Software Archive
Read-only legacy content
17061 Discussions

Int3 not working when exiting on DR register access

Ryan_W_
Beginner
268 Views

I currently have a mostly-functional PoC hypervisor (e.g. EPTs, CR, etc). However when I add support for DR access I can no longer debug my hypervisor. I've been doing my testing and debugging in VMWare with windbg/VirtualKD. I haven't been doing anything fancy with segmented memory spaces etc. 

However as the title says when I add the support for vmexits on DR accesses, I can no longer use debug breaks. I've checked my DR access handler (just a passthrough atm) by running mov dr, <reg> commands and I can see the debug messages from my VMM but if I insert an int3 or try to pause the VM it just hangs.

I haven't done anything with exceptions or etc passing-through to the Hypervisor, and as I said before adding vmexits for DR access I've been able to freely debug both my hypervisor and the managed code. Am I missing something obvious?

0 Kudos
1 Reply
Ryan_W_
Beginner
268 Views

After looking into it more it looks like source of the hang is taking debugger-related actions (e.g. DbgPrint, int3) in my DR VMEXIT handler function. Specifically the execution flow looks like this:

1) Guest executes and int3

2) As part of handling the int3, execution is redirected to KiSaveProcessorControlState

3) KiSaveProcessorControlState touches various debug registers 

4) Touching those debug registers redirects to my HV

5) If I try to print a message or do any kind of debugging in the handler the box hangs

If I remove breakpoints, DbgPrints from the DR handler everything works fine but I would like to be able to debug this handler in all cases. What's the correct way to handle this situation? I imagine it's something with the exception or interrupt handlers but I'm not exactly sure what.

0 Kudos
Reply