mam accessed

author: xxy <[email protected]> 2022-04-27 22:13:04 +0800
committer: xxy <[email protected]> 2022-04-27 22:13:04 +0800
commit: b07758db978d1cd6ea3dd219a5c111f1bf162f77 (patch)
tree: 5368e3688f26c8d26c8d6ad699237cf95567afab
parent: 9389a0644ac962e1dea0797dfe63169dceb5d2e3 (diff)
10 files changed, 82 insertions, 9 deletions
diff --git a/.vscode/c_cpp_properties.json b/.vscode/c_cpp_properties.json
index c24c5b96f8..8f1217a7f4 100644
--- a/.vscode/c_cpp_properties.json
+++ b/.vscode/c_cpp_properties.json
@@ -7,7 +7,8 @@
                 "${workspaceFolder}/**"
             ],
             "defines": [
-                "TARGET_X86_64"
+                "TARGET_X86_64",
+                "CONFIG_SOFTMMU"
             ],
             "compilerPath": "/usr/bin/gcc-11",
             "cStandard": "gnu17",
diff --git a/.vscode/settings.json b/.vscode/settings.json
index 38449677a0..68f57bad06 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -2,6 +2,9 @@
     "makefile.extensionOutputFolder": "./.vscode",
     "files.associations": {
         "log.h": "c",
-        "glib.h": "c"
+        "glib.h": "c",
+        "*.inc": "c",
+        "exec-all.h": "c",
+        "osdep.h": "c"
     }
 }
 \ No newline at end of file
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index a83c4adbb9..bdd158504d 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1501,7 +1501,7 @@ typedef struct CPUArchState {  // 寄存器？？？
     SegmentCache gdt; /* only base and limit are used */
     SegmentCache idt; /* only base and limit are used */
 
-    target_ulong cr[5]; /* NOTE: cr1 is unused */
+    target_ulong cr[5]; /* NOTE: cr1 is unused !!! */
 
     bool pdptrs_valid;
     uint64_t pdptrs[4];
@@ -2351,6 +2351,8 @@ static inline bool ctl_has_irq(CPUX86State *env)
 
 hwaddr get_hphys(CPUState *cs, hwaddr gphys, MMUAccessType access_type,
                         int *prot);
+hwaddr get_hphys2(CPUState *cs, hwaddr gphys, MMUAccessType access_type,
+                        int *prot);
 #if defined(TARGET_X86_64) && \
     defined(CONFIG_USER_ONLY) && \
     defined(CONFIG_LINUX)
diff --git a/target/i386/helper.c b/target/i386/helper.c
index fa409e9c44..7888f51ae4 100644
--- a/target/i386/helper.c
+++ b/target/i386/helper.c
@@ -275,7 +275,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr,
                 goto out;
             }
 
-        } else
+        } else 
 #endif
         {
             pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
diff --git a/target/i386/tcg/misc_helper.c b/target/i386/tcg/misc_helper.c
index 540865df78..690ee3ca08 100644
--- a/target/i386/tcg/misc_helper.c
+++ b/target/i386/tcg/misc_helper.c
@@ -78,8 +78,18 @@ void helper_rdtsc(CPUX86State *env) // ？？？ 读取时间相关的函数
 }
 
 void helper_senduipi(CPUX86State *env ,int reg_index){ // 改
+    // CPUState *cs = env_cpu(env);
     int uipi_index = env->regs[R_EAX];
+
+
     if(Debug)printf("qemu:helper senduipi called receive  regidx:%d, uipiindex: %d\n",reg_index,uipi_index);
+    // uint64_t content = x86_ldq_phys(cs,(env->uintr_tt>>3)<<3);
+    // if(Debug)printf("data of uitt0is 0x%016lx\n",content);
+
+
+    // if(Debug)printf("qemu:helper senduipi called receive  regidx:%d, uipiindex: %d\n",reg_index,uipi_index);
+    // uint64_t content = cpu_ldq_data_ra(env, (env->uintr_tt>>3)<<3,0);
+    // if(Debug)printf("data of uitt0is 0x%016lx\n",content);
     
 }
 
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index bffd82923f..6e2bd41b75 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -1077,7 +1077,7 @@ static void do_interrupt_real(CPUX86State *env, int intno, int is_int,
  * instruction. It is only relevant if is_int is TRUE.
  */
 void do_interrupt_all(X86CPU *cpu, int intno, int is_int,
-                      int error_code, target_ulong next_eip, int is_hw)
+                      int error_code, target_ulong next_eip, int is_hw) // 接收方执行中断？
 {
     CPUX86State *env = &cpu->env;
 
diff --git a/target/i386/tcg/sysemu/excp_helper.c b/target/i386/tcg/sysemu/excp_helper.c
index e1b6d88683..14f9f318e0 100644
--- a/target/i386/tcg/sysemu/excp_helper.c
+++ b/target/i386/tcg/sysemu/excp_helper.c
@@ -347,6 +347,22 @@ hwaddr get_hphys(CPUState *cs, hwaddr gphys, MMUAccessType access_type,
     cpu_vmexit(env, SVM_EXIT_NPF, exit_info_1, env->retaddr);
 }
 
+
+hwaddr get_hphys2(CPUState *cs, hwaddr gphys, MMUAccessType access_type,
+                        int *prot)
+{
+    CPUX86State *env = &X86_CPU(cs)->env;
+    int page_size;
+    int next_prot;
+    hwaddr hphys;
+
+    int ret = mmu_translate(cs, gphys, get_hphys, env->cr[3], access_type,
+                                   MMU_KNOSMAP_IDX , get_pg_mode(env) ,
+                                   &hphys, &page_size, &next_prot);
+    if(ret)printf("ret error !!!\n\n");
+    return hphys;
+}
+
 /* return value:
  * -1 = cannot handle fault
  * 0  = nothing more to do
diff --git a/target/i386/tcg/sysemu/misc_helper.c b/target/i386/tcg/sysemu/misc_helper.c
index cb38f1c5c6..e9caf38c9c 100644
--- a/target/i386/tcg/sysemu/misc_helper.c
+++ b/target/i386/tcg/sysemu/misc_helper.c
@@ -415,7 +415,7 @@ void helper_rdmsr(CPUX86State *env)
         break;
     case MSR_IA32_UINTR_MISC:
         val = env->uintr_misc;
-        printf("qemu:rdmsr misc 0x%016lx\n",val);
+        // printf("qemu:rdmsr misc 0x%016lx\n",val);
         break;
     case MSR_IA32_UINTR_PD:
         val = env->uintr_pd;
diff --git a/target/i386/tcg/sysemu/seg_helper.c b/target/i386/tcg/sysemu/seg_helper.c
index d4dc414b57..940f047ddd 100644
--- a/target/i386/tcg/sysemu/seg_helper.c
+++ b/target/i386/tcg/sysemu/seg_helper.c
@@ -38,7 +38,7 @@ void helper_syscall(CPUX86State *env, int next_eip_addend)
     }
     selector = (env->star >> 32) & 0xffff;
     if (env->hflags & HF_LMA_MASK) {
-        int code64;
+        int code64; // eflags 其中一个可以控制中断的开关
 
         env->regs[R_ECX] = env->eip + next_eip_addend;
         env->regs[11] = cpu_compute_eflags(env) & ~RF_MASK;
@@ -46,7 +46,7 @@ void helper_syscall(CPUX86State *env, int next_eip_addend)
         code64 = env->hflags & HF_CS64_MASK;
 
         env->eflags &= ~(env->fmask | RF_MASK);
-        cpu_load_eflags(env, env->eflags, 0);
+        cpu_load_eflags(env, env->eflags, 0);//CS = 0 是内核态
         cpu_x86_load_seg_cache(env, R_CS, selector & 0xfffc,
                            0, 0xffffffff,
                                DESC_G_MASK | DESC_P_MASK |
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 0f9c9cbb71..6a653711c0 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -5396,10 +5396,51 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
             tcg_temp_free(cmpv);
         }
         break;
+
+    /*
+static inline void gen_op_ld_v(DisasContext *s, int idx, TCGv t0, TCGv a0)
+{
+    tcg_gen_qemu_ld_tl(t0, a0, s->mem_index, idx | MO_LE);
+}
+*/
     case 0x1c7: /* cmpxchg8b */
         if(prefixes & PREFIX_REPZ){
             modrm = x86_ldub_code(env, s);
             printf("qemu: caught 0xf30fc7 SENDUIPI\n "); // 改 Debug
+            // s->tmp1_i64 = env->uintr_tt; //地址
+            // tcg_gen_qemu_ld_i64(s->tmp1_i64, s->A0 , 0, MO_LEUQ);
+            // printf("qemu: loaded 0x%lx A0: 0x%lx\n",(uint64_t)((void*)s->tmp1_i64),(uint64_t)s->A0);
+            int prot;
+            CPUState *cs = env_cpu(env);
+            uint64_t addr = get_hphys2(cs, (env->uintr_tt>>3)<<3 , MMU_DATA_LOAD, &prot);
+            if(Debug) printf("addr %lx \n\n\n",addr);
+            uint64_t content = x86_ldq_phys(cs,addr);
+            uint64_t content2 = x86_ldq_phys(cs,addr+8);
+            if(Debug)printf("data of uitt0is 0x%016lx\n",content);
+            if(Debug)printf("data of uitt address 0x%016lx\n",content2);
+
+
+
+            // uint64_t content[10]; // read all zero
+            // cpu_physical_memory_rw((env->uintr_tt>>3)<<3,&content,16,false);
+            // if(Debug) printf("0x%lx    xxx               %lx \n %lx \n\n",(env->uintr_tt>>3)<<3, content[0],content[1]);
+
+            // int mem_idx = cpu_mmu_index(env, false);  // system segfault
+            // MemOpIdx oi0 = make_memop_idx(MO_LEUQ | MO_ALIGN_16, mem_idx);
+            // uint64_t content = cpu_ldq_le_mmu(env, (env->uintr_tt>>3)<<3, oi0, 0);
+            // if(Debug) printf(" %lx \n\n\n",content);
+
+
+
+
+            // TCGv t0;
+            // t0 = tcg_temp_local_new();
+            // s->A0 = (TCGv)(env->uintr_tt>>3)<<3;
+            // if(Debug)printf("debug: memindex: %x \n",s->mem_index);
+            // if(Debug){printf("debug: before t0: %llx   A0: %llx\n",(long long unsigned)t0,(long long unsigned)s->A0);}
+            // gen_op_ld_v(s, ot, t0, s->A0);
+            // if(Debug){printf("debug: after  t0: %llx   A0: %llx\n",(long long unsigned)t0,(long long unsigned)s->A0);}
+            // tcg_temp_free(t0);
             gen_helper_senduipi(cpu_env, tcg_const_i32(modrm));
             break;
         }
@@ -7675,7 +7716,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
             tcg_gen_st32_tl(s->T1, cpu_env, offsetof(CPUX86State, gdt.limit));
             break;
 
-        CASE_MODRM_MEM_OP(3): /* lidt */
+        CASE_MODRM_MEM_OP(3): /* lidt */ //？？？内核态的跟地址
             if (!check_cpl0(s)) {
                 break;
             }
author	xxy <[email protected]>	2022-04-27 22:13:04 +0800
committer	xxy <[email protected]>	2022-04-27 22:13:04 +0800
commit	b07758db978d1cd6ea3dd219a5c111f1bf162f77 (patch)
tree	5368e3688f26c8d26c8d6ad699237cf95567afab
parent	9389a0644ac962e1dea0797dfe63169dceb5d2e3 (diff)