[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Crash when writing to x86 hardware debug registers

Update: I rebuilt the hypervisor binary in debug mode and get the following output in xl dmesg after the crash.

(XEN) HVM9 restore: CPU 0
(XEN) HVM9 restore: PIC 0
(XEN) HVM9 restore: PIC 1
(XEN) HVM9 restore: IOAPIC 0
(XEN) HVM9 restore: LAPIC 0
(XEN) HVM9 restore: LAPIC_REGS 0
(XEN) HVM9 restore: PCI_IRQ 0
(XEN) HVM9 restore: ISA_IRQ 0
(XEN) HVM9 restore: PCI_LINK 0
(XEN) HVM9 restore: PIT 0
(XEN) HVM9 restore: RTC 0
(XEN) HVM9 restore: HPET 0
(XEN) HVM9 restore: PMTIMER 0
(XEN) HVM9 restore: MTRR 0
(XEN) HVM9 restore: VIRIDIAN_DOMAIN 0
(XEN) HVM9 restore: CPU_XSAVE 0
(XEN) HVM9 restore: VIRIDIAN_VCPU 0
(XEN) HVM9 restore: VMCE_VCPU 0
(XEN) HVM9 restore: TSC_ADJUST 0
(XEN) HVM9 restore: CPU_MSR 0
(XEN) d9: VIRIDIAN MSR_TIME_REF_COUNT: accessed
(XEN) vmx.c:3295:d9v0 RDMSR 0x00000000 unimplemented
(XEN) d9v0 VIRIDIAN CRASH: 1e ffffffffc0000096 fffff80575bc362c 0 0

On Thu, Sep 15, 2022 at 12:33 PM Neil Sikka <neilsikka@xxxxxxxxx> wrote:
Hi All,
I am running a userland debugger in Windows 10 HVM on Xen 4.16 on an Intel chip. I noticed when I set a hardware breakpoint (which writes to the DR0 register), Windows 10 crashes. This crash reproduces both with and without viridian enabled in the DomU cfg file.

(XEN) Xen version 4.16.1 (neil@) (gcc (Debian 10.2.1-6) 10.2.1 20210110) debug=n Tue Apr 19 11:20:04 EDT 2022
(XEN) d13v0 VIRIDIAN CRASH: 1e ffffffffc0000096 fffff8007f85562c 0 0

This output from xl dmesg shows that I am not running a debug hypervisor, and that theres a viridian crash. I've gotten the following stop codes in the BSOD from Windows: KMODE EXCEPTION NOT HANDLED, SYSTEM_SERVICE EXCEPTION.

I see this code in xen/xen/arch/x86/msr.c inside guest_wrmsr():
    case MSR_AMD64_DR0_ADDRESS_MASK:
    case MSR_AMD64_DR1_ADDRESS_MASK ... MSR_AMD64_DR3_ADDRESS_MASK:
        if ( !cp->extd.dbext )
            goto gp_fault;

I was assuming AMD64 refers to a 64 bit CPU rather than an AMD CPU, and this is one of the few references I found to DR0, and I saw a deliberate fault raised if dbext is not set. However I'm told that dbext is unrelated, set by default and does not need to be set at hypervisor compile time.

Any ideas why I'm getting this crash?

Thanks in Advance,
Neil

--
Twitter: @neilsikka


--
Twitter: @neilsikka

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.