[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Branch Trace Storage for guests and VPMU initialization

  • To: <xen-devel@xxxxxxxxxxxxx>
  • From: <Kevin.Mayer@xxxxxxxx>
  • Date: Tue, 24 Feb 2015 15:27:41 +0000
  • Accept-language: de-DE, en-US
  • Delivery-date: Tue, 24 Feb 2015 15:27:53 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>
  • Thread-index: AdBM//5Wkp/aNXEHQieyxjXVIBkYSQ==
  • Thread-topic: Branch Trace Storage for guests and VPMU initialization

Hi guys


I`m trying to set up the BTS so that I can log the branches taken in the guest using Xen 4.4.1 with a WinXP SP3 guest on a Core i7 Sandy Bridge.

I added the vpmu=bts boot parameter to my grub2 configuration and extended the libxl,libxc,domctl,… with an own command so that I can trigger the activation of the BTS whenever I want.

In this command I do the following:

I set up the memory region for the BTS Buffer and the DS Buffer Management Area using xzalloc_bytes

Then I write the pointer to the BTS Buffer into the DS Buffer Management Area at +0x0 and +0x8 (BTS Buffer Base and BTS Index)

When I use vmx_msr_write_intercept to store the value in MSR_IA32_DS_AREA the host reboots (my idea is he tries to access a vpmu-struct that isn´t there in the current vcpu and panics).

When I use a modified version of vmx_msr_write_intercept I don’t get any crashes as long as I don’t enable BTS and TR in the GUEST_IA32_DEBUGCTL (BTR works). When I enable the BTS (and TR) the guest crashes. I suppose he gets killed by the hypervisor for accessing forbidden memory.

The modified version of vmx_msr_write_intercept takes a vcpu-struct as a parameter and uses this instead of the current vcpu.

Instead of

static int vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content)


    struct vcpu *v = current;

I just have

static int own_vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content, struct vcpu *v)


I get this vcpu by d->vcpu[0] as I have limited my guest domain to one vcpu atm.

Of course I also use similarly modified version of the called functions(vpmu_do_wrmsr,…).

I´m pretty sure that my problem is with a wrong scope/usage of the vcpus/memory, but I have no idea how to fix this.

I can see a potential problem with the memory allocation (in the host) into which the cpu in guest-mode is supposed to write.

Or maybe I got the principle of a vcpu/vpmu all wrong.


Since I couldn’t find any project that uses the BTS for the guest, I am wondering if anyone has ever done this and if it is possible at all.

Any input is welcome as I am pretty much stuck atm…





Virus checked by G Data MailSecurity
Version: AVA 25.404 dated 24.02.2015
Virus news: www.antiviruslab.com
Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.