On Mon, Aug 18, 2025 at 5:44 PM Zero Tang <zero.tang...@gmail.com> wrote: > > Hi Philippe, > > Thanks for your review comment! But if the patch is already > queued, is it too late to apply it?
I can adjust it too, no problem. Paolo > Kind regards, > Zero Tang > > On Mon, Aug 18, 2025 at 8:16 PM Philippe Mathieu-Daudé <phi...@linaro.org> > wrote: >> >> Hi Zero, >> >> On 6/8/25 09:58, Zero Tang wrote: >> > Replaces "long" with "int64_t" during canonicalization. >> > >> > --- >> > In Linux GCC, "long" has 8 bytes. However, in msys2 GCC, "long" has 4 >> > bytes. In this case, canonicalization would set all high bits to 1 when >> > the segment base is bigger than 0x7FFF (assuming 48-bit linear address). >> > >> > This is why QEMU-TCG in Windows cannot boot a bluepill-like hypervisor >> > in UEFI, in that the guest IDT and GDT bases are above 0x7FFF, thereby >> > resulting in incorrect bases. When an interrupt arrives, it would >> > trigger a #PF exception; the #PF would trigger again, resulting in a #DF >> > exception; the #PF would trigger for the third time, resulting in >> > triple-fault, and eventually causes the shutdown VM-Exit to the >> > bluepill hypervisor right after it boots. >> > >> > In summary, this patch replaces "long" with "int64_t" in order to enforce >> > the canonicalization with 64-bit signed integers. >> > >> > Signed-off-by: Zero Tang <zero.tang...@gmail.com >> > <mailto:zero.tang...@gmail.com>> >> > --- >> > target/i386/tcg/system/svm_helper.c | 2 +- >> > 1 file changed, 1 insertion(+), 1 deletion(-) >> > >> > diff --git a/target/i386/tcg/system/svm_helper.c b/target/i386/tcg/ >> > system/svm_helper.c >> > index b27049b9ed..1ccfccf419 100644 >> > --- a/target/i386/tcg/system/svm_helper.c >> > +++ b/target/i386/tcg/system/svm_helper.c >> > @@ -49,7 +49,7 @@ static void svm_save_seg(CPUX86State *env, int >> > mmu_idx, hwaddr addr, >> > static inline void svm_canonicalization(CPUX86State *env, >> > target_ulong *seg_base) >> > { >> > uint16_t shift_amt = 64 - cpu_x86_virtual_addr_width(env); >> > - *seg_base = ((((long) *seg_base) << shift_amt) >> shift_amt); >> > + *seg_base = ((((int64_t) *seg_base) << shift_amt) >> shift_amt);\ >> >> Alternatively: >> >> *seg_base = sextract64(*seg_base, 0, 64 - >> cpu_x86_virtual_addr_width(env)); >> >> > } >> > >> > static void svm_load_seg(CPUX86State *env, int mmu_idx, hwaddr addr, >> > >> > --- >> > base-commit: e0006a86615baa70bc9d8b183e528aed91c1ac90 >> > change-id: 20250806-fix-tcg-svm-canon-adbea9508073 >> > >> > Best regards, >> > -- >> > Zero Tang <zero.tang...@gmail.com <mailto:zero.tang...@gmail.com>> >>
