Dear Sirs, Please could you advice me a technique to debug an erroneous self-code modification handling?
Installing a guest Windows 7 x64 in qemu w/o KVM causes BSOD. I've found out that forcing EndOfBlock after each XOR instruction in Zero Page Thread code + disabled TARGET_HAS_PRECISE_SMC helps. Zero Page Thread is a guest Windows kernel thread that zeroes pages. Please let me know if you'd have any ideas. -Anna- Begin forwarded message: > From: Anna Melekhova <ann.melekh...@gmail.com> > Subject: a bug in qemu-retranslator with Windows7 x64 Zero Page Thread > Date: 20 ноября 2013 г., 19:28:04 GMT+04:00 > To: qemu-devel@nongnu.org > > Dear Sirs, > > I've run into a curious bug in qemu retranslator that looks like a code > self-modification from Zero Page Thread. > > Test case: > Win7 x64 on installation while running w/o KVM gives a BSOD. 45/45 - 100% > reproduction. I've tried to analyze dumps but it is installation stage and > qemu has some troubles with serial debugging (i've failed to press F8 for > choosing debug mode in the target moment) > > Workaround: > I've tried to localize the issue and finally got this suspicious workaround. > My hack is to interrupt block creation for XORs in ZPT (zero page thread of > Windows kernel) while TARGET_HAS_PRECISE_SMC is turned off. By "Interrupt > block creation" I mean inserting gen_eob for all XORs in ZPT. ZPT contains a > number of XORs that aimed to null a target page. Code looks like "lock xor > [rcx], rdx; xor [rcx+8], rdx; xor [rcx + 16], rdx; ..". If 2 XORs are in one > block, Windows BSODs. If I enable TARGET_HAS_PRECISE_SMC it doesn't work > either. > > It is the second bug I found during installation - the first one with CR4_DE > and I'll send patch later. But now I am really curious about your > suggestions. I am not that good in debugging qemu retranslated code and I'll > be grateful for any tips regarding it. > > Best regards, > Anna
