From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexander Graf <agraf@suse.de>
Subject: x86 emulator broken (vmload)
Date: Thu, 18 Dec 2008 13:14:37 +0100
Message-ID: <494A3EAD.2030902@suse.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
To: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	guillaume.thouvenin@ext.bull.net
Return-path: <kvm-owner@vger.kernel.org>
Received: from cantor2.suse.de ([195.135.220.15]:51046 "EHLO mx2.suse.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751461AbYLRMOn (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 18 Dec 2008 07:14:43 -0500
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

While creating some userspace patches for the nested SVM implementation,
I stumbled across an emulation problem in the x86 emulator that was not
there some weeks ago.

Basically I'm running into an endless loop at:

NSVM: emulating at 0xe0e4077d -> 0

which is the "VMLOAD" instruction.

The endless loop is caused by this code:

        while(true) {
                int er;

                er = emulate_instruction(&svm->vcpu, kvm_run, 0, 0, 0);
                nsvm_printk("NSVM: emulating at 0x%lx -> %d\n",
svm->vcpu.arch.regs[VCPU_REGS_RIP], er);

                /* So we can now emulate the SVM instructions that most
probably
                   occur at the end of the codepath */
                if (er != EMULATE_DONE) {
                        while (true)
                                if (nested_svm_emulate(svm, kvm_run) ==
EMULATE_FAIL)
                                        break;
                        break;
                }
        }

While I have to admit that the while(true) is potentially a bad idea and
I should limit that to like 100 instructions (patch floating around
locally), emulate_instruction always returns EMULATE_DONE, even on the
vmload instruction (which is clearly wrong).

Does anyone have ideas on this?

Alex