On 07/18/2018 07:53 AM, Paolo Bonzini wrote:
> If the RAX register has invalid bits set, a mov to CR8 instruction can
> raise a #GP. This has not been happening so far only because the compiler
> gods were good friends with the original author of the tests; but they
> did not like Thomas as well, and the test started failing with commit
> 19230e96697efa1e65a8945b6911a6eb4506d4e9 (Make vmx_tests.c compilable with
> -Wmissing-prototypes and -Wstrict-prototypes).
>
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> ---
> x86/vmx_tests.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c
> index 215953d..cbbb701 100644
> --- a/x86/vmx_tests.c
> +++ b/x86/vmx_tests.c
> @@ -762,7 +762,7 @@ asm(
> "insn_cr3_load: mov cr3,%rax; mov %rax,%cr3;ret\n\t"
> "insn_cr3_store: mov %cr3,%rax;ret\n\t"
> #ifdef __x86_64__
> - "insn_cr8_load: mov %rax,%cr8;ret\n\t"
> + "insn_cr8_load: xor %eax, %eax; mov %rax,%cr8;ret\n\t"
> "insn_cr8_store: mov %cr8,%rax;ret\n\t"
> #endif
> "insn_monitor: xor %eax, %eax; xor %ecx, %ecx; xor %edx, %edx; monitor;ret\n\t"
>
Without this patch, vmx.flat failed with the following GP fault. After
patching it, everything passed.
Acked-by: Wei Huang <wei@xxxxxxxxxx>
====
Unhandled exception 13 #GP at ip 0000000000403a6b
error_code=0000 rflags=00010006 cs=00000008
rax=0000000000403a6b rcx=0000000004006172 rdx=0000000000000150
rbx=000000000046d700
rbp=0000000000476fdf rsi=0000000000000000 rdi=000000000000000e
r8=000000000000000a r9=00000000000003f8 r10=0000000000000000
r11=0000000000000000
r12=000000000041efbd r13=0000000000000000 r14=0000000000000000
r15=0000000000000000
cr0=0000000080010031 cr2=0000000000000000 cr3=000000000046f000
cr4=0000000000002020
cr8=0000000000000000
STACK: @403a6b 401ee1 4004dd
