From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tim Deegan Subject: Re: Mem_event API and MEM_EVENT_REASON_SINGLESTEP Date: Thu, 29 Nov 2012 18:05:23 +0000 Message-ID: <20121129180523.GM80627@ocelot.phlegethon.org> References: <50B77375.9070904@gmail.com> <20121129155831.GE80627@ocelot.phlegethon.org> <50B78B4B.2050106@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <50B78B4B.2050106@gmail.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Razvan Cojocaru Cc: xen-devel@lists.xen.org List-Id: xen-devel@lists.xenproject.org At 18:20 +0200 on 29 Nov (1354213227), Razvan Cojocaru wrote: > Hello, thank you for the quick reply! > >That might work for single-vcpu guests. On multi-vcpu, you'd have to > >pause the whole VM, unprotect the page, single-step the one vcpu that > >trapped, re-protect the page, and unpause the VM. That might be > >unacceptably slow. > > Ah, the simple fact that the words "unacceptably slow" could be employed > to describe the situation makes this approach very unlikely to fit my > purposes. > > I'm still interested in how the debugger API works, though. Maybe, just > maybe, it'll just be acceptably slow. :) :) I think it will depend entirely on how much memory you protect and what the guest is doing with it. It should be possible to make the multi-vcpu case of single-stepping work better by having per-cpu EPT tables, if you're up for hacking away at Xen. That way you wouldn't have to pause the other vcpus while you made the memory writeable. > >You could try: > > - pause the domain > > - copy out the contents of the page > > - use XENMEM_decrease_reservation to remove the page from the guest > > - unpause the domain > > > >Then all accesses to that page will get emulated by Xen and forwarded to > >qemu, just like happens for emulated MMIO devices. In qemu, you can > >emulate the read or write access, and do anything else you like at the > >same time. > > > >That won't work for memory that's accessed in non-trivial ways > >(e.g. used for pagetables or descriptor tables) or using instructions > >that are unsupported/buggy in Xen's instruction emulator. > > Well, I need it to be able to work on _all_ memory, however accessed. Ah, in that case this won't work for you. I think the single-step may be your only option. Tim.