From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marcelo Tosatti Subject: Re: [PATCH 3.6] KVM: x86 emulator: use stack size attribute to mask rsp in stack ops Date: Wed, 22 Aug 2012 18:55:08 -0300 Message-ID: <20120822215508.GA30167@amt.cnet> References: <1345376071-27965-1-git-send-email-avi@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: kvm@vger.kernel.org, Gerd Hoffmann To: Avi Kivity Return-path: Received: from mx1.redhat.com ([209.132.183.28]:28908 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755894Ab2HWHak (ORCPT ); Thu, 23 Aug 2012 03:30:40 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q7N7UeMP011747 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 23 Aug 2012 03:30:40 -0400 Content-Disposition: inline In-Reply-To: <1345376071-27965-1-git-send-email-avi@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On Sun, Aug 19, 2012 at 02:34:31PM +0300, Avi Kivity wrote: > The sub-register used to access the stack (sp, esp, or rsp) is not > determined by the address size attribute like other memory references, > but by the stack segment's B bit (if not in x86_64 mode). > > Fix by using the existing stack_mask() to figure out the correct mask. > > This long-existing bug was exposed by a combination of a27685c33acccce > (emulate invalid guest state by default), which causes many more > instructions to be emulated, and a seabios change (possibly a bug) which > causes the high 16 bits of esp to become polluted across calls to real > mode software interrupts. > > Signed-off-by: Avi Kivity Applied, thanks.