ionescu007
commented
8 years ago Hi Alex,
This is known and even commented in the sources:
" jmp ShvVmxEntryHandler ; jump to the C code handler. we assume that it ; compiled with optimizations and does not use ; home space, which is true of release builds."
The parameter stack area, or home space, is not used on release builds. Hence this comment, and also the general caveat that for simplicity, the project relies on special Windows and compiler behaviors, and should not be used as a generic platform.
The alignment of the stack was also precisely chosen, because RtlCaptureContext will save XMM registers, which will fault if the stack is not 16-byte aligned. I will write a clearer comment about this fact, and add a C_ASSERT(static assert).
Thanks.
The ShvVmxEntry function performs the jump to ShvVmxEntryHandler without allocating the parameter stack area (32 bytes for 4 parameters - see https://msdn.microsoft.com/en-us/library/ew5tede7.aspx).
The result is that the ShvVmxEntryHandler function may clobber the guest rcx value stored on the stack before actually saving it in the CONTEXT structure - out of luck this didn't seem to happen on the optimized build, but on debug it happens.
As a note, care must also be taken to make sure the stack is always 16-byte aligned when the jump is made - because of the way the host RSP is calculated and because the CONTEXT structure is 16 byte aligned this problem seems to be solved.