[BitVisor-users-en:71] Re: Panic on Windows 11

[Hideki EIRAKU]

Hi,

> RAX 80040033    RCX 80050033    RDX 00000000    RBX 00000001

> CR0 80040033    CR2 FFFFCF8381ADD000    CR3 0032C000    CR4 00B50EF8

The log contains interesting CR0 values.  Only the guest CR0 of CPU8
is 80040033H while the guest CR0 of others are 80050033.  The
different bit 16 is WP bit.  The value is also in RAX, so maybe CR0 is
just set by mov %rax,%cr0 instruction.  Maybe.  I did not know about
the case that recent operating systems clear WP bit.

Intel(R) 64 and IA-32 Architectures Software Developer's Manual says
the following check is performed during VM Entry, described in "Checks
on Guest Control Registers, Debug Registers, and MSRs" section:

> If bit 23 in the CR4 field (corresponding to CET) is 1, bit 16 in the CR0 field (WP) must also be 1.

The bit 23 in the guest CR4 value, 00B50EF8, is 1.  Therefore this
might cause the panic.  BitVisor currently does not handle such case
correctly.  The Intel manual also says the CR0.CET "must be clear
before CR0.WP can be cleared" so the guest behavior looks illegal, but
VMM needs to do something for such illegal case i.e. generating
general protection exception, ignoring the modification, etc. like a
real processor.

-- 
Hideki EIRAKU <hdk at igel.co.jp>

From: "A.S." <an4smith at gmail.com>
Subject: [BitVisor-users-en:70] Panic on Windows 11
Date: Tue, 15 Jul 2025 01:07:55 +0300

> Hi,
> 
> I experience Bitvisor panic when trying to startup Windows 11 after loading
> Bitvisor.
> Platform: 12th Gen CPU, Chipset: Q670
> Older hardware and older OS runs fine.
> Logs with panic in attachment.
> Could you please help diagnose and possibly fix the problem?
> 
> --
> =========
> Best Regards,
>   Dmitriy