
222 if (fCheckGuest)
223 {
224 uint32_t const fDr7 = (uint32_t)pVCpu->cpum.GstCtx.dr[7];
225 if (X86_DR7_ANY_EO_ENABLED(fDr7) && !pVCpu->cpum.GstCtx.eflags.Bits.u1RF)
226 {
227 /*
228 * The CPU (10980XE & 6700K at least) will set the DR6.BPx bits for any
229 * DRx that matches the current PC and is configured as an execution
230 * breakpoint (RWx=EO, LENx=1byte). They don't have to be enabled,
231 * however one that is enabled must match for the #DB to be raised and
232 * DR6 to be modified, of course.
233 */
234 CPUM_IMPORT_EXTRN_RET(pVCpu, CPUMCTX_EXTRN_DR0_DR3);
235 uint32_t fMatched = 0;
236 uint32_t fEnabled = 0;
237 for (unsigned iBp = 0, uBpMask = 1; iBp < 4; iBp++, uBpMask <<= 1)
238 if (X86_DR7_IS_EO_CFG(fDr7, iBp))
239 {
240 if (fDr7 & X86_DR7_L_G(iBp))
241 fEnabled |= uBpMask;
242 if (pVCpu->cpum.GstCtx.dr[iBp] == GCPtrPC)
243 fMatched |= uBpMask;
244 }
245 if (!(fEnabled & fMatched))
246 { /*likely*/ }
247 else
248 {
249 /*
250 * Update DR6 and DR7.
251 *
252 * See "AMD64 Architecture Programmer's Manual Volume 2", chapter
253 * 13.1.1.3 for details on DR6 bits. The basics is that the B0..B3
254 * bits are always cleared while the others must be cleared by software.
255 *
256 * The following sub chapters says the GD bit is always cleared when
257 * generating a #DB so the handler can safely access the debug registers.
258 */
259 CPUM_IMPORT_EXTRN_RET(pVCpu, CPUMCTX_EXTRN_DR6);
260 pVCpu->cpum.GstCtx.dr[6] &= ~X86_DR6_B_MASK;
261 if (pVM->cpum.ro.GuestFeatures.enmCpuVendor != CPUMCPUVENDOR_INTEL)
262 pVCpu->cpum.GstCtx.dr[6] |= fMatched & fEnabled;
263 else
264 pVCpu->cpum.GstCtx.dr[6] |= fMatched; /* Intel: All matched, regardless of whether they're enabled or not */
265 pVCpu->cpum.GstCtx.dr[7] &= ~X86_DR7_GD;
266 LogFlow(("DBGFBpCheckInstruction: hit hw breakpoints %#x at %04x:%RGv (%RGv)\n",
267 fMatched, pVCpu->cpum.GstCtx.cs.Sel, pVCpu->cpum.GstCtx.rip, GCPtrPC));
268 return VINF_EM_RAW_GUEST_TRAP;
269 }
270 }
271 }
272 return VINF_SUCCESS;
273}
274
275
276/**
277 * Common worker for DBGFBpCheckDataRead and DBGFBpCheckDataWrite.
278 */
279template<bool const a_fRead>
280DECL_FORCE_INLINE(uint32_t) dbgfBpCheckData(PVMCC pVM, PVMCPUCC pVCpu, RTGCPTR GCPtrAccess, uint32_t cbAccess, bool fSysAccess)
281{
282 AssertCompile((X86_DR7_RW_RW & 1) && (X86_DR7_RW_WO & 1));
283 CPUM_ASSERT_NOT_EXTRN(pVCpu, CPUMCTX_EXTRN_DR7);
284
285 uint32_t fRet = 0;
286 RTGCPTR const GCPtrAccessPfn = GCPtrAccess >> GUEST_PAGE_SHIFT;
287 Assert(((GCPtrAccess + cbAccess - 1) >> GUEST_PAGE_SHIFT) == GCPtrAccessPfn); /* No page crossing expected here! */
288
289 /*
290 * Check hyper breakpoints first as the VMM debugger has priority over
291 * the guest.
292 */
293 if (pVM->dbgf.s.cEnabledHwBreakpoints > 0)
294 for (unsigned iBp = 0; iBp < RT_ELEMENTS(pVM->dbgf.s.aHwBreakpoints); iBp++)
295 {
296 if ( (pVM->dbgf.s.aHwBreakpoints[iBp].GCPtr >> GUEST_PAGE_SHIFT) != GCPtrAccessPfn
297 || ( a_fRead
298 ? pVM->dbgf.s.aHwBreakpoints[iBp].fType != X86_DR7_RW_RW
299 : !(pVM->dbgf.s.aHwBreakpoints[iBp].fType & 1))
300 || pVM->dbgf.s.aHwBreakpoints[iBp].cb != 0
301 || !pVM->dbgf.s.aHwBreakpoints[iBp].fEnabled
302 || pVM->dbgf.s.aHwBreakpoints[iBp].hBp == NIL_DBGFBP)
303 { /*likely*/ }
304 else
305 {
306 /* The page is of interest. */
307 AssertCompile(!((CPUMCTX_DBG_HIT_DRX_MASK | CPUMCTX_DBG_DBGF_MASK) & UINT32_C(1)));
308 fRet |= UINT32_C(1);
309
310 /* If the access overlapping the breakpoint area, we have a hit. */
311 if ( GCPtrAccess < pVM->dbgf.s.aHwBreakpoints[iBp].GCPtr + pVM->dbgf.s.aHwBreakpoints[iBp].cb
312 && GCPtrAccess + cbAccess > pVM->dbgf.s.aHwBreakpoints[iBp].GCPtr)
313 {
314 pVCpu->dbgf.s.hBpActive = pVM->dbgf.s.aHwBreakpoints[iBp].hBp; /* ? */
315 pVCpu->dbgf.s.fSingleSteppingRaw = false;
316 LogFlow(("DBGFBpCheckData%s: hit hw breakpoint %u when accessing %RGv LB %#x\n",
317 a_fRead ? "Read" : "Write", iBp, GCPtrAccess, cbAccess));
318 fRet |= CPUMCTX_DBG_DBGF_BP;
319 }
320 }
321 }
322
323 /*
324 * Check the guest.
325 */
326 uint32_t const fDr7 = (uint32_t)pVCpu->cpum.GstCtx.dr[7];
327 if ( (a_fRead ? X86_DR7_ANY_RW_ENABLED(fDr7) : X86_DR7_ANY_W_ENABLED(fDr7))
328 && !pVCpu->cpum.GstCtx.eflags.Bits.u1RF)
329 {
330 /* This is a bit suboptimal... Need a NORET variant. */
331 int rcIgn = VINF_SUCCESS;
332 CPUM_IMPORT_EXTRN_RCSTRICT(pVCpu, CPUMCTX_EXTRN_DR0_DR3, rcIgn);
333 RT_NOREF(rcIgn);
334
335 /** @todo Not sure what exactly intel and amd CPUs does here wrt disabled
336 * breakpoint configurations. We need a testcase for this. Following
337 * the guidelines of the execution breakpoints for now and making
338 * intel CPUs set status flags regardless of enabled or not. */
339 uint32_t fMatched = 0;
340 uint32_t fEnabled = 0;
341 for (uint32_t iBp = 0, fBpMask = CPUMCTX_DBG_HIT_DR0, fDr7Cfg = fDr7 >> 16, fDr7En = fDr7;
342 iBp < 4;
343 iBp++, fBpMask <<= 1, fDr7Cfg >>= 4, fDr7En >>= 2)
344 if ( (a_fRead ? (fDr7Cfg & 3) == X86_DR7_RW_RW : (fDr7Cfg & 1) != 0)
345 && (pVCpu->cpum.GstCtx.dr[iBp] >> GUEST_PAGE_SHIFT) == GCPtrAccessPfn)
346 {
347 if (fDr7En & 3)
348 {
349 fEnabled |= fBpMask;
350 fRet |= UINT32_C(1);
351 }
352 static uint8_t const s_acbBp[] = { 1, 2, 8, 4 };
353 uint8_t const cbBp = s_acbBp[(fDr7Cfg >> 2) & 3];
354 if ( GCPtrAccess < pVCpu->cpum.GstCtx.dr[iBp] + cbBp
355 && GCPtrAccess + cbAccess > pVCpu->cpum.GstCtx.dr[iBp])
356 fMatched |= fBpMask;
357 }
358 if (!(fEnabled & fMatched))
359 { /*likely*/ }
360 else
361 {
362 if (pVM->cpum.ro.GuestFeatures.enmCpuVendor != CPUMCPUVENDOR_INTEL)
363 fRet |= fMatched & fEnabled;
364 else if (!fSysAccess)
365 fRet |= fMatched;
366 else
367 fRet |= CPUMCTX_DBG_HIT_DRX_SILENT; /* see bs3-cpu-weird-1 for special intel behviour */
368 LogFlow(("DBGFBpCheckData%s: hit hw breakpoints %#x (fRet=%#x) when accessing %RGv LB %#x\n",
369 a_fRead ? "Read" : "Write", fMatched, fRet, GCPtrAccess, cbAccess));
370 }
371 }
372
373 return fRet;
374}
375
376
377/**
378 * Checks read data access for guest or hypervisor hardware breakpoints.
379 *
380 * @returns Anything in CPUMCTX_DBG_HIT_DRX_MASK and CPUMCTX_DBG_DBGF_MASK if
381 * there is a hit, zero or one if no hit. Bit 0 is set if the page
382 * being accessed has a data breakpoint associated with it and needs
383 * special handling.
384 *
385 * @param pVM The cross context VM structure.
386 * @param pVCpu The cross context virtual CPU structure of the calling EMT.
387 * @param GCPtrAccess The address being accessed.
388 * @param cbAccess The size of the access. Must not cross a page
389 * boundrary.
390 * @param fSysAccess Set if a system access, like GDT, LDT or IDT.
391 */
392VMM_INT_DECL(uint32_t) DBGFBpCheckDataRead(PVMCC pVM, PVMCPUCC pVCpu, RTGCPTR GCPtrAccess, uint32_t cbAccess, bool fSysAccess)
393{
394 return dbgfBpCheckData<true /*a_fRead*/>(pVM, pVCpu, GCPtrAccess, cbAccess, fSysAccess);
395}
396
397
398/**
399 * Checks read data access for guest or hypervisor hardware breakpoints.
400 *
401 * @returns Anything in CPUMCTX_DBG_DBGF_MASK if there is a hit, zero or one if
402 * no hit. Bit 0 is set if the page being accessed has a data
403 * breakpoint associated with it and needs special handling.
404 *
405 * @param pVM The cross context VM structure.
406 * @param pVCpu The cross context virtual CPU structure of the calling EMT.
407 * @param GCPtrAccess The address being accessed.
408 * @param cbAccess The size of the access. Must not cross a page
409 * boundrary.
410 * @param fSysAccess Set if a system access, like GDT, LDT or IDT.
411 */
412VMM_INT_DECL(uint32_t) DBGFBpCheckDataWrite(PVMCC pVM, PVMCPUCC pVCpu, RTGCPTR GCPtrAccess, uint32_t cbAccess, bool fSysAccess)
413{
414 return dbgfBpCheckData<false /*a_fRead*/>(pVM, pVCpu, GCPtrAccess, cbAccess, fSysAccess);
415}
416
417
418/**
419 * Checks I/O access for guest or hypervisor hardware breakpoints.
420 *
421 * @returns Strict VBox status code
422 * @retval VINF_SUCCESS no breakpoint.
423 * @retval VINF_EM_DBG_BREAKPOINT hypervisor breakpoint triggered.
424 * @retval VINF_EM_RAW_GUEST_TRAP guest breakpoint triggered, DR6 and DR7 have
425 * been updated appropriately.
426 *
427 * @param pVM The cross context VM structure.
428 * @param pVCpu The cross context virtual CPU structure of the calling EMT.
429 * @param pCtx The CPU context for the calling EMT.
430 * @param uIoPort The I/O port being accessed.
431 * @param cbValue The size/width of the access, in bytes.
432 */
433VMM_INT_DECL(VBOXSTRICTRC) DBGFBpCheckIo(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx, RTIOPORT uIoPort, uint8_t cbValue)
434{
435 uint32_t const uIoPortFirst = uIoPort;
436 uint32_t const uIoPortLast = uIoPortFirst + cbValue - 1;
437
438 /*
439 * Check hyper breakpoints first as the VMM debugger has priority over
440 * the guest.
441 */
442 if (pVM->dbgf.s.cEnabledHwIoBreakpoints > 0)
443 {
444 for (unsigned iBp = 0; iBp < RT_ELEMENTS(pVM->dbgf.s.aHwBreakpoints); iBp++)
445 {
446 if ( pVM->dbgf.s.aHwBreakpoints[iBp].fType == X86_DR7_RW_IO
447 && pVM->dbgf.s.aHwBreakpoints[iBp].fEnabled
448 && pVM->dbgf.s.aHwBreakpoints[iBp].hBp != NIL_DBGFBP)
449 {
450 uint8_t cbReg = pVM->dbgf.s.aHwBreakpoints[iBp].cb; Assert(RT_IS_POWER_OF_TWO(cbReg));
451 uint64_t uDrXFirst = pVM->dbgf.s.aHwBreakpoints[iBp].GCPtr & ~(uint64_t)(cbReg - 1);
452 uint64_t uDrXLast = uDrXFirst + cbReg - 1;
453 if (uDrXFirst <= uIoPortLast && uDrXLast >= uIoPortFirst)
454 {
455 /* (See also DBGFRZTrap01Handler.) */
456 pVCpu->dbgf.s.hBpActive = pVM->dbgf.s.aHwBreakpoints[iBp].hBp;
457 pVCpu->dbgf.s.fSingleSteppingRaw = false;
458
459 LogFlow(("DBGFBpCheckIo: hit hw breakpoint %d at %04x:%RGv (iop %#x)\n",
460 iBp, pCtx->cs.Sel, pCtx->rip, uIoPort));
461 return VINF_EM_DBG_BREAKPOINT;
462 }
463 }
464 }
465 }
466
467 /*
468 * Check the guest.
469 */
470 uint32_t const uDr7 = pCtx->dr[7];
471 if ( (uDr7 & X86_DR7_ENABLED_MASK)
472 && X86_DR7_ANY_RW_IO(uDr7)
473 && (pCtx->cr4 & X86_CR4_DE) )
474 {
475 for (unsigned iBp = 0; iBp < 4; iBp++)
476 {
477 if ( (uDr7 & X86_DR7_L_G(iBp))
478 && X86_DR7_GET_RW(uDr7, iBp) == X86_DR7_RW_IO)
479 {
480 /* ASSUME the breakpoint and the I/O width qualifier uses the same encoding (1 2 x 4). */
481 static uint8_t const s_abInvAlign[4] = { 0, 1, 7, 3 };
482 uint8_t cbInvAlign = s_abInvAlign[X86_DR7_GET_LEN(uDr7, iBp)];
483 uint64_t uDrXFirst = pCtx->dr[iBp] & ~(uint64_t)cbInvAlign;
484 uint64_t uDrXLast = uDrXFirst + cbInvAlign;
485
486 if (uDrXFirst <= uIoPortLast && uDrXLast >= uIoPortFirst)
487 {
488 /*
489 * Update DR6 and DR7.
490 *
491 * See "AMD64 Architecture Programmer's Manual Volume 2",
492 * chapter 13.1.1.3 for details on DR6 bits. The basics is
493 * that the B0..B3 bits are always cleared while the others
494 * must be cleared by software.
495 *
496 * The following sub chapters says the GD bit is always
497 * cleared when generating a #DB so the handler can safely
498 * access the debug registers.
499 */
500 pCtx->dr[6] &= ~X86_DR6_B_MASK;
501 pCtx->dr[6] |= X86_DR6_B(iBp);
502 pCtx->dr[7] &= ~X86_DR7_GD;
503 LogFlow(("DBGFBpCheckIo: hit hw breakpoint %d at %04x:%RGv (iop %#x)\n",
504 iBp, pCtx->cs.Sel, pCtx->rip, uIoPort));
505 return VINF_EM_RAW_GUEST_TRAP;
506 }
507 }
508 }
509 }
510 return VINF_SUCCESS;
511}
512
513
514/**
515 * Checks I/O access for guest or hypervisor hardware breakpoints.
516 *
517 * Caller must make sure DR0-3 and DR7 are present in the CPU context before
518 * calling this function.
519 *
520 * @returns CPUMCTX_DBG_DBGF_BP, CPUMCTX_DBG_HIT_DRX_MASK, or 0 (no match).
521 *
522 * @param pVM The cross context VM structure.
523 * @param pVCpu The cross context virtual CPU structure of the calling EMT.
524 * @param uIoPort The I/O port being accessed.
525 * @param cbValue The size/width of the access, in bytes.
526 */
527VMM_INT_DECL(uint32_t) DBGFBpCheckIo2(PVMCC pVM, PVMCPUCC pVCpu, RTIOPORT uIoPort, uint8_t cbValue)
528{
529 uint32_t const uIoPortFirst = uIoPort;
530 uint32_t const uIoPortLast = uIoPortFirst + cbValue - 1;
531
532 /*
533 * Check hyper breakpoints first as the VMM debugger has priority over
534 * the guest.
535 */
536 if (pVM->dbgf.s.cEnabledHwIoBreakpoints > 0)
537 for (unsigned iBp = 0; iBp < RT_ELEMENTS(pVM->dbgf.s.aHwBreakpoints); iBp++)
538 {
539 if ( pVM->dbgf.s.aHwBreakpoints[iBp].fType == X86_DR7_RW_IO
540 && pVM->dbgf.s.aHwBreakpoints[iBp].fEnabled
541 && pVM->dbgf.s.aHwBreakpoints[iBp].hBp != NIL_DBGFBP)
542 {
543 uint8_t cbReg = pVM->dbgf.s.aHwBreakpoints[iBp].cb; Assert(RT_IS_POWER_OF_TWO(cbReg));
544 uint64_t uDrXFirst = pVM->dbgf.s.aHwBreakpoints[iBp].GCPtr & ~(uint64_t)(cbReg - 1);
545 uint64_t uDrXLast = uDrXFirst + cbReg - 1;
546 if (uDrXFirst <= uIoPortLast && uDrXLast >= uIoPortFirst)
547 {
548 /* (See also DBGFRZTrap01Handler.) */
549 pVCpu->dbgf.s.hBpActive = pVM->dbgf.s.aHwBreakpoints[iBp].hBp;
550 pVCpu->dbgf.s.fSingleSteppingRaw = false;
551
552 LogFlow(("DBGFBpCheckIo2: hit hw breakpoint %d at %04x:%RGv (iop %#x L %u)\n",
553 iBp, pVCpu->cpum.GstCtx.cs.Sel, pVCpu->cpum.GstCtx.rip, uIoPort, cbValue));
554 return CPUMCTX_DBG_DBGF_BP;
555 }
556 }
557 }
558
559 /*
560 * Check the guest.
561 */
562 uint32_t const fDr7 = pVCpu->cpum.GstCtx.dr[7];
563 if ( (fDr7 & X86_DR7_ENABLED_MASK)
564 && X86_DR7_ANY_RW_IO(fDr7)
565 && (pVCpu->cpum.GstCtx.cr4 & X86_CR4_DE) )
566 {
567 uint32_t fEnabled = 0;
568 uint32_t fMatched = 0;
569 for (unsigned iBp = 0, uBpMask = 1; iBp < 4; iBp++, uBpMask <<= 1)
570 {
571 if (fDr7 & X86_DR7_L_G(iBp))
572 fEnabled |= uBpMask;
573 if (X86_DR7_GET_RW(fDr7, iBp) == X86_DR7_RW_IO)
574 {
575 /* ASSUME the breakpoint and the I/O width qualifier uses the same encoding (1 2 x 4). */
576 static uint8_t const s_abInvAlign[4] = { 0, 1, 7, 3 };
577 uint8_t const cbInvAlign = s_abInvAlign[X86_DR7_GET_LEN(fDr7, iBp)];
578 uint64_t const uDrXFirst = pVCpu->cpum.GstCtx.dr[iBp] & ~(uint64_t)cbInvAlign;
579 uint64_t const uDrXLast = uDrXFirst + cbInvAlign;
580 if (uDrXFirst <= uIoPortLast && uDrXLast >= uIoPortFirst)
581 fMatched |= uBpMask;
582 }
583 }
584 if (fEnabled & fMatched)
585 {
586 LogFlow(("DBGFBpCheckIo2: hit hw breakpoint %#x at %04x:%RGv (iop %#x L %u)\n",
587 fMatched, pVCpu->cpum.GstCtx.cs.Sel, pVCpu->cpum.GstCtx.rip, uIoPort, cbValue));
588 return fMatched << CPUMCTX_DBG_HIT_DRX_SHIFT;
589 }
590 }
591
592 return 0;
593}
594
595#endif /* !VBOX_VMM_TARGET_ARMV8 */
596
597/**
598 * Returns the single stepping state for a virtual CPU.
599 *
600 * @returns stepping (true) or not (false).
601 *
602 * @param pVCpu The cross context virtual CPU structure.
603 */
604VMM_INT_DECL(bool) DBGFIsStepping(PVMCPU pVCpu)
605{
606 return pVCpu->dbgf.s.fSingleSteppingRaw;
607}
608
609
610/**
611 * Checks if the specified generic event is enabled or not.
612 *
613 * @returns true / false.
614 * @param pVM The cross context VM structure.
615 * @param enmEvent The generic event being raised.
616 * @param uEventArg The argument of that event.
617 */
618DECLINLINE(bool) dbgfEventIsGenericWithArgEnabled(PVM pVM, DBGFEVENTTYPE enmEvent, uint64_t uEventArg)
619{
620 if (DBGF_IS_EVENT_ENABLED(pVM, enmEvent))
621 {
622 switch (enmEvent)
623 {
624 case DBGFEVENT_INTERRUPT_HARDWARE:
625 AssertReturn(uEventArg < 256, false);
626 return ASMBitTest(pVM->dbgf.s.bmHardIntBreakpoints, (uint32_t)uEventArg);
627
628 case DBGFEVENT_INTERRUPT_SOFTWARE:
629 AssertReturn(uEventArg < 256, false);
630 return ASMBitTest(pVM->dbgf.s.bmSoftIntBreakpoints, (uint32_t)uEventArg);
631
632 default:
633 return true;
634
635 }
636 }
637 return false;
638}
639
640
641/**
642 * Raises a generic debug event if enabled and not being ignored.
643 *
644 * @returns Strict VBox status code.
645 * @retval VINF_EM_DBG_EVENT if the event was raised and the caller should
646 * return ASAP to the debugger (via EM). We set VMCPU_FF_DBGF so, it
647 * is okay not to pass this along in some situations.
648 * @retval VINF_SUCCESS if the event was disabled or ignored.
649 *
650 * @param pVM The cross context VM structure.
651 * @param pVCpu The cross context virtual CPU structure.
652 * @param enmEvent The generic event being raised.
653 * @param enmCtx The context in which this event is being raised.
654 * @param cArgs Number of arguments (0 - 6).
655 * @param ... Event arguments.
656 *
657 * @thread EMT(pVCpu)
658 */
659VMM_INT_DECL(VBOXSTRICTRC) DBGFEventGenericWithArgs(PVM pVM, PVMCPU pVCpu, DBGFEVENTTYPE enmEvent, DBGFEVENTCTX enmCtx,
660 unsigned cArgs, ...)
661{
662 Assert(cArgs < RT_ELEMENTS(pVCpu->dbgf.s.aEvents[0].Event.u.Generic.auArgs));
663
664 /*
665 * Is it enabled.
666 */
667 va_list va;
668 va_start(va, cArgs);
669 uint64_t uEventArg0 = cArgs ? va_arg(va, uint64_t) : 0;
670 if (dbgfEventIsGenericWithArgEnabled(pVM, enmEvent, uEventArg0))
671 {
672 /*
673 * Any events on the stack. Should the incoming event be ignored?
674 */
675#if defined(VBOX_VMM_TARGET_ARMV8)
676 uint64_t const rip = CPUMGetGuestFlatPC(pVCpu); /* rip is a misnomer but saves us #ifdef's later on. */
677#else
678 uint64_t const rip = CPUMGetGuestRIP(pVCpu);
679#endif
680 uint32_t i = pVCpu->dbgf.s.cEvents;
681 if (i > 0)
682 {
683 while (i-- > 0)
684 {
685 if ( pVCpu->dbgf.s.aEvents[i].Event.enmType == enmEvent
686 && pVCpu->dbgf.s.aEvents[i].enmState == DBGFEVENTSTATE_IGNORE
687 && pVCpu->dbgf.s.aEvents[i].rip == rip)
688 {
689 pVCpu->dbgf.s.aEvents[i].enmState = DBGFEVENTSTATE_RESTORABLE;
690 va_end(va);
691 return VINF_SUCCESS;
692 }
693 Assert(pVCpu->dbgf.s.aEvents[i].enmState != DBGFEVENTSTATE_CURRENT);
694 }
695
696 /*
697 * Trim the event stack.
698 */
699 i = pVCpu->dbgf.s.cEvents;
700 while (i-- > 0)
701 {
702 if ( pVCpu->dbgf.s.aEvents[i].rip == rip
703 && ( pVCpu->dbgf.s.aEvents[i].enmState == DBGFEVENTSTATE_RESTORABLE
704 || pVCpu->dbgf.s.aEvents[i].enmState == DBGFEVENTSTATE_IGNORE) )
705 pVCpu->dbgf.s.aEvents[i].enmState = DBGFEVENTSTATE_IGNORE;
706 else
707 {
708 if (i + 1 != pVCpu->dbgf.s.cEvents)
709 memmove(&pVCpu->dbgf.s.aEvents[i], &pVCpu->dbgf.s.aEvents[i + 1],
710 (pVCpu->dbgf.s.cEvents - i) * sizeof(pVCpu->dbgf.s.aEvents));
711 pVCpu->dbgf.s.cEvents--;
712 }
713 }
714
715 i = pVCpu->dbgf.s.cEvents;
716 AssertStmt(i < RT_ELEMENTS(pVCpu->dbgf.s.aEvents), i = RT_ELEMENTS(pVCpu->dbgf.s.aEvents) - 1);
717 }
718
719 /*
720 * Push the event.
721 */
722 pVCpu->dbgf.s.aEvents[i].enmState = DBGFEVENTSTATE_CURRENT;
723 pVCpu->dbgf.s.aEvents[i].rip = rip;
724 pVCpu->dbgf.s.aEvents[i].Event.enmType = enmEvent;
725 pVCpu->dbgf.s.aEvents[i].Event.enmCtx = enmCtx;
726 pVCpu->dbgf.s.aEvents[i].Event.u.Generic.cArgs = cArgs;
727 pVCpu->dbgf.s.aEvents[i].Event.u.Generic.auArgs[0] = uEventArg0;
728 if (cArgs > 1)
729 {
730 AssertStmt(cArgs < RT_ELEMENTS(pVCpu->dbgf.s.aEvents[i].Event.u.Generic.auArgs),
731 cArgs = RT_ELEMENTS(pVCpu->dbgf.s.aEvents[i].Event.u.Generic.auArgs));
732 for (unsigned iArg = 1; iArg < cArgs; iArg++)
733 pVCpu->dbgf.s.aEvents[i].Event.u.Generic.auArgs[iArg] = va_arg(va, uint64_t);
734 }
735 pVCpu->dbgf.s.cEvents = i + 1;
736
737 VMCPU_FF_SET(pVCpu, VMCPU_FF_DBGF);
738 va_end(va);
739 return VINF_EM_DBG_EVENT;
740 }
741
742 va_end(va);
743 return VINF_SUCCESS;
744}
745
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette