From 065bb22876f32a7784830f2493373c2148343a40 Mon Sep 17 00:00:00 2001 From: Alexander Potapenko Date: Tue, 10 Feb 2026 18:41:02 +0100 Subject: executor: fix x86 L1 SYZOS GDT setup Moving setup_pg_table() before setup_gdt_64() prevents the page table initialization from accidentally erasing the newly created Global Descriptor Table (GDT). If the GDT is zeroed out, the CPU hardware cannot fetch the necessary code segment descriptors to deliver interrupts or exceptions, leading to unhandled #GP or #DF crashes. --- executor/common_kvm_amd64.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'executor') diff --git a/executor/common_kvm_amd64.h b/executor/common_kvm_amd64.h index 2c9c12a9d..cb9499a81 100644 --- a/executor/common_kvm_amd64.h +++ b/executor/common_kvm_amd64.h @@ -515,10 +515,9 @@ static void setup_gdt_ldt_pg(struct kvm_syz_vm* vm, int cpufd, int cpu_id) // RSP0 is at offset +4 bytes in a 64-bit TSS. *(volatile uint64*)(l1_tss + 4) = X86_SYZOS_ADDR_STACK0; + setup_pg_table(vm); setup_gdt_64(gdt); - syzos_setup_idt(vm, &sregs); - setup_pg_table(vm); sregs.cr0 = X86_CR0_PE | X86_CR0_NE | X86_CR0_PG; sregs.cr4 |= X86_CR4_PAE | X86_CR4_OSFXSR; -- cgit mrf-deployment