2

Requirements:

I need to generate an interrupt, when a memory location changes or is written to. From an ISR, I can trigger a blue screen which gives me a nice stack trace with method names.

Approaches:

  • Testing the value in the timer ISR. Obviously this doesn't give satisfying results.
  • I discovered the bochs virtual machine. It has a basic builtin debugger that can set data breakpoints and stop the program. But I can't seem to generate an interrupt at that point.
  • bochs allows one to connect a gdb to it. I haven't been able to build it with gdb support though.

Other thoughts:

  • A kind of "preview instruction" interrupt that triggers for every instruction before executing it. The set of used memory-writing instructions should be pretty manageable, but it would still be a PITA to extract the adress I think. And I think there is no such interrupt.
  • A kind of "preview memory access" interrupt. Again, I don't think its there.
  • Abuse paging. Mark the page of interest as not present and test the address in the page fault handler. One would still have to distinguish read and write operations and I think, the page fault handler doesn't get to know the exact address, just the page number.
Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
kiw
  • 748
  • 1
  • 9
  • 18

1 Answers1

7

See chapter 16 in Intel's Software Developer's Manual Volume 3A. It gives information about using the debug registers, which provide support for causing the debugger exception when accessing a certain address, among other things. The interrupt will be triggered after the instruction which caused it. Specifically, you will have to set one of dr0-dr3 to the address you want to watch, and dr7 with the proper values to tell the processor what types of accesses should cause the interrupt.

ughoavgfhw
  • 39,734
  • 6
  • 101
  • 123
  • I've now set up ``DR7`` with ``0x00000303`` and ``DR0`` with an address. This should be a data breakpoint with one byte length, but it doesn't trigger. The value pointed by ``DR0`` *gets* changed. Do I have to enable something? – kiw May 08 '11 at 17:39
  • @kiw Since bits 16 and 17 of DR7 are 0, you have an execution breakpoint. You want to set bit 16 to make it a write-only breakpoint, so DR7 should be `0x00010303`. – ughoavgfhw May 08 '11 at 18:01
  • Oops... Damn operator precedence... ``(length << 2 | breakMode)`` Originally there was a ``+`` instead of the ``|``... **Works fine now.** Thanks again! – kiw May 08 '11 at 18:44
  • The answer is a link to a file that no longer contains the relevant information, as it is likely in part 2 of that document. (It's in the index, but this document ends in chapter 13, well before the relevant chapter which is now 17.) – Hans Olsson Jun 10 '21 at 11:38