Skip to content

Commit

Permalink
wip: Debug xgetbv triple fault
Browse files Browse the repository at this point in the history
  • Loading branch information
chp-io committed Feb 24, 2024
1 parent ecda4b2 commit 9503ea5
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 0 deletions.
55 changes: 55 additions & 0 deletions vmm/src/hve/arch/intel_x64/vmexit/cpuid.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,61 @@ cpuid_handler::cpuid_handler(gsl::not_null<vcpu *> vcpu) : m_vcpu{vcpu}
using namespace vmcs_n;

if (vcpu->is_dom0()) {

// Debug win11 issue
if (vcpu->rax() == 1 && vcpu->rcx() == 0) {
bfalert_info(0, "cpuid_handler: debugging win11 issue");
if ((vcpu->rip() & 0xFFF) == 0x3f9) {
bfalert_info(0, "cpuid_handler: found possible candidate");
}
/*
000003f9 0f a2 CPUID
000003fb 89 04 24 MOV dword ptr [RSP]=>local_18,EAX
000003fe 44 8b d1 MOV R10D,ECX
00000401 b8 07 00 MOV EAX,0x7
00 00
00000406 89 5c 24 04 MOV dword ptr [RSP + local_14],EBX
0000040a 89 4c 24 08 MOV dword ptr [RSP + local_10],ECX
0000040e 89 54 24 0c MOV dword ptr [RSP + local_c],EDX
00000412 44 3b c0 CMP R8D,EAX
00000415 7c 24 JL LAB_0000043b
00000417 33 c9 XOR ECX,ECX
00000419 45 0f b6 c9 MOVZX R9D,R9B
0000041d 0f a2 CPUID
0000041f 89 04 24 MOV dword ptr [RSP]=>local_18,EAX
00000422 0f ba e3 09 BT EBX,0x9
00000426 b8 02 00 MOV EAX,0x2
00 00
0000042b 89 5c 24 04 MOV dword ptr [RSP + local_14],EBX
0000042f 44 0f 42 c8 CMOVC R9D,EAX
00000433 89 4c 24 08 MOV dword ptr [RSP + local_10],ECX
00000437 89 54 24 0c MOV dword ptr [RSP + local_c],EDX
LAB_0000043b XREF[1]: 00000415(j)
0000043b 41 0f ba BT R10D,0x14
e2 14
00000440 73 26 JNC LAB_00000468
00000442 41 0f ba BT R10D,0x1b
e2 1b
00000447 73 1f JNC LAB_00000468
00000449 41 0f ba BT R10D,0x1c
e2 1c
0000044e 73 18 JNC LAB_00000468
00000450 33 c9 XOR ECX,ECX
00000452 0f 01 d0 XGETBV
*/

const auto xgetbv[] = {0x0f, 0x01, 0xd0};
const auto xgetbv_len = 3;
const auto offset = 0x59; /* 0x452 - 0x3f9 */
const auto addr = vcpu->rip() + offset;
const auto map = vcpu->map_gva_4k<uint8_t>(addr, xgetbv_len);

if (!memcmp(map.get(), &xgetbv, xgetbv_len)) {
vcpu->dump("cpuid_handler: found xgetbv\n");
}
}
// End debug win11 issue

EMULATE_CPUID(0x00000007, root_0x00000007);
EMULATE_CPUID(0x0000000D, root_0x0000000D);
EMULATE_CPUID(0x00000014, root_0x00000014);
Expand Down
2 changes: 2 additions & 0 deletions vmm/src/hve/arch/intel_x64/xstate.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -83,13 +83,15 @@ static_assert(header_size == 64);
xstate::xstate(class vcpu *vcpu) : m_vcpu{vcpu}
{
if (vcpu->is_root_vcpu()) {
bfalert_info(0, "xstate initialization for root vcpu");
expects(::intel_x64::vmcs::guest_cr4::osxsave::is_enabled());
m_xcr0 = ::intel_x64::xcr0::get();
m_rfbm = m_xcr0 & ~sse_mask;
m_size = ::x64::cpuid::ebx::get(cpuid_leaf);
m_area = std::make_unique<char[]>(m_size);
memset(m_area.get(), 0, m_size);
} else {
bfalert_info(0, "xstate initialization for guest vcpu");
/* Bit 0 of xcr0 must always be 1 */
m_xcr0 = x87_mask;
m_rfbm = m_xcr0;
Expand Down

0 comments on commit 9503ea5

Please sign in to comment.