On 01/12/15 10:40, Andrew Cooper wrote: > On 01/12/15 01:21, Tamas K Lengyel wrote: >> >> >> On Mon, Nov 30, 2015 at 7:01 PM, Razvan Cojocaru >> <rcojoc...@bitdefender.com <mailto:rcojoc...@bitdefender.com>> wrote: >> >> On 12/01/2015 01:32 AM, Tamas K Lengyel wrote: >> > Hi all, >> > I'm trying to extend the current vm_event system to be able to >> emulate >> > over an in-guest breakpoint using the >> VM_EVENT_FLAG_SET_EMUL_READ_DATA >> > feature. The idea is to have the vm_event listener send back the >> > contents of the memory that was overwritten by the breakpoint >> > instruction, have Xen emulate one instruction, and resume execution >> > normally afterwards. This would eliminate the need of removing the >> > breakpoint, singlestepping, and placing the breakpoint back again. >> > >> > Unfortunately I encounter this crash when I call >> > hvm_mem_access_emulate_one in the event response handler: >> > >> > (XEN) vm_event.c:72:d0v0 Checking flags on int3 response 37 >> > (XEN) Xen BUG at /share/src/xen/xen/include/asm/hvm/vmx/vmx.h:372 >> > > This BUG() is the cause of the crash. > > It is a bad parameter to VMREAD, by the looks of it.
Jan: This is a good example of why unlikely regions should have symbols. The stack trace from this bug is actively misleading because the symbol information for %eip is wrong. ~Andrew
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel