VirtualBox

source: vbox/trunk/src/recompiler/VBoxRecompiler.c@ 41849

Last change on this file since 41849 was 41675, checked in by vboxsync, 13 years ago

DIS: The start of the scoping exercise... Fixed PREFIX_ADDRSIZE that I just busted in the previous commit.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 181.6 KB
Line 
1/* $Id: VBoxRecompiler.c 41675 2012-06-12 20:27:37Z vboxsync $ */
2/** @file
3 * VBox Recompiler - QEMU.
4 */
5
6/*
7 * Copyright (C) 2006-2007 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*******************************************************************************
20* Header Files *
21*******************************************************************************/
22#define LOG_GROUP LOG_GROUP_REM
23#include <stdio.h> /* FILE */
24#include "osdep.h"
25#include "config.h"
26#include "cpu.h"
27#include "exec-all.h"
28#include "ioport.h"
29
30#include <VBox/vmm/rem.h>
31#include <VBox/vmm/vmapi.h>
32#include <VBox/vmm/tm.h>
33#include <VBox/vmm/ssm.h>
34#include <VBox/vmm/em.h>
35#include <VBox/vmm/trpm.h>
36#include <VBox/vmm/iom.h>
37#include <VBox/vmm/mm.h>
38#include <VBox/vmm/pgm.h>
39#include <VBox/vmm/pdm.h>
40#include <VBox/vmm/dbgf.h>
41#include <VBox/dbg.h>
42#include <VBox/vmm/hwaccm.h>
43#include <VBox/vmm/patm.h>
44#include <VBox/vmm/csam.h>
45#include "REMInternal.h"
46#include <VBox/vmm/vm.h>
47#include <VBox/param.h>
48#include <VBox/err.h>
49
50#include <VBox/log.h>
51#include <iprt/semaphore.h>
52#include <iprt/asm.h>
53#include <iprt/assert.h>
54#include <iprt/thread.h>
55#include <iprt/string.h>
56
57/* Don't wanna include everything. */
58extern void cpu_exec_init_all(unsigned long tb_size);
59extern void cpu_x86_update_cr3(CPUX86State *env, target_ulong new_cr3);
60extern void cpu_x86_update_cr0(CPUX86State *env, uint32_t new_cr0);
61extern void cpu_x86_update_cr4(CPUX86State *env, uint32_t new_cr4);
62extern void tlb_flush_page(CPUX86State *env, target_ulong addr);
63extern void tlb_flush(CPUX86State *env, int flush_global);
64extern void sync_seg(CPUX86State *env1, int seg_reg, int selector);
65extern void sync_ldtr(CPUX86State *env1, int selector);
66
67#ifdef VBOX_STRICT
68unsigned long get_phys_page_offset(target_ulong addr);
69#endif
70
71
72/*******************************************************************************
73* Defined Constants And Macros *
74*******************************************************************************/
75
76/** Copy 80-bit fpu register at pSrc to pDst.
77 * This is probably faster than *calling* memcpy.
78 */
79#define REM_COPY_FPU_REG(pDst, pSrc) \
80 do { *(PX86FPUMMX)(pDst) = *(const X86FPUMMX *)(pSrc); } while (0)
81
82/** How remR3RunLoggingStep operates. */
83#define REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
84
85
86/*******************************************************************************
87* Internal Functions *
88*******************************************************************************/
89static DECLCALLBACK(int) remR3Save(PVM pVM, PSSMHANDLE pSSM);
90static DECLCALLBACK(int) remR3Load(PVM pVM, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass);
91static void remR3StateUpdate(PVM pVM, PVMCPU pVCpu);
92static int remR3InitPhysRamSizeAndDirtyMap(PVM pVM, bool fGuarded);
93
94static uint32_t remR3MMIOReadU8(void *pvVM, target_phys_addr_t GCPhys);
95static uint32_t remR3MMIOReadU16(void *pvVM, target_phys_addr_t GCPhys);
96static uint32_t remR3MMIOReadU32(void *pvVM, target_phys_addr_t GCPhys);
97static void remR3MMIOWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
98static void remR3MMIOWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
99static void remR3MMIOWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
100
101static uint32_t remR3HandlerReadU8(void *pvVM, target_phys_addr_t GCPhys);
102static uint32_t remR3HandlerReadU16(void *pvVM, target_phys_addr_t GCPhys);
103static uint32_t remR3HandlerReadU32(void *pvVM, target_phys_addr_t GCPhys);
104static void remR3HandlerWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
105static void remR3HandlerWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
106static void remR3HandlerWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32);
107
108static void remR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM);
109static void remR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler);
110static void remR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM);
111
112/*******************************************************************************
113* Global Variables *
114*******************************************************************************/
115
116/** @todo Move stats to REM::s some rainy day we have nothing do to. */
117#ifdef VBOX_WITH_STATISTICS
118static STAMPROFILEADV gStatExecuteSingleInstr;
119static STAMPROFILEADV gStatCompilationQEmu;
120static STAMPROFILEADV gStatRunCodeQEmu;
121static STAMPROFILEADV gStatTotalTimeQEmu;
122static STAMPROFILEADV gStatTimers;
123static STAMPROFILEADV gStatTBLookup;
124static STAMPROFILEADV gStatIRQ;
125static STAMPROFILEADV gStatRawCheck;
126static STAMPROFILEADV gStatMemRead;
127static STAMPROFILEADV gStatMemWrite;
128static STAMPROFILE gStatGCPhys2HCVirt;
129static STAMCOUNTER gStatCpuGetTSC;
130static STAMCOUNTER gStatRefuseTFInhibit;
131static STAMCOUNTER gStatRefuseVM86;
132static STAMCOUNTER gStatRefusePaging;
133static STAMCOUNTER gStatRefusePAE;
134static STAMCOUNTER gStatRefuseIOPLNot0;
135static STAMCOUNTER gStatRefuseIF0;
136static STAMCOUNTER gStatRefuseCode16;
137static STAMCOUNTER gStatRefuseWP0;
138static STAMCOUNTER gStatRefuseRing1or2;
139static STAMCOUNTER gStatRefuseCanExecute;
140static STAMCOUNTER gStatREMGDTChange;
141static STAMCOUNTER gStatREMIDTChange;
142static STAMCOUNTER gStatREMLDTRChange;
143static STAMCOUNTER gStatREMTRChange;
144static STAMCOUNTER gStatSelOutOfSync[6];
145static STAMCOUNTER gStatSelOutOfSyncStateBack[6];
146static STAMCOUNTER gStatFlushTBs;
147#endif
148/* in exec.c */
149extern uint32_t tlb_flush_count;
150extern uint32_t tb_flush_count;
151extern uint32_t tb_phys_invalidate_count;
152
153/*
154 * Global stuff.
155 */
156
157/** MMIO read callbacks. */
158CPUReadMemoryFunc *g_apfnMMIORead[3] =
159{
160 remR3MMIOReadU8,
161 remR3MMIOReadU16,
162 remR3MMIOReadU32
163};
164
165/** MMIO write callbacks. */
166CPUWriteMemoryFunc *g_apfnMMIOWrite[3] =
167{
168 remR3MMIOWriteU8,
169 remR3MMIOWriteU16,
170 remR3MMIOWriteU32
171};
172
173/** Handler read callbacks. */
174CPUReadMemoryFunc *g_apfnHandlerRead[3] =
175{
176 remR3HandlerReadU8,
177 remR3HandlerReadU16,
178 remR3HandlerReadU32
179};
180
181/** Handler write callbacks. */
182CPUWriteMemoryFunc *g_apfnHandlerWrite[3] =
183{
184 remR3HandlerWriteU8,
185 remR3HandlerWriteU16,
186 remR3HandlerWriteU32
187};
188
189
190#if defined(VBOX_WITH_DEBUGGER) && !(defined(RT_OS_WINDOWS) && defined(RT_ARCH_AMD64))
191/*
192 * Debugger commands.
193 */
194static DECLCALLBACK(int) remR3CmdDisasEnableStepping(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PVM pVM, PCDBGCVAR paArgs, unsigned cArgs);
195
196/** '.remstep' arguments. */
197static const DBGCVARDESC g_aArgRemStep[] =
198{
199 /* cTimesMin, cTimesMax, enmCategory, fFlags, pszName, pszDescription */
200 { 0, ~0U, DBGCVAR_CAT_NUMBER, 0, "on/off", "Boolean value/mnemonic indicating the new state." },
201};
202
203/** Command descriptors. */
204static const DBGCCMD g_aCmds[] =
205{
206 {
207 .pszCmd ="remstep",
208 .cArgsMin = 0,
209 .cArgsMax = 1,
210 .paArgDescs = &g_aArgRemStep[0],
211 .cArgDescs = RT_ELEMENTS(g_aArgRemStep),
212 .fFlags = 0,
213 .pfnHandler = remR3CmdDisasEnableStepping,
214 .pszSyntax = "[on/off]",
215 .pszDescription = "Enable or disable the single stepping with logged disassembly. "
216 "If no arguments show the current state."
217 }
218};
219#endif
220
221/** Prologue code, must be in lower 4G to simplify jumps to/from generated code.
222 * @todo huh??? That cannot be the case on the mac... So, this
223 * point is probably not valid any longer. */
224uint8_t *code_gen_prologue;
225
226
227/*******************************************************************************
228* Internal Functions *
229*******************************************************************************/
230void remAbort(int rc, const char *pszTip);
231extern int testmath(void);
232
233/* Put them here to avoid unused variable warning. */
234AssertCompile(RT_SIZEOFMEMB(VM, rem.padding) >= RT_SIZEOFMEMB(VM, rem.s));
235#if !defined(IPRT_NO_CRT) && (defined(RT_OS_LINUX) || defined(RT_OS_DARWIN) || defined(RT_OS_WINDOWS))
236//AssertCompileMemberSize(REM, Env, REM_ENV_SIZE);
237/* Why did this have to be identical?? */
238AssertCompile(RT_SIZEOFMEMB(REM, Env) <= REM_ENV_SIZE);
239#else
240AssertCompile(RT_SIZEOFMEMB(REM, Env) <= REM_ENV_SIZE);
241#endif
242
243
244/**
245 * Initializes the REM.
246 *
247 * @returns VBox status code.
248 * @param pVM The VM to operate on.
249 */
250REMR3DECL(int) REMR3Init(PVM pVM)
251{
252 PREMHANDLERNOTIFICATION pCur;
253 uint32_t u32Dummy;
254 int rc;
255 unsigned i;
256
257#ifdef VBOX_ENABLE_VBOXREM64
258 LogRel(("Using 64-bit aware REM\n"));
259#endif
260
261 /*
262 * Assert sanity.
263 */
264 AssertReleaseMsg(sizeof(pVM->rem.padding) >= sizeof(pVM->rem.s), ("%#x >= %#x; sizeof(Env)=%#x\n", sizeof(pVM->rem.padding), sizeof(pVM->rem.s), sizeof(pVM->rem.s.Env)));
265 AssertReleaseMsg(sizeof(pVM->rem.s.Env) <= REM_ENV_SIZE, ("%#x == %#x\n", sizeof(pVM->rem.s.Env), REM_ENV_SIZE));
266 AssertReleaseMsg(!(RT_OFFSETOF(VM, rem) & 31), ("off=%#x\n", RT_OFFSETOF(VM, rem)));
267#if defined(DEBUG) && !defined(RT_OS_SOLARIS) && !defined(RT_OS_FREEBSD) /// @todo fix the solaris and freebsd math stuff.
268 Assert(!testmath());
269#endif
270
271 /*
272 * Init some internal data members.
273 */
274 pVM->rem.s.offVM = RT_OFFSETOF(VM, rem.s);
275 pVM->rem.s.Env.pVM = pVM;
276#ifdef CPU_RAW_MODE_INIT
277 pVM->rem.s.state |= CPU_RAW_MODE_INIT;
278#endif
279
280 /*
281 * Initialize the REM critical section.
282 *
283 * Note: This is not a 100% safe solution as updating the internal memory state while another VCPU
284 * is executing code could be dangerous. Taking the REM lock is not an option due to the danger of
285 * deadlocks. (mostly pgm vs rem locking)
286 */
287 rc = PDMR3CritSectInit(pVM, &pVM->rem.s.CritSectRegister, RT_SRC_POS, "REM-Register");
288 AssertRCReturn(rc, rc);
289
290 /* ctx. */
291 pVM->rem.s.pCtx = NULL; /* set when executing code. */
292 AssertMsg(MMR3PhysGetRamSize(pVM) == 0, ("Init order has changed! REM depends on notification about ALL physical memory registrations\n"));
293
294 /* ignore all notifications */
295 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
296
297 code_gen_prologue = RTMemExecAlloc(_1K);
298 AssertLogRelReturn(code_gen_prologue, VERR_NO_MEMORY);
299
300 cpu_exec_init_all(0);
301
302 /*
303 * Init the recompiler.
304 */
305 if (!cpu_x86_init(&pVM->rem.s.Env, "vbox"))
306 {
307 AssertMsgFailed(("cpu_x86_init failed - impossible!\n"));
308 return VERR_GENERAL_FAILURE;
309 }
310 PVMCPU pVCpu = VMMGetCpu(pVM);
311 CPUMGetGuestCpuId(pVCpu, 1, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
312 CPUMGetGuestCpuId(pVCpu, 0x80000001, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext3_features, &pVM->rem.s.Env.cpuid_ext2_features);
313
314 EMRemLock(pVM);
315 cpu_reset(&pVM->rem.s.Env);
316 EMRemUnlock(pVM);
317
318 /* allocate code buffer for single instruction emulation. */
319 pVM->rem.s.Env.cbCodeBuffer = 4096;
320 pVM->rem.s.Env.pvCodeBuffer = RTMemExecAlloc(pVM->rem.s.Env.cbCodeBuffer);
321 AssertMsgReturn(pVM->rem.s.Env.pvCodeBuffer, ("Failed to allocate code buffer!\n"), VERR_NO_MEMORY);
322
323 /* Finally, set the cpu_single_env global. */
324 cpu_single_env = &pVM->rem.s.Env;
325
326 /* Nothing is pending by default */
327 pVM->rem.s.u32PendingInterrupt = REM_NO_PENDING_IRQ;
328
329 /*
330 * Register ram types.
331 */
332 pVM->rem.s.iMMIOMemType = cpu_register_io_memory(g_apfnMMIORead, g_apfnMMIOWrite, pVM);
333 AssertReleaseMsg(pVM->rem.s.iMMIOMemType >= 0, ("pVM->rem.s.iMMIOMemType=%d\n", pVM->rem.s.iMMIOMemType));
334 pVM->rem.s.iHandlerMemType = cpu_register_io_memory(g_apfnHandlerRead, g_apfnHandlerWrite, pVM);
335 AssertReleaseMsg(pVM->rem.s.iHandlerMemType >= 0, ("pVM->rem.s.iHandlerMemType=%d\n", pVM->rem.s.iHandlerMemType));
336 Log2(("REM: iMMIOMemType=%d iHandlerMemType=%d\n", pVM->rem.s.iMMIOMemType, pVM->rem.s.iHandlerMemType));
337
338 /* stop ignoring. */
339 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
340
341 /*
342 * Register the saved state data unit.
343 */
344 rc = SSMR3RegisterInternal(pVM, "rem", 1, REM_SAVED_STATE_VERSION, sizeof(uint32_t) * 10,
345 NULL, NULL, NULL,
346 NULL, remR3Save, NULL,
347 NULL, remR3Load, NULL);
348 if (RT_FAILURE(rc))
349 return rc;
350
351#if defined(VBOX_WITH_DEBUGGER) && !(defined(RT_OS_WINDOWS) && defined(RT_ARCH_AMD64))
352 /*
353 * Debugger commands.
354 */
355 static bool fRegisteredCmds = false;
356 if (!fRegisteredCmds)
357 {
358 int rc = DBGCRegisterCommands(&g_aCmds[0], RT_ELEMENTS(g_aCmds));
359 if (RT_SUCCESS(rc))
360 fRegisteredCmds = true;
361 }
362#endif
363
364#ifdef VBOX_WITH_STATISTICS
365 /*
366 * Statistics.
367 */
368 STAM_REG(pVM, &gStatExecuteSingleInstr, STAMTYPE_PROFILE, "/PROF/REM/SingleInstr",STAMUNIT_TICKS_PER_CALL, "Profiling single instruction emulation.");
369 STAM_REG(pVM, &gStatCompilationQEmu, STAMTYPE_PROFILE, "/PROF/REM/Compile", STAMUNIT_TICKS_PER_CALL, "Profiling QEmu compilation.");
370 STAM_REG(pVM, &gStatRunCodeQEmu, STAMTYPE_PROFILE, "/PROF/REM/Runcode", STAMUNIT_TICKS_PER_CALL, "Profiling QEmu code execution.");
371 STAM_REG(pVM, &gStatTotalTimeQEmu, STAMTYPE_PROFILE, "/PROF/REM/Emulate", STAMUNIT_TICKS_PER_CALL, "Profiling code emulation.");
372 STAM_REG(pVM, &gStatTimers, STAMTYPE_PROFILE, "/PROF/REM/Timers", STAMUNIT_TICKS_PER_CALL, "Profiling timer queue processing.");
373 STAM_REG(pVM, &gStatTBLookup, STAMTYPE_PROFILE, "/PROF/REM/TBLookup", STAMUNIT_TICKS_PER_CALL, "Profiling translation block lookup.");
374 STAM_REG(pVM, &gStatIRQ, STAMTYPE_PROFILE, "/PROF/REM/IRQ", STAMUNIT_TICKS_PER_CALL, "Profiling IRQ delivery.");
375 STAM_REG(pVM, &gStatRawCheck, STAMTYPE_PROFILE, "/PROF/REM/RawCheck", STAMUNIT_TICKS_PER_CALL, "Profiling remR3CanExecuteRaw calls.");
376 STAM_REG(pVM, &gStatMemRead, STAMTYPE_PROFILE, "/PROF/REM/MemRead", STAMUNIT_TICKS_PER_CALL, "Profiling memory access.");
377 STAM_REG(pVM, &gStatMemWrite, STAMTYPE_PROFILE, "/PROF/REM/MemWrite", STAMUNIT_TICKS_PER_CALL, "Profiling memory access.");
378 STAM_REG(pVM, &gStatGCPhys2HCVirt, STAMTYPE_PROFILE, "/PROF/REM/GCPhys2HCVirt", STAMUNIT_TICKS_PER_CALL, "Profiling memory conversion (PGMR3PhysTlbGCPhys2Ptr).");
379
380 STAM_REG(pVM, &gStatCpuGetTSC, STAMTYPE_COUNTER, "/REM/CpuGetTSC", STAMUNIT_OCCURENCES, "cpu_get_tsc calls");
381
382 STAM_REG(pVM, &gStatRefuseTFInhibit, STAMTYPE_COUNTER, "/REM/Refuse/TFInibit", STAMUNIT_OCCURENCES, "Raw mode refused because of TF or irq inhibit");
383 STAM_REG(pVM, &gStatRefuseVM86, STAMTYPE_COUNTER, "/REM/Refuse/VM86", STAMUNIT_OCCURENCES, "Raw mode refused because of VM86");
384 STAM_REG(pVM, &gStatRefusePaging, STAMTYPE_COUNTER, "/REM/Refuse/Paging", STAMUNIT_OCCURENCES, "Raw mode refused because of disabled paging/pm");
385 STAM_REG(pVM, &gStatRefusePAE, STAMTYPE_COUNTER, "/REM/Refuse/PAE", STAMUNIT_OCCURENCES, "Raw mode refused because of PAE");
386 STAM_REG(pVM, &gStatRefuseIOPLNot0, STAMTYPE_COUNTER, "/REM/Refuse/IOPLNot0", STAMUNIT_OCCURENCES, "Raw mode refused because of IOPL != 0");
387 STAM_REG(pVM, &gStatRefuseIF0, STAMTYPE_COUNTER, "/REM/Refuse/IF0", STAMUNIT_OCCURENCES, "Raw mode refused because of IF=0");
388 STAM_REG(pVM, &gStatRefuseCode16, STAMTYPE_COUNTER, "/REM/Refuse/Code16", STAMUNIT_OCCURENCES, "Raw mode refused because of 16 bit code");
389 STAM_REG(pVM, &gStatRefuseWP0, STAMTYPE_COUNTER, "/REM/Refuse/WP0", STAMUNIT_OCCURENCES, "Raw mode refused because of WP=0");
390 STAM_REG(pVM, &gStatRefuseRing1or2, STAMTYPE_COUNTER, "/REM/Refuse/Ring1or2", STAMUNIT_OCCURENCES, "Raw mode refused because of ring 1/2 execution");
391 STAM_REG(pVM, &gStatRefuseCanExecute, STAMTYPE_COUNTER, "/REM/Refuse/CanExecuteRaw", STAMUNIT_OCCURENCES, "Raw mode refused because of cCanExecuteRaw");
392 STAM_REG(pVM, &gStatFlushTBs, STAMTYPE_COUNTER, "/REM/FlushTB", STAMUNIT_OCCURENCES, "Number of TB flushes");
393
394 STAM_REG(pVM, &gStatREMGDTChange, STAMTYPE_COUNTER, "/REM/Change/GDTBase", STAMUNIT_OCCURENCES, "GDT base changes");
395 STAM_REG(pVM, &gStatREMLDTRChange, STAMTYPE_COUNTER, "/REM/Change/LDTR", STAMUNIT_OCCURENCES, "LDTR changes");
396 STAM_REG(pVM, &gStatREMIDTChange, STAMTYPE_COUNTER, "/REM/Change/IDTBase", STAMUNIT_OCCURENCES, "IDT base changes");
397 STAM_REG(pVM, &gStatREMTRChange, STAMTYPE_COUNTER, "/REM/Change/TR", STAMUNIT_OCCURENCES, "TR selector changes");
398
399 STAM_REG(pVM, &gStatSelOutOfSync[0], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/ES", STAMUNIT_OCCURENCES, "ES out of sync");
400 STAM_REG(pVM, &gStatSelOutOfSync[1], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/CS", STAMUNIT_OCCURENCES, "CS out of sync");
401 STAM_REG(pVM, &gStatSelOutOfSync[2], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/SS", STAMUNIT_OCCURENCES, "SS out of sync");
402 STAM_REG(pVM, &gStatSelOutOfSync[3], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/DS", STAMUNIT_OCCURENCES, "DS out of sync");
403 STAM_REG(pVM, &gStatSelOutOfSync[4], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/FS", STAMUNIT_OCCURENCES, "FS out of sync");
404 STAM_REG(pVM, &gStatSelOutOfSync[5], STAMTYPE_COUNTER, "/REM/State/SelOutOfSync/GS", STAMUNIT_OCCURENCES, "GS out of sync");
405
406 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[0], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/ES", STAMUNIT_OCCURENCES, "ES out of sync");
407 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[1], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/CS", STAMUNIT_OCCURENCES, "CS out of sync");
408 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[2], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/SS", STAMUNIT_OCCURENCES, "SS out of sync");
409 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[3], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/DS", STAMUNIT_OCCURENCES, "DS out of sync");
410 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[4], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/FS", STAMUNIT_OCCURENCES, "FS out of sync");
411 STAM_REG(pVM, &gStatSelOutOfSyncStateBack[5], STAMTYPE_COUNTER, "/REM/StateBack/SelOutOfSync/GS", STAMUNIT_OCCURENCES, "GS out of sync");
412
413 STAM_REG(pVM, &pVM->rem.s.Env.StatTbFlush, STAMTYPE_PROFILE, "/REM/TbFlush", STAMUNIT_TICKS_PER_CALL, "profiling tb_flush().");
414#endif /* VBOX_WITH_STATISTICS */
415 AssertCompileMemberAlignment(CPUX86State, StatTbFlush, 4);
416 AssertCompileMemberAlignment(CPUX86State, StatTbFlush, 8);
417
418 STAM_REL_REG(pVM, &tb_flush_count, STAMTYPE_U32_RESET, "/REM/TbFlushCount", STAMUNIT_OCCURENCES, "tb_flush() calls");
419 STAM_REL_REG(pVM, &tb_phys_invalidate_count, STAMTYPE_U32_RESET, "/REM/TbPhysInvldCount", STAMUNIT_OCCURENCES, "tb_phys_invalidate() calls");
420 STAM_REL_REG(pVM, &tlb_flush_count, STAMTYPE_U32_RESET, "/REM/TlbFlushCount", STAMUNIT_OCCURENCES, "tlb_flush() calls");
421
422
423#ifdef DEBUG_ALL_LOGGING
424 loglevel = ~0;
425#endif
426
427 /*
428 * Init the handler notification lists.
429 */
430 pVM->rem.s.idxPendingList = UINT32_MAX;
431 pVM->rem.s.idxFreeList = 0;
432
433 for (i = 0 ; i < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications); i++)
434 {
435 pCur = &pVM->rem.s.aHandlerNotifications[i];
436 pCur->idxNext = i + 1;
437 pCur->idxSelf = i;
438 }
439 pCur->idxNext = UINT32_MAX; /* the last record. */
440
441 return rc;
442}
443
444
445/**
446 * Finalizes the REM initialization.
447 *
448 * This is called after all components, devices and drivers has
449 * been initialized. Its main purpose it to finish the RAM related
450 * initialization.
451 *
452 * @returns VBox status code.
453 *
454 * @param pVM The VM handle.
455 */
456REMR3DECL(int) REMR3InitFinalize(PVM pVM)
457{
458 int rc;
459
460 /*
461 * Ram size & dirty bit map.
462 */
463 Assert(!pVM->rem.s.fGCPhysLastRamFixed);
464 pVM->rem.s.fGCPhysLastRamFixed = true;
465#ifdef RT_STRICT
466 rc = remR3InitPhysRamSizeAndDirtyMap(pVM, true /* fGuarded */);
467#else
468 rc = remR3InitPhysRamSizeAndDirtyMap(pVM, false /* fGuarded */);
469#endif
470 return rc;
471}
472
473/**
474 * Initializes ram_list.phys_dirty and ram_list.phys_dirty_size.
475 *
476 * @returns VBox status code.
477 * @param pVM The VM handle.
478 * @param fGuarded Whether to guard the map.
479 */
480static int remR3InitPhysRamSizeAndDirtyMap(PVM pVM, bool fGuarded)
481{
482 int rc = VINF_SUCCESS;
483 RTGCPHYS cb;
484
485 AssertLogRelReturn(QLIST_EMPTY(&ram_list.blocks), VERR_INTERNAL_ERROR_2);
486
487 cb = pVM->rem.s.GCPhysLastRam + 1;
488 AssertLogRelMsgReturn(cb > pVM->rem.s.GCPhysLastRam,
489 ("GCPhysLastRam=%RGp - out of range\n", pVM->rem.s.GCPhysLastRam),
490 VERR_OUT_OF_RANGE);
491
492 ram_list.phys_dirty_size = cb >> PAGE_SHIFT;
493 AssertMsg(((RTGCPHYS)ram_list.phys_dirty_size << PAGE_SHIFT) == cb, ("%RGp\n", cb));
494
495 if (!fGuarded)
496 {
497 ram_list.phys_dirty = MMR3HeapAlloc(pVM, MM_TAG_REM, ram_list.phys_dirty_size);
498 AssertLogRelMsgReturn(ram_list.phys_dirty, ("Failed to allocate %u bytes of dirty page map bytes\n", ram_list.phys_dirty_size), VERR_NO_MEMORY);
499 }
500 else
501 {
502 /*
503 * Fill it up the nearest 4GB RAM and leave at least _64KB of guard after it.
504 */
505 uint32_t cbBitmapAligned = RT_ALIGN_32(ram_list.phys_dirty_size, PAGE_SIZE);
506 uint32_t cbBitmapFull = RT_ALIGN_32(ram_list.phys_dirty_size, (_4G >> PAGE_SHIFT));
507 if (cbBitmapFull == cbBitmapAligned)
508 cbBitmapFull += _4G >> PAGE_SHIFT;
509 else if (cbBitmapFull - cbBitmapAligned < _64K)
510 cbBitmapFull += _64K;
511
512 ram_list.phys_dirty = RTMemPageAlloc(cbBitmapFull);
513 AssertLogRelMsgReturn(ram_list.phys_dirty, ("Failed to allocate %u bytes of dirty page map bytes\n", cbBitmapFull), VERR_NO_MEMORY);
514
515 rc = RTMemProtect(ram_list.phys_dirty + cbBitmapAligned, cbBitmapFull - cbBitmapAligned, RTMEM_PROT_NONE);
516 if (RT_FAILURE(rc))
517 {
518 RTMemPageFree(ram_list.phys_dirty, cbBitmapFull);
519 AssertLogRelRCReturn(rc, rc);
520 }
521
522 ram_list.phys_dirty += cbBitmapAligned - ram_list.phys_dirty_size;
523 }
524
525 /* initialize it. */
526 memset(ram_list.phys_dirty, 0xff, ram_list.phys_dirty_size);
527 return rc;
528}
529
530
531/**
532 * Terminates the REM.
533 *
534 * Termination means cleaning up and freeing all resources,
535 * the VM it self is at this point powered off or suspended.
536 *
537 * @returns VBox status code.
538 * @param pVM The VM to operate on.
539 */
540REMR3DECL(int) REMR3Term(PVM pVM)
541{
542#ifdef VBOX_WITH_STATISTICS
543 /*
544 * Statistics.
545 */
546 STAM_DEREG(pVM, &gStatExecuteSingleInstr);
547 STAM_DEREG(pVM, &gStatCompilationQEmu);
548 STAM_DEREG(pVM, &gStatRunCodeQEmu);
549 STAM_DEREG(pVM, &gStatTotalTimeQEmu);
550 STAM_DEREG(pVM, &gStatTimers);
551 STAM_DEREG(pVM, &gStatTBLookup);
552 STAM_DEREG(pVM, &gStatIRQ);
553 STAM_DEREG(pVM, &gStatRawCheck);
554 STAM_DEREG(pVM, &gStatMemRead);
555 STAM_DEREG(pVM, &gStatMemWrite);
556 STAM_DEREG(pVM, &gStatGCPhys2HCVirt);
557
558 STAM_DEREG(pVM, &gStatCpuGetTSC);
559
560 STAM_DEREG(pVM, &gStatRefuseTFInhibit);
561 STAM_DEREG(pVM, &gStatRefuseVM86);
562 STAM_DEREG(pVM, &gStatRefusePaging);
563 STAM_DEREG(pVM, &gStatRefusePAE);
564 STAM_DEREG(pVM, &gStatRefuseIOPLNot0);
565 STAM_DEREG(pVM, &gStatRefuseIF0);
566 STAM_DEREG(pVM, &gStatRefuseCode16);
567 STAM_DEREG(pVM, &gStatRefuseWP0);
568 STAM_DEREG(pVM, &gStatRefuseRing1or2);
569 STAM_DEREG(pVM, &gStatRefuseCanExecute);
570 STAM_DEREG(pVM, &gStatFlushTBs);
571
572 STAM_DEREG(pVM, &gStatREMGDTChange);
573 STAM_DEREG(pVM, &gStatREMLDTRChange);
574 STAM_DEREG(pVM, &gStatREMIDTChange);
575 STAM_DEREG(pVM, &gStatREMTRChange);
576
577 STAM_DEREG(pVM, &gStatSelOutOfSync[0]);
578 STAM_DEREG(pVM, &gStatSelOutOfSync[1]);
579 STAM_DEREG(pVM, &gStatSelOutOfSync[2]);
580 STAM_DEREG(pVM, &gStatSelOutOfSync[3]);
581 STAM_DEREG(pVM, &gStatSelOutOfSync[4]);
582 STAM_DEREG(pVM, &gStatSelOutOfSync[5]);
583
584 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[0]);
585 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[1]);
586 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[2]);
587 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[3]);
588 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[4]);
589 STAM_DEREG(pVM, &gStatSelOutOfSyncStateBack[5]);
590
591 STAM_DEREG(pVM, &pVM->rem.s.Env.StatTbFlush);
592#endif /* VBOX_WITH_STATISTICS */
593
594 STAM_REL_DEREG(pVM, &tb_flush_count);
595 STAM_REL_DEREG(pVM, &tb_phys_invalidate_count);
596 STAM_REL_DEREG(pVM, &tlb_flush_count);
597
598 return VINF_SUCCESS;
599}
600
601
602/**
603 * The VM is being reset.
604 *
605 * For the REM component this means to call the cpu_reset() and
606 * reinitialize some state variables.
607 *
608 * @param pVM VM handle.
609 */
610REMR3DECL(void) REMR3Reset(PVM pVM)
611{
612 EMRemLock(pVM); /* Only pro forma, we're in a rendezvous. */
613
614 /*
615 * Reset the REM cpu.
616 */
617 Assert(pVM->rem.s.cIgnoreAll == 0);
618 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
619 cpu_reset(&pVM->rem.s.Env);
620 pVM->rem.s.cInvalidatedPages = 0;
621 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
622 Assert(pVM->rem.s.cIgnoreAll == 0);
623
624 /* Clear raw ring 0 init state */
625 pVM->rem.s.Env.state &= ~CPU_RAW_RING0;
626
627 /* Flush the TBs the next time we execute code here. */
628 pVM->rem.s.fFlushTBs = true;
629
630 EMRemUnlock(pVM);
631}
632
633
634/**
635 * Execute state save operation.
636 *
637 * @returns VBox status code.
638 * @param pVM VM Handle.
639 * @param pSSM SSM operation handle.
640 */
641static DECLCALLBACK(int) remR3Save(PVM pVM, PSSMHANDLE pSSM)
642{
643 PREM pRem = &pVM->rem.s;
644
645 /*
646 * Save the required CPU Env bits.
647 * (Not much because we're never in REM when doing the save.)
648 */
649 LogFlow(("remR3Save:\n"));
650 Assert(!pRem->fInREM);
651 SSMR3PutU32(pSSM, pRem->Env.hflags);
652 SSMR3PutU32(pSSM, ~0); /* separator */
653
654 /* Remember if we've entered raw mode (vital for ring 1 checks in e.g. iret emulation). */
655 SSMR3PutU32(pSSM, !!(pRem->Env.state & CPU_RAW_RING0));
656 SSMR3PutU32(pSSM, pVM->rem.s.u32PendingInterrupt);
657
658 return SSMR3PutU32(pSSM, ~0); /* terminator */
659}
660
661
662/**
663 * Execute state load operation.
664 *
665 * @returns VBox status code.
666 * @param pVM VM Handle.
667 * @param pSSM SSM operation handle.
668 * @param uVersion Data layout version.
669 * @param uPass The data pass.
670 */
671static DECLCALLBACK(int) remR3Load(PVM pVM, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
672{
673 uint32_t u32Dummy;
674 uint32_t fRawRing0 = false;
675 uint32_t u32Sep;
676 uint32_t i;
677 int rc;
678 PREM pRem;
679
680 LogFlow(("remR3Load:\n"));
681 Assert(uPass == SSM_PASS_FINAL); NOREF(uPass);
682
683 /*
684 * Validate version.
685 */
686 if ( uVersion != REM_SAVED_STATE_VERSION
687 && uVersion != REM_SAVED_STATE_VERSION_VER1_6)
688 {
689 AssertMsgFailed(("remR3Load: Invalid version uVersion=%d!\n", uVersion));
690 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
691 }
692
693 /*
694 * Do a reset to be on the safe side...
695 */
696 REMR3Reset(pVM);
697
698 /*
699 * Ignore all ignorable notifications.
700 * (Not doing this will cause serious trouble.)
701 */
702 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
703
704 /*
705 * Load the required CPU Env bits.
706 * (Not much because we're never in REM when doing the save.)
707 */
708 pRem = &pVM->rem.s;
709 Assert(!pRem->fInREM);
710 SSMR3GetU32(pSSM, &pRem->Env.hflags);
711 if (uVersion == REM_SAVED_STATE_VERSION_VER1_6)
712 {
713 /* Redundant REM CPU state has to be loaded, but can be ignored. */
714 CPUX86State_Ver16 temp;
715 SSMR3GetMem(pSSM, &temp, RT_OFFSETOF(CPUX86State_Ver16, jmp_env));
716 }
717
718 rc = SSMR3GetU32(pSSM, &u32Sep); /* separator */
719 if (RT_FAILURE(rc))
720 return rc;
721 if (u32Sep != ~0U)
722 {
723 AssertMsgFailed(("u32Sep=%#x\n", u32Sep));
724 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
725 }
726
727 /* Remember if we've entered raw mode (vital for ring 1 checks in e.g. iret emulation). */
728 SSMR3GetUInt(pSSM, &fRawRing0);
729 if (fRawRing0)
730 pRem->Env.state |= CPU_RAW_RING0;
731
732 if (uVersion == REM_SAVED_STATE_VERSION_VER1_6)
733 {
734 /*
735 * Load the REM stuff.
736 */
737 /** @todo r=bird: We should just drop all these items, restoring doesn't make
738 * sense. */
739 rc = SSMR3GetU32(pSSM, (uint32_t *)&pRem->cInvalidatedPages);
740 if (RT_FAILURE(rc))
741 return rc;
742 if (pRem->cInvalidatedPages > RT_ELEMENTS(pRem->aGCPtrInvalidatedPages))
743 {
744 AssertMsgFailed(("cInvalidatedPages=%#x\n", pRem->cInvalidatedPages));
745 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
746 }
747 for (i = 0; i < pRem->cInvalidatedPages; i++)
748 SSMR3GetGCPtr(pSSM, &pRem->aGCPtrInvalidatedPages[i]);
749 }
750
751 rc = SSMR3GetUInt(pSSM, &pVM->rem.s.u32PendingInterrupt);
752 if (RT_FAILURE(rc))
753 return rc;
754
755 /* check the terminator. */
756 rc = SSMR3GetU32(pSSM, &u32Sep);
757 if (RT_FAILURE(rc))
758 return rc;
759 if (u32Sep != ~0U)
760 {
761 AssertMsgFailed(("u32Sep=%#x (term)\n", u32Sep));
762 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
763 }
764
765 /*
766 * Get the CPUID features.
767 */
768 PVMCPU pVCpu = VMMGetCpu(pVM);
769 CPUMGetGuestCpuId(pVCpu, 1, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
770 CPUMGetGuestCpuId(pVCpu, 0x80000001, &u32Dummy, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext2_features);
771
772 /*
773 * Stop ignoring ignorable notifications.
774 */
775 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
776
777 /*
778 * Sync the whole CPU state when executing code in the recompiler.
779 */
780 for (i = 0; i < pVM->cCpus; i++)
781 {
782 PVMCPU pVCpu = &pVM->aCpus[i];
783 CPUMSetChangedFlags(pVCpu, CPUM_CHANGED_ALL);
784 }
785 return VINF_SUCCESS;
786}
787
788
789
790#undef LOG_GROUP
791#define LOG_GROUP LOG_GROUP_REM_RUN
792
793/**
794 * Single steps an instruction in recompiled mode.
795 *
796 * Before calling this function the REM state needs to be in sync with
797 * the VM. Call REMR3State() to perform the sync. It's only necessary
798 * (and permitted) to sync at the first call to REMR3Step()/REMR3Run()
799 * and after calling REMR3StateBack().
800 *
801 * @returns VBox status code.
802 *
803 * @param pVM VM Handle.
804 * @param pVCpu VMCPU Handle.
805 */
806REMR3DECL(int) REMR3Step(PVM pVM, PVMCPU pVCpu)
807{
808 int rc, interrupt_request;
809 RTGCPTR GCPtrPC;
810 bool fBp;
811
812 /*
813 * Lock the REM - we don't wanna have anyone interrupting us
814 * while stepping - and enabled single stepping. We also ignore
815 * pending interrupts and suchlike.
816 */
817 interrupt_request = pVM->rem.s.Env.interrupt_request;
818 Assert(!(interrupt_request & ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER | CPU_INTERRUPT_EXTERNAL_HARD | CPU_INTERRUPT_EXTERNAL_EXIT | CPU_INTERRUPT_EXTERNAL_FLUSH_TLB | CPU_INTERRUPT_EXTERNAL_TIMER)));
819 pVM->rem.s.Env.interrupt_request = 0;
820 cpu_single_step(&pVM->rem.s.Env, 1);
821
822 /*
823 * If we're standing at a breakpoint, that have to be disabled before we start stepping.
824 */
825 GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
826 fBp = !cpu_breakpoint_remove(&pVM->rem.s.Env, GCPtrPC, BP_GDB);
827
828 /*
829 * Execute and handle the return code.
830 * We execute without enabling the cpu tick, so on success we'll
831 * just flip it on and off to make sure it moves
832 */
833 rc = cpu_exec(&pVM->rem.s.Env);
834 if (rc == EXCP_DEBUG)
835 {
836 TMR3NotifyResume(pVM, pVCpu);
837 TMR3NotifySuspend(pVM, pVCpu);
838 rc = VINF_EM_DBG_STEPPED;
839 }
840 else
841 {
842 switch (rc)
843 {
844 case EXCP_INTERRUPT: rc = VINF_SUCCESS; break;
845 case EXCP_HLT:
846 case EXCP_HALTED: rc = VINF_EM_HALT; break;
847 case EXCP_RC:
848 rc = pVM->rem.s.rc;
849 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
850 break;
851 case EXCP_EXECUTE_RAW:
852 case EXCP_EXECUTE_HWACC:
853 /** @todo: is it correct? No! */
854 rc = VINF_SUCCESS;
855 break;
856 default:
857 AssertReleaseMsgFailed(("This really shouldn't happen, rc=%d!\n", rc));
858 rc = VERR_INTERNAL_ERROR;
859 break;
860 }
861 }
862
863 /*
864 * Restore the stuff we changed to prevent interruption.
865 * Unlock the REM.
866 */
867 if (fBp)
868 {
869 int rc2 = cpu_breakpoint_insert(&pVM->rem.s.Env, GCPtrPC, BP_GDB, NULL);
870 Assert(rc2 == 0); NOREF(rc2);
871 }
872 cpu_single_step(&pVM->rem.s.Env, 0);
873 pVM->rem.s.Env.interrupt_request = interrupt_request;
874
875 return rc;
876}
877
878
879/**
880 * Set a breakpoint using the REM facilities.
881 *
882 * @returns VBox status code.
883 * @param pVM The VM handle.
884 * @param Address The breakpoint address.
885 * @thread The emulation thread.
886 */
887REMR3DECL(int) REMR3BreakpointSet(PVM pVM, RTGCUINTPTR Address)
888{
889 VM_ASSERT_EMT(pVM);
890 if (!cpu_breakpoint_insert(&pVM->rem.s.Env, Address, BP_GDB, NULL))
891 {
892 LogFlow(("REMR3BreakpointSet: Address=%RGv\n", Address));
893 return VINF_SUCCESS;
894 }
895 LogFlow(("REMR3BreakpointSet: Address=%RGv - failed!\n", Address));
896 return VERR_REM_NO_MORE_BP_SLOTS;
897}
898
899
900/**
901 * Clears a breakpoint set by REMR3BreakpointSet().
902 *
903 * @returns VBox status code.
904 * @param pVM The VM handle.
905 * @param Address The breakpoint address.
906 * @thread The emulation thread.
907 */
908REMR3DECL(int) REMR3BreakpointClear(PVM pVM, RTGCUINTPTR Address)
909{
910 VM_ASSERT_EMT(pVM);
911 if (!cpu_breakpoint_remove(&pVM->rem.s.Env, Address, BP_GDB))
912 {
913 LogFlow(("REMR3BreakpointClear: Address=%RGv\n", Address));
914 return VINF_SUCCESS;
915 }
916 LogFlow(("REMR3BreakpointClear: Address=%RGv - not found!\n", Address));
917 return VERR_REM_BP_NOT_FOUND;
918}
919
920
921/**
922 * Emulate an instruction.
923 *
924 * This function executes one instruction without letting anyone
925 * interrupt it. This is intended for being called while being in
926 * raw mode and thus will take care of all the state syncing between
927 * REM and the rest.
928 *
929 * @returns VBox status code.
930 * @param pVM VM handle.
931 * @param pVCpu VMCPU Handle.
932 */
933REMR3DECL(int) REMR3EmulateInstruction(PVM pVM, PVMCPU pVCpu)
934{
935 bool fFlushTBs;
936
937 int rc, rc2;
938 Log2(("REMR3EmulateInstruction: (cs:eip=%04x:%08x)\n", CPUMGetGuestCS(pVCpu), CPUMGetGuestEIP(pVCpu)));
939
940 /* Make sure this flag is set; we might never execute remR3CanExecuteRaw in the AMD-V case.
941 * CPU_RAW_HWACC makes sure we never execute interrupt handlers in the recompiler.
942 */
943 if (HWACCMIsEnabled(pVM))
944 pVM->rem.s.Env.state |= CPU_RAW_HWACC;
945
946 /* Skip the TB flush as that's rather expensive and not necessary for single instruction emulation. */
947 fFlushTBs = pVM->rem.s.fFlushTBs;
948 pVM->rem.s.fFlushTBs = false;
949
950 /*
951 * Sync the state and enable single instruction / single stepping.
952 */
953 rc = REMR3State(pVM, pVCpu);
954 pVM->rem.s.fFlushTBs = fFlushTBs;
955 if (RT_SUCCESS(rc))
956 {
957 int interrupt_request = pVM->rem.s.Env.interrupt_request;
958 Assert(!(interrupt_request & ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER | CPU_INTERRUPT_EXTERNAL_HARD | CPU_INTERRUPT_EXTERNAL_EXIT | CPU_INTERRUPT_EXTERNAL_FLUSH_TLB | CPU_INTERRUPT_EXTERNAL_TIMER)));
959#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
960 cpu_single_step(&pVM->rem.s.Env, 0);
961#endif
962 Assert(!pVM->rem.s.Env.singlestep_enabled);
963
964 /*
965 * Now we set the execute single instruction flag and enter the cpu_exec loop.
966 */
967 TMNotifyStartOfExecution(pVCpu);
968 pVM->rem.s.Env.interrupt_request = CPU_INTERRUPT_SINGLE_INSTR;
969 rc = cpu_exec(&pVM->rem.s.Env);
970 TMNotifyEndOfExecution(pVCpu);
971 switch (rc)
972 {
973 /*
974 * Executed without anything out of the way happening.
975 */
976 case EXCP_SINGLE_INSTR:
977 rc = VINF_EM_RESCHEDULE;
978 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_SINGLE_INSTR\n"));
979 break;
980
981 /*
982 * If we take a trap or start servicing a pending interrupt, we might end up here.
983 * (Timer thread or some other thread wishing EMT's attention.)
984 */
985 case EXCP_INTERRUPT:
986 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_INTERRUPT\n"));
987 rc = VINF_EM_RESCHEDULE;
988 break;
989
990 /*
991 * Single step, we assume!
992 * If there was a breakpoint there we're fucked now.
993 */
994 case EXCP_DEBUG:
995 if (pVM->rem.s.Env.watchpoint_hit)
996 {
997 /** @todo deal with watchpoints */
998 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_DEBUG rc=%Rrc !watchpoint_hit!\n", rc));
999 rc = VINF_EM_DBG_BREAKPOINT;
1000 }
1001 else
1002 {
1003 CPUBreakpoint *pBP;
1004 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
1005 QTAILQ_FOREACH(pBP, &pVM->rem.s.Env.breakpoints, entry)
1006 if (pBP->pc == GCPtrPC)
1007 break;
1008 rc = pBP ? VINF_EM_DBG_BREAKPOINT : VINF_EM_DBG_STEPPED;
1009 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_DEBUG rc=%Rrc pBP=%p GCPtrPC=%RGv\n", rc, pBP, GCPtrPC));
1010 }
1011 break;
1012
1013 /*
1014 * hlt instruction.
1015 */
1016 case EXCP_HLT:
1017 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_HLT\n"));
1018 rc = VINF_EM_HALT;
1019 break;
1020
1021 /*
1022 * The VM has halted.
1023 */
1024 case EXCP_HALTED:
1025 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_HALTED\n"));
1026 rc = VINF_EM_HALT;
1027 break;
1028
1029 /*
1030 * Switch to RAW-mode.
1031 */
1032 case EXCP_EXECUTE_RAW:
1033 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_EXECUTE_RAW\n"));
1034 rc = VINF_EM_RESCHEDULE_RAW;
1035 break;
1036
1037 /*
1038 * Switch to hardware accelerated RAW-mode.
1039 */
1040 case EXCP_EXECUTE_HWACC:
1041 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_EXECUTE_HWACC\n"));
1042 rc = VINF_EM_RESCHEDULE_HWACC;
1043 break;
1044
1045 /*
1046 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1047 */
1048 case EXCP_RC:
1049 Log2(("REMR3EmulateInstruction: cpu_exec -> EXCP_RC\n"));
1050 rc = pVM->rem.s.rc;
1051 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1052 break;
1053
1054 /*
1055 * Figure out the rest when they arrive....
1056 */
1057 default:
1058 AssertMsgFailed(("rc=%d\n", rc));
1059 Log2(("REMR3EmulateInstruction: cpu_exec -> %d\n", rc));
1060 rc = VINF_EM_RESCHEDULE;
1061 break;
1062 }
1063
1064 /*
1065 * Switch back the state.
1066 */
1067 pVM->rem.s.Env.interrupt_request = interrupt_request;
1068 rc2 = REMR3StateBack(pVM, pVCpu);
1069 AssertRC(rc2);
1070 }
1071
1072 Log2(("REMR3EmulateInstruction: returns %Rrc (cs:eip=%04x:%RGv)\n",
1073 rc, pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1074 return rc;
1075}
1076
1077
1078/**
1079 * Used by REMR3Run to handle the case where CPU_EMULATE_SINGLE_STEP is set.
1080 *
1081 * @returns VBox status code.
1082 *
1083 * @param pVM The VM handle.
1084 * @param pVCpu The Virtual CPU handle.
1085 */
1086static int remR3RunLoggingStep(PVM pVM, PVMCPU pVCpu)
1087{
1088 int rc;
1089
1090 Assert(pVM->rem.s.fInREM);
1091#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1092 cpu_single_step(&pVM->rem.s.Env, 1);
1093#else
1094 Assert(!pVM->rem.s.Env.singlestep_enabled);
1095#endif
1096
1097 /*
1098 * Now we set the execute single instruction flag and enter the cpu_exec loop.
1099 */
1100 for (;;)
1101 {
1102 char szBuf[256];
1103
1104 /*
1105 * Log the current registers state and instruction.
1106 */
1107 remR3StateUpdate(pVM, pVCpu);
1108 DBGFR3Info(pVM, "cpumguest", NULL, NULL);
1109 szBuf[0] = '\0';
1110 rc = DBGFR3DisasInstrEx(pVM,
1111 pVCpu->idCpu,
1112 0, /* Sel */
1113 0, /* GCPtr */
1114 DBGF_DISAS_FLAGS_CURRENT_GUEST
1115 | DBGF_DISAS_FLAGS_DEFAULT_MODE
1116 | DBGF_DISAS_FLAGS_HID_SEL_REGS_VALID,
1117 szBuf,
1118 sizeof(szBuf),
1119 NULL);
1120 if (RT_FAILURE(rc))
1121 RTStrPrintf(szBuf, sizeof(szBuf), "DBGFR3DisasInstrEx failed with rc=%Rrc\n", rc);
1122 RTLogPrintf("CPU%d: %s\n", pVCpu->idCpu, szBuf);
1123
1124 /*
1125 * Execute the instruction.
1126 */
1127 TMNotifyStartOfExecution(pVCpu);
1128
1129 if ( pVM->rem.s.Env.exception_index < 0
1130 || pVM->rem.s.Env.exception_index > 256)
1131 pVM->rem.s.Env.exception_index = -1; /** @todo We need to do similar stuff elsewhere, I think. */
1132
1133#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1134 pVM->rem.s.Env.interrupt_request = 0;
1135#else
1136 pVM->rem.s.Env.interrupt_request = CPU_INTERRUPT_SINGLE_INSTR;
1137#endif
1138 if ( VMCPU_FF_ISPENDING(pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC)
1139 || pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ)
1140 pVM->rem.s.Env.interrupt_request |= CPU_INTERRUPT_HARD;
1141 RTLogPrintf("remR3RunLoggingStep: interrupt_request=%#x halted=%d exception_index=%#x\n", rc,
1142 pVM->rem.s.Env.interrupt_request,
1143 pVM->rem.s.Env.halted,
1144 pVM->rem.s.Env.exception_index
1145 );
1146
1147 rc = cpu_exec(&pVM->rem.s.Env);
1148
1149 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> %#x interrupt_request=%#x halted=%d exception_index=%#x\n", rc,
1150 pVM->rem.s.Env.interrupt_request,
1151 pVM->rem.s.Env.halted,
1152 pVM->rem.s.Env.exception_index
1153 );
1154
1155 TMNotifyEndOfExecution(pVCpu);
1156
1157 switch (rc)
1158 {
1159#ifndef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1160 /*
1161 * The normal exit.
1162 */
1163 case EXCP_SINGLE_INSTR:
1164 if ( !VM_FF_ISPENDING(pVM, VM_FF_ALL_REM_MASK)
1165 && !VMCPU_FF_ISPENDING(pVCpu, VMCPU_FF_ALL_REM_MASK))
1166 continue;
1167 RTLogPrintf("remR3RunLoggingStep: rc=VINF_SUCCESS w/ FFs (%#x/%#x)\n",
1168 pVM->fGlobalForcedActions, pVCpu->fLocalForcedActions);
1169 rc = VINF_SUCCESS;
1170 break;
1171
1172#else
1173 /*
1174 * The normal exit, check for breakpoints at PC just to be sure.
1175 */
1176#endif
1177 case EXCP_DEBUG:
1178 if (pVM->rem.s.Env.watchpoint_hit)
1179 {
1180 /** @todo deal with watchpoints */
1181 Log2(("remR3RunLoggingStep: cpu_exec -> EXCP_DEBUG rc=%Rrc !watchpoint_hit!\n", rc));
1182 rc = VINF_EM_DBG_BREAKPOINT;
1183 }
1184 else
1185 {
1186 CPUBreakpoint *pBP;
1187 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
1188 QTAILQ_FOREACH(pBP, &pVM->rem.s.Env.breakpoints, entry)
1189 if (pBP->pc == GCPtrPC)
1190 break;
1191 rc = pBP ? VINF_EM_DBG_BREAKPOINT : VINF_EM_DBG_STEPPED;
1192 Log2(("remR3RunLoggingStep: cpu_exec -> EXCP_DEBUG rc=%Rrc pBP=%p GCPtrPC=%RGv\n", rc, pBP, GCPtrPC));
1193 }
1194#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1195 if (rc == VINF_EM_DBG_STEPPED)
1196 {
1197 if ( !VM_FF_ISPENDING(pVM, VM_FF_ALL_REM_MASK)
1198 && !VMCPU_FF_ISPENDING(pVCpu, VMCPU_FF_ALL_REM_MASK))
1199 continue;
1200
1201 RTLogPrintf("remR3RunLoggingStep: rc=VINF_SUCCESS w/ FFs (%#x/%#x)\n",
1202 pVM->fGlobalForcedActions, pVCpu->fLocalForcedActions);
1203 rc = VINF_SUCCESS;
1204 }
1205#endif
1206 break;
1207
1208 /*
1209 * If we take a trap or start servicing a pending interrupt, we might end up here.
1210 * (Timer thread or some other thread wishing EMT's attention.)
1211 */
1212 case EXCP_INTERRUPT:
1213 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_INTERRUPT rc=VINF_SUCCESS\n");
1214 rc = VINF_SUCCESS;
1215 break;
1216
1217 /*
1218 * hlt instruction.
1219 */
1220 case EXCP_HLT:
1221 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_HLT rc=VINF_EM_HALT\n");
1222 rc = VINF_EM_HALT;
1223 break;
1224
1225 /*
1226 * The VM has halted.
1227 */
1228 case EXCP_HALTED:
1229 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_HALTED rc=VINF_EM_HALT\n");
1230 rc = VINF_EM_HALT;
1231 break;
1232
1233 /*
1234 * Switch to RAW-mode.
1235 */
1236 case EXCP_EXECUTE_RAW:
1237 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_EXECUTE_RAW rc=VINF_EM_RESCHEDULE_RAW\n");
1238 rc = VINF_EM_RESCHEDULE_RAW;
1239 break;
1240
1241 /*
1242 * Switch to hardware accelerated RAW-mode.
1243 */
1244 case EXCP_EXECUTE_HWACC:
1245 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_EXECUTE_HWACC rc=VINF_EM_RESCHEDULE_HWACC\n");
1246 rc = VINF_EM_RESCHEDULE_HWACC;
1247 break;
1248
1249 /*
1250 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1251 */
1252 case EXCP_RC:
1253 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> EXCP_RC rc=%Rrc\n", pVM->rem.s.rc);
1254 rc = pVM->rem.s.rc;
1255 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1256 break;
1257
1258 /*
1259 * Figure out the rest when they arrive....
1260 */
1261 default:
1262 AssertMsgFailed(("rc=%d\n", rc));
1263 RTLogPrintf("remR3RunLoggingStep: cpu_exec -> %d rc=VINF_EM_RESCHEDULE\n", rc);
1264 rc = VINF_EM_RESCHEDULE;
1265 break;
1266 }
1267 break;
1268 }
1269
1270#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
1271// cpu_single_step(&pVM->rem.s.Env, 0);
1272#else
1273 pVM->rem.s.Env.interrupt_request &= ~(CPU_INTERRUPT_SINGLE_INSTR | CPU_INTERRUPT_SINGLE_INSTR_IN_FLIGHT);
1274#endif
1275 return rc;
1276}
1277
1278
1279/**
1280 * Runs code in recompiled mode.
1281 *
1282 * Before calling this function the REM state needs to be in sync with
1283 * the VM. Call REMR3State() to perform the sync. It's only necessary
1284 * (and permitted) to sync at the first call to REMR3Step()/REMR3Run()
1285 * and after calling REMR3StateBack().
1286 *
1287 * @returns VBox status code.
1288 *
1289 * @param pVM VM Handle.
1290 * @param pVCpu VMCPU Handle.
1291 */
1292REMR3DECL(int) REMR3Run(PVM pVM, PVMCPU pVCpu)
1293{
1294 int rc;
1295
1296 if (RT_UNLIKELY(pVM->rem.s.Env.state & CPU_EMULATE_SINGLE_STEP))
1297 return remR3RunLoggingStep(pVM, pVCpu);
1298
1299 Assert(pVM->rem.s.fInREM);
1300 Log2(("REMR3Run: (cs:eip=%04x:%RGv)\n", pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1301
1302 TMNotifyStartOfExecution(pVCpu);
1303 rc = cpu_exec(&pVM->rem.s.Env);
1304 TMNotifyEndOfExecution(pVCpu);
1305 switch (rc)
1306 {
1307 /*
1308 * This happens when the execution was interrupted
1309 * by an external event, like pending timers.
1310 */
1311 case EXCP_INTERRUPT:
1312 Log2(("REMR3Run: cpu_exec -> EXCP_INTERRUPT\n"));
1313 rc = VINF_SUCCESS;
1314 break;
1315
1316 /*
1317 * hlt instruction.
1318 */
1319 case EXCP_HLT:
1320 Log2(("REMR3Run: cpu_exec -> EXCP_HLT\n"));
1321 rc = VINF_EM_HALT;
1322 break;
1323
1324 /*
1325 * The VM has halted.
1326 */
1327 case EXCP_HALTED:
1328 Log2(("REMR3Run: cpu_exec -> EXCP_HALTED\n"));
1329 rc = VINF_EM_HALT;
1330 break;
1331
1332 /*
1333 * Breakpoint/single step.
1334 */
1335 case EXCP_DEBUG:
1336 if (pVM->rem.s.Env.watchpoint_hit)
1337 {
1338 /** @todo deal with watchpoints */
1339 Log2(("REMR3Run: cpu_exec -> EXCP_DEBUG rc=%Rrc !watchpoint_hit!\n", rc));
1340 rc = VINF_EM_DBG_BREAKPOINT;
1341 }
1342 else
1343 {
1344 CPUBreakpoint *pBP;
1345 RTGCPTR GCPtrPC = pVM->rem.s.Env.eip + pVM->rem.s.Env.segs[R_CS].base;
1346 QTAILQ_FOREACH(pBP, &pVM->rem.s.Env.breakpoints, entry)
1347 if (pBP->pc == GCPtrPC)
1348 break;
1349 rc = pBP ? VINF_EM_DBG_BREAKPOINT : VINF_EM_DBG_STEPPED;
1350 Log2(("REMR3Run: cpu_exec -> EXCP_DEBUG rc=%Rrc pBP=%p GCPtrPC=%RGv\n", rc, pBP, GCPtrPC));
1351 }
1352 break;
1353
1354 /*
1355 * Switch to RAW-mode.
1356 */
1357 case EXCP_EXECUTE_RAW:
1358 Log2(("REMR3Run: cpu_exec -> EXCP_EXECUTE_RAW\n"));
1359 rc = VINF_EM_RESCHEDULE_RAW;
1360 break;
1361
1362 /*
1363 * Switch to hardware accelerated RAW-mode.
1364 */
1365 case EXCP_EXECUTE_HWACC:
1366 Log2(("REMR3Run: cpu_exec -> EXCP_EXECUTE_HWACC\n"));
1367 rc = VINF_EM_RESCHEDULE_HWACC;
1368 break;
1369
1370 /*
1371 * An EM RC was raised (VMR3Reset/Suspend/PowerOff/some-fatal-error).
1372 */
1373 case EXCP_RC:
1374 Log2(("REMR3Run: cpu_exec -> EXCP_RC rc=%Rrc\n", pVM->rem.s.rc));
1375 rc = pVM->rem.s.rc;
1376 pVM->rem.s.rc = VERR_INTERNAL_ERROR;
1377 break;
1378
1379 /*
1380 * Figure out the rest when they arrive....
1381 */
1382 default:
1383 AssertMsgFailed(("rc=%d\n", rc));
1384 Log2(("REMR3Run: cpu_exec -> %d\n", rc));
1385 rc = VINF_SUCCESS;
1386 break;
1387 }
1388
1389 Log2(("REMR3Run: returns %Rrc (cs:eip=%04x:%RGv)\n", rc, pVM->rem.s.Env.segs[R_CS].selector, (RTGCPTR)pVM->rem.s.Env.eip));
1390 return rc;
1391}
1392
1393
1394/**
1395 * Check if the cpu state is suitable for Raw execution.
1396 *
1397 * @returns true if RAW/HWACC mode is ok, false if we should stay in REM.
1398 *
1399 * @param env The CPU env struct.
1400 * @param eip The EIP to check this for (might differ from env->eip).
1401 * @param fFlags hflags OR'ed with IOPL, TF and VM from eflags.
1402 * @param piException Stores EXCP_EXECUTE_RAW/HWACC in case raw mode is supported in this context
1403 *
1404 * @remark This function must be kept in perfect sync with the scheduler in EM.cpp!
1405 */
1406bool remR3CanExecuteRaw(CPUX86State *env, RTGCPTR eip, unsigned fFlags, int *piException)
1407{
1408 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1409 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1410 /* !!! THIS MUST BE IN SYNC WITH emR3Reschedule !!! */
1411 uint32_t u32CR0;
1412
1413#ifdef IEM_VERIFICATION_MODE
1414 return false;
1415#endif
1416
1417 /* Update counter. */
1418 env->pVM->rem.s.cCanExecuteRaw++;
1419
1420 /* Never when single stepping+logging guest code. */
1421 if (env->state & CPU_EMULATE_SINGLE_STEP)
1422 return false;
1423
1424 if (HWACCMIsEnabled(env->pVM))
1425 {
1426 CPUMCTX Ctx;
1427
1428 env->state |= CPU_RAW_HWACC;
1429
1430 /*
1431 * The simple check first...
1432 */
1433 if (!EMIsHwVirtExecutionEnabled(env->pVM))
1434 return false;
1435
1436 /*
1437 * Create partial context for HWACCMR3CanExecuteGuest
1438 */
1439 Ctx.cr0 = env->cr[0];
1440 Ctx.cr3 = env->cr[3];
1441 Ctx.cr4 = env->cr[4];
1442
1443 Ctx.tr = env->tr.selector;
1444 Ctx.trHid.u64Base = env->tr.base;
1445 Ctx.trHid.u32Limit = env->tr.limit;
1446 Ctx.trHid.Attr.u = (env->tr.flags >> 8) & 0xF0FF;
1447
1448 Ctx.ldtr = env->ldt.selector;
1449 Ctx.ldtrHid.u64Base = env->ldt.base;
1450 Ctx.ldtrHid.u32Limit = env->ldt.limit;
1451 Ctx.ldtrHid.Attr.u = (env->ldt.flags >> 8) & 0xF0FF;
1452
1453 Ctx.idtr.cbIdt = env->idt.limit;
1454 Ctx.idtr.pIdt = env->idt.base;
1455
1456 Ctx.gdtr.cbGdt = env->gdt.limit;
1457 Ctx.gdtr.pGdt = env->gdt.base;
1458
1459 Ctx.rsp = env->regs[R_ESP];
1460 Ctx.rip = env->eip;
1461
1462 Ctx.eflags.u32 = env->eflags;
1463
1464 Ctx.cs = env->segs[R_CS].selector;
1465 Ctx.csHid.u64Base = env->segs[R_CS].base;
1466 Ctx.csHid.u32Limit = env->segs[R_CS].limit;
1467 Ctx.csHid.Attr.u = (env->segs[R_CS].flags >> 8) & 0xF0FF;
1468
1469 Ctx.ds = env->segs[R_DS].selector;
1470 Ctx.dsHid.u64Base = env->segs[R_DS].base;
1471 Ctx.dsHid.u32Limit = env->segs[R_DS].limit;
1472 Ctx.dsHid.Attr.u = (env->segs[R_DS].flags >> 8) & 0xF0FF;
1473
1474 Ctx.es = env->segs[R_ES].selector;
1475 Ctx.esHid.u64Base = env->segs[R_ES].base;
1476 Ctx.esHid.u32Limit = env->segs[R_ES].limit;
1477 Ctx.esHid.Attr.u = (env->segs[R_ES].flags >> 8) & 0xF0FF;
1478
1479 Ctx.fs = env->segs[R_FS].selector;
1480 Ctx.fsHid.u64Base = env->segs[R_FS].base;
1481 Ctx.fsHid.u32Limit = env->segs[R_FS].limit;
1482 Ctx.fsHid.Attr.u = (env->segs[R_FS].flags >> 8) & 0xF0FF;
1483
1484 Ctx.gs = env->segs[R_GS].selector;
1485 Ctx.gsHid.u64Base = env->segs[R_GS].base;
1486 Ctx.gsHid.u32Limit = env->segs[R_GS].limit;
1487 Ctx.gsHid.Attr.u = (env->segs[R_GS].flags >> 8) & 0xF0FF;
1488
1489 Ctx.ss = env->segs[R_SS].selector;
1490 Ctx.ssHid.u64Base = env->segs[R_SS].base;
1491 Ctx.ssHid.u32Limit = env->segs[R_SS].limit;
1492 Ctx.ssHid.Attr.u = (env->segs[R_SS].flags >> 8) & 0xF0FF;
1493
1494 Ctx.msrEFER = env->efer;
1495
1496 /* Hardware accelerated raw-mode:
1497 *
1498 * Typically only 32-bits protected mode, with paging enabled, code is allowed here.
1499 */
1500 if (HWACCMR3CanExecuteGuest(env->pVM, &Ctx) == true)
1501 {
1502 *piException = EXCP_EXECUTE_HWACC;
1503 return true;
1504 }
1505 return false;
1506 }
1507
1508 /*
1509 * Here we only support 16 & 32 bits protected mode ring 3 code that has no IO privileges
1510 * or 32 bits protected mode ring 0 code
1511 *
1512 * The tests are ordered by the likelihood of being true during normal execution.
1513 */
1514 if (fFlags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK))
1515 {
1516 STAM_COUNTER_INC(&gStatRefuseTFInhibit);
1517 Log2(("raw mode refused: fFlags=%#x\n", fFlags));
1518 return false;
1519 }
1520
1521#ifndef VBOX_RAW_V86
1522 if (fFlags & VM_MASK) {
1523 STAM_COUNTER_INC(&gStatRefuseVM86);
1524 Log2(("raw mode refused: VM_MASK\n"));
1525 return false;
1526 }
1527#endif
1528
1529 if (env->state & CPU_EMULATE_SINGLE_INSTR)
1530 {
1531#ifndef DEBUG_bird
1532 Log2(("raw mode refused: CPU_EMULATE_SINGLE_INSTR\n"));
1533#endif
1534 return false;
1535 }
1536
1537 if (env->singlestep_enabled)
1538 {
1539 //Log2(("raw mode refused: Single step\n"));
1540 return false;
1541 }
1542
1543 if (!QTAILQ_EMPTY(&env->breakpoints))
1544 {
1545 //Log2(("raw mode refused: Breakpoints\n"));
1546 return false;
1547 }
1548
1549 if (!QTAILQ_EMPTY(&env->watchpoints))
1550 {
1551 //Log2(("raw mode refused: Watchpoints\n"));
1552 return false;
1553 }
1554
1555 u32CR0 = env->cr[0];
1556 if ((u32CR0 & (X86_CR0_PG | X86_CR0_PE)) != (X86_CR0_PG | X86_CR0_PE))
1557 {
1558 STAM_COUNTER_INC(&gStatRefusePaging);
1559 //Log2(("raw mode refused: %s%s%s\n", (u32CR0 & X86_CR0_PG) ? "" : " !PG", (u32CR0 & X86_CR0_PE) ? "" : " !PE", (u32CR0 & X86_CR0_AM) ? "" : " !AM"));
1560 return false;
1561 }
1562
1563 if (env->cr[4] & CR4_PAE_MASK)
1564 {
1565 if (!(env->cpuid_features & X86_CPUID_FEATURE_EDX_PAE))
1566 {
1567 STAM_COUNTER_INC(&gStatRefusePAE);
1568 return false;
1569 }
1570 }
1571
1572 if (((fFlags >> HF_CPL_SHIFT) & 3) == 3)
1573 {
1574 if (!EMIsRawRing3Enabled(env->pVM))
1575 return false;
1576
1577 if (!(env->eflags & IF_MASK))
1578 {
1579 STAM_COUNTER_INC(&gStatRefuseIF0);
1580 Log2(("raw mode refused: IF (RawR3)\n"));
1581 return false;
1582 }
1583
1584 if (!(u32CR0 & CR0_WP_MASK) && EMIsRawRing0Enabled(env->pVM))
1585 {
1586 STAM_COUNTER_INC(&gStatRefuseWP0);
1587 Log2(("raw mode refused: CR0.WP + RawR0\n"));
1588 return false;
1589 }
1590 }
1591 else
1592 {
1593 if (!EMIsRawRing0Enabled(env->pVM))
1594 return false;
1595
1596 // Let's start with pure 32 bits ring 0 code first
1597 if ((fFlags & (HF_SS32_MASK | HF_CS32_MASK)) != (HF_SS32_MASK | HF_CS32_MASK))
1598 {
1599 STAM_COUNTER_INC(&gStatRefuseCode16);
1600 Log2(("raw r0 mode refused: HF_[S|C]S32_MASK fFlags=%#x\n", fFlags));
1601 return false;
1602 }
1603
1604 // Only R0
1605 if (((fFlags >> HF_CPL_SHIFT) & 3) != 0)
1606 {
1607 STAM_COUNTER_INC(&gStatRefuseRing1or2);
1608 Log2(("raw r0 mode refused: CPL %d\n", ((fFlags >> HF_CPL_SHIFT) & 3) ));
1609 return false;
1610 }
1611
1612 if (!(u32CR0 & CR0_WP_MASK))
1613 {
1614 STAM_COUNTER_INC(&gStatRefuseWP0);
1615 Log2(("raw r0 mode refused: CR0.WP=0!\n"));
1616 return false;
1617 }
1618
1619 if (PATMIsPatchGCAddr(env->pVM, eip))
1620 {
1621 Log2(("raw r0 mode forced: patch code\n"));
1622 *piException = EXCP_EXECUTE_RAW;
1623 return true;
1624 }
1625
1626#if !defined(VBOX_ALLOW_IF0) && !defined(VBOX_RUN_INTERRUPT_GATE_HANDLERS)
1627 if (!(env->eflags & IF_MASK))
1628 {
1629 STAM_COUNTER_INC(&gStatRefuseIF0);
1630 ////Log2(("R0: IF=0 VIF=%d %08X\n", eip, *env->pVMeflags));
1631 //Log2(("RR0: Interrupts turned off; fall back to emulation\n"));
1632 return false;
1633 }
1634#endif
1635
1636 env->state |= CPU_RAW_RING0;
1637 }
1638
1639 /*
1640 * Don't reschedule the first time we're called, because there might be
1641 * special reasons why we're here that is not covered by the above checks.
1642 */
1643 if (env->pVM->rem.s.cCanExecuteRaw == 1)
1644 {
1645 Log2(("raw mode refused: first scheduling\n"));
1646 STAM_COUNTER_INC(&gStatRefuseCanExecute);
1647 return false;
1648 }
1649
1650/* Assert(env->pVCpu && PGMPhysIsA20Enabled(env->pVCpu));*/
1651 *piException = EXCP_EXECUTE_RAW;
1652 return true;
1653}
1654
1655
1656/**
1657 * Fetches a code byte.
1658 *
1659 * @returns Success indicator (bool) for ease of use.
1660 * @param env The CPU environment structure.
1661 * @param GCPtrInstr Where to fetch code.
1662 * @param pu8Byte Where to store the byte on success
1663 */
1664bool remR3GetOpcode(CPUX86State *env, RTGCPTR GCPtrInstr, uint8_t *pu8Byte)
1665{
1666 int rc = PATMR3QueryOpcode(env->pVM, GCPtrInstr, pu8Byte);
1667 if (RT_SUCCESS(rc))
1668 return true;
1669 return false;
1670}
1671
1672
1673/**
1674 * Flush (or invalidate if you like) page table/dir entry.
1675 *
1676 * (invlpg instruction; tlb_flush_page)
1677 *
1678 * @param env Pointer to cpu environment.
1679 * @param GCPtr The virtual address which page table/dir entry should be invalidated.
1680 */
1681void remR3FlushPage(CPUX86State *env, RTGCPTR GCPtr)
1682{
1683 PVM pVM = env->pVM;
1684 PCPUMCTX pCtx;
1685 int rc;
1686
1687 Assert(EMRemIsLockOwner(env->pVM));
1688
1689 /*
1690 * When we're replaying invlpg instructions or restoring a saved
1691 * state we disable this path.
1692 */
1693 if (pVM->rem.s.fIgnoreInvlPg || pVM->rem.s.cIgnoreAll)
1694 return;
1695 Log(("remR3FlushPage: GCPtr=%RGv\n", GCPtr));
1696 Assert(pVM->rem.s.fInREM || pVM->rem.s.fInStateSync);
1697
1698 //RAWEx_ProfileStop(env, STATS_QEMU_TOTAL);
1699
1700 /*
1701 * Update the control registers before calling PGMFlushPage.
1702 */
1703 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1704 Assert(pCtx);
1705 pCtx->cr0 = env->cr[0];
1706 pCtx->cr3 = env->cr[3];
1707 if ((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME)
1708 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1709 pCtx->cr4 = env->cr[4];
1710
1711 /*
1712 * Let PGM do the rest.
1713 */
1714 Assert(env->pVCpu);
1715 rc = PGMInvalidatePage(env->pVCpu, GCPtr);
1716 if (RT_FAILURE(rc))
1717 {
1718 AssertMsgFailed(("remR3FlushPage %RGv failed with %d!!\n", GCPtr, rc));
1719 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_PGM_SYNC_CR3);
1720 }
1721 //RAWEx_ProfileStart(env, STATS_QEMU_TOTAL);
1722}
1723
1724
1725#ifndef REM_PHYS_ADDR_IN_TLB
1726/** Wrapper for PGMR3PhysTlbGCPhys2Ptr. */
1727void *remR3TlbGCPhys2Ptr(CPUX86State *env1, target_ulong physAddr, int fWritable)
1728{
1729 void *pv;
1730 int rc;
1731
1732
1733 /* Address must be aligned enough to fiddle with lower bits */
1734 Assert((physAddr & 0x3) == 0);
1735 /*AssertMsg((env1->a20_mask & physAddr) == physAddr, ("%llx\n", (uint64_t)physAddr));*/
1736
1737 STAM_PROFILE_START(&gStatGCPhys2HCVirt, a);
1738 rc = PGMR3PhysTlbGCPhys2Ptr(env1->pVM, physAddr, true /*fWritable*/, &pv);
1739 STAM_PROFILE_STOP(&gStatGCPhys2HCVirt, a);
1740 Assert( rc == VINF_SUCCESS
1741 || rc == VINF_PGM_PHYS_TLB_CATCH_WRITE
1742 || rc == VERR_PGM_PHYS_TLB_CATCH_ALL
1743 || rc == VERR_PGM_PHYS_TLB_UNASSIGNED);
1744 if (RT_FAILURE(rc))
1745 return (void *)1;
1746 if (rc == VINF_PGM_PHYS_TLB_CATCH_WRITE)
1747 return (void *)((uintptr_t)pv | 2);
1748 return pv;
1749}
1750#endif /* REM_PHYS_ADDR_IN_TLB */
1751
1752
1753/**
1754 * Called from tlb_protect_code in order to write monitor a code page.
1755 *
1756 * @param env Pointer to the CPU environment.
1757 * @param GCPtr Code page to monitor
1758 */
1759void remR3ProtectCode(CPUX86State *env, RTGCPTR GCPtr)
1760{
1761#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
1762 Assert(env->pVM->rem.s.fInREM);
1763 if ( (env->cr[0] & X86_CR0_PG) /* paging must be enabled */
1764 && !(env->state & CPU_EMULATE_SINGLE_INSTR) /* ignore during single instruction execution */
1765 && (((env->hflags >> HF_CPL_SHIFT) & 3) == 0) /* supervisor mode only */
1766 && !(env->eflags & VM_MASK) /* no V86 mode */
1767 && !HWACCMIsEnabled(env->pVM))
1768 CSAMR3MonitorPage(env->pVM, GCPtr, CSAM_TAG_REM);
1769#endif
1770}
1771
1772
1773/**
1774 * Called from tlb_unprotect_code in order to clear write monitoring for a code page.
1775 *
1776 * @param env Pointer to the CPU environment.
1777 * @param GCPtr Code page to monitor
1778 */
1779void remR3UnprotectCode(CPUX86State *env, RTGCPTR GCPtr)
1780{
1781 Assert(env->pVM->rem.s.fInREM);
1782#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
1783 if ( (env->cr[0] & X86_CR0_PG) /* paging must be enabled */
1784 && !(env->state & CPU_EMULATE_SINGLE_INSTR) /* ignore during single instruction execution */
1785 && (((env->hflags >> HF_CPL_SHIFT) & 3) == 0) /* supervisor mode only */
1786 && !(env->eflags & VM_MASK) /* no V86 mode */
1787 && !HWACCMIsEnabled(env->pVM))
1788 CSAMR3UnmonitorPage(env->pVM, GCPtr, CSAM_TAG_REM);
1789#endif
1790}
1791
1792
1793/**
1794 * Called when the CPU is initialized, any of the CRx registers are changed or
1795 * when the A20 line is modified.
1796 *
1797 * @param env Pointer to the CPU environment.
1798 * @param fGlobal Set if the flush is global.
1799 */
1800void remR3FlushTLB(CPUX86State *env, bool fGlobal)
1801{
1802 PVM pVM = env->pVM;
1803 PCPUMCTX pCtx;
1804 Assert(EMRemIsLockOwner(pVM));
1805
1806 /*
1807 * When we're replaying invlpg instructions or restoring a saved
1808 * state we disable this path.
1809 */
1810 if (pVM->rem.s.fIgnoreCR3Load || pVM->rem.s.cIgnoreAll)
1811 return;
1812 Assert(pVM->rem.s.fInREM);
1813
1814 /*
1815 * The caller doesn't check cr4, so we have to do that for ourselves.
1816 */
1817 if (!fGlobal && !(env->cr[4] & X86_CR4_PGE))
1818 fGlobal = true;
1819 Log(("remR3FlushTLB: CR0=%08RX64 CR3=%08RX64 CR4=%08RX64 %s\n", (uint64_t)env->cr[0], (uint64_t)env->cr[3], (uint64_t)env->cr[4], fGlobal ? " global" : ""));
1820
1821 /*
1822 * Update the control registers before calling PGMR3FlushTLB.
1823 */
1824 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1825 Assert(pCtx);
1826 pCtx->cr0 = env->cr[0];
1827 pCtx->cr3 = env->cr[3];
1828 if ((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME)
1829 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1830 pCtx->cr4 = env->cr[4];
1831
1832 /*
1833 * Let PGM do the rest.
1834 */
1835 Assert(env->pVCpu);
1836 PGMFlushTLB(env->pVCpu, env->cr[3], fGlobal);
1837}
1838
1839
1840/**
1841 * Called when any of the cr0, cr4 or efer registers is updated.
1842 *
1843 * @param env Pointer to the CPU environment.
1844 */
1845void remR3ChangeCpuMode(CPUX86State *env)
1846{
1847 PVM pVM = env->pVM;
1848 uint64_t efer;
1849 PCPUMCTX pCtx;
1850 int rc;
1851
1852 /*
1853 * When we're replaying loads or restoring a saved
1854 * state this path is disabled.
1855 */
1856 if (pVM->rem.s.fIgnoreCpuMode || pVM->rem.s.cIgnoreAll)
1857 return;
1858 Assert(pVM->rem.s.fInREM);
1859
1860 /*
1861 * Update the control registers before calling PGMChangeMode()
1862 * as it may need to map whatever cr3 is pointing to.
1863 */
1864 pCtx = (PCPUMCTX)pVM->rem.s.pCtx;
1865 Assert(pCtx);
1866 pCtx->cr0 = env->cr[0];
1867 pCtx->cr3 = env->cr[3];
1868 if ((env->cr[4] ^ pCtx->cr4) & X86_CR4_VME)
1869 VMCPU_FF_SET(env->pVCpu, VMCPU_FF_SELM_SYNC_TSS);
1870 pCtx->cr4 = env->cr[4];
1871#ifdef TARGET_X86_64
1872 efer = env->efer;
1873 pCtx->msrEFER = efer;
1874#else
1875 efer = 0;
1876#endif
1877 Assert(env->pVCpu);
1878 rc = PGMChangeMode(env->pVCpu, env->cr[0], env->cr[4], efer);
1879 if (rc != VINF_SUCCESS)
1880 {
1881 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
1882 {
1883 Log(("PGMChangeMode(, %RX64, %RX64, %RX64) -> %Rrc -> remR3RaiseRC\n", env->cr[0], env->cr[4], efer, rc));
1884 remR3RaiseRC(env->pVM, rc);
1885 }
1886 else
1887 cpu_abort(env, "PGMChangeMode(, %RX64, %RX64, %RX64) -> %Rrc\n", env->cr[0], env->cr[4], efer, rc);
1888 }
1889}
1890
1891
1892/**
1893 * Called from compiled code to run dma.
1894 *
1895 * @param env Pointer to the CPU environment.
1896 */
1897void remR3DmaRun(CPUX86State *env)
1898{
1899 remR3ProfileStop(STATS_QEMU_RUN_EMULATED_CODE);
1900 PDMR3DmaRun(env->pVM);
1901 remR3ProfileStart(STATS_QEMU_RUN_EMULATED_CODE);
1902}
1903
1904
1905/**
1906 * Called from compiled code to schedule pending timers in VMM
1907 *
1908 * @param env Pointer to the CPU environment.
1909 */
1910void remR3TimersRun(CPUX86State *env)
1911{
1912 LogFlow(("remR3TimersRun:\n"));
1913 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("remR3TimersRun\n"));
1914 remR3ProfileStop(STATS_QEMU_RUN_EMULATED_CODE);
1915 remR3ProfileStart(STATS_QEMU_RUN_TIMERS);
1916 TMR3TimerQueuesDo(env->pVM);
1917 remR3ProfileStop(STATS_QEMU_RUN_TIMERS);
1918 remR3ProfileStart(STATS_QEMU_RUN_EMULATED_CODE);
1919}
1920
1921
1922/**
1923 * Record trap occurrence
1924 *
1925 * @returns VBox status code
1926 * @param env Pointer to the CPU environment.
1927 * @param uTrap Trap nr
1928 * @param uErrorCode Error code
1929 * @param pvNextEIP Next EIP
1930 */
1931int remR3NotifyTrap(CPUX86State *env, uint32_t uTrap, uint32_t uErrorCode, RTGCPTR pvNextEIP)
1932{
1933 PVM pVM = env->pVM;
1934#ifdef VBOX_WITH_STATISTICS
1935 static STAMCOUNTER s_aStatTrap[255];
1936 static bool s_aRegisters[RT_ELEMENTS(s_aStatTrap)];
1937#endif
1938
1939#ifdef VBOX_WITH_STATISTICS
1940 if (uTrap < 255)
1941 {
1942 if (!s_aRegisters[uTrap])
1943 {
1944 char szStatName[64];
1945 s_aRegisters[uTrap] = true;
1946 RTStrPrintf(szStatName, sizeof(szStatName), "/REM/Trap/0x%02X", uTrap);
1947 STAM_REG(env->pVM, &s_aStatTrap[uTrap], STAMTYPE_COUNTER, szStatName, STAMUNIT_OCCURENCES, "Trap stats.");
1948 }
1949 STAM_COUNTER_INC(&s_aStatTrap[uTrap]);
1950 }
1951#endif
1952 Log(("remR3NotifyTrap: uTrap=%x error=%x next_eip=%RGv eip=%RGv cr2=%RGv\n", uTrap, uErrorCode, pvNextEIP, (RTGCPTR)env->eip, (RTGCPTR)env->cr[2]));
1953 if( uTrap < 0x20
1954 && (env->cr[0] & X86_CR0_PE)
1955 && !(env->eflags & X86_EFL_VM))
1956 {
1957#ifdef DEBUG
1958 remR3DisasInstr(env, 1, "remR3NotifyTrap: ");
1959#endif
1960 if(pVM->rem.s.uPendingException == uTrap && ++pVM->rem.s.cPendingExceptions > 512)
1961 {
1962 LogRel(("VERR_REM_TOO_MANY_TRAPS -> uTrap=%x error=%x next_eip=%RGv eip=%RGv cr2=%RGv\n", uTrap, uErrorCode, pvNextEIP, (RTGCPTR)env->eip, (RTGCPTR)env->cr[2]));
1963 remR3RaiseRC(env->pVM, VERR_REM_TOO_MANY_TRAPS);
1964 return VERR_REM_TOO_MANY_TRAPS;
1965 }
1966 if(pVM->rem.s.uPendingException != uTrap || pVM->rem.s.uPendingExcptEIP != env->eip || pVM->rem.s.uPendingExcptCR2 != env->cr[2])
1967 pVM->rem.s.cPendingExceptions = 1;
1968 pVM->rem.s.uPendingException = uTrap;
1969 pVM->rem.s.uPendingExcptEIP = env->eip;
1970 pVM->rem.s.uPendingExcptCR2 = env->cr[2];
1971 }
1972 else
1973 {
1974 pVM->rem.s.cPendingExceptions = 0;
1975 pVM->rem.s.uPendingException = uTrap;
1976 pVM->rem.s.uPendingExcptEIP = env->eip;
1977 pVM->rem.s.uPendingExcptCR2 = env->cr[2];
1978 }
1979 return VINF_SUCCESS;
1980}
1981
1982
1983/*
1984 * Clear current active trap
1985 *
1986 * @param pVM VM Handle.
1987 */
1988void remR3TrapClear(PVM pVM)
1989{
1990 pVM->rem.s.cPendingExceptions = 0;
1991 pVM->rem.s.uPendingException = 0;
1992 pVM->rem.s.uPendingExcptEIP = 0;
1993 pVM->rem.s.uPendingExcptCR2 = 0;
1994}
1995
1996
1997/*
1998 * Record previous call instruction addresses
1999 *
2000 * @param env Pointer to the CPU environment.
2001 */
2002void remR3RecordCall(CPUX86State *env)
2003{
2004 CSAMR3RecordCallAddress(env->pVM, env->eip);
2005}
2006
2007
2008/**
2009 * Syncs the internal REM state with the VM.
2010 *
2011 * This must be called before REMR3Run() is invoked whenever when the REM
2012 * state is not up to date. Calling it several times in a row is not
2013 * permitted.
2014 *
2015 * @returns VBox status code.
2016 *
2017 * @param pVM VM Handle.
2018 * @param pVCpu VMCPU Handle.
2019 *
2020 * @remark The caller has to check for important FFs before calling REMR3Run. REMR3State will
2021 * no do this since the majority of the callers don't want any unnecessary of events
2022 * pending that would immediately interrupt execution.
2023 */
2024REMR3DECL(int) REMR3State(PVM pVM, PVMCPU pVCpu)
2025{
2026 register const CPUMCTX *pCtx;
2027 register unsigned fFlags;
2028 bool fHiddenSelRegsValid;
2029 unsigned i;
2030 TRPMEVENT enmType;
2031 uint8_t u8TrapNo;
2032 uint32_t uCpl;
2033 int rc;
2034
2035 STAM_PROFILE_START(&pVM->rem.s.StatsState, a);
2036 Log2(("REMR3State:\n"));
2037
2038 pVM->rem.s.Env.pVCpu = pVCpu;
2039 pCtx = pVM->rem.s.pCtx = CPUMQueryGuestCtxPtr(pVCpu);
2040 fHiddenSelRegsValid = CPUMAreHiddenSelRegsValid(pVCpu); /// @todo move this down and use fFlags.
2041
2042 Assert(!pVM->rem.s.fInREM);
2043 pVM->rem.s.fInStateSync = true;
2044
2045 /*
2046 * If we have to flush TBs, do that immediately.
2047 */
2048 if (pVM->rem.s.fFlushTBs)
2049 {
2050 STAM_COUNTER_INC(&gStatFlushTBs);
2051 tb_flush(&pVM->rem.s.Env);
2052 pVM->rem.s.fFlushTBs = false;
2053 }
2054
2055 /*
2056 * Copy the registers which require no special handling.
2057 */
2058#ifdef TARGET_X86_64
2059 /* Note that the high dwords of 64 bits registers are undefined in 32 bits mode and are undefined after a mode change. */
2060 Assert(R_EAX == 0);
2061 pVM->rem.s.Env.regs[R_EAX] = pCtx->rax;
2062 Assert(R_ECX == 1);
2063 pVM->rem.s.Env.regs[R_ECX] = pCtx->rcx;
2064 Assert(R_EDX == 2);
2065 pVM->rem.s.Env.regs[R_EDX] = pCtx->rdx;
2066 Assert(R_EBX == 3);
2067 pVM->rem.s.Env.regs[R_EBX] = pCtx->rbx;
2068 Assert(R_ESP == 4);
2069 pVM->rem.s.Env.regs[R_ESP] = pCtx->rsp;
2070 Assert(R_EBP == 5);
2071 pVM->rem.s.Env.regs[R_EBP] = pCtx->rbp;
2072 Assert(R_ESI == 6);
2073 pVM->rem.s.Env.regs[R_ESI] = pCtx->rsi;
2074 Assert(R_EDI == 7);
2075 pVM->rem.s.Env.regs[R_EDI] = pCtx->rdi;
2076 pVM->rem.s.Env.regs[8] = pCtx->r8;
2077 pVM->rem.s.Env.regs[9] = pCtx->r9;
2078 pVM->rem.s.Env.regs[10] = pCtx->r10;
2079 pVM->rem.s.Env.regs[11] = pCtx->r11;
2080 pVM->rem.s.Env.regs[12] = pCtx->r12;
2081 pVM->rem.s.Env.regs[13] = pCtx->r13;
2082 pVM->rem.s.Env.regs[14] = pCtx->r14;
2083 pVM->rem.s.Env.regs[15] = pCtx->r15;
2084
2085 pVM->rem.s.Env.eip = pCtx->rip;
2086
2087 pVM->rem.s.Env.eflags = pCtx->rflags.u64;
2088#else
2089 Assert(R_EAX == 0);
2090 pVM->rem.s.Env.regs[R_EAX] = pCtx->eax;
2091 Assert(R_ECX == 1);
2092 pVM->rem.s.Env.regs[R_ECX] = pCtx->ecx;
2093 Assert(R_EDX == 2);
2094 pVM->rem.s.Env.regs[R_EDX] = pCtx->edx;
2095 Assert(R_EBX == 3);
2096 pVM->rem.s.Env.regs[R_EBX] = pCtx->ebx;
2097 Assert(R_ESP == 4);
2098 pVM->rem.s.Env.regs[R_ESP] = pCtx->esp;
2099 Assert(R_EBP == 5);
2100 pVM->rem.s.Env.regs[R_EBP] = pCtx->ebp;
2101 Assert(R_ESI == 6);
2102 pVM->rem.s.Env.regs[R_ESI] = pCtx->esi;
2103 Assert(R_EDI == 7);
2104 pVM->rem.s.Env.regs[R_EDI] = pCtx->edi;
2105 pVM->rem.s.Env.eip = pCtx->eip;
2106
2107 pVM->rem.s.Env.eflags = pCtx->eflags.u32;
2108#endif
2109
2110 pVM->rem.s.Env.cr[2] = pCtx->cr2;
2111
2112 /** @todo we could probably benefit from using a CPUM_CHANGED_DRx flag too! */
2113 for (i=0;i<8;i++)
2114 pVM->rem.s.Env.dr[i] = pCtx->dr[i];
2115
2116#ifdef HF_HALTED_MASK /** @todo remove me when we're up to date again. */
2117 /*
2118 * Clear the halted hidden flag (the interrupt waking up the CPU can
2119 * have been dispatched in raw mode).
2120 */
2121 pVM->rem.s.Env.hflags &= ~HF_HALTED_MASK;
2122#endif
2123
2124 /*
2125 * Replay invlpg? Only if we're not flushing the TLB.
2126 */
2127 fFlags = CPUMR3RemEnter(pVCpu, &uCpl);
2128 LogFlow(("CPUMR3RemEnter %x %x\n", fFlags, uCpl));
2129 if (pVM->rem.s.cInvalidatedPages)
2130 {
2131 if (!(fFlags & CPUM_CHANGED_GLOBAL_TLB_FLUSH))
2132 {
2133 RTUINT i;
2134
2135 pVM->rem.s.fIgnoreCR3Load = true;
2136 pVM->rem.s.fIgnoreInvlPg = true;
2137 for (i = 0; i < pVM->rem.s.cInvalidatedPages; i++)
2138 {
2139 Log2(("REMR3State: invlpg %RGv\n", pVM->rem.s.aGCPtrInvalidatedPages[i]));
2140 tlb_flush_page(&pVM->rem.s.Env, pVM->rem.s.aGCPtrInvalidatedPages[i]);
2141 }
2142 pVM->rem.s.fIgnoreInvlPg = false;
2143 pVM->rem.s.fIgnoreCR3Load = false;
2144 }
2145 pVM->rem.s.cInvalidatedPages = 0;
2146 }
2147
2148 /* Replay notification changes. */
2149 REMR3ReplayHandlerNotifications(pVM);
2150
2151 /* Update MSRs; before CRx registers! */
2152 pVM->rem.s.Env.efer = pCtx->msrEFER;
2153 pVM->rem.s.Env.star = pCtx->msrSTAR;
2154 pVM->rem.s.Env.pat = pCtx->msrPAT;
2155#ifdef TARGET_X86_64
2156 pVM->rem.s.Env.lstar = pCtx->msrLSTAR;
2157 pVM->rem.s.Env.cstar = pCtx->msrCSTAR;
2158 pVM->rem.s.Env.fmask = pCtx->msrSFMASK;
2159 pVM->rem.s.Env.kernelgsbase = pCtx->msrKERNELGSBASE;
2160
2161 /* Update the internal long mode activate flag according to the new EFER value. */
2162 if (pCtx->msrEFER & MSR_K6_EFER_LMA)
2163 pVM->rem.s.Env.hflags |= HF_LMA_MASK;
2164 else
2165 pVM->rem.s.Env.hflags &= ~(HF_LMA_MASK | HF_CS64_MASK);
2166#endif
2167
2168 /* Update the inhibit IRQ mask. */
2169 pVM->rem.s.Env.hflags &= ~HF_INHIBIT_IRQ_MASK;
2170 if (VMCPU_FF_ISSET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS))
2171 {
2172 RTGCPTR InhibitPC = EMGetInhibitInterruptsPC(pVCpu);
2173 if (InhibitPC == pCtx->rip)
2174 pVM->rem.s.Env.hflags |= HF_INHIBIT_IRQ_MASK;
2175 else
2176 {
2177 Log(("Clearing VMCPU_FF_INHIBIT_INTERRUPTS at %RGv - successor %RGv (REM#1)\n", (RTGCPTR)pCtx->rip, InhibitPC));
2178 VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
2179 }
2180 }
2181
2182 /*
2183 * Sync the A20 gate.
2184 */
2185 bool fA20State = PGMPhysIsA20Enabled(pVCpu);
2186 if (fA20State != RT_BOOL(pVM->rem.s.Env.a20_mask & RT_BIT(20)))
2187 {
2188 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
2189 cpu_x86_set_a20(&pVM->rem.s.Env, fA20State);
2190 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
2191 }
2192
2193 /*
2194 * Registers which are rarely changed and require special handling / order when changed.
2195 */
2196 if (fFlags & ( CPUM_CHANGED_GLOBAL_TLB_FLUSH
2197 | CPUM_CHANGED_CR4
2198 | CPUM_CHANGED_CR0
2199 | CPUM_CHANGED_CR3
2200 | CPUM_CHANGED_GDTR
2201 | CPUM_CHANGED_IDTR
2202 | CPUM_CHANGED_SYSENTER_MSR
2203 | CPUM_CHANGED_LDTR
2204 | CPUM_CHANGED_CPUID
2205 | CPUM_CHANGED_FPU_REM
2206 )
2207 )
2208 {
2209 if (fFlags & CPUM_CHANGED_GLOBAL_TLB_FLUSH)
2210 {
2211 pVM->rem.s.fIgnoreCR3Load = true;
2212 tlb_flush(&pVM->rem.s.Env, true);
2213 pVM->rem.s.fIgnoreCR3Load = false;
2214 }
2215
2216 /* CR4 before CR0! */
2217 if (fFlags & CPUM_CHANGED_CR4)
2218 {
2219 pVM->rem.s.fIgnoreCR3Load = true;
2220 pVM->rem.s.fIgnoreCpuMode = true;
2221 cpu_x86_update_cr4(&pVM->rem.s.Env, pCtx->cr4);
2222 pVM->rem.s.fIgnoreCpuMode = false;
2223 pVM->rem.s.fIgnoreCR3Load = false;
2224 }
2225
2226 if (fFlags & CPUM_CHANGED_CR0)
2227 {
2228 pVM->rem.s.fIgnoreCR3Load = true;
2229 pVM->rem.s.fIgnoreCpuMode = true;
2230 cpu_x86_update_cr0(&pVM->rem.s.Env, pCtx->cr0);
2231 pVM->rem.s.fIgnoreCpuMode = false;
2232 pVM->rem.s.fIgnoreCR3Load = false;
2233 }
2234
2235 if (fFlags & CPUM_CHANGED_CR3)
2236 {
2237 pVM->rem.s.fIgnoreCR3Load = true;
2238 cpu_x86_update_cr3(&pVM->rem.s.Env, pCtx->cr3);
2239 pVM->rem.s.fIgnoreCR3Load = false;
2240 }
2241
2242 if (fFlags & CPUM_CHANGED_GDTR)
2243 {
2244 pVM->rem.s.Env.gdt.base = pCtx->gdtr.pGdt;
2245 pVM->rem.s.Env.gdt.limit = pCtx->gdtr.cbGdt;
2246 }
2247
2248 if (fFlags & CPUM_CHANGED_IDTR)
2249 {
2250 pVM->rem.s.Env.idt.base = pCtx->idtr.pIdt;
2251 pVM->rem.s.Env.idt.limit = pCtx->idtr.cbIdt;
2252 }
2253
2254 if (fFlags & CPUM_CHANGED_SYSENTER_MSR)
2255 {
2256 pVM->rem.s.Env.sysenter_cs = pCtx->SysEnter.cs;
2257 pVM->rem.s.Env.sysenter_eip = pCtx->SysEnter.eip;
2258 pVM->rem.s.Env.sysenter_esp = pCtx->SysEnter.esp;
2259 }
2260
2261 if (fFlags & CPUM_CHANGED_LDTR)
2262 {
2263 if (fHiddenSelRegsValid)
2264 {
2265 pVM->rem.s.Env.ldt.selector = pCtx->ldtr;
2266 pVM->rem.s.Env.ldt.base = pCtx->ldtrHid.u64Base;
2267 pVM->rem.s.Env.ldt.limit = pCtx->ldtrHid.u32Limit;
2268 pVM->rem.s.Env.ldt.flags = (pCtx->ldtrHid.Attr.u << 8) & 0xFFFFFF;
2269 }
2270 else
2271 sync_ldtr(&pVM->rem.s.Env, pCtx->ldtr);
2272 }
2273
2274 if (fFlags & CPUM_CHANGED_CPUID)
2275 {
2276 uint32_t u32Dummy;
2277
2278 /*
2279 * Get the CPUID features.
2280 */
2281 CPUMGetGuestCpuId(pVCpu, 1, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext_features, &pVM->rem.s.Env.cpuid_features);
2282 CPUMGetGuestCpuId(pVCpu, 0x80000001, &u32Dummy, &u32Dummy, &u32Dummy, &pVM->rem.s.Env.cpuid_ext2_features);
2283 }
2284
2285 /* Sync FPU state after CR4, CPUID and EFER (!). */
2286 if (fFlags & CPUM_CHANGED_FPU_REM)
2287 save_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->fpu); /* 'save' is an excellent name. */
2288 }
2289
2290 /*
2291 * Sync TR unconditionally to make life simpler.
2292 */
2293 pVM->rem.s.Env.tr.selector = pCtx->tr;
2294 pVM->rem.s.Env.tr.base = pCtx->trHid.u64Base;
2295 pVM->rem.s.Env.tr.limit = pCtx->trHid.u32Limit;
2296 pVM->rem.s.Env.tr.flags = (pCtx->trHid.Attr.u << 8) & 0xFFFFFF;
2297 /* Note! do_interrupt will fault if the busy flag is still set... */
2298 pVM->rem.s.Env.tr.flags &= ~DESC_TSS_BUSY_MASK;
2299
2300 /*
2301 * Update selector registers.
2302 * This must be done *after* we've synced gdt, ldt and crX registers
2303 * since we're reading the GDT/LDT om sync_seg. This will happen with
2304 * saved state which takes a quick dip into rawmode for instance.
2305 */
2306 /*
2307 * Stack; Note first check this one as the CPL might have changed. The
2308 * wrong CPL can cause QEmu to raise an exception in sync_seg!!
2309 */
2310
2311 if (fHiddenSelRegsValid)
2312 {
2313 /* The hidden selector registers are valid in the CPU context. */
2314 /* Note! QEmu saves the 2nd dword of the descriptor; we should convert the attribute word back! */
2315
2316 /* Set current CPL */
2317 cpu_x86_set_cpl(&pVM->rem.s.Env, uCpl);
2318
2319 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_CS, pCtx->cs, pCtx->csHid.u64Base, pCtx->csHid.u32Limit, (pCtx->csHid.Attr.u << 8) & 0xFFFFFF);
2320 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_SS, pCtx->ss, pCtx->ssHid.u64Base, pCtx->ssHid.u32Limit, (pCtx->ssHid.Attr.u << 8) & 0xFFFFFF);
2321 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_DS, pCtx->ds, pCtx->dsHid.u64Base, pCtx->dsHid.u32Limit, (pCtx->dsHid.Attr.u << 8) & 0xFFFFFF);
2322 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_ES, pCtx->es, pCtx->esHid.u64Base, pCtx->esHid.u32Limit, (pCtx->esHid.Attr.u << 8) & 0xFFFFFF);
2323 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_FS, pCtx->fs, pCtx->fsHid.u64Base, pCtx->fsHid.u32Limit, (pCtx->fsHid.Attr.u << 8) & 0xFFFFFF);
2324 cpu_x86_load_seg_cache(&pVM->rem.s.Env, R_GS, pCtx->gs, pCtx->gsHid.u64Base, pCtx->gsHid.u32Limit, (pCtx->gsHid.Attr.u << 8) & 0xFFFFFF);
2325 }
2326 else
2327 {
2328 /* In 'normal' raw mode we don't have access to the hidden selector registers. */
2329 if (pVM->rem.s.Env.segs[R_SS].selector != pCtx->ss)
2330 {
2331 Log2(("REMR3State: SS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_SS].selector, pCtx->ss));
2332
2333 cpu_x86_set_cpl(&pVM->rem.s.Env, uCpl);
2334 sync_seg(&pVM->rem.s.Env, R_SS, pCtx->ss);
2335#ifdef VBOX_WITH_STATISTICS
2336 if (pVM->rem.s.Env.segs[R_SS].newselector)
2337 {
2338 STAM_COUNTER_INC(&gStatSelOutOfSync[R_SS]);
2339 }
2340#endif
2341 }
2342 else
2343 pVM->rem.s.Env.segs[R_SS].newselector = 0;
2344
2345 if (pVM->rem.s.Env.segs[R_ES].selector != pCtx->es)
2346 {
2347 Log2(("REMR3State: ES changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_ES].selector, pCtx->es));
2348 sync_seg(&pVM->rem.s.Env, R_ES, pCtx->es);
2349#ifdef VBOX_WITH_STATISTICS
2350 if (pVM->rem.s.Env.segs[R_ES].newselector)
2351 {
2352 STAM_COUNTER_INC(&gStatSelOutOfSync[R_ES]);
2353 }
2354#endif
2355 }
2356 else
2357 pVM->rem.s.Env.segs[R_ES].newselector = 0;
2358
2359 if (pVM->rem.s.Env.segs[R_CS].selector != pCtx->cs)
2360 {
2361 Log2(("REMR3State: CS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_CS].selector, pCtx->cs));
2362 sync_seg(&pVM->rem.s.Env, R_CS, pCtx->cs);
2363#ifdef VBOX_WITH_STATISTICS
2364 if (pVM->rem.s.Env.segs[R_CS].newselector)
2365 {
2366 STAM_COUNTER_INC(&gStatSelOutOfSync[R_CS]);
2367 }
2368#endif
2369 }
2370 else
2371 pVM->rem.s.Env.segs[R_CS].newselector = 0;
2372
2373 if (pVM->rem.s.Env.segs[R_DS].selector != pCtx->ds)
2374 {
2375 Log2(("REMR3State: DS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_DS].selector, pCtx->ds));
2376 sync_seg(&pVM->rem.s.Env, R_DS, pCtx->ds);
2377#ifdef VBOX_WITH_STATISTICS
2378 if (pVM->rem.s.Env.segs[R_DS].newselector)
2379 {
2380 STAM_COUNTER_INC(&gStatSelOutOfSync[R_DS]);
2381 }
2382#endif
2383 }
2384 else
2385 pVM->rem.s.Env.segs[R_DS].newselector = 0;
2386
2387 /** @todo need to find a way to communicate potential GDT/LDT changes and thread switches. The selector might
2388 * be the same but not the base/limit. */
2389 if (pVM->rem.s.Env.segs[R_FS].selector != pCtx->fs)
2390 {
2391 Log2(("REMR3State: FS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_FS].selector, pCtx->fs));
2392 sync_seg(&pVM->rem.s.Env, R_FS, pCtx->fs);
2393#ifdef VBOX_WITH_STATISTICS
2394 if (pVM->rem.s.Env.segs[R_FS].newselector)
2395 {
2396 STAM_COUNTER_INC(&gStatSelOutOfSync[R_FS]);
2397 }
2398#endif
2399 }
2400 else
2401 pVM->rem.s.Env.segs[R_FS].newselector = 0;
2402
2403 if (pVM->rem.s.Env.segs[R_GS].selector != pCtx->gs)
2404 {
2405 Log2(("REMR3State: GS changed from %04x to %04x!\n", pVM->rem.s.Env.segs[R_GS].selector, pCtx->gs));
2406 sync_seg(&pVM->rem.s.Env, R_GS, pCtx->gs);
2407#ifdef VBOX_WITH_STATISTICS
2408 if (pVM->rem.s.Env.segs[R_GS].newselector)
2409 {
2410 STAM_COUNTER_INC(&gStatSelOutOfSync[R_GS]);
2411 }
2412#endif
2413 }
2414 else
2415 pVM->rem.s.Env.segs[R_GS].newselector = 0;
2416 }
2417
2418 /*
2419 * Check for traps.
2420 */
2421 pVM->rem.s.Env.exception_index = -1; /** @todo this won't work :/ */
2422 rc = TRPMQueryTrap(pVCpu, &u8TrapNo, &enmType);
2423 if (RT_SUCCESS(rc))
2424 {
2425#ifdef DEBUG
2426 if (u8TrapNo == 0x80)
2427 {
2428 remR3DumpLnxSyscall(pVCpu);
2429 remR3DumpOBsdSyscall(pVCpu);
2430 }
2431#endif
2432
2433 pVM->rem.s.Env.exception_index = u8TrapNo;
2434 if (enmType != TRPM_SOFTWARE_INT)
2435 {
2436 pVM->rem.s.Env.exception_is_int = 0;
2437 pVM->rem.s.Env.exception_next_eip = pVM->rem.s.Env.eip;
2438 }
2439 else
2440 {
2441 /*
2442 * The there are two 1 byte opcodes and one 2 byte opcode for software interrupts.
2443 * We ASSUME that there are no prefixes and sets the default to 2 byte, and checks
2444 * for int03 and into.
2445 */
2446 pVM->rem.s.Env.exception_is_int = 1;
2447 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 2;
2448 /* int 3 may be generated by one-byte 0xcc */
2449 if (u8TrapNo == 3)
2450 {
2451 if (read_byte(&pVM->rem.s.Env, pVM->rem.s.Env.segs[R_CS].base + pCtx->rip) == 0xcc)
2452 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 1;
2453 }
2454 /* int 4 may be generated by one-byte 0xce */
2455 else if (u8TrapNo == 4)
2456 {
2457 if (read_byte(&pVM->rem.s.Env, pVM->rem.s.Env.segs[R_CS].base + pCtx->rip) == 0xce)
2458 pVM->rem.s.Env.exception_next_eip = pCtx->rip + 1;
2459 }
2460 }
2461
2462 /* get error code and cr2 if needed. */
2463 if (enmType == TRPM_TRAP)
2464 {
2465 switch (u8TrapNo)
2466 {
2467 case 0x0e:
2468 pVM->rem.s.Env.cr[2] = TRPMGetFaultAddress(pVCpu);
2469 /* fallthru */
2470 case 0x0a: case 0x0b: case 0x0c: case 0x0d:
2471 pVM->rem.s.Env.error_code = TRPMGetErrorCode(pVCpu);
2472 break;
2473
2474 case 0x11: case 0x08:
2475 default:
2476 pVM->rem.s.Env.error_code = 0;
2477 break;
2478 }
2479 }
2480 else
2481 pVM->rem.s.Env.error_code = 0;
2482
2483 /*
2484 * We can now reset the active trap since the recompiler is gonna have a go at it.
2485 */
2486 rc = TRPMResetTrap(pVCpu);
2487 AssertRC(rc);
2488 Log2(("REMR3State: trap=%02x errcd=%RGv cr2=%RGv nexteip=%RGv%s\n", pVM->rem.s.Env.exception_index, (RTGCPTR)pVM->rem.s.Env.error_code,
2489 (RTGCPTR)pVM->rem.s.Env.cr[2], (RTGCPTR)pVM->rem.s.Env.exception_next_eip, pVM->rem.s.Env.exception_is_int ? " software" : ""));
2490 }
2491
2492 /*
2493 * Clear old interrupt request flags; Check for pending hardware interrupts.
2494 * (See @remark for why we don't check for other FFs.)
2495 */
2496 pVM->rem.s.Env.interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_EXITTB | CPU_INTERRUPT_TIMER);
2497 if ( pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ
2498 || VMCPU_FF_ISPENDING(pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC))
2499 pVM->rem.s.Env.interrupt_request |= CPU_INTERRUPT_HARD;
2500
2501 /*
2502 * We're now in REM mode.
2503 */
2504 VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC_REM);
2505 pVM->rem.s.fInREM = true;
2506 pVM->rem.s.fInStateSync = false;
2507 pVM->rem.s.cCanExecuteRaw = 0;
2508 STAM_PROFILE_STOP(&pVM->rem.s.StatsState, a);
2509 Log2(("REMR3State: returns VINF_SUCCESS\n"));
2510 return VINF_SUCCESS;
2511}
2512
2513
2514/**
2515 * Syncs back changes in the REM state to the the VM state.
2516 *
2517 * This must be called after invoking REMR3Run().
2518 * Calling it several times in a row is not permitted.
2519 *
2520 * @returns VBox status code.
2521 *
2522 * @param pVM VM Handle.
2523 * @param pVCpu VMCPU Handle.
2524 */
2525REMR3DECL(int) REMR3StateBack(PVM pVM, PVMCPU pVCpu)
2526{
2527 register PCPUMCTX pCtx = pVM->rem.s.pCtx;
2528 Assert(pCtx);
2529 unsigned i;
2530
2531 STAM_PROFILE_START(&pVM->rem.s.StatsStateBack, a);
2532 Log2(("REMR3StateBack:\n"));
2533 Assert(pVM->rem.s.fInREM);
2534
2535 /*
2536 * Copy back the registers.
2537 * This is done in the order they are declared in the CPUMCTX structure.
2538 */
2539
2540 /** @todo FOP */
2541 /** @todo FPUIP */
2542 /** @todo CS */
2543 /** @todo FPUDP */
2544 /** @todo DS */
2545
2546 /** @todo check if FPU/XMM was actually used in the recompiler */
2547 restore_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->fpu);
2548//// dprintf2(("FPU state CW=%04X TT=%04X SW=%04X (%04X)\n", env->fpuc, env->fpstt, env->fpus, pVMCtx->fpu.FSW));
2549
2550#ifdef TARGET_X86_64
2551 /* Note that the high dwords of 64 bits registers are undefined in 32 bits mode and are undefined after a mode change. */
2552 pCtx->rdi = pVM->rem.s.Env.regs[R_EDI];
2553 pCtx->rsi = pVM->rem.s.Env.regs[R_ESI];
2554 pCtx->rbp = pVM->rem.s.Env.regs[R_EBP];
2555 pCtx->rax = pVM->rem.s.Env.regs[R_EAX];
2556 pCtx->rbx = pVM->rem.s.Env.regs[R_EBX];
2557 pCtx->rdx = pVM->rem.s.Env.regs[R_EDX];
2558 pCtx->rcx = pVM->rem.s.Env.regs[R_ECX];
2559 pCtx->r8 = pVM->rem.s.Env.regs[8];
2560 pCtx->r9 = pVM->rem.s.Env.regs[9];
2561 pCtx->r10 = pVM->rem.s.Env.regs[10];
2562 pCtx->r11 = pVM->rem.s.Env.regs[11];
2563 pCtx->r12 = pVM->rem.s.Env.regs[12];
2564 pCtx->r13 = pVM->rem.s.Env.regs[13];
2565 pCtx->r14 = pVM->rem.s.Env.regs[14];
2566 pCtx->r15 = pVM->rem.s.Env.regs[15];
2567
2568 pCtx->rsp = pVM->rem.s.Env.regs[R_ESP];
2569
2570#else
2571 pCtx->edi = pVM->rem.s.Env.regs[R_EDI];
2572 pCtx->esi = pVM->rem.s.Env.regs[R_ESI];
2573 pCtx->ebp = pVM->rem.s.Env.regs[R_EBP];
2574 pCtx->eax = pVM->rem.s.Env.regs[R_EAX];
2575 pCtx->ebx = pVM->rem.s.Env.regs[R_EBX];
2576 pCtx->edx = pVM->rem.s.Env.regs[R_EDX];
2577 pCtx->ecx = pVM->rem.s.Env.regs[R_ECX];
2578
2579 pCtx->esp = pVM->rem.s.Env.regs[R_ESP];
2580#endif
2581
2582 pCtx->ss = pVM->rem.s.Env.segs[R_SS].selector;
2583
2584#ifdef VBOX_WITH_STATISTICS
2585 if (pVM->rem.s.Env.segs[R_SS].newselector)
2586 {
2587 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_SS]);
2588 }
2589 if (pVM->rem.s.Env.segs[R_GS].newselector)
2590 {
2591 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_GS]);
2592 }
2593 if (pVM->rem.s.Env.segs[R_FS].newselector)
2594 {
2595 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_FS]);
2596 }
2597 if (pVM->rem.s.Env.segs[R_ES].newselector)
2598 {
2599 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_ES]);
2600 }
2601 if (pVM->rem.s.Env.segs[R_DS].newselector)
2602 {
2603 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_DS]);
2604 }
2605 if (pVM->rem.s.Env.segs[R_CS].newselector)
2606 {
2607 STAM_COUNTER_INC(&gStatSelOutOfSyncStateBack[R_CS]);
2608 }
2609#endif
2610 pCtx->gs = pVM->rem.s.Env.segs[R_GS].selector;
2611 pCtx->fs = pVM->rem.s.Env.segs[R_FS].selector;
2612 pCtx->es = pVM->rem.s.Env.segs[R_ES].selector;
2613 pCtx->ds = pVM->rem.s.Env.segs[R_DS].selector;
2614 pCtx->cs = pVM->rem.s.Env.segs[R_CS].selector;
2615
2616#ifdef TARGET_X86_64
2617 pCtx->rip = pVM->rem.s.Env.eip;
2618 pCtx->rflags.u64 = pVM->rem.s.Env.eflags;
2619#else
2620 pCtx->eip = pVM->rem.s.Env.eip;
2621 pCtx->eflags.u32 = pVM->rem.s.Env.eflags;
2622#endif
2623
2624 pCtx->cr0 = pVM->rem.s.Env.cr[0];
2625 pCtx->cr2 = pVM->rem.s.Env.cr[2];
2626 pCtx->cr3 = pVM->rem.s.Env.cr[3];
2627 if ((pVM->rem.s.Env.cr[4] ^ pCtx->cr4) & X86_CR4_VME)
2628 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2629 pCtx->cr4 = pVM->rem.s.Env.cr[4];
2630
2631 for (i = 0; i < 8; i++)
2632 pCtx->dr[i] = pVM->rem.s.Env.dr[i];
2633
2634 pCtx->gdtr.cbGdt = pVM->rem.s.Env.gdt.limit;
2635 if (pCtx->gdtr.pGdt != pVM->rem.s.Env.gdt.base)
2636 {
2637 pCtx->gdtr.pGdt = pVM->rem.s.Env.gdt.base;
2638 STAM_COUNTER_INC(&gStatREMGDTChange);
2639 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_GDT);
2640 }
2641
2642 pCtx->idtr.cbIdt = pVM->rem.s.Env.idt.limit;
2643 if (pCtx->idtr.pIdt != pVM->rem.s.Env.idt.base)
2644 {
2645 pCtx->idtr.pIdt = pVM->rem.s.Env.idt.base;
2646 STAM_COUNTER_INC(&gStatREMIDTChange);
2647 VMCPU_FF_SET(pVCpu, VMCPU_FF_TRPM_SYNC_IDT);
2648 }
2649
2650 if ( pCtx->ldtr != pVM->rem.s.Env.ldt.selector
2651 || pCtx->ldtrHid.u64Base != pVM->rem.s.Env.ldt.base
2652 || pCtx->ldtrHid.u32Limit != pVM->rem.s.Env.ldt.limit
2653 || pCtx->ldtrHid.Attr.u != ((pVM->rem.s.Env.ldt.flags >> 8) & 0xF0FF))
2654 {
2655 pCtx->ldtr = pVM->rem.s.Env.ldt.selector;
2656 pCtx->ldtrHid.u64Base = pVM->rem.s.Env.ldt.base;
2657 pCtx->ldtrHid.u32Limit = pVM->rem.s.Env.ldt.limit;
2658 pCtx->ldtrHid.Attr.u = (pVM->rem.s.Env.ldt.flags >> 8) & 0xF0FF;
2659 STAM_COUNTER_INC(&gStatREMLDTRChange);
2660 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_LDT);
2661 }
2662
2663 if ( pCtx->tr != pVM->rem.s.Env.tr.selector
2664 || pCtx->trHid.u64Base != pVM->rem.s.Env.tr.base
2665 || pCtx->trHid.u32Limit != pVM->rem.s.Env.tr.limit
2666 /* Qemu and AMD/Intel have different ideas about the busy flag ... */
2667 || pCtx->trHid.Attr.u != ( (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF
2668 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8
2669 : 0) )
2670 {
2671 Log(("REM: TR changed! %#x{%#llx,%#x,%#x} -> %#x{%llx,%#x,%#x}\n",
2672 pCtx->tr, pCtx->trHid.u64Base, pCtx->trHid.u32Limit, pCtx->trHid.Attr.u,
2673 pVM->rem.s.Env.tr.selector, (uint64_t)pVM->rem.s.Env.tr.base, pVM->rem.s.Env.tr.limit,
2674 (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8 : 0));
2675 pCtx->tr = pVM->rem.s.Env.tr.selector;
2676 pCtx->trHid.u64Base = pVM->rem.s.Env.tr.base;
2677 pCtx->trHid.u32Limit = pVM->rem.s.Env.tr.limit;
2678 pCtx->trHid.Attr.u = (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF;
2679 if (pCtx->trHid.Attr.u)
2680 pCtx->trHid.Attr.u |= DESC_TSS_BUSY_MASK >> 8;
2681 STAM_COUNTER_INC(&gStatREMTRChange);
2682 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2683 }
2684
2685 /** @todo These values could still be out of sync! */
2686 pCtx->csHid.u64Base = pVM->rem.s.Env.segs[R_CS].base;
2687 pCtx->csHid.u32Limit = pVM->rem.s.Env.segs[R_CS].limit;
2688 /* Note! QEmu saves the 2nd dword of the descriptor; we should store the attribute word only! */
2689 pCtx->csHid.Attr.u = (pVM->rem.s.Env.segs[R_CS].flags >> 8) & 0xF0FF;
2690
2691 pCtx->dsHid.u64Base = pVM->rem.s.Env.segs[R_DS].base;
2692 pCtx->dsHid.u32Limit = pVM->rem.s.Env.segs[R_DS].limit;
2693 pCtx->dsHid.Attr.u = (pVM->rem.s.Env.segs[R_DS].flags >> 8) & 0xF0FF;
2694
2695 pCtx->esHid.u64Base = pVM->rem.s.Env.segs[R_ES].base;
2696 pCtx->esHid.u32Limit = pVM->rem.s.Env.segs[R_ES].limit;
2697 pCtx->esHid.Attr.u = (pVM->rem.s.Env.segs[R_ES].flags >> 8) & 0xF0FF;
2698
2699 pCtx->fsHid.u64Base = pVM->rem.s.Env.segs[R_FS].base;
2700 pCtx->fsHid.u32Limit = pVM->rem.s.Env.segs[R_FS].limit;
2701 pCtx->fsHid.Attr.u = (pVM->rem.s.Env.segs[R_FS].flags >> 8) & 0xF0FF;
2702
2703 pCtx->gsHid.u64Base = pVM->rem.s.Env.segs[R_GS].base;
2704 pCtx->gsHid.u32Limit = pVM->rem.s.Env.segs[R_GS].limit;
2705 pCtx->gsHid.Attr.u = (pVM->rem.s.Env.segs[R_GS].flags >> 8) & 0xF0FF;
2706
2707 pCtx->ssHid.u64Base = pVM->rem.s.Env.segs[R_SS].base;
2708 pCtx->ssHid.u32Limit = pVM->rem.s.Env.segs[R_SS].limit;
2709 pCtx->ssHid.Attr.u = (pVM->rem.s.Env.segs[R_SS].flags >> 8) & 0xF0FF;
2710
2711 /* Sysenter MSR */
2712 pCtx->SysEnter.cs = pVM->rem.s.Env.sysenter_cs;
2713 pCtx->SysEnter.eip = pVM->rem.s.Env.sysenter_eip;
2714 pCtx->SysEnter.esp = pVM->rem.s.Env.sysenter_esp;
2715
2716 /* System MSRs. */
2717 pCtx->msrEFER = pVM->rem.s.Env.efer;
2718 pCtx->msrSTAR = pVM->rem.s.Env.star;
2719 pCtx->msrPAT = pVM->rem.s.Env.pat;
2720#ifdef TARGET_X86_64
2721 pCtx->msrLSTAR = pVM->rem.s.Env.lstar;
2722 pCtx->msrCSTAR = pVM->rem.s.Env.cstar;
2723 pCtx->msrSFMASK = pVM->rem.s.Env.fmask;
2724 pCtx->msrKERNELGSBASE = pVM->rem.s.Env.kernelgsbase;
2725#endif
2726
2727 /* Inhibit interrupt flag. */
2728 if (pVM->rem.s.Env.hflags & HF_INHIBIT_IRQ_MASK)
2729 {
2730 Log(("Settings VMCPU_FF_INHIBIT_INTERRUPTS at %RGv (REM)\n", (RTGCPTR)pCtx->rip));
2731 EMSetInhibitInterruptsPC(pVCpu, pCtx->rip);
2732 VMCPU_FF_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
2733 }
2734 else if (VMCPU_FF_ISSET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS))
2735 {
2736 Log(("Clearing VMCPU_FF_INHIBIT_INTERRUPTS at %RGv - successor %RGv (REM#2)\n", (RTGCPTR)pCtx->rip, EMGetInhibitInterruptsPC(pVCpu)));
2737 VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
2738 }
2739
2740 remR3TrapClear(pVM);
2741
2742 /*
2743 * Check for traps.
2744 */
2745 if ( pVM->rem.s.Env.exception_index >= 0
2746 && pVM->rem.s.Env.exception_index < 256)
2747 {
2748 int rc;
2749
2750 Log(("REMR3StateBack: Pending trap %x %d\n", pVM->rem.s.Env.exception_index, pVM->rem.s.Env.exception_is_int));
2751 rc = TRPMAssertTrap(pVCpu, pVM->rem.s.Env.exception_index, (pVM->rem.s.Env.exception_is_int) ? TRPM_SOFTWARE_INT : TRPM_HARDWARE_INT);
2752 AssertRC(rc);
2753 switch (pVM->rem.s.Env.exception_index)
2754 {
2755 case 0x0e:
2756 TRPMSetFaultAddress(pVCpu, pCtx->cr2);
2757 /* fallthru */
2758 case 0x0a: case 0x0b: case 0x0c: case 0x0d:
2759 case 0x11: case 0x08: /* 0 */
2760 TRPMSetErrorCode(pVCpu, pVM->rem.s.Env.error_code);
2761 break;
2762 }
2763
2764 }
2765
2766 /*
2767 * We're not longer in REM mode.
2768 */
2769 CPUMR3RemLeave(pVCpu,
2770 HWACCMIsEnabled(pVM)
2771 || ( pVM->rem.s.Env.segs[R_SS].newselector
2772 | pVM->rem.s.Env.segs[R_GS].newselector
2773 | pVM->rem.s.Env.segs[R_FS].newselector
2774 | pVM->rem.s.Env.segs[R_ES].newselector
2775 | pVM->rem.s.Env.segs[R_DS].newselector
2776 | pVM->rem.s.Env.segs[R_CS].newselector) == 0
2777 );
2778 VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED, VMCPUSTATE_STARTED_EXEC_REM);
2779 pVM->rem.s.fInREM = false;
2780 pVM->rem.s.pCtx = NULL;
2781 pVM->rem.s.Env.pVCpu = NULL;
2782 STAM_PROFILE_STOP(&pVM->rem.s.StatsStateBack, a);
2783 Log2(("REMR3StateBack: returns VINF_SUCCESS\n"));
2784 return VINF_SUCCESS;
2785}
2786
2787
2788/**
2789 * This is called by the disassembler when it wants to update the cpu state
2790 * before for instance doing a register dump.
2791 */
2792static void remR3StateUpdate(PVM pVM, PVMCPU pVCpu)
2793{
2794 register PCPUMCTX pCtx = pVM->rem.s.pCtx;
2795 unsigned i;
2796
2797 Assert(pVM->rem.s.fInREM);
2798
2799 /*
2800 * Copy back the registers.
2801 * This is done in the order they are declared in the CPUMCTX structure.
2802 */
2803
2804 /** @todo FOP */
2805 /** @todo FPUIP */
2806 /** @todo CS */
2807 /** @todo FPUDP */
2808 /** @todo DS */
2809 /** @todo Fix MXCSR support in QEMU so we don't overwrite MXCSR with 0 when we shouldn't! */
2810 pCtx->fpu.MXCSR = 0;
2811 pCtx->fpu.MXCSR_MASK = 0;
2812
2813 /** @todo check if FPU/XMM was actually used in the recompiler */
2814 restore_raw_fp_state(&pVM->rem.s.Env, (uint8_t *)&pCtx->fpu);
2815//// dprintf2(("FPU state CW=%04X TT=%04X SW=%04X (%04X)\n", env->fpuc, env->fpstt, env->fpus, pVMCtx->fpu.FSW));
2816
2817#ifdef TARGET_X86_64
2818 pCtx->rdi = pVM->rem.s.Env.regs[R_EDI];
2819 pCtx->rsi = pVM->rem.s.Env.regs[R_ESI];
2820 pCtx->rbp = pVM->rem.s.Env.regs[R_EBP];
2821 pCtx->rax = pVM->rem.s.Env.regs[R_EAX];
2822 pCtx->rbx = pVM->rem.s.Env.regs[R_EBX];
2823 pCtx->rdx = pVM->rem.s.Env.regs[R_EDX];
2824 pCtx->rcx = pVM->rem.s.Env.regs[R_ECX];
2825 pCtx->r8 = pVM->rem.s.Env.regs[8];
2826 pCtx->r9 = pVM->rem.s.Env.regs[9];
2827 pCtx->r10 = pVM->rem.s.Env.regs[10];
2828 pCtx->r11 = pVM->rem.s.Env.regs[11];
2829 pCtx->r12 = pVM->rem.s.Env.regs[12];
2830 pCtx->r13 = pVM->rem.s.Env.regs[13];
2831 pCtx->r14 = pVM->rem.s.Env.regs[14];
2832 pCtx->r15 = pVM->rem.s.Env.regs[15];
2833
2834 pCtx->rsp = pVM->rem.s.Env.regs[R_ESP];
2835#else
2836 pCtx->edi = pVM->rem.s.Env.regs[R_EDI];
2837 pCtx->esi = pVM->rem.s.Env.regs[R_ESI];
2838 pCtx->ebp = pVM->rem.s.Env.regs[R_EBP];
2839 pCtx->eax = pVM->rem.s.Env.regs[R_EAX];
2840 pCtx->ebx = pVM->rem.s.Env.regs[R_EBX];
2841 pCtx->edx = pVM->rem.s.Env.regs[R_EDX];
2842 pCtx->ecx = pVM->rem.s.Env.regs[R_ECX];
2843
2844 pCtx->esp = pVM->rem.s.Env.regs[R_ESP];
2845#endif
2846
2847 pCtx->ss = pVM->rem.s.Env.segs[R_SS].selector;
2848
2849 pCtx->gs = pVM->rem.s.Env.segs[R_GS].selector;
2850 pCtx->fs = pVM->rem.s.Env.segs[R_FS].selector;
2851 pCtx->es = pVM->rem.s.Env.segs[R_ES].selector;
2852 pCtx->ds = pVM->rem.s.Env.segs[R_DS].selector;
2853 pCtx->cs = pVM->rem.s.Env.segs[R_CS].selector;
2854
2855#ifdef TARGET_X86_64
2856 pCtx->rip = pVM->rem.s.Env.eip;
2857 pCtx->rflags.u64 = pVM->rem.s.Env.eflags;
2858#else
2859 pCtx->eip = pVM->rem.s.Env.eip;
2860 pCtx->eflags.u32 = pVM->rem.s.Env.eflags;
2861#endif
2862
2863 pCtx->cr0 = pVM->rem.s.Env.cr[0];
2864 pCtx->cr2 = pVM->rem.s.Env.cr[2];
2865 pCtx->cr3 = pVM->rem.s.Env.cr[3];
2866 if ((pVM->rem.s.Env.cr[4] ^ pCtx->cr4) & X86_CR4_VME)
2867 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2868 pCtx->cr4 = pVM->rem.s.Env.cr[4];
2869
2870 for (i = 0; i < 8; i++)
2871 pCtx->dr[i] = pVM->rem.s.Env.dr[i];
2872
2873 pCtx->gdtr.cbGdt = pVM->rem.s.Env.gdt.limit;
2874 if (pCtx->gdtr.pGdt != (RTGCPTR)pVM->rem.s.Env.gdt.base)
2875 {
2876 pCtx->gdtr.pGdt = (RTGCPTR)pVM->rem.s.Env.gdt.base;
2877 STAM_COUNTER_INC(&gStatREMGDTChange);
2878 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_GDT);
2879 }
2880
2881 pCtx->idtr.cbIdt = pVM->rem.s.Env.idt.limit;
2882 if (pCtx->idtr.pIdt != (RTGCPTR)pVM->rem.s.Env.idt.base)
2883 {
2884 pCtx->idtr.pIdt = (RTGCPTR)pVM->rem.s.Env.idt.base;
2885 STAM_COUNTER_INC(&gStatREMIDTChange);
2886 VMCPU_FF_SET(pVCpu, VMCPU_FF_TRPM_SYNC_IDT);
2887 }
2888
2889 if ( pCtx->ldtr != pVM->rem.s.Env.ldt.selector
2890 || pCtx->ldtrHid.u64Base != pVM->rem.s.Env.ldt.base
2891 || pCtx->ldtrHid.u32Limit != pVM->rem.s.Env.ldt.limit
2892 || pCtx->ldtrHid.Attr.u != ((pVM->rem.s.Env.ldt.flags >> 8) & 0xF0FF))
2893 {
2894 pCtx->ldtr = pVM->rem.s.Env.ldt.selector;
2895 pCtx->ldtrHid.u64Base = pVM->rem.s.Env.ldt.base;
2896 pCtx->ldtrHid.u32Limit = pVM->rem.s.Env.ldt.limit;
2897 pCtx->ldtrHid.Attr.u = (pVM->rem.s.Env.ldt.flags >> 8) & 0xFFFF;
2898 STAM_COUNTER_INC(&gStatREMLDTRChange);
2899 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_LDT);
2900 }
2901
2902 if ( pCtx->tr != pVM->rem.s.Env.tr.selector
2903 || pCtx->trHid.u64Base != pVM->rem.s.Env.tr.base
2904 || pCtx->trHid.u32Limit != pVM->rem.s.Env.tr.limit
2905 /* Qemu and AMD/Intel have different ideas about the busy flag ... */
2906 || pCtx->trHid.Attr.u != ( (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF
2907 ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8
2908 : 0) )
2909 {
2910 Log(("REM: TR changed! %#x{%#llx,%#x,%#x} -> %#x{%llx,%#x,%#x}\n",
2911 pCtx->tr, pCtx->trHid.u64Base, pCtx->trHid.u32Limit, pCtx->trHid.Attr.u,
2912 pVM->rem.s.Env.tr.selector, (uint64_t)pVM->rem.s.Env.tr.base, pVM->rem.s.Env.tr.limit,
2913 (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF ? (pVM->rem.s.Env.tr.flags | DESC_TSS_BUSY_MASK) >> 8 : 0));
2914 pCtx->tr = pVM->rem.s.Env.tr.selector;
2915 pCtx->trHid.u64Base = pVM->rem.s.Env.tr.base;
2916 pCtx->trHid.u32Limit = pVM->rem.s.Env.tr.limit;
2917 pCtx->trHid.Attr.u = (pVM->rem.s.Env.tr.flags >> 8) & 0xF0FF;
2918 if (pCtx->trHid.Attr.u)
2919 pCtx->trHid.Attr.u |= DESC_TSS_BUSY_MASK >> 8;
2920 STAM_COUNTER_INC(&gStatREMTRChange);
2921 VMCPU_FF_SET(pVCpu, VMCPU_FF_SELM_SYNC_TSS);
2922 }
2923
2924 /** @todo These values could still be out of sync! */
2925 pCtx->csHid.u64Base = pVM->rem.s.Env.segs[R_CS].base;
2926 pCtx->csHid.u32Limit = pVM->rem.s.Env.segs[R_CS].limit;
2927 /** @note QEmu saves the 2nd dword of the descriptor; we should store the attribute word only! */
2928 pCtx->csHid.Attr.u = (pVM->rem.s.Env.segs[R_CS].flags >> 8) & 0xFFFF;
2929
2930 pCtx->dsHid.u64Base = pVM->rem.s.Env.segs[R_DS].base;
2931 pCtx->dsHid.u32Limit = pVM->rem.s.Env.segs[R_DS].limit;
2932 pCtx->dsHid.Attr.u = (pVM->rem.s.Env.segs[R_DS].flags >> 8) & 0xFFFF;
2933
2934 pCtx->esHid.u64Base = pVM->rem.s.Env.segs[R_ES].base;
2935 pCtx->esHid.u32Limit = pVM->rem.s.Env.segs[R_ES].limit;
2936 pCtx->esHid.Attr.u = (pVM->rem.s.Env.segs[R_ES].flags >> 8) & 0xFFFF;
2937
2938 pCtx->fsHid.u64Base = pVM->rem.s.Env.segs[R_FS].base;
2939 pCtx->fsHid.u32Limit = pVM->rem.s.Env.segs[R_FS].limit;
2940 pCtx->fsHid.Attr.u = (pVM->rem.s.Env.segs[R_FS].flags >> 8) & 0xFFFF;
2941
2942 pCtx->gsHid.u64Base = pVM->rem.s.Env.segs[R_GS].base;
2943 pCtx->gsHid.u32Limit = pVM->rem.s.Env.segs[R_GS].limit;
2944 pCtx->gsHid.Attr.u = (pVM->rem.s.Env.segs[R_GS].flags >> 8) & 0xFFFF;
2945
2946 pCtx->ssHid.u64Base = pVM->rem.s.Env.segs[R_SS].base;
2947 pCtx->ssHid.u32Limit = pVM->rem.s.Env.segs[R_SS].limit;
2948 pCtx->ssHid.Attr.u = (pVM->rem.s.Env.segs[R_SS].flags >> 8) & 0xFFFF;
2949
2950 /* Sysenter MSR */
2951 pCtx->SysEnter.cs = pVM->rem.s.Env.sysenter_cs;
2952 pCtx->SysEnter.eip = pVM->rem.s.Env.sysenter_eip;
2953 pCtx->SysEnter.esp = pVM->rem.s.Env.sysenter_esp;
2954
2955 /* System MSRs. */
2956 pCtx->msrEFER = pVM->rem.s.Env.efer;
2957 pCtx->msrSTAR = pVM->rem.s.Env.star;
2958 pCtx->msrPAT = pVM->rem.s.Env.pat;
2959#ifdef TARGET_X86_64
2960 pCtx->msrLSTAR = pVM->rem.s.Env.lstar;
2961 pCtx->msrCSTAR = pVM->rem.s.Env.cstar;
2962 pCtx->msrSFMASK = pVM->rem.s.Env.fmask;
2963 pCtx->msrKERNELGSBASE = pVM->rem.s.Env.kernelgsbase;
2964#endif
2965
2966}
2967
2968
2969/**
2970 * Update the VMM state information if we're currently in REM.
2971 *
2972 * This method is used by the DBGF and PDMDevice when there is any uncertainty of whether
2973 * we're currently executing in REM and the VMM state is invalid. This method will of
2974 * course check that we're executing in REM before syncing any data over to the VMM.
2975 *
2976 * @param pVM The VM handle.
2977 * @param pVCpu The VMCPU handle.
2978 */
2979REMR3DECL(void) REMR3StateUpdate(PVM pVM, PVMCPU pVCpu)
2980{
2981 if (pVM->rem.s.fInREM)
2982 remR3StateUpdate(pVM, pVCpu);
2983}
2984
2985
2986#undef LOG_GROUP
2987#define LOG_GROUP LOG_GROUP_REM
2988
2989
2990/**
2991 * Notify the recompiler about Address Gate 20 state change.
2992 *
2993 * This notification is required since A20 gate changes are
2994 * initialized from a device driver and the VM might just as
2995 * well be in REM mode as in RAW mode.
2996 *
2997 * @param pVM VM handle.
2998 * @param pVCpu VMCPU handle.
2999 * @param fEnable True if the gate should be enabled.
3000 * False if the gate should be disabled.
3001 */
3002REMR3DECL(void) REMR3A20Set(PVM pVM, PVMCPU pVCpu, bool fEnable)
3003{
3004 LogFlow(("REMR3A20Set: fEnable=%d\n", fEnable));
3005 VM_ASSERT_EMT(pVM);
3006
3007 /** @todo SMP and the A20 gate... */
3008 if (pVM->rem.s.Env.pVCpu == pVCpu)
3009 {
3010 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3011 cpu_x86_set_a20(&pVM->rem.s.Env, fEnable);
3012 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3013 }
3014}
3015
3016
3017/**
3018 * Replays the handler notification changes
3019 * Called in response to VM_FF_REM_HANDLER_NOTIFY from the RAW execution loop.
3020 *
3021 * @param pVM VM handle.
3022 */
3023REMR3DECL(void) REMR3ReplayHandlerNotifications(PVM pVM)
3024{
3025 /*
3026 * Replay the flushes.
3027 */
3028 LogFlow(("REMR3ReplayHandlerNotifications:\n"));
3029 VM_ASSERT_EMT(pVM);
3030
3031 /** @todo this isn't ensuring correct replay order. */
3032 if (VM_FF_TESTANDCLEAR(pVM, VM_FF_REM_HANDLER_NOTIFY))
3033 {
3034 uint32_t idxNext;
3035 uint32_t idxRevHead;
3036 uint32_t idxHead;
3037#ifdef VBOX_STRICT
3038 int32_t c = 0;
3039#endif
3040
3041 /* Lockless purging of pending notifications. */
3042 idxHead = ASMAtomicXchgU32(&pVM->rem.s.idxPendingList, UINT32_MAX);
3043 if (idxHead == UINT32_MAX)
3044 return;
3045 Assert(idxHead < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications));
3046
3047 /*
3048 * Reverse the list to process it in FIFO order.
3049 */
3050 idxRevHead = UINT32_MAX;
3051 do
3052 {
3053 /* Save the index of the next rec. */
3054 idxNext = pVM->rem.s.aHandlerNotifications[idxHead].idxNext;
3055 Assert(idxNext < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications) || idxNext == UINT32_MAX);
3056 /* Push the record onto the reversed list. */
3057 pVM->rem.s.aHandlerNotifications[idxHead].idxNext = idxRevHead;
3058 idxRevHead = idxHead;
3059 Assert(++c <= RT_ELEMENTS(pVM->rem.s.aHandlerNotifications));
3060 /* Advance. */
3061 idxHead = idxNext;
3062 } while (idxHead != UINT32_MAX);
3063
3064 /*
3065 * Loop thru the list, reinserting the record into the free list as they are
3066 * processed to avoid having other EMTs running out of entries while we're flushing.
3067 */
3068 idxHead = idxRevHead;
3069 do
3070 {
3071 PREMHANDLERNOTIFICATION pCur = &pVM->rem.s.aHandlerNotifications[idxHead];
3072 uint32_t idxCur;
3073 Assert(--c >= 0);
3074
3075 switch (pCur->enmKind)
3076 {
3077 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_REGISTER:
3078 remR3NotifyHandlerPhysicalRegister(pVM,
3079 pCur->u.PhysicalRegister.enmType,
3080 pCur->u.PhysicalRegister.GCPhys,
3081 pCur->u.PhysicalRegister.cb,
3082 pCur->u.PhysicalRegister.fHasHCHandler);
3083 break;
3084
3085 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_DEREGISTER:
3086 remR3NotifyHandlerPhysicalDeregister(pVM,
3087 pCur->u.PhysicalDeregister.enmType,
3088 pCur->u.PhysicalDeregister.GCPhys,
3089 pCur->u.PhysicalDeregister.cb,
3090 pCur->u.PhysicalDeregister.fHasHCHandler,
3091 pCur->u.PhysicalDeregister.fRestoreAsRAM);
3092 break;
3093
3094 case REMHANDLERNOTIFICATIONKIND_PHYSICAL_MODIFY:
3095 remR3NotifyHandlerPhysicalModify(pVM,
3096 pCur->u.PhysicalModify.enmType,
3097 pCur->u.PhysicalModify.GCPhysOld,
3098 pCur->u.PhysicalModify.GCPhysNew,
3099 pCur->u.PhysicalModify.cb,
3100 pCur->u.PhysicalModify.fHasHCHandler,
3101 pCur->u.PhysicalModify.fRestoreAsRAM);
3102 break;
3103
3104 default:
3105 AssertReleaseMsgFailed(("enmKind=%d\n", pCur->enmKind));
3106 break;
3107 }
3108
3109 /*
3110 * Advance idxHead.
3111 */
3112 idxCur = idxHead;
3113 idxHead = pCur->idxNext;
3114 Assert(idxHead < RT_ELEMENTS(pVM->rem.s.aHandlerNotifications) || (idxHead == UINT32_MAX && c == 0));
3115
3116 /*
3117 * Put the record back into the free list.
3118 */
3119 do
3120 {
3121 idxNext = ASMAtomicUoReadU32(&pVM->rem.s.idxFreeList);
3122 ASMAtomicWriteU32(&pCur->idxNext, idxNext);
3123 ASMCompilerBarrier();
3124 } while (!ASMAtomicCmpXchgU32(&pVM->rem.s.idxFreeList, idxCur, idxNext));
3125 } while (idxHead != UINT32_MAX);
3126
3127#ifdef VBOX_STRICT
3128 if (pVM->cCpus == 1)
3129 {
3130 unsigned c;
3131 /* Check that all records are now on the free list. */
3132 for (c = 0, idxNext = pVM->rem.s.idxFreeList; idxNext != UINT32_MAX;
3133 idxNext = pVM->rem.s.aHandlerNotifications[idxNext].idxNext)
3134 c++;
3135 AssertReleaseMsg(c == RT_ELEMENTS(pVM->rem.s.aHandlerNotifications), ("%#x != %#x, idxFreeList=%#x\n", c, RT_ELEMENTS(pVM->rem.s.aHandlerNotifications), pVM->rem.s.idxFreeList));
3136 }
3137#endif
3138 }
3139}
3140
3141
3142/**
3143 * Notify REM about changed code page.
3144 *
3145 * @returns VBox status code.
3146 * @param pVM VM handle.
3147 * @param pVCpu VMCPU handle.
3148 * @param pvCodePage Code page address
3149 */
3150REMR3DECL(int) REMR3NotifyCodePageChanged(PVM pVM, PVMCPU pVCpu, RTGCPTR pvCodePage)
3151{
3152#ifdef VBOX_REM_PROTECT_PAGES_FROM_SMC
3153 int rc;
3154 RTGCPHYS PhysGC;
3155 uint64_t flags;
3156
3157 VM_ASSERT_EMT(pVM);
3158
3159 /*
3160 * Get the physical page address.
3161 */
3162 rc = PGMGstGetPage(pVM, pvCodePage, &flags, &PhysGC);
3163 if (rc == VINF_SUCCESS)
3164 {
3165 /*
3166 * Sync the required registers and flush the whole page.
3167 * (Easier to do the whole page than notifying it about each physical
3168 * byte that was changed.
3169 */
3170 pVM->rem.s.Env.cr[0] = pVM->rem.s.pCtx->cr0;
3171 pVM->rem.s.Env.cr[2] = pVM->rem.s.pCtx->cr2;
3172 pVM->rem.s.Env.cr[3] = pVM->rem.s.pCtx->cr3;
3173 pVM->rem.s.Env.cr[4] = pVM->rem.s.pCtx->cr4;
3174
3175 tb_invalidate_phys_page_range(PhysGC, PhysGC + PAGE_SIZE - 1, 0);
3176 }
3177#endif
3178 return VINF_SUCCESS;
3179}
3180
3181
3182/**
3183 * Notification about a successful MMR3PhysRegister() call.
3184 *
3185 * @param pVM VM handle.
3186 * @param GCPhys The physical address the RAM.
3187 * @param cb Size of the memory.
3188 * @param fFlags Flags of the REM_NOTIFY_PHYS_RAM_FLAGS_* defines.
3189 */
3190REMR3DECL(void) REMR3NotifyPhysRamRegister(PVM pVM, RTGCPHYS GCPhys, RTGCPHYS cb, unsigned fFlags)
3191{
3192 Log(("REMR3NotifyPhysRamRegister: GCPhys=%RGp cb=%RGp fFlags=%#x\n", GCPhys, cb, fFlags));
3193 VM_ASSERT_EMT(pVM);
3194
3195 /*
3196 * Validate input - we trust the caller.
3197 */
3198 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3199 Assert(cb);
3200 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
3201 AssertMsg(fFlags == REM_NOTIFY_PHYS_RAM_FLAGS_RAM || fFlags == REM_NOTIFY_PHYS_RAM_FLAGS_MMIO2, ("#x\n", fFlags));
3202
3203 /*
3204 * Base ram? Update GCPhysLastRam.
3205 */
3206 if (fFlags & REM_NOTIFY_PHYS_RAM_FLAGS_RAM)
3207 {
3208 if (GCPhys + (cb - 1) > pVM->rem.s.GCPhysLastRam)
3209 {
3210 AssertReleaseMsg(!pVM->rem.s.fGCPhysLastRamFixed, ("GCPhys=%RGp cb=%RGp\n", GCPhys, cb));
3211 pVM->rem.s.GCPhysLastRam = GCPhys + (cb - 1);
3212 }
3213 }
3214
3215 /*
3216 * Register the ram.
3217 */
3218 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3219
3220 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3221 cpu_register_physical_memory_offset(GCPhys, cb, GCPhys, GCPhys);
3222 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3223
3224 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3225}
3226
3227
3228/**
3229 * Notification about a successful MMR3PhysRomRegister() call.
3230 *
3231 * @param pVM VM handle.
3232 * @param GCPhys The physical address of the ROM.
3233 * @param cb The size of the ROM.
3234 * @param pvCopy Pointer to the ROM copy.
3235 * @param fShadow Whether it's currently writable shadow ROM or normal readonly ROM.
3236 * This function will be called when ever the protection of the
3237 * shadow ROM changes (at reset and end of POST).
3238 */
3239REMR3DECL(void) REMR3NotifyPhysRomRegister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb, void *pvCopy, bool fShadow)
3240{
3241 Log(("REMR3NotifyPhysRomRegister: GCPhys=%RGp cb=%d fShadow=%RTbool\n", GCPhys, cb, fShadow));
3242 VM_ASSERT_EMT(pVM);
3243
3244 /*
3245 * Validate input - we trust the caller.
3246 */
3247 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3248 Assert(cb);
3249 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
3250
3251 /*
3252 * Register the rom.
3253 */
3254 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3255
3256 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3257 cpu_register_physical_memory_offset(GCPhys, cb, GCPhys | (fShadow ? 0 : IO_MEM_ROM), GCPhys);
3258 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3259
3260 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3261}
3262
3263
3264/**
3265 * Notification about a successful memory deregistration or reservation.
3266 *
3267 * @param pVM VM Handle.
3268 * @param GCPhys Start physical address.
3269 * @param cb The size of the range.
3270 */
3271REMR3DECL(void) REMR3NotifyPhysRamDeregister(PVM pVM, RTGCPHYS GCPhys, RTUINT cb)
3272{
3273 Log(("REMR3NotifyPhysRamDeregister: GCPhys=%RGp cb=%d\n", GCPhys, cb));
3274 VM_ASSERT_EMT(pVM);
3275
3276 /*
3277 * Validate input - we trust the caller.
3278 */
3279 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3280 Assert(cb);
3281 Assert(RT_ALIGN_Z(cb, PAGE_SIZE) == cb);
3282
3283 /*
3284 * Unassigning the memory.
3285 */
3286 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3287
3288 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3289 cpu_register_physical_memory_offset(GCPhys, cb, IO_MEM_UNASSIGNED, GCPhys);
3290 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3291
3292 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3293}
3294
3295
3296/**
3297 * Notification about a successful PGMR3HandlerPhysicalRegister() call.
3298 *
3299 * @param pVM VM Handle.
3300 * @param enmType Handler type.
3301 * @param GCPhys Handler range address.
3302 * @param cb Size of the handler range.
3303 * @param fHasHCHandler Set if the handler has a HC callback function.
3304 *
3305 * @remark MMR3PhysRomRegister assumes that this function will not apply the
3306 * Handler memory type to memory which has no HC handler.
3307 */
3308static void remR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler)
3309{
3310 Log(("REMR3NotifyHandlerPhysicalRegister: enmType=%d GCPhys=%RGp cb=%RGp fHasHCHandler=%d\n",
3311 enmType, GCPhys, cb, fHasHCHandler));
3312
3313 VM_ASSERT_EMT(pVM);
3314 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3315 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3316
3317
3318 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3319
3320 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3321 if (enmType == PGMPHYSHANDLERTYPE_MMIO)
3322 cpu_register_physical_memory_offset(GCPhys, cb, pVM->rem.s.iMMIOMemType, GCPhys);
3323 else if (fHasHCHandler)
3324 cpu_register_physical_memory_offset(GCPhys, cb, pVM->rem.s.iHandlerMemType, GCPhys);
3325 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3326
3327 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3328}
3329
3330/**
3331 * Notification about a successful PGMR3HandlerPhysicalRegister() call.
3332 *
3333 * @param pVM VM Handle.
3334 * @param enmType Handler type.
3335 * @param GCPhys Handler range address.
3336 * @param cb Size of the handler range.
3337 * @param fHasHCHandler Set if the handler has a HC callback function.
3338 *
3339 * @remark MMR3PhysRomRegister assumes that this function will not apply the
3340 * Handler memory type to memory which has no HC handler.
3341 */
3342REMR3DECL(void) REMR3NotifyHandlerPhysicalRegister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler)
3343{
3344 REMR3ReplayHandlerNotifications(pVM);
3345
3346 remR3NotifyHandlerPhysicalRegister(pVM, enmType, GCPhys, cb, fHasHCHandler);
3347}
3348
3349/**
3350 * Notification about a successful PGMR3HandlerPhysicalDeregister() operation.
3351 *
3352 * @param pVM VM Handle.
3353 * @param enmType Handler type.
3354 * @param GCPhys Handler range address.
3355 * @param cb Size of the handler range.
3356 * @param fHasHCHandler Set if the handler has a HC callback function.
3357 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3358 */
3359static void remR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3360{
3361 Log(("REMR3NotifyHandlerPhysicalDeregister: enmType=%d GCPhys=%RGp cb=%RGp fHasHCHandler=%RTbool fRestoreAsRAM=%RTbool RAM=%08x\n",
3362 enmType, GCPhys, cb, fHasHCHandler, fRestoreAsRAM, MMR3PhysGetRamSize(pVM)));
3363 VM_ASSERT_EMT(pVM);
3364
3365
3366 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3367
3368 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3369 /** @todo this isn't right, MMIO can (in theory) be restored as RAM. */
3370 if (enmType == PGMPHYSHANDLERTYPE_MMIO)
3371 cpu_register_physical_memory_offset(GCPhys, cb, IO_MEM_UNASSIGNED, GCPhys);
3372 else if (fHasHCHandler)
3373 {
3374 if (!fRestoreAsRAM)
3375 {
3376 Assert(GCPhys > MMR3PhysGetRamSize(pVM));
3377 cpu_register_physical_memory_offset(GCPhys, cb, IO_MEM_UNASSIGNED, GCPhys);
3378 }
3379 else
3380 {
3381 Assert(RT_ALIGN_T(GCPhys, PAGE_SIZE, RTGCPHYS) == GCPhys);
3382 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3383 cpu_register_physical_memory_offset(GCPhys, cb, GCPhys, GCPhys);
3384 }
3385 }
3386 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3387
3388 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3389}
3390
3391/**
3392 * Notification about a successful PGMR3HandlerPhysicalDeregister() operation.
3393 *
3394 * @param pVM VM Handle.
3395 * @param enmType Handler type.
3396 * @param GCPhys Handler range address.
3397 * @param cb Size of the handler range.
3398 * @param fHasHCHandler Set if the handler has a HC callback function.
3399 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3400 */
3401REMR3DECL(void) REMR3NotifyHandlerPhysicalDeregister(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhys, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3402{
3403 REMR3ReplayHandlerNotifications(pVM);
3404 remR3NotifyHandlerPhysicalDeregister(pVM, enmType, GCPhys, cb, fHasHCHandler, fRestoreAsRAM);
3405}
3406
3407
3408/**
3409 * Notification about a successful PGMR3HandlerPhysicalModify() call.
3410 *
3411 * @param pVM VM Handle.
3412 * @param enmType Handler type.
3413 * @param GCPhysOld Old handler range address.
3414 * @param GCPhysNew New handler range address.
3415 * @param cb Size of the handler range.
3416 * @param fHasHCHandler Set if the handler has a HC callback function.
3417 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3418 */
3419static void remR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3420{
3421 Log(("REMR3NotifyHandlerPhysicalModify: enmType=%d GCPhysOld=%RGp GCPhysNew=%RGp cb=%RGp fHasHCHandler=%RTbool fRestoreAsRAM=%RTbool\n",
3422 enmType, GCPhysOld, GCPhysNew, cb, fHasHCHandler, fRestoreAsRAM));
3423 VM_ASSERT_EMT(pVM);
3424 AssertReleaseMsg(enmType != PGMPHYSHANDLERTYPE_MMIO, ("enmType=%d\n", enmType));
3425
3426 if (fHasHCHandler)
3427 {
3428 ASMAtomicIncU32(&pVM->rem.s.cIgnoreAll);
3429
3430 /*
3431 * Reset the old page.
3432 */
3433 PDMCritSectEnter(&pVM->rem.s.CritSectRegister, VERR_SEM_BUSY);
3434 if (!fRestoreAsRAM)
3435 cpu_register_physical_memory_offset(GCPhysOld, cb, IO_MEM_UNASSIGNED, GCPhysOld);
3436 else
3437 {
3438 /* This is not perfect, but it'll do for PD monitoring... */
3439 Assert(cb == PAGE_SIZE);
3440 Assert(RT_ALIGN_T(GCPhysOld, PAGE_SIZE, RTGCPHYS) == GCPhysOld);
3441 cpu_register_physical_memory_offset(GCPhysOld, cb, GCPhysOld, GCPhysOld);
3442 }
3443
3444 /*
3445 * Update the new page.
3446 */
3447 Assert(RT_ALIGN_T(GCPhysNew, PAGE_SIZE, RTGCPHYS) == GCPhysNew);
3448 Assert(RT_ALIGN_T(cb, PAGE_SIZE, RTGCPHYS) == cb);
3449 cpu_register_physical_memory_offset(GCPhysNew, cb, pVM->rem.s.iHandlerMemType, GCPhysNew);
3450 PDMCritSectLeave(&pVM->rem.s.CritSectRegister);
3451
3452 ASMAtomicDecU32(&pVM->rem.s.cIgnoreAll);
3453 }
3454}
3455
3456/**
3457 * Notification about a successful PGMR3HandlerPhysicalModify() call.
3458 *
3459 * @param pVM VM Handle.
3460 * @param enmType Handler type.
3461 * @param GCPhysOld Old handler range address.
3462 * @param GCPhysNew New handler range address.
3463 * @param cb Size of the handler range.
3464 * @param fHasHCHandler Set if the handler has a HC callback function.
3465 * @param fRestoreAsRAM Whether the to restore it as normal RAM or as unassigned memory.
3466 */
3467REMR3DECL(void) REMR3NotifyHandlerPhysicalModify(PVM pVM, PGMPHYSHANDLERTYPE enmType, RTGCPHYS GCPhysOld, RTGCPHYS GCPhysNew, RTGCPHYS cb, bool fHasHCHandler, bool fRestoreAsRAM)
3468{
3469 REMR3ReplayHandlerNotifications(pVM);
3470
3471 remR3NotifyHandlerPhysicalModify(pVM, enmType, GCPhysOld, GCPhysNew, cb, fHasHCHandler, fRestoreAsRAM);
3472}
3473
3474/**
3475 * Checks if we're handling access to this page or not.
3476 *
3477 * @returns true if we're trapping access.
3478 * @returns false if we aren't.
3479 * @param pVM The VM handle.
3480 * @param GCPhys The physical address.
3481 *
3482 * @remark This function will only work correctly in VBOX_STRICT builds!
3483 */
3484REMR3DECL(bool) REMR3IsPageAccessHandled(PVM pVM, RTGCPHYS GCPhys)
3485{
3486#ifdef VBOX_STRICT
3487 unsigned long off;
3488 REMR3ReplayHandlerNotifications(pVM);
3489
3490 off = get_phys_page_offset(GCPhys);
3491 return (off & PAGE_OFFSET_MASK) == pVM->rem.s.iHandlerMemType
3492 || (off & PAGE_OFFSET_MASK) == pVM->rem.s.iMMIOMemType
3493 || (off & PAGE_OFFSET_MASK) == IO_MEM_ROM;
3494#else
3495 return false;
3496#endif
3497}
3498
3499
3500/**
3501 * Deals with a rare case in get_phys_addr_code where the code
3502 * is being monitored.
3503 *
3504 * It could also be an MMIO page, in which case we will raise a fatal error.
3505 *
3506 * @returns The physical address corresponding to addr.
3507 * @param env The cpu environment.
3508 * @param addr The virtual address.
3509 * @param pTLBEntry The TLB entry.
3510 */
3511target_ulong remR3PhysGetPhysicalAddressCode(CPUX86State *env,
3512 target_ulong addr,
3513 CPUTLBEntry *pTLBEntry,
3514 target_phys_addr_t ioTLBEntry)
3515{
3516 PVM pVM = env->pVM;
3517
3518 if ((ioTLBEntry & ~TARGET_PAGE_MASK) == pVM->rem.s.iHandlerMemType)
3519 {
3520 /* If code memory is being monitored, appropriate IOTLB entry will have
3521 handler IO type, and addend will provide real physical address, no
3522 matter if we store VA in TLB or not, as handlers are always passed PA */
3523 target_ulong ret = (ioTLBEntry & TARGET_PAGE_MASK) + addr;
3524 return ret;
3525 }
3526 LogRel(("\nTrying to execute code with memory type addr_code=%RGv addend=%RGp at %RGv! (iHandlerMemType=%#x iMMIOMemType=%#x IOTLB=%RGp)\n"
3527 "*** handlers\n",
3528 (RTGCPTR)pTLBEntry->addr_code, (RTGCPHYS)pTLBEntry->addend, (RTGCPTR)addr, pVM->rem.s.iHandlerMemType, pVM->rem.s.iMMIOMemType, (RTGCPHYS)ioTLBEntry));
3529 DBGFR3Info(pVM, "handlers", NULL, DBGFR3InfoLogRelHlp());
3530 LogRel(("*** mmio\n"));
3531 DBGFR3Info(pVM, "mmio", NULL, DBGFR3InfoLogRelHlp());
3532 LogRel(("*** phys\n"));
3533 DBGFR3Info(pVM, "phys", NULL, DBGFR3InfoLogRelHlp());
3534 cpu_abort(env, "Trying to execute code with memory type addr_code=%RGv addend=%RGp at %RGv. (iHandlerMemType=%#x iMMIOMemType=%#x)\n",
3535 (RTGCPTR)pTLBEntry->addr_code, (RTGCPHYS)pTLBEntry->addend, (RTGCPTR)addr, pVM->rem.s.iHandlerMemType, pVM->rem.s.iMMIOMemType);
3536 AssertFatalFailed();
3537}
3538
3539/**
3540 * Read guest RAM and ROM.
3541 *
3542 * @param SrcGCPhys The source address (guest physical).
3543 * @param pvDst The destination address.
3544 * @param cb Number of bytes
3545 */
3546void remR3PhysRead(RTGCPHYS SrcGCPhys, void *pvDst, unsigned cb)
3547{
3548 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3549 VBOX_CHECK_ADDR(SrcGCPhys);
3550 PGMPhysRead(cpu_single_env->pVM, SrcGCPhys, pvDst, cb);
3551#ifdef VBOX_DEBUG_PHYS
3552 LogRel(("read(%d): %08x\n", cb, (uint32_t)SrcGCPhys));
3553#endif
3554 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3555}
3556
3557
3558/**
3559 * Read guest RAM and ROM, unsigned 8-bit.
3560 *
3561 * @param SrcGCPhys The source address (guest physical).
3562 */
3563RTCCUINTREG remR3PhysReadU8(RTGCPHYS SrcGCPhys)
3564{
3565 uint8_t val;
3566 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3567 VBOX_CHECK_ADDR(SrcGCPhys);
3568 val = PGMR3PhysReadU8(cpu_single_env->pVM, SrcGCPhys);
3569 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3570#ifdef VBOX_DEBUG_PHYS
3571 LogRel(("readu8: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3572#endif
3573 return val;
3574}
3575
3576
3577/**
3578 * Read guest RAM and ROM, signed 8-bit.
3579 *
3580 * @param SrcGCPhys The source address (guest physical).
3581 */
3582RTCCINTREG remR3PhysReadS8(RTGCPHYS SrcGCPhys)
3583{
3584 int8_t val;
3585 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3586 VBOX_CHECK_ADDR(SrcGCPhys);
3587 val = PGMR3PhysReadU8(cpu_single_env->pVM, SrcGCPhys);
3588 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3589#ifdef VBOX_DEBUG_PHYS
3590 LogRel(("reads8: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3591#endif
3592 return val;
3593}
3594
3595
3596/**
3597 * Read guest RAM and ROM, unsigned 16-bit.
3598 *
3599 * @param SrcGCPhys The source address (guest physical).
3600 */
3601RTCCUINTREG remR3PhysReadU16(RTGCPHYS SrcGCPhys)
3602{
3603 uint16_t val;
3604 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3605 VBOX_CHECK_ADDR(SrcGCPhys);
3606 val = PGMR3PhysReadU16(cpu_single_env->pVM, SrcGCPhys);
3607 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3608#ifdef VBOX_DEBUG_PHYS
3609 LogRel(("readu16: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3610#endif
3611 return val;
3612}
3613
3614
3615/**
3616 * Read guest RAM and ROM, signed 16-bit.
3617 *
3618 * @param SrcGCPhys The source address (guest physical).
3619 */
3620RTCCINTREG remR3PhysReadS16(RTGCPHYS SrcGCPhys)
3621{
3622 int16_t val;
3623 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3624 VBOX_CHECK_ADDR(SrcGCPhys);
3625 val = PGMR3PhysReadU16(cpu_single_env->pVM, SrcGCPhys);
3626 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3627#ifdef VBOX_DEBUG_PHYS
3628 LogRel(("reads16: %x <- %08x\n", (uint16_t)val, (uint32_t)SrcGCPhys));
3629#endif
3630 return val;
3631}
3632
3633
3634/**
3635 * Read guest RAM and ROM, unsigned 32-bit.
3636 *
3637 * @param SrcGCPhys The source address (guest physical).
3638 */
3639RTCCUINTREG remR3PhysReadU32(RTGCPHYS SrcGCPhys)
3640{
3641 uint32_t val;
3642 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3643 VBOX_CHECK_ADDR(SrcGCPhys);
3644 val = PGMR3PhysReadU32(cpu_single_env->pVM, SrcGCPhys);
3645 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3646#ifdef VBOX_DEBUG_PHYS
3647 LogRel(("readu32: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3648#endif
3649 return val;
3650}
3651
3652
3653/**
3654 * Read guest RAM and ROM, signed 32-bit.
3655 *
3656 * @param SrcGCPhys The source address (guest physical).
3657 */
3658RTCCINTREG remR3PhysReadS32(RTGCPHYS SrcGCPhys)
3659{
3660 int32_t val;
3661 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3662 VBOX_CHECK_ADDR(SrcGCPhys);
3663 val = PGMR3PhysReadU32(cpu_single_env->pVM, SrcGCPhys);
3664 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3665#ifdef VBOX_DEBUG_PHYS
3666 LogRel(("reads32: %x <- %08x\n", val, (uint32_t)SrcGCPhys));
3667#endif
3668 return val;
3669}
3670
3671
3672/**
3673 * Read guest RAM and ROM, unsigned 64-bit.
3674 *
3675 * @param SrcGCPhys The source address (guest physical).
3676 */
3677uint64_t remR3PhysReadU64(RTGCPHYS SrcGCPhys)
3678{
3679 uint64_t val;
3680 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3681 VBOX_CHECK_ADDR(SrcGCPhys);
3682 val = PGMR3PhysReadU64(cpu_single_env->pVM, SrcGCPhys);
3683 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3684#ifdef VBOX_DEBUG_PHYS
3685 LogRel(("readu64: %llx <- %08x\n", val, (uint32_t)SrcGCPhys));
3686#endif
3687 return val;
3688}
3689
3690
3691/**
3692 * Read guest RAM and ROM, signed 64-bit.
3693 *
3694 * @param SrcGCPhys The source address (guest physical).
3695 */
3696int64_t remR3PhysReadS64(RTGCPHYS SrcGCPhys)
3697{
3698 int64_t val;
3699 STAM_PROFILE_ADV_START(&gStatMemRead, a);
3700 VBOX_CHECK_ADDR(SrcGCPhys);
3701 val = PGMR3PhysReadU64(cpu_single_env->pVM, SrcGCPhys);
3702 STAM_PROFILE_ADV_STOP(&gStatMemRead, a);
3703#ifdef VBOX_DEBUG_PHYS
3704 LogRel(("reads64: %llx <- %08x\n", val, (uint32_t)SrcGCPhys));
3705#endif
3706 return val;
3707}
3708
3709
3710/**
3711 * Write guest RAM.
3712 *
3713 * @param DstGCPhys The destination address (guest physical).
3714 * @param pvSrc The source address.
3715 * @param cb Number of bytes to write
3716 */
3717void remR3PhysWrite(RTGCPHYS DstGCPhys, const void *pvSrc, unsigned cb)
3718{
3719 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3720 VBOX_CHECK_ADDR(DstGCPhys);
3721 PGMPhysWrite(cpu_single_env->pVM, DstGCPhys, pvSrc, cb);
3722 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3723#ifdef VBOX_DEBUG_PHYS
3724 LogRel(("write(%d): %08x\n", cb, (uint32_t)DstGCPhys));
3725#endif
3726}
3727
3728
3729/**
3730 * Write guest RAM, unsigned 8-bit.
3731 *
3732 * @param DstGCPhys The destination address (guest physical).
3733 * @param val Value
3734 */
3735void remR3PhysWriteU8(RTGCPHYS DstGCPhys, uint8_t val)
3736{
3737 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3738 VBOX_CHECK_ADDR(DstGCPhys);
3739 PGMR3PhysWriteU8(cpu_single_env->pVM, DstGCPhys, val);
3740 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3741#ifdef VBOX_DEBUG_PHYS
3742 LogRel(("writeu8: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3743#endif
3744}
3745
3746
3747/**
3748 * Write guest RAM, unsigned 8-bit.
3749 *
3750 * @param DstGCPhys The destination address (guest physical).
3751 * @param val Value
3752 */
3753void remR3PhysWriteU16(RTGCPHYS DstGCPhys, uint16_t val)
3754{
3755 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3756 VBOX_CHECK_ADDR(DstGCPhys);
3757 PGMR3PhysWriteU16(cpu_single_env->pVM, DstGCPhys, val);
3758 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3759#ifdef VBOX_DEBUG_PHYS
3760 LogRel(("writeu16: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3761#endif
3762}
3763
3764
3765/**
3766 * Write guest RAM, unsigned 32-bit.
3767 *
3768 * @param DstGCPhys The destination address (guest physical).
3769 * @param val Value
3770 */
3771void remR3PhysWriteU32(RTGCPHYS DstGCPhys, uint32_t val)
3772{
3773 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3774 VBOX_CHECK_ADDR(DstGCPhys);
3775 PGMR3PhysWriteU32(cpu_single_env->pVM, DstGCPhys, val);
3776 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3777#ifdef VBOX_DEBUG_PHYS
3778 LogRel(("writeu32: %x -> %08x\n", val, (uint32_t)DstGCPhys));
3779#endif
3780}
3781
3782
3783/**
3784 * Write guest RAM, unsigned 64-bit.
3785 *
3786 * @param DstGCPhys The destination address (guest physical).
3787 * @param val Value
3788 */
3789void remR3PhysWriteU64(RTGCPHYS DstGCPhys, uint64_t val)
3790{
3791 STAM_PROFILE_ADV_START(&gStatMemWrite, a);
3792 VBOX_CHECK_ADDR(DstGCPhys);
3793 PGMR3PhysWriteU64(cpu_single_env->pVM, DstGCPhys, val);
3794 STAM_PROFILE_ADV_STOP(&gStatMemWrite, a);
3795#ifdef VBOX_DEBUG_PHYS
3796 LogRel(("writeu64: %llx -> %08x\n", val, (uint32_t)DstGCPhys));
3797#endif
3798}
3799
3800#undef LOG_GROUP
3801#define LOG_GROUP LOG_GROUP_REM_MMIO
3802
3803/** Read MMIO memory. */
3804static uint32_t remR3MMIOReadU8(void *pvVM, target_phys_addr_t GCPhys)
3805{
3806 uint32_t u32 = 0;
3807 int rc = IOMMMIORead((PVM)pvVM, GCPhys, &u32, 1);
3808 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3809 Log2(("remR3MMIOReadU8: GCPhys=%RGp -> %02x\n", (RTGCPHYS)GCPhys, u32));
3810 return u32;
3811}
3812
3813/** Read MMIO memory. */
3814static uint32_t remR3MMIOReadU16(void *pvVM, target_phys_addr_t GCPhys)
3815{
3816 uint32_t u32 = 0;
3817 int rc = IOMMMIORead((PVM)pvVM, GCPhys, &u32, 2);
3818 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3819 Log2(("remR3MMIOReadU16: GCPhys=%RGp -> %04x\n", (RTGCPHYS)GCPhys, u32));
3820 return u32;
3821}
3822
3823/** Read MMIO memory. */
3824static uint32_t remR3MMIOReadU32(void *pvVM, target_phys_addr_t GCPhys)
3825{
3826 uint32_t u32 = 0;
3827 int rc = IOMMMIORead((PVM)pvVM, GCPhys, &u32, 4);
3828 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3829 Log2(("remR3MMIOReadU32: GCPhys=%RGp -> %08x\n", (RTGCPHYS)GCPhys, u32));
3830 return u32;
3831}
3832
3833/** Write to MMIO memory. */
3834static void remR3MMIOWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3835{
3836 int rc;
3837 Log2(("remR3MMIOWriteU8: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3838 rc = IOMMMIOWrite((PVM)pvVM, GCPhys, u32, 1);
3839 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3840}
3841
3842/** Write to MMIO memory. */
3843static void remR3MMIOWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3844{
3845 int rc;
3846 Log2(("remR3MMIOWriteU16: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3847 rc = IOMMMIOWrite((PVM)pvVM, GCPhys, u32, 2);
3848 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3849}
3850
3851/** Write to MMIO memory. */
3852static void remR3MMIOWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3853{
3854 int rc;
3855 Log2(("remR3MMIOWriteU32: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3856 rc = IOMMMIOWrite((PVM)pvVM, GCPhys, u32, 4);
3857 AssertMsg(rc == VINF_SUCCESS, ("rc=%Rrc\n", rc)); NOREF(rc);
3858}
3859
3860
3861#undef LOG_GROUP
3862#define LOG_GROUP LOG_GROUP_REM_HANDLER
3863
3864/* !!!WARNING!!! This is extremely hackish right now, we assume it's only for LFB access! !!!WARNING!!! */
3865
3866static uint32_t remR3HandlerReadU8(void *pvVM, target_phys_addr_t GCPhys)
3867{
3868 uint8_t u8;
3869 Log2(("remR3HandlerReadU8: GCPhys=%RGp\n", (RTGCPHYS)GCPhys));
3870 PGMPhysRead((PVM)pvVM, GCPhys, &u8, sizeof(u8));
3871 return u8;
3872}
3873
3874static uint32_t remR3HandlerReadU16(void *pvVM, target_phys_addr_t GCPhys)
3875{
3876 uint16_t u16;
3877 Log2(("remR3HandlerReadU16: GCPhys=%RGp\n", (RTGCPHYS)GCPhys));
3878 PGMPhysRead((PVM)pvVM, GCPhys, &u16, sizeof(u16));
3879 return u16;
3880}
3881
3882static uint32_t remR3HandlerReadU32(void *pvVM, target_phys_addr_t GCPhys)
3883{
3884 uint32_t u32;
3885 Log2(("remR3HandlerReadU32: GCPhys=%RGp\n", (RTGCPHYS)GCPhys));
3886 PGMPhysRead((PVM)pvVM, GCPhys, &u32, sizeof(u32));
3887 return u32;
3888}
3889
3890static void remR3HandlerWriteU8(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3891{
3892 Log2(("remR3HandlerWriteU8: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3893 PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint8_t));
3894}
3895
3896static void remR3HandlerWriteU16(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3897{
3898 Log2(("remR3HandlerWriteU16: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3899 PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint16_t));
3900}
3901
3902static void remR3HandlerWriteU32(void *pvVM, target_phys_addr_t GCPhys, uint32_t u32)
3903{
3904 Log2(("remR3HandlerWriteU32: GCPhys=%RGp u32=%#x\n", (RTGCPHYS)GCPhys, u32));
3905 PGMPhysWrite((PVM)pvVM, GCPhys, &u32, sizeof(uint32_t));
3906}
3907
3908/* -+- disassembly -+- */
3909
3910#undef LOG_GROUP
3911#define LOG_GROUP LOG_GROUP_REM_DISAS
3912
3913
3914/**
3915 * Enables or disables singled stepped disassembly.
3916 *
3917 * @returns VBox status code.
3918 * @param pVM VM handle.
3919 * @param fEnable To enable set this flag, to disable clear it.
3920 */
3921static DECLCALLBACK(int) remR3DisasEnableStepping(PVM pVM, bool fEnable)
3922{
3923 LogFlow(("remR3DisasEnableStepping: fEnable=%d\n", fEnable));
3924 VM_ASSERT_EMT(pVM);
3925
3926 if (fEnable)
3927 pVM->rem.s.Env.state |= CPU_EMULATE_SINGLE_STEP;
3928 else
3929 pVM->rem.s.Env.state &= ~CPU_EMULATE_SINGLE_STEP;
3930#ifdef REM_USE_QEMU_SINGLE_STEP_FOR_LOGGING
3931 cpu_single_step(&pVM->rem.s.Env, fEnable);
3932#endif
3933 return VINF_SUCCESS;
3934}
3935
3936
3937/**
3938 * Enables or disables singled stepped disassembly.
3939 *
3940 * @returns VBox status code.
3941 * @param pVM VM handle.
3942 * @param fEnable To enable set this flag, to disable clear it.
3943 */
3944REMR3DECL(int) REMR3DisasEnableStepping(PVM pVM, bool fEnable)
3945{
3946 int rc;
3947
3948 LogFlow(("REMR3DisasEnableStepping: fEnable=%d\n", fEnable));
3949 if (VM_IS_EMT(pVM))
3950 return remR3DisasEnableStepping(pVM, fEnable);
3951
3952 rc = VMR3ReqPriorityCallWait(pVM, VMCPUID_ANY, (PFNRT)remR3DisasEnableStepping, 2, pVM, fEnable);
3953 AssertRC(rc);
3954 return rc;
3955}
3956
3957
3958#if defined(VBOX_WITH_DEBUGGER) && !(defined(RT_OS_WINDOWS) && defined(RT_ARCH_AMD64))
3959/**
3960 * External Debugger Command: .remstep [on|off|1|0]
3961 */
3962static DECLCALLBACK(int) remR3CmdDisasEnableStepping(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PVM pVM, PCDBGCVAR paArgs, unsigned cArgs)
3963{
3964 int rc;
3965
3966 if (cArgs == 0)
3967 /*
3968 * Print the current status.
3969 */
3970 rc = DBGCCmdHlpPrintf(pCmdHlp, "DisasStepping is %s\n",
3971 pVM->rem.s.Env.state & CPU_EMULATE_SINGLE_STEP ? "enabled" : "disabled");
3972 else
3973 {
3974 /*
3975 * Convert the argument and change the mode.
3976 */
3977 bool fEnable;
3978 rc = DBGCCmdHlpVarToBool(pCmdHlp, &paArgs[0], &fEnable);
3979 if (RT_SUCCESS(rc))
3980 {
3981 rc = REMR3DisasEnableStepping(pVM, fEnable);
3982 if (RT_SUCCESS(rc))
3983 rc = DBGCCmdHlpPrintf(pCmdHlp, "DisasStepping was %s\n", fEnable ? "enabled" : "disabled");
3984 else
3985 rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "REMR3DisasEnableStepping");
3986 }
3987 else
3988 rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "DBGCCmdHlpVarToBool");
3989 }
3990 return rc;
3991}
3992#endif /* VBOX_WITH_DEBUGGER && !win.amd64 */
3993
3994
3995/**
3996 * Disassembles one instruction and prints it to the log.
3997 *
3998 * @returns Success indicator.
3999 * @param env Pointer to the recompiler CPU structure.
4000 * @param f32BitCode Indicates that whether or not the code should
4001 * be disassembled as 16 or 32 bit. If -1 the CS
4002 * selector will be inspected.
4003 * @param pszPrefix
4004 */
4005bool remR3DisasInstr(CPUX86State *env, int f32BitCode, char *pszPrefix)
4006{
4007 PVM pVM = env->pVM;
4008 const bool fLog = LogIsEnabled();
4009 const bool fLog2 = LogIs2Enabled();
4010 int rc = VINF_SUCCESS;
4011
4012 /*
4013 * Don't bother if there ain't any log output to do.
4014 */
4015 if (!fLog && !fLog2)
4016 return true;
4017
4018 /*
4019 * Update the state so DBGF reads the correct register values.
4020 */
4021 remR3StateUpdate(pVM, env->pVCpu);
4022
4023 /*
4024 * Log registers if requested.
4025 */
4026 if (fLog2)
4027 DBGFR3InfoLog(pVM, "cpumguest", pszPrefix);
4028
4029 /*
4030 * Disassemble to log.
4031 */
4032 if (fLog)
4033 {
4034 PVMCPU pVCpu = VMMGetCpu(pVM);
4035 char szBuf[256];
4036 szBuf[0] = '\0';
4037 int rc = DBGFR3DisasInstrEx(pVCpu->pVMR3,
4038 pVCpu->idCpu,
4039 0, /* Sel */
4040 0, /* GCPtr */
4041 DBGF_DISAS_FLAGS_CURRENT_GUEST
4042 | DBGF_DISAS_FLAGS_DEFAULT_MODE
4043 | DBGF_DISAS_FLAGS_HID_SEL_REGS_VALID,
4044 szBuf,
4045 sizeof(szBuf),
4046 NULL);
4047 if (RT_FAILURE(rc))
4048 RTStrPrintf(szBuf, sizeof(szBuf), "DBGFR3DisasInstrEx failed with rc=%Rrc\n", rc);
4049 if (pszPrefix && *pszPrefix)
4050 RTLogPrintf("%s-CPU%d: %s\n", pszPrefix, pVCpu->idCpu, szBuf);
4051 else
4052 RTLogPrintf("CPU%d: %s\n", pVCpu->idCpu, szBuf);
4053 }
4054
4055 return RT_SUCCESS(rc);
4056}
4057
4058
4059/**
4060 * Disassemble recompiled code.
4061 *
4062 * @param phFileIgnored Ignored, logfile usually.
4063 * @param pvCode Pointer to the code block.
4064 * @param cb Size of the code block.
4065 */
4066void disas(FILE *phFile, void *pvCode, unsigned long cb)
4067{
4068 if (LogIs2Enabled())
4069 {
4070 unsigned off = 0;
4071 char szOutput[256];
4072 DISCPUSTATE Cpu;
4073#ifdef RT_ARCH_X86
4074 DISCPUMODE enmCpuMode = DISCPUMODE_32BIT;
4075#else
4076 DISCPUMODE enmCpuMode = DISCPUMODE_64BIT;
4077#endif
4078
4079 RTLogPrintf("Recompiled Code: %p %#lx (%ld) bytes\n", pvCode, cb, cb);
4080 while (off < cb)
4081 {
4082 uint32_t cbInstr;
4083 int rc = DISInstrToStr((uint8_t const *)pvCode + off, enmCpuMode,
4084 &Cpu, &cbInstr, szOutput, sizeof(szOutput));
4085 if (RT_SUCCESS(rc))
4086 RTLogPrintf("%s", szOutput);
4087 else
4088 {
4089 RTLogPrintf("disas error %Rrc\n", rc);
4090 cbInstr = 1;
4091 }
4092 off += cbInstr;
4093 }
4094 }
4095}
4096
4097
4098/**
4099 * Disassemble guest code.
4100 *
4101 * @param phFileIgnored Ignored, logfile usually.
4102 * @param uCode The guest address of the code to disassemble. (flat?)
4103 * @param cb Number of bytes to disassemble.
4104 * @param fFlags Flags, probably something which tells if this is 16, 32 or 64 bit code.
4105 */
4106void target_disas(FILE *phFile, target_ulong uCode, target_ulong cb, int fFlags)
4107{
4108 if (LogIs2Enabled())
4109 {
4110 PVM pVM = cpu_single_env->pVM;
4111 PVMCPU pVCpu = cpu_single_env->pVCpu;
4112 RTSEL cs;
4113 RTGCUINTPTR eip;
4114
4115 Assert(pVCpu);
4116
4117 /*
4118 * Update the state so DBGF reads the correct register values (flags).
4119 */
4120 remR3StateUpdate(pVM, pVCpu);
4121
4122 /*
4123 * Do the disassembling.
4124 */
4125 RTLogPrintf("Guest Code: PC=%llx %llx bytes fFlags=%d\n", (uint64_t)uCode, (uint64_t)cb, fFlags);
4126 cs = cpu_single_env->segs[R_CS].selector;
4127 eip = uCode - cpu_single_env->segs[R_CS].base;
4128 for (;;)
4129 {
4130 char szBuf[256];
4131 uint32_t cbInstr;
4132 int rc = DBGFR3DisasInstrEx(pVM,
4133 pVCpu->idCpu,
4134 cs,
4135 eip,
4136 DBGF_DISAS_FLAGS_DEFAULT_MODE,
4137 szBuf, sizeof(szBuf),
4138 &cbInstr);
4139 if (RT_SUCCESS(rc))
4140 RTLogPrintf("%llx %s\n", (uint64_t)uCode, szBuf);
4141 else
4142 {
4143 RTLogPrintf("%llx %04x:%llx: %s\n", (uint64_t)uCode, cs, (uint64_t)eip, szBuf);
4144 cbInstr = 1;
4145 }
4146
4147 /* next */
4148 if (cb <= cbInstr)
4149 break;
4150 cb -= cbInstr;
4151 uCode += cbInstr;
4152 eip += cbInstr;
4153 }
4154 }
4155}
4156
4157
4158/**
4159 * Looks up a guest symbol.
4160 *
4161 * @returns Pointer to symbol name. This is a static buffer.
4162 * @param orig_addr The address in question.
4163 */
4164const char *lookup_symbol(target_ulong orig_addr)
4165{
4166 PVM pVM = cpu_single_env->pVM;
4167 RTGCINTPTR off = 0;
4168 RTDBGSYMBOL Sym;
4169 DBGFADDRESS Addr;
4170
4171 int rc = DBGFR3AsSymbolByAddr(pVM, DBGF_AS_GLOBAL, DBGFR3AddrFromFlat(pVM, &Addr, orig_addr), &off, &Sym, NULL /*phMod*/);
4172 if (RT_SUCCESS(rc))
4173 {
4174 static char szSym[sizeof(Sym.szName) + 48];
4175 if (!off)
4176 RTStrPrintf(szSym, sizeof(szSym), "%s\n", Sym.szName);
4177 else if (off > 0)
4178 RTStrPrintf(szSym, sizeof(szSym), "%s+%x\n", Sym.szName, off);
4179 else
4180 RTStrPrintf(szSym, sizeof(szSym), "%s-%x\n", Sym.szName, -off);
4181 return szSym;
4182 }
4183 return "<N/A>";
4184}
4185
4186
4187#undef LOG_GROUP
4188#define LOG_GROUP LOG_GROUP_REM
4189
4190
4191/* -+- FF notifications -+- */
4192
4193
4194/**
4195 * Notification about a pending interrupt.
4196 *
4197 * @param pVM VM Handle.
4198 * @param pVCpu VMCPU Handle.
4199 * @param u8Interrupt Interrupt
4200 * @thread The emulation thread.
4201 */
4202REMR3DECL(void) REMR3NotifyPendingInterrupt(PVM pVM, PVMCPU pVCpu, uint8_t u8Interrupt)
4203{
4204 Assert(pVM->rem.s.u32PendingInterrupt == REM_NO_PENDING_IRQ);
4205 pVM->rem.s.u32PendingInterrupt = u8Interrupt;
4206}
4207
4208/**
4209 * Notification about a pending interrupt.
4210 *
4211 * @returns Pending interrupt or REM_NO_PENDING_IRQ
4212 * @param pVM VM Handle.
4213 * @param pVCpu VMCPU Handle.
4214 * @thread The emulation thread.
4215 */
4216REMR3DECL(uint32_t) REMR3QueryPendingInterrupt(PVM pVM, PVMCPU pVCpu)
4217{
4218 return pVM->rem.s.u32PendingInterrupt;
4219}
4220
4221/**
4222 * Notification about the interrupt FF being set.
4223 *
4224 * @param pVM VM Handle.
4225 * @param pVCpu VMCPU Handle.
4226 * @thread The emulation thread.
4227 */
4228REMR3DECL(void) REMR3NotifyInterruptSet(PVM pVM, PVMCPU pVCpu)
4229{
4230#ifndef IEM_VERIFICATION_MODE
4231 LogFlow(("REMR3NotifyInterruptSet: fInRem=%d interrupts %s\n", pVM->rem.s.fInREM,
4232 (pVM->rem.s.Env.eflags & IF_MASK) && !(pVM->rem.s.Env.hflags & HF_INHIBIT_IRQ_MASK) ? "enabled" : "disabled"));
4233 if (pVM->rem.s.fInREM)
4234 {
4235 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4236 CPU_INTERRUPT_EXTERNAL_HARD);
4237 }
4238#endif
4239}
4240
4241
4242/**
4243 * Notification about the interrupt FF being set.
4244 *
4245 * @param pVM VM Handle.
4246 * @param pVCpu VMCPU Handle.
4247 * @thread Any.
4248 */
4249REMR3DECL(void) REMR3NotifyInterruptClear(PVM pVM, PVMCPU pVCpu)
4250{
4251 LogFlow(("REMR3NotifyInterruptClear:\n"));
4252 if (pVM->rem.s.fInREM)
4253 cpu_reset_interrupt(cpu_single_env, CPU_INTERRUPT_HARD);
4254}
4255
4256
4257/**
4258 * Notification about pending timer(s).
4259 *
4260 * @param pVM VM Handle.
4261 * @param pVCpuDst The target cpu for this notification.
4262 * TM will not broadcast pending timer events, but use
4263 * a dedicated EMT for them. So, only interrupt REM
4264 * execution if the given CPU is executing in REM.
4265 * @thread Any.
4266 */
4267REMR3DECL(void) REMR3NotifyTimerPending(PVM pVM, PVMCPU pVCpuDst)
4268{
4269#ifndef IEM_VERIFICATION_MODE
4270#ifndef DEBUG_bird
4271 LogFlow(("REMR3NotifyTimerPending: fInRem=%d\n", pVM->rem.s.fInREM));
4272#endif
4273 if (pVM->rem.s.fInREM)
4274 {
4275 if (pVM->rem.s.Env.pVCpu == pVCpuDst)
4276 {
4277 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: setting\n"));
4278 ASMAtomicOrS32((int32_t volatile *)&pVM->rem.s.Env.interrupt_request,
4279 CPU_INTERRUPT_EXTERNAL_TIMER);
4280 }
4281 else
4282 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: pVCpu:%p != pVCpuDst:%p\n", pVM->rem.s.Env.pVCpu, pVCpuDst));
4283 }
4284 else
4285 LogIt(LOG_INSTANCE, RTLOGGRPFLAGS_LEVEL_5, LOG_GROUP_TM, ("REMR3NotifyTimerPending: !fInREM; cpu state=%d\n", VMCPU_GET_STATE(pVCpuDst)));
4286#endif
4287}
4288
4289
4290/**
4291 * Notification about pending DMA transfers.
4292 *
4293 * @param pVM VM Handle.
4294 * @thread Any.
4295 */
4296REMR3DECL(void) REMR3NotifyDmaPending(PVM pVM)
4297{
4298#ifndef IEM_VERIFICATION_MODE
4299 LogFlow(("REMR3NotifyDmaPending: fInRem=%d\n", pVM->rem.s.fInREM));
4300 if (pVM->rem.s.fInREM)
4301 {
4302 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4303 CPU_INTERRUPT_EXTERNAL_DMA);
4304 }
4305#endif
4306}
4307
4308
4309/**
4310 * Notification about pending timer(s).
4311 *
4312 * @param pVM VM Handle.
4313 * @thread Any.
4314 */
4315REMR3DECL(void) REMR3NotifyQueuePending(PVM pVM)
4316{
4317#ifndef IEM_VERIFICATION_MODE
4318 LogFlow(("REMR3NotifyQueuePending: fInRem=%d\n", pVM->rem.s.fInREM));
4319 if (pVM->rem.s.fInREM)
4320 {
4321 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4322 CPU_INTERRUPT_EXTERNAL_EXIT);
4323 }
4324#endif
4325}
4326
4327
4328/**
4329 * Notification about pending FF set by an external thread.
4330 *
4331 * @param pVM VM handle.
4332 * @thread Any.
4333 */
4334REMR3DECL(void) REMR3NotifyFF(PVM pVM)
4335{
4336#ifndef IEM_VERIFICATION_MODE
4337 LogFlow(("REMR3NotifyFF: fInRem=%d\n", pVM->rem.s.fInREM));
4338 if (pVM->rem.s.fInREM)
4339 {
4340 ASMAtomicOrS32((int32_t volatile *)&cpu_single_env->interrupt_request,
4341 CPU_INTERRUPT_EXTERNAL_EXIT);
4342 }
4343#endif
4344}
4345
4346
4347#ifdef VBOX_WITH_STATISTICS
4348void remR3ProfileStart(int statcode)
4349{
4350 STAMPROFILEADV *pStat;
4351 switch(statcode)
4352 {
4353 case STATS_EMULATE_SINGLE_INSTR:
4354 pStat = &gStatExecuteSingleInstr;
4355 break;
4356 case STATS_QEMU_COMPILATION:
4357 pStat = &gStatCompilationQEmu;
4358 break;
4359 case STATS_QEMU_RUN_EMULATED_CODE:
4360 pStat = &gStatRunCodeQEmu;
4361 break;
4362 case STATS_QEMU_TOTAL:
4363 pStat = &gStatTotalTimeQEmu;
4364 break;
4365 case STATS_QEMU_RUN_TIMERS:
4366 pStat = &gStatTimers;
4367 break;
4368 case STATS_TLB_LOOKUP:
4369 pStat= &gStatTBLookup;
4370 break;
4371 case STATS_IRQ_HANDLING:
4372 pStat= &gStatIRQ;
4373 break;
4374 case STATS_RAW_CHECK:
4375 pStat = &gStatRawCheck;
4376 break;
4377
4378 default:
4379 AssertMsgFailed(("unknown stat %d\n", statcode));
4380 return;
4381 }
4382 STAM_PROFILE_ADV_START(pStat, a);
4383}
4384
4385
4386void remR3ProfileStop(int statcode)
4387{
4388 STAMPROFILEADV *pStat;
4389 switch(statcode)
4390 {
4391 case STATS_EMULATE_SINGLE_INSTR:
4392 pStat = &gStatExecuteSingleInstr;
4393 break;
4394 case STATS_QEMU_COMPILATION:
4395 pStat = &gStatCompilationQEmu;
4396 break;
4397 case STATS_QEMU_RUN_EMULATED_CODE:
4398 pStat = &gStatRunCodeQEmu;
4399 break;
4400 case STATS_QEMU_TOTAL:
4401 pStat = &gStatTotalTimeQEmu;
4402 break;
4403 case STATS_QEMU_RUN_TIMERS:
4404 pStat = &gStatTimers;
4405 break;
4406 case STATS_TLB_LOOKUP:
4407 pStat= &gStatTBLookup;
4408 break;
4409 case STATS_IRQ_HANDLING:
4410 pStat= &gStatIRQ;
4411 break;
4412 case STATS_RAW_CHECK:
4413 pStat = &gStatRawCheck;
4414 break;
4415 default:
4416 AssertMsgFailed(("unknown stat %d\n", statcode));
4417 return;
4418 }
4419 STAM_PROFILE_ADV_STOP(pStat, a);
4420}
4421#endif
4422
4423/**
4424 * Raise an RC, force rem exit.
4425 *
4426 * @param pVM VM handle.
4427 * @param rc The rc.
4428 */
4429void remR3RaiseRC(PVM pVM, int rc)
4430{
4431 Log(("remR3RaiseRC: rc=%Rrc\n", rc));
4432 Assert(pVM->rem.s.fInREM);
4433 VM_ASSERT_EMT(pVM);
4434 pVM->rem.s.rc = rc;
4435 cpu_interrupt(&pVM->rem.s.Env, CPU_INTERRUPT_RC);
4436}
4437
4438
4439/* -+- timers -+- */
4440
4441uint64_t cpu_get_tsc(CPUX86State *env)
4442{
4443 STAM_COUNTER_INC(&gStatCpuGetTSC);
4444 return TMCpuTickGet(env->pVCpu);
4445}
4446
4447
4448/* -+- interrupts -+- */
4449
4450void cpu_set_ferr(CPUX86State *env)
4451{
4452 int rc = PDMIsaSetIrq(env->pVM, 13, 1, 0 /*uTagSrc*/);
4453 LogFlow(("cpu_set_ferr: rc=%d\n", rc)); NOREF(rc);
4454}
4455
4456int cpu_get_pic_interrupt(CPUX86State *env)
4457{
4458 uint8_t u8Interrupt;
4459 int rc;
4460
4461 /* When we fail to forward interrupts directly in raw mode, we fall back to the recompiler.
4462 * In that case we can't call PDMGetInterrupt anymore, because it has already cleared the interrupt
4463 * with the (a)pic.
4464 */
4465 /* Note! We assume we will go directly to the recompiler to handle the pending interrupt! */
4466 /** @todo r=bird: In the long run we should just do the interrupt handling in EM/CPUM/TRPM/somewhere and
4467 * if we cannot execute the interrupt handler in raw-mode just reschedule to REM. Once that is done we
4468 * remove this kludge. */
4469 if (env->pVM->rem.s.u32PendingInterrupt != REM_NO_PENDING_IRQ)
4470 {
4471 rc = VINF_SUCCESS;
4472 Assert(env->pVM->rem.s.u32PendingInterrupt <= 255);
4473 u8Interrupt = env->pVM->rem.s.u32PendingInterrupt;
4474 env->pVM->rem.s.u32PendingInterrupt = REM_NO_PENDING_IRQ;
4475 }
4476 else
4477 rc = PDMGetInterrupt(env->pVCpu, &u8Interrupt);
4478
4479 LogFlow(("cpu_get_pic_interrupt: u8Interrupt=%d rc=%Rrc pc=%04x:%08llx ~flags=%08llx\n",
4480 u8Interrupt, rc, env->segs[R_CS].selector, (uint64_t)env->eip, (uint64_t)env->eflags));
4481 if (RT_SUCCESS(rc))
4482 {
4483 if (VMCPU_FF_ISPENDING(env->pVCpu, VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC))
4484 env->interrupt_request |= CPU_INTERRUPT_HARD;
4485 return u8Interrupt;
4486 }
4487 return -1;
4488}
4489
4490
4491/* -+- local apic -+- */
4492
4493#if 0 /* CPUMSetGuestMsr does this now. */
4494void cpu_set_apic_base(CPUX86State *env, uint64_t val)
4495{
4496 int rc = PDMApicSetBase(env->pVM, val);
4497 LogFlow(("cpu_set_apic_base: val=%#llx rc=%Rrc\n", val, rc)); NOREF(rc);
4498}
4499#endif
4500
4501uint64_t cpu_get_apic_base(CPUX86State *env)
4502{
4503 uint64_t u64;
4504 int rc = PDMApicGetBase(env->pVM, &u64);
4505 if (RT_SUCCESS(rc))
4506 {
4507 LogFlow(("cpu_get_apic_base: returns %#llx \n", u64));
4508 return u64;
4509 }
4510 LogFlow(("cpu_get_apic_base: returns 0 (rc=%Rrc)\n", rc));
4511 return 0;
4512}
4513
4514void cpu_set_apic_tpr(CPUX86State *env, uint8_t val)
4515{
4516 int rc = PDMApicSetTPR(env->pVCpu, val << 4); /* cr8 bits 3-0 correspond to bits 7-4 of the task priority mmio register. */
4517 LogFlow(("cpu_set_apic_tpr: val=%#x rc=%Rrc\n", val, rc)); NOREF(rc);
4518}
4519
4520uint8_t cpu_get_apic_tpr(CPUX86State *env)
4521{
4522 uint8_t u8;
4523 int rc = PDMApicGetTPR(env->pVCpu, &u8, NULL);
4524 if (RT_SUCCESS(rc))
4525 {
4526 LogFlow(("cpu_get_apic_tpr: returns %#x\n", u8));
4527 return u8 >> 4; /* cr8 bits 3-0 correspond to bits 7-4 of the task priority mmio register. */
4528 }
4529 LogFlow(("cpu_get_apic_tpr: returns 0 (rc=%Rrc)\n", rc));
4530 return 0;
4531}
4532
4533/**
4534 * Read an MSR.
4535 *
4536 * @retval 0 success.
4537 * @retval -1 failure, raise \#GP(0).
4538 * @param env The cpu state.
4539 * @param idMsr The MSR to read.
4540 * @param puValue Where to return the value.
4541 */
4542int cpu_rdmsr(CPUX86State *env, uint32_t idMsr, uint64_t *puValue)
4543{
4544 Assert(env->pVCpu);
4545 return CPUMQueryGuestMsr(env->pVCpu, idMsr, puValue) == VINF_SUCCESS ? 0 : -1;
4546}
4547
4548/**
4549 * Write to an MSR.
4550 *
4551 * @retval 0 success.
4552 * @retval -1 failure, raise \#GP(0).
4553 * @param env The cpu state.
4554 * @param idMsr The MSR to read.
4555 * @param puValue Where to return the value.
4556 */
4557int cpu_wrmsr(CPUX86State *env, uint32_t idMsr, uint64_t uValue)
4558{
4559 Assert(env->pVCpu);
4560 return CPUMSetGuestMsr(env->pVCpu, idMsr, uValue) == VINF_SUCCESS ? 0 : -1;
4561}
4562
4563/* -+- I/O Ports -+- */
4564
4565#undef LOG_GROUP
4566#define LOG_GROUP LOG_GROUP_REM_IOPORT
4567
4568void cpu_outb(CPUX86State *env, pio_addr_t addr, uint8_t val)
4569{
4570 int rc;
4571
4572 if (addr != 0x80 && addr != 0x70 && addr != 0x61)
4573 Log2(("cpu_outb: addr=%#06x val=%#x\n", addr, val));
4574
4575 rc = IOMIOPortWrite(env->pVM, (RTIOPORT)addr, val, 1);
4576 if (RT_LIKELY(rc == VINF_SUCCESS))
4577 return;
4578 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4579 {
4580 Log(("cpu_outb: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4581 remR3RaiseRC(env->pVM, rc);
4582 return;
4583 }
4584 remAbort(rc, __FUNCTION__);
4585}
4586
4587void cpu_outw(CPUX86State *env, pio_addr_t addr, uint16_t val)
4588{
4589 //Log2(("cpu_outw: addr=%#06x val=%#x\n", addr, val));
4590 int rc = IOMIOPortWrite(env->pVM, (RTIOPORT)addr, val, 2);
4591 if (RT_LIKELY(rc == VINF_SUCCESS))
4592 return;
4593 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4594 {
4595 Log(("cpu_outw: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4596 remR3RaiseRC(env->pVM, rc);
4597 return;
4598 }
4599 remAbort(rc, __FUNCTION__);
4600}
4601
4602void cpu_outl(CPUX86State *env, pio_addr_t addr, uint32_t val)
4603{
4604 int rc;
4605 Log2(("cpu_outl: addr=%#06x val=%#x\n", addr, val));
4606 rc = IOMIOPortWrite(env->pVM, (RTIOPORT)addr, val, 4);
4607 if (RT_LIKELY(rc == VINF_SUCCESS))
4608 return;
4609 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4610 {
4611 Log(("cpu_outl: addr=%#06x val=%#x -> %Rrc\n", addr, val, rc));
4612 remR3RaiseRC(env->pVM, rc);
4613 return;
4614 }
4615 remAbort(rc, __FUNCTION__);
4616}
4617
4618uint8_t cpu_inb(CPUX86State *env, pio_addr_t addr)
4619{
4620 uint32_t u32 = 0;
4621 int rc = IOMIOPortRead(env->pVM, (RTIOPORT)addr, &u32, 1);
4622 if (RT_LIKELY(rc == VINF_SUCCESS))
4623 {
4624 if (/*addr != 0x61 && */addr != 0x71)
4625 Log2(("cpu_inb: addr=%#06x -> %#x\n", addr, u32));
4626 return (uint8_t)u32;
4627 }
4628 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4629 {
4630 Log(("cpu_inb: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4631 remR3RaiseRC(env->pVM, rc);
4632 return (uint8_t)u32;
4633 }
4634 remAbort(rc, __FUNCTION__);
4635 return UINT8_C(0xff);
4636}
4637
4638uint16_t cpu_inw(CPUX86State *env, pio_addr_t addr)
4639{
4640 uint32_t u32 = 0;
4641 int rc = IOMIOPortRead(env->pVM, (RTIOPORT)addr, &u32, 2);
4642 if (RT_LIKELY(rc == VINF_SUCCESS))
4643 {
4644 Log2(("cpu_inw: addr=%#06x -> %#x\n", addr, u32));
4645 return (uint16_t)u32;
4646 }
4647 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4648 {
4649 Log(("cpu_inw: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4650 remR3RaiseRC(env->pVM, rc);
4651 return (uint16_t)u32;
4652 }
4653 remAbort(rc, __FUNCTION__);
4654 return UINT16_C(0xffff);
4655}
4656
4657uint32_t cpu_inl(CPUX86State *env, pio_addr_t addr)
4658{
4659 uint32_t u32 = 0;
4660 int rc = IOMIOPortRead(env->pVM, (RTIOPORT)addr, &u32, 4);
4661 if (RT_LIKELY(rc == VINF_SUCCESS))
4662 {
4663//if (addr==0x01f0 && u32 == 0x6b6d)
4664// loglevel = ~0;
4665 Log2(("cpu_inl: addr=%#06x -> %#x\n", addr, u32));
4666 return u32;
4667 }
4668 if (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST)
4669 {
4670 Log(("cpu_inl: addr=%#06x -> %#x rc=%Rrc\n", addr, u32, rc));
4671 remR3RaiseRC(env->pVM, rc);
4672 return u32;
4673 }
4674 remAbort(rc, __FUNCTION__);
4675 return UINT32_C(0xffffffff);
4676}
4677
4678#undef LOG_GROUP
4679#define LOG_GROUP LOG_GROUP_REM
4680
4681
4682/* -+- helpers and misc other interfaces -+- */
4683
4684/**
4685 * Perform the CPUID instruction.
4686 *
4687 * @param env Pointer to the recompiler CPU structure.
4688 * @param idx The CPUID leaf (eax).
4689 * @param idxSub The CPUID sub-leaf (ecx) where applicable.
4690 * @param pvEAX Where to store eax.
4691 * @param pvEBX Where to store ebx.
4692 * @param pvECX Where to store ecx.
4693 * @param pvEDX Where to store edx.
4694 */
4695void cpu_x86_cpuid(CPUX86State *env, uint32_t idx, uint32_t idxSub,
4696 uint32_t *pEAX, uint32_t *pEBX, uint32_t *pECX, uint32_t *pEDX)
4697{
4698 NOREF(idxSub);
4699 CPUMGetGuestCpuId(env->pVCpu, idx, pEAX, pEBX, pECX, pEDX);
4700}
4701
4702
4703#if 0 /* not used */
4704/**
4705 * Interface for qemu hardware to report back fatal errors.
4706 */
4707void hw_error(const char *pszFormat, ...)
4708{
4709 /*
4710 * Bitch about it.
4711 */
4712 /** @todo Add support for nested arg lists in the LogPrintfV routine! I've code for
4713 * this in my Odin32 tree at home! */
4714 va_list args;
4715 va_start(args, pszFormat);
4716 RTLogPrintf("fatal error in virtual hardware:");
4717 RTLogPrintfV(pszFormat, args);
4718 va_end(args);
4719 AssertReleaseMsgFailed(("fatal error in virtual hardware: %s\n", pszFormat));
4720
4721 /*
4722 * If we're in REM context we'll sync back the state before 'jumping' to
4723 * the EMs failure handling.
4724 */
4725 PVM pVM = cpu_single_env->pVM;
4726 if (pVM->rem.s.fInREM)
4727 REMR3StateBack(pVM);
4728 EMR3FatalError(pVM, VERR_REM_VIRTUAL_HARDWARE_ERROR);
4729 AssertMsgFailed(("EMR3FatalError returned!\n"));
4730}
4731#endif
4732
4733/**
4734 * Interface for the qemu cpu to report unhandled situation
4735 * raising a fatal VM error.
4736 */
4737void cpu_abort(CPUX86State *env, const char *pszFormat, ...)
4738{
4739 va_list va;
4740 PVM pVM;
4741 PVMCPU pVCpu;
4742 char szMsg[256];
4743
4744 /*
4745 * Bitch about it.
4746 */
4747 RTLogFlags(NULL, "nodisabled nobuffered");
4748 RTLogFlush(NULL);
4749
4750 va_start(va, pszFormat);
4751#if defined(RT_OS_WINDOWS) && ARCH_BITS == 64
4752 /* It's a bit complicated when mixing MSC and GCC on AMD64. This is a bit ugly, but it works. */
4753 unsigned cArgs = 0;
4754 uintptr_t auArgs[6] = {0,0,0,0,0,0};
4755 const char *psz = strchr(pszFormat, '%');
4756 while (psz && cArgs < 6)
4757 {
4758 auArgs[cArgs++] = va_arg(va, uintptr_t);
4759 psz = strchr(psz + 1, '%');
4760 }
4761 switch (cArgs)
4762 {
4763 case 1: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0]); break;
4764 case 2: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1]); break;
4765 case 3: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2]); break;
4766 case 4: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3]); break;
4767 case 5: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3], auArgs[4]); break;
4768 case 6: RTStrPrintf(szMsg, sizeof(szMsg), pszFormat, auArgs[0], auArgs[1], auArgs[2], auArgs[3], auArgs[4], auArgs[5]); break;
4769 default:
4770 case 0: RTStrPrintf(szMsg, sizeof(szMsg), "%s", pszFormat); break;
4771 }
4772#else
4773 RTStrPrintfV(szMsg, sizeof(szMsg), pszFormat, va);
4774#endif
4775 va_end(va);
4776
4777 RTLogPrintf("fatal error in recompiler cpu: %s\n", szMsg);
4778 RTLogRelPrintf("fatal error in recompiler cpu: %s\n", szMsg);
4779
4780 /*
4781 * If we're in REM context we'll sync back the state before 'jumping' to
4782 * the EMs failure handling.
4783 */
4784 pVM = cpu_single_env->pVM;
4785 pVCpu = cpu_single_env->pVCpu;
4786 Assert(pVCpu);
4787
4788 if (pVM->rem.s.fInREM)
4789 REMR3StateBack(pVM, pVCpu);
4790 EMR3FatalError(pVCpu, VERR_REM_VIRTUAL_CPU_ERROR);
4791 AssertMsgFailed(("EMR3FatalError returned!\n"));
4792}
4793
4794
4795/**
4796 * Aborts the VM.
4797 *
4798 * @param rc VBox error code.
4799 * @param pszTip Hint about why/when this happened.
4800 */
4801void remAbort(int rc, const char *pszTip)
4802{
4803 PVM pVM;
4804 PVMCPU pVCpu;
4805
4806 /*
4807 * Bitch about it.
4808 */
4809 RTLogPrintf("internal REM fatal error: rc=%Rrc %s\n", rc, pszTip);
4810 AssertReleaseMsgFailed(("internal REM fatal error: rc=%Rrc %s\n", rc, pszTip));
4811
4812 /*
4813 * Jump back to where we entered the recompiler.
4814 */
4815 pVM = cpu_single_env->pVM;
4816 pVCpu = cpu_single_env->pVCpu;
4817 Assert(pVCpu);
4818
4819 if (pVM->rem.s.fInREM)
4820 REMR3StateBack(pVM, pVCpu);
4821
4822 EMR3FatalError(pVCpu, rc);
4823 AssertMsgFailed(("EMR3FatalError returned!\n"));
4824}
4825
4826
4827/**
4828 * Dumps a linux system call.
4829 * @param pVCpu VMCPU handle.
4830 */
4831void remR3DumpLnxSyscall(PVMCPU pVCpu)
4832{
4833 static const char *apsz[] =
4834 {
4835 "sys_restart_syscall", /* 0 - old "setup()" system call, used for restarting */
4836 "sys_exit",
4837 "sys_fork",
4838 "sys_read",
4839 "sys_write",
4840 "sys_open", /* 5 */
4841 "sys_close",
4842 "sys_waitpid",
4843 "sys_creat",
4844 "sys_link",
4845 "sys_unlink", /* 10 */
4846 "sys_execve",
4847 "sys_chdir",
4848 "sys_time",
4849 "sys_mknod",
4850 "sys_chmod", /* 15 */
4851 "sys_lchown16",
4852 "sys_ni_syscall", /* old break syscall holder */
4853 "sys_stat",
4854 "sys_lseek",
4855 "sys_getpid", /* 20 */
4856 "sys_mount",
4857 "sys_oldumount",
4858 "sys_setuid16",
4859 "sys_getuid16",
4860 "sys_stime", /* 25 */
4861 "sys_ptrace",
4862 "sys_alarm",
4863 "sys_fstat",
4864 "sys_pause",
4865 "sys_utime", /* 30 */
4866 "sys_ni_syscall", /* old stty syscall holder */
4867 "sys_ni_syscall", /* old gtty syscall holder */
4868 "sys_access",
4869 "sys_nice",
4870 "sys_ni_syscall", /* 35 - old ftime syscall holder */
4871 "sys_sync",
4872 "sys_kill",
4873 "sys_rename",
4874 "sys_mkdir",
4875 "sys_rmdir", /* 40 */
4876 "sys_dup",
4877 "sys_pipe",
4878 "sys_times",
4879 "sys_ni_syscall", /* old prof syscall holder */
4880 "sys_brk", /* 45 */
4881 "sys_setgid16",
4882 "sys_getgid16",
4883 "sys_signal",
4884 "sys_geteuid16",
4885 "sys_getegid16", /* 50 */
4886 "sys_acct",
4887 "sys_umount", /* recycled never used phys() */
4888 "sys_ni_syscall", /* old lock syscall holder */
4889 "sys_ioctl",
4890 "sys_fcntl", /* 55 */
4891 "sys_ni_syscall", /* old mpx syscall holder */
4892 "sys_setpgid",
4893 "sys_ni_syscall", /* old ulimit syscall holder */
4894 "sys_olduname",
4895 "sys_umask", /* 60 */
4896 "sys_chroot",
4897 "sys_ustat",
4898 "sys_dup2",
4899 "sys_getppid",
4900 "sys_getpgrp", /* 65 */
4901 "sys_setsid",
4902 "sys_sigaction",
4903 "sys_sgetmask",
4904 "sys_ssetmask",
4905 "sys_setreuid16", /* 70 */
4906 "sys_setregid16",
4907 "sys_sigsuspend",
4908 "sys_sigpending",
4909 "sys_sethostname",
4910 "sys_setrlimit", /* 75 */
4911 "sys_old_getrlimit",
4912 "sys_getrusage",
4913 "sys_gettimeofday",
4914 "sys_settimeofday",
4915 "sys_getgroups16", /* 80 */
4916 "sys_setgroups16",
4917 "old_select",
4918 "sys_symlink",
4919 "sys_lstat",
4920 "sys_readlink", /* 85 */
4921 "sys_uselib",
4922 "sys_swapon",
4923 "sys_reboot",
4924 "old_readdir",
4925 "old_mmap", /* 90 */
4926 "sys_munmap",
4927 "sys_truncate",
4928 "sys_ftruncate",
4929 "sys_fchmod",
4930 "sys_fchown16", /* 95 */
4931 "sys_getpriority",
4932 "sys_setpriority",
4933 "sys_ni_syscall", /* old profil syscall holder */
4934 "sys_statfs",
4935 "sys_fstatfs", /* 100 */
4936 "sys_ioperm",
4937 "sys_socketcall",
4938 "sys_syslog",
4939 "sys_setitimer",
4940 "sys_getitimer", /* 105 */
4941 "sys_newstat",
4942 "sys_newlstat",
4943 "sys_newfstat",
4944 "sys_uname",
4945 "sys_iopl", /* 110 */
4946 "sys_vhangup",
4947 "sys_ni_syscall", /* old "idle" system call */
4948 "sys_vm86old",
4949 "sys_wait4",
4950 "sys_swapoff", /* 115 */
4951 "sys_sysinfo",
4952 "sys_ipc",
4953 "sys_fsync",
4954 "sys_sigreturn",
4955 "sys_clone", /* 120 */
4956 "sys_setdomainname",
4957 "sys_newuname",
4958 "sys_modify_ldt",
4959 "sys_adjtimex",
4960 "sys_mprotect", /* 125 */
4961 "sys_sigprocmask",
4962 "sys_ni_syscall", /* old "create_module" */
4963 "sys_init_module",
4964 "sys_delete_module",
4965 "sys_ni_syscall", /* 130: old "get_kernel_syms" */
4966 "sys_quotactl",
4967 "sys_getpgid",
4968 "sys_fchdir",
4969 "sys_bdflush",
4970 "sys_sysfs", /* 135 */
4971 "sys_personality",
4972 "sys_ni_syscall", /* reserved for afs_syscall */
4973 "sys_setfsuid16",
4974 "sys_setfsgid16",
4975 "sys_llseek", /* 140 */
4976 "sys_getdents",
4977 "sys_select",
4978 "sys_flock",
4979 "sys_msync",
4980 "sys_readv", /* 145 */
4981 "sys_writev",
4982 "sys_getsid",
4983 "sys_fdatasync",
4984 "sys_sysctl",
4985 "sys_mlock", /* 150 */
4986 "sys_munlock",
4987 "sys_mlockall",
4988 "sys_munlockall",
4989 "sys_sched_setparam",
4990 "sys_sched_getparam", /* 155 */
4991 "sys_sched_setscheduler",
4992 "sys_sched_getscheduler",
4993 "sys_sched_yield",
4994 "sys_sched_get_priority_max",
4995 "sys_sched_get_priority_min", /* 160 */
4996 "sys_sched_rr_get_interval",
4997 "sys_nanosleep",
4998 "sys_mremap",
4999 "sys_setresuid16",
5000 "sys_getresuid16", /* 165 */
5001 "sys_vm86",
5002 "sys_ni_syscall", /* Old sys_query_module */
5003 "sys_poll",
5004 "sys_nfsservctl",
5005 "sys_setresgid16", /* 170 */
5006 "sys_getresgid16",
5007 "sys_prctl",
5008 "sys_rt_sigreturn",
5009 "sys_rt_sigaction",
5010 "sys_rt_sigprocmask", /* 175 */
5011 "sys_rt_sigpending",
5012 "sys_rt_sigtimedwait",
5013 "sys_rt_sigqueueinfo",
5014 "sys_rt_sigsuspend",
5015 "sys_pread64", /* 180 */
5016 "sys_pwrite64",
5017 "sys_chown16",
5018 "sys_getcwd",
5019 "sys_capget",
5020 "sys_capset", /* 185 */
5021 "sys_sigaltstack",
5022 "sys_sendfile",
5023 "sys_ni_syscall", /* reserved for streams1 */
5024 "sys_ni_syscall", /* reserved for streams2 */
5025 "sys_vfork", /* 190 */
5026 "sys_getrlimit",
5027 "sys_mmap2",
5028 "sys_truncate64",
5029 "sys_ftruncate64",
5030 "sys_stat64", /* 195 */
5031 "sys_lstat64",
5032 "sys_fstat64",
5033 "sys_lchown",
5034 "sys_getuid",
5035 "sys_getgid", /* 200 */
5036 "sys_geteuid",
5037 "sys_getegid",
5038 "sys_setreuid",
5039 "sys_setregid",
5040 "sys_getgroups", /* 205 */
5041 "sys_setgroups",
5042 "sys_fchown",
5043 "sys_setresuid",
5044 "sys_getresuid",
5045 "sys_setresgid", /* 210 */
5046 "sys_getresgid",
5047 "sys_chown",
5048 "sys_setuid",
5049 "sys_setgid",
5050 "sys_setfsuid", /* 215 */
5051 "sys_setfsgid",
5052 "sys_pivot_root",
5053 "sys_mincore",
5054 "sys_madvise",
5055 "sys_getdents64", /* 220 */
5056 "sys_fcntl64",
5057 "sys_ni_syscall", /* reserved for TUX */
5058 "sys_ni_syscall",
5059 "sys_gettid",
5060 "sys_readahead", /* 225 */
5061 "sys_setxattr",
5062 "sys_lsetxattr",
5063 "sys_fsetxattr",
5064 "sys_getxattr",
5065 "sys_lgetxattr", /* 230 */
5066 "sys_fgetxattr",
5067 "sys_listxattr",
5068 "sys_llistxattr",
5069 "sys_flistxattr",
5070 "sys_removexattr", /* 235 */
5071 "sys_lremovexattr",
5072 "sys_fremovexattr",
5073 "sys_tkill",
5074 "sys_sendfile64",
5075 "sys_futex", /* 240 */
5076 "sys_sched_setaffinity",
5077 "sys_sched_getaffinity",
5078 "sys_set_thread_area",
5079 "sys_get_thread_area",
5080 "sys_io_setup", /* 245 */
5081 "sys_io_destroy",
5082 "sys_io_getevents",
5083 "sys_io_submit",
5084 "sys_io_cancel",
5085 "sys_fadvise64", /* 250 */
5086 "sys_ni_syscall",
5087 "sys_exit_group",
5088 "sys_lookup_dcookie",
5089 "sys_epoll_create",
5090 "sys_epoll_ctl", /* 255 */
5091 "sys_epoll_wait",
5092 "sys_remap_file_pages",
5093 "sys_set_tid_address",
5094 "sys_timer_create",
5095 "sys_timer_settime", /* 260 */
5096 "sys_timer_gettime",
5097 "sys_timer_getoverrun",
5098 "sys_timer_delete",
5099 "sys_clock_settime",
5100 "sys_clock_gettime", /* 265 */
5101 "sys_clock_getres",
5102 "sys_clock_nanosleep",
5103 "sys_statfs64",
5104 "sys_fstatfs64",
5105 "sys_tgkill", /* 270 */
5106 "sys_utimes",
5107 "sys_fadvise64_64",
5108 "sys_ni_syscall" /* sys_vserver */
5109 };
5110
5111 uint32_t uEAX = CPUMGetGuestEAX(pVCpu);
5112 switch (uEAX)
5113 {
5114 default:
5115 if (uEAX < RT_ELEMENTS(apsz))
5116 Log(("REM: linux syscall %3d: %s (eip=%08x ebx=%08x ecx=%08x edx=%08x esi=%08x edi=%08x ebp=%08x)\n",
5117 uEAX, apsz[uEAX], CPUMGetGuestEIP(pVCpu), CPUMGetGuestEBX(pVCpu), CPUMGetGuestECX(pVCpu),
5118 CPUMGetGuestEDX(pVCpu), CPUMGetGuestESI(pVCpu), CPUMGetGuestEDI(pVCpu), CPUMGetGuestEBP(pVCpu)));
5119 else
5120 Log(("eip=%08x: linux syscall %d (#%x) unknown\n", CPUMGetGuestEIP(pVCpu), uEAX, uEAX));
5121 break;
5122
5123 }
5124}
5125
5126
5127/**
5128 * Dumps an OpenBSD system call.
5129 * @param pVCpu VMCPU handle.
5130 */
5131void remR3DumpOBsdSyscall(PVMCPU pVCpu)
5132{
5133 static const char *apsz[] =
5134 {
5135 "SYS_syscall", //0
5136 "SYS_exit", //1
5137 "SYS_fork", //2
5138 "SYS_read", //3
5139 "SYS_write", //4
5140 "SYS_open", //5
5141 "SYS_close", //6
5142 "SYS_wait4", //7
5143 "SYS_8",
5144 "SYS_link", //9
5145 "SYS_unlink", //10
5146 "SYS_11",
5147 "SYS_chdir", //12
5148 "SYS_fchdir", //13
5149 "SYS_mknod", //14
5150 "SYS_chmod", //15
5151 "SYS_chown", //16
5152 "SYS_break", //17
5153 "SYS_18",
5154 "SYS_19",
5155 "SYS_getpid", //20
5156 "SYS_mount", //21
5157 "SYS_unmount", //22
5158 "SYS_setuid", //23
5159 "SYS_getuid", //24
5160 "SYS_geteuid", //25
5161 "SYS_ptrace", //26
5162 "SYS_recvmsg", //27
5163 "SYS_sendmsg", //28
5164 "SYS_recvfrom", //29
5165 "SYS_accept", //30
5166 "SYS_getpeername", //31
5167 "SYS_getsockname", //32
5168 "SYS_access", //33
5169 "SYS_chflags", //34
5170 "SYS_fchflags", //35
5171 "SYS_sync", //36
5172 "SYS_kill", //37
5173 "SYS_38",
5174 "SYS_getppid", //39
5175 "SYS_40",
5176 "SYS_dup", //41
5177 "SYS_opipe", //42
5178 "SYS_getegid", //43
5179 "SYS_profil", //44
5180 "SYS_ktrace", //45
5181 "SYS_sigaction", //46
5182 "SYS_getgid", //47
5183 "SYS_sigprocmask", //48
5184 "SYS_getlogin", //49
5185 "SYS_setlogin", //50
5186 "SYS_acct", //51
5187 "SYS_sigpending", //52
5188 "SYS_osigaltstack", //53
5189 "SYS_ioctl", //54
5190 "SYS_reboot", //55
5191 "SYS_revoke", //56
5192 "SYS_symlink", //57
5193 "SYS_readlink", //58
5194 "SYS_execve", //59
5195 "SYS_umask", //60
5196 "SYS_chroot", //61
5197 "SYS_62",
5198 "SYS_63",
5199 "SYS_64",
5200 "SYS_65",
5201 "SYS_vfork", //66
5202 "SYS_67",
5203 "SYS_68",
5204 "SYS_sbrk", //69
5205 "SYS_sstk", //70
5206 "SYS_61",
5207 "SYS_vadvise", //72
5208 "SYS_munmap", //73
5209 "SYS_mprotect", //74
5210 "SYS_madvise", //75
5211 "SYS_76",
5212 "SYS_77",
5213 "SYS_mincore", //78
5214 "SYS_getgroups", //79
5215 "SYS_setgroups", //80
5216 "SYS_getpgrp", //81
5217 "SYS_setpgid", //82
5218 "SYS_setitimer", //83
5219 "SYS_84",
5220 "SYS_85",
5221 "SYS_getitimer", //86
5222 "SYS_87",
5223 "SYS_88",
5224 "SYS_89",
5225 "SYS_dup2", //90
5226 "SYS_91",
5227 "SYS_fcntl", //92
5228 "SYS_select", //93
5229 "SYS_94",
5230 "SYS_fsync", //95
5231 "SYS_setpriority", //96
5232 "SYS_socket", //97
5233 "SYS_connect", //98
5234 "SYS_99",
5235 "SYS_getpriority", //100
5236 "SYS_101",
5237 "SYS_102",
5238 "SYS_sigreturn", //103
5239 "SYS_bind", //104
5240 "SYS_setsockopt", //105
5241 "SYS_listen", //106
5242 "SYS_107",
5243 "SYS_108",
5244 "SYS_109",
5245 "SYS_110",
5246 "SYS_sigsuspend", //111
5247 "SYS_112",
5248 "SYS_113",
5249 "SYS_114",
5250 "SYS_115",
5251 "SYS_gettimeofday", //116
5252 "SYS_getrusage", //117
5253 "SYS_getsockopt", //118
5254 "SYS_119",
5255 "SYS_readv", //120
5256 "SYS_writev", //121
5257 "SYS_settimeofday", //122
5258 "SYS_fchown", //123
5259 "SYS_fchmod", //124
5260 "SYS_125",
5261 "SYS_setreuid", //126
5262 "SYS_setregid", //127
5263 "SYS_rename", //128
5264 "SYS_129",
5265 "SYS_130",
5266 "SYS_flock", //131
5267 "SYS_mkfifo", //132
5268 "SYS_sendto", //133
5269 "SYS_shutdown", //134
5270 "SYS_socketpair", //135
5271 "SYS_mkdir", //136
5272 "SYS_rmdir", //137
5273 "SYS_utimes", //138
5274 "SYS_139",
5275 "SYS_adjtime", //140
5276 "SYS_141",
5277 "SYS_142",
5278 "SYS_143",
5279 "SYS_144",
5280 "SYS_145",
5281 "SYS_146",
5282 "SYS_setsid", //147
5283 "SYS_quotactl", //148
5284 "SYS_149",
5285 "SYS_150",
5286 "SYS_151",
5287 "SYS_152",
5288 "SYS_153",
5289 "SYS_154",
5290 "SYS_nfssvc", //155
5291 "SYS_156",
5292 "SYS_157",
5293 "SYS_158",
5294 "SYS_159",
5295 "SYS_160",
5296 "SYS_getfh", //161
5297 "SYS_162",
5298 "SYS_163",
5299 "SYS_164",
5300 "SYS_sysarch", //165
5301 "SYS_166",
5302 "SYS_167",
5303 "SYS_168",
5304 "SYS_169",
5305 "SYS_170",
5306 "SYS_171",
5307 "SYS_172",
5308 "SYS_pread", //173
5309 "SYS_pwrite", //174
5310 "SYS_175",
5311 "SYS_176",
5312 "SYS_177",
5313 "SYS_178",
5314 "SYS_179",
5315 "SYS_180",
5316 "SYS_setgid", //181
5317 "SYS_setegid", //182
5318 "SYS_seteuid", //183
5319 "SYS_lfs_bmapv", //184
5320 "SYS_lfs_markv", //185
5321 "SYS_lfs_segclean", //186
5322 "SYS_lfs_segwait", //187
5323 "SYS_188",
5324 "SYS_189",
5325 "SYS_190",
5326 "SYS_pathconf", //191
5327 "SYS_fpathconf", //192
5328 "SYS_swapctl", //193
5329 "SYS_getrlimit", //194
5330 "SYS_setrlimit", //195
5331 "SYS_getdirentries", //196
5332 "SYS_mmap", //197
5333 "SYS___syscall", //198
5334 "SYS_lseek", //199
5335 "SYS_truncate", //200
5336 "SYS_ftruncate", //201
5337 "SYS___sysctl", //202
5338 "SYS_mlock", //203
5339 "SYS_munlock", //204
5340 "SYS_205",
5341 "SYS_futimes", //206
5342 "SYS_getpgid", //207
5343 "SYS_xfspioctl", //208
5344 "SYS_209",
5345 "SYS_210",
5346 "SYS_211",
5347 "SYS_212",
5348 "SYS_213",
5349 "SYS_214",
5350 "SYS_215",
5351 "SYS_216",
5352 "SYS_217",
5353 "SYS_218",
5354 "SYS_219",
5355 "SYS_220",
5356 "SYS_semget", //221
5357 "SYS_222",
5358 "SYS_223",
5359 "SYS_224",
5360 "SYS_msgget", //225
5361 "SYS_msgsnd", //226
5362 "SYS_msgrcv", //227
5363 "SYS_shmat", //228
5364 "SYS_229",
5365 "SYS_shmdt", //230
5366 "SYS_231",
5367 "SYS_clock_gettime", //232
5368 "SYS_clock_settime", //233
5369 "SYS_clock_getres", //234
5370 "SYS_235",
5371 "SYS_236",
5372 "SYS_237",
5373 "SYS_238",
5374 "SYS_239",
5375 "SYS_nanosleep", //240
5376 "SYS_241",
5377 "SYS_242",
5378 "SYS_243",
5379 "SYS_244",
5380 "SYS_245",
5381 "SYS_246",
5382 "SYS_247",
5383 "SYS_248",
5384 "SYS_249",
5385 "SYS_minherit", //250
5386 "SYS_rfork", //251
5387 "SYS_poll", //252
5388 "SYS_issetugid", //253
5389 "SYS_lchown", //254
5390 "SYS_getsid", //255
5391 "SYS_msync", //256
5392 "SYS_257",
5393 "SYS_258",
5394 "SYS_259",
5395 "SYS_getfsstat", //260
5396 "SYS_statfs", //261
5397 "SYS_fstatfs", //262
5398 "SYS_pipe", //263
5399 "SYS_fhopen", //264
5400 "SYS_265",
5401 "SYS_fhstatfs", //266
5402 "SYS_preadv", //267
5403 "SYS_pwritev", //268
5404 "SYS_kqueue", //269
5405 "SYS_kevent", //270
5406 "SYS_mlockall", //271
5407 "SYS_munlockall", //272
5408 "SYS_getpeereid", //273
5409 "SYS_274",
5410 "SYS_275",
5411 "SYS_276",
5412 "SYS_277",
5413 "SYS_278",
5414 "SYS_279",
5415 "SYS_280",
5416 "SYS_getresuid", //281
5417 "SYS_setresuid", //282
5418 "SYS_getresgid", //283
5419 "SYS_setresgid", //284
5420 "SYS_285",
5421 "SYS_mquery", //286
5422 "SYS_closefrom", //287
5423 "SYS_sigaltstack", //288
5424 "SYS_shmget", //289
5425 "SYS_semop", //290
5426 "SYS_stat", //291
5427 "SYS_fstat", //292
5428 "SYS_lstat", //293
5429 "SYS_fhstat", //294
5430 "SYS___semctl", //295
5431 "SYS_shmctl", //296
5432 "SYS_msgctl", //297
5433 "SYS_MAXSYSCALL", //298
5434 //299
5435 //300
5436 };
5437 uint32_t uEAX;
5438 if (!LogIsEnabled())
5439 return;
5440 uEAX = CPUMGetGuestEAX(pVCpu);
5441 switch (uEAX)
5442 {
5443 default:
5444 if (uEAX < RT_ELEMENTS(apsz))
5445 {
5446 uint32_t au32Args[8] = {0};
5447 PGMPhysSimpleReadGCPtr(pVCpu, au32Args, CPUMGetGuestESP(pVCpu), sizeof(au32Args));
5448 RTLogPrintf("REM: OpenBSD syscall %3d: %s (eip=%08x %08x %08x %08x %08x %08x %08x %08x %08x)\n",
5449 uEAX, apsz[uEAX], CPUMGetGuestEIP(pVCpu), au32Args[0], au32Args[1], au32Args[2], au32Args[3],
5450 au32Args[4], au32Args[5], au32Args[6], au32Args[7]);
5451 }
5452 else
5453 RTLogPrintf("eip=%08x: OpenBSD syscall %d (#%x) unknown!!\n", CPUMGetGuestEIP(pVCpu), uEAX, uEAX);
5454 break;
5455 }
5456}
5457
5458
5459#if defined(IPRT_NO_CRT) && defined(RT_OS_WINDOWS) && defined(RT_ARCH_X86)
5460/**
5461 * The Dll main entry point (stub).
5462 */
5463bool __stdcall _DllMainCRTStartup(void *hModule, uint32_t dwReason, void *pvReserved)
5464{
5465 return true;
5466}
5467
5468void *memcpy(void *dst, const void *src, size_t size)
5469{
5470 uint8_t*pbDst = dst, *pbSrc = src;
5471 while (size-- > 0)
5472 *pbDst++ = *pbSrc++;
5473 return dst;
5474}
5475
5476#endif
5477
5478void cpu_smm_update(CPUX86State *env)
5479{
5480}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette