Implicit page fault on context switching with different CR3 (page directory)

NDRAEY commented 7 months ago

Describe the bug QEMU log with -d int:

-- Here timer (IRQ 0 / ISR 32) fires
-- That's a kernel context (CR3 = 0x54e000)

Servicing hardware INT=0x20
  5252: v=20 e=0000 i=0 cpl=0 IP=0008:00105f22 pc=00105f22 SP=0010:01344039 env->regs[R_EAX]=00001488
EAX=00001488 EBX=00000000 ECX=00001468 EDX=00000000
ESI=00000000 EDI=00000000 EBP=01344041 ESP=01344039
EIP=00105f22 EFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
CS =0008 00000000 ffffffff 00cf9a00 DPL=0 CS32 [-R-]
SS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
DS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
FS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
GS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
TR =0028 0019d0b0 00000068 00008900 DPL=0 TSS32-avl
GDT=     0019d080 0000002f
IDT=     0019d120 000007ff
CR0=80000013 CR2=00000000 CR3=0054e000 CR4=00000600
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
CCS=00000000 CCD=0134402d CCO=EFLAGS
EFER=0000000000000000

-- Here, context is switched to a custom: CR3 = 0x89b000
-- But, CR2 is not zero and may point to page fault: 0x134ffe8
-- 0xe is a page fault

check_exception old: 0xffffffff new 0xe
  5253: v=0e e=0000 i=0 cpl=0 IP=0008:001003c7 pc=001003c7 SP=0010:0134ffe8 CR2=0134ffe8
EAX=0054e000 EBX=0089b000 ECX=0100291c EDX=0019d0b0
ESI=00000000 EDI=00000000 EBP=01343fa1 ESP=0134ffe8
EIP=001003c7 EFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
CS =0008 00000000 ffffffff 00cf9a00 DPL=0 CS32 [-R-]
SS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
DS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
FS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
GS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
TR =0028 0019d0b0 00000068 00008900 DPL=0 TSS32-avl
GDT=     0019d080 0000002f
IDT=     0019d120 000007ff
CR0=80000013 CR2=0134ffe8 CR3=0089b000 CR4=00000600
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
CCS=00000004 CCD=0034d000 CCO=EFLAGS
EFER=0000000000000000

-- Second page fault

check_exception old: 0xe new 0xe
  5254: v=08 e=0000 i=0 cpl=0 IP=0008:001003c7 pc=001003c7 SP=0010:0134ffe8 env->regs[R_EAX]=0054e000
EAX=0054e000 EBX=0089b000 ECX=0100291c EDX=0019d0b0
ESI=00000000 EDI=00000000 EBP=01343fa1 ESP=0134ffe8
EIP=001003c7 EFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
CS =0008 00000000 ffffffff 00cf9a00 DPL=0 CS32 [-R-]
SS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
DS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
FS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
GS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
TR =0028 0019d0b0 00000068 00008900 DPL=0 TSS32-avl
GDT=     0019d080 0000002f
IDT=     0019d120 000007ff
CR0=80000013 CR2=0134ffe4 CR3=0089b000 CR4=00000600
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
CCS=00000004 CCD=0034d000 CCO=EFLAGS
EFER=0000000000000000

-- Triple fault happens here and here reset goes.

check_exception old: 0x8 new 0xe
  5255: v=03 e=0000 i=1 cpl=0 IP=0008:000efaad pc=000efaad SP=0010:00000fc8 env->regs[R_EAX]=00000006
EAX=00000006 EBX=000f3e32 ECX=00000000 EDX=00000cf9
ESI=00000000 EDI=00100000 EBP=00000000 ESP=00000fc8
EIP=000efaad EFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
CS =0008 00000000 ffffffff 00cf9b00 DPL=0 CS32 [-RA]
SS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
DS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
FS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
GS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
GDT=     000f6180 00000037
IDT=     000f61be 00000000
CR0=00000011 CR2=00000000 CR3=00000000 CR4=00000000
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
CCS=000f61c8 CCD=00009e34 CCO=CLR
EFER=0000000000000000

To Reproduce Steps to reproduce the behavior:

Just run an os

Expected behavior Running process that spamming AAA every 250 ms

NDRAEY commented 7 months ago

CR3=ESP STACK??

NDRAEY commented 7 months ago

ААААААААААААААААААААААААААААААААААААА ПРОЦЕССЫ ЗАРАБОТАЛИ!!!!!!!!!!!!!!!!!!!!

pimnik98 / SayoriOS

Implicit page fault on context switching with different CR3 (page directory) #143