[Qemu-devel] [PATCH] Bug in AMD64 emulation Was: [AMD64] Possible problem with the DF flag during the SYSCALL instruction

[Qemu-devel] [PATCH] Bug in AMD64 emulation Was: [AMD64] Possible problem with the DF flag during the SYSCALL instruction

[Jakub Jermar]

[-- Attachment #1: Type: text/plain, Size: 222 bytes --]

Hi,

as no one has picked my previous report up yet, I am resending my patch 
again.  The patch fixes a bug in the way QEMU emulates AMD64 instruction 
called SYSCALL.  The problem appears to be stale DF variable.

Jakub


[-- Attachment #2: patch --]
[-- Type: text/plain, Size: 382 bytes --]

--- helper.c	2008-01-06 20:38:45.000000000 +0100
+++ helper.c.new	2008-03-20 22:39:17.000000000 +0100
@@ -1008,6 +1008,7 @@
                                DESC_S_MASK |
                                DESC_W_MASK | DESC_A_MASK);
         env->eflags &= ~env->fmask;
+	DF = 1 - (2 * ((env->eflags >> 10) & 1));
         if (code64)
             env->eip = env->lstar;
         else

Re: [Qemu-devel] [PATCH] Bug in AMD64 emulation Was: [AMD64] Possible problem with the DF flag during the SYSCALL instruction

[Alexander Graf]

Hi,

On Mar 25, 2008, at 8:45 PM, Jakub Jermar wrote:

> as no one has picked my previous report up yet, I am resending my  
> patch again.  The patch fixes a bug in the way QEMU emulates AMD64  
> instruction called SYSCALL.  The problem appears to be stale DF  
> variable.

Sorry I didn't have a look at it before. Good catch though!

>
>
> Jakub
>
> --- helper.c	2008-01-06 20:38:45.000000000 +0100
> +++ helper.c.new	2008-03-20 22:39:17.000000000 +0100
> @@ -1008,6 +1008,7 @@
>                                DESC_S_MASK |
>                                DESC_W_MASK | DESC_A_MASK);
>         env->eflags &= ~env->fmask;
> +	DF = 1 - (2 * ((env->eflags >> 10) & 1));

I believe you're searching for load_eflags(), which automatically  
updates the DF flag. Take a look at the SVM code for that issue as  
well (helper.c:helper_vmrun).

>
>         if (code64)
>             env->eip = env->lstar;
>         else

Alex

Re: [Qemu-devel] [PATCH] Bug in AMD64 emulation Was: [AMD64] Possible problem with the DF flag during the SYSCALL instruction

[Jakub Jermar]

[-- Attachment #1: Type: text/plain, Size: 901 bytes --]

Alexander Graf wrote:
> Hi,
> 
> On Mar 25, 2008, at 8:45 PM, Jakub Jermar wrote:
> 
>> as no one has picked my previous report up yet, I am resending my 
>> patch again.  The patch fixes a bug in the way QEMU emulates AMD64 
>> instruction called SYSCALL.  The problem appears to be stale DF variable.
> 
> Sorry I didn't have a look at it before. Good catch though!
...
> I believe you're searching for load_eflags(), which automatically 
> updates the DF flag. Take a look at the SVM code for that issue as well 
> (helper.c:helper_vmrun).

The included patch updates the DF flag in helper_syscall() using the 
load_eflags().  I thought of doing this as simply as possible and here's 
  probably the result.  When the first parameter of load_eflags() has 
the same value as env->eflags, the second argument doesn't matter, 
that's why it is 0.

Will you consider this for applying?

Thanks,
Jakub


[-- Attachment #2: patch --]
[-- Type: text/plain, Size: 497 bytes --]

diff -ru qemu-0.9.1/target-i386/helper.c qemu-0.9.1-jj/target-i386/helper.c
--- qemu-0.9.1/target-i386/helper.c	2008-01-06 20:38:45.000000000 +0100
+++ qemu-0.9.1-jj/target-i386/helper.c	2008-03-27 12:27:37.000000000 +0100
@@ -1008,6 +1008,7 @@
                                DESC_S_MASK |
                                DESC_W_MASK | DESC_A_MASK);
         env->eflags &= ~env->fmask;
+        load_eflags(env->eflags, 0);
         if (code64)
             env->eip = env->lstar;
         else