x86: svm: avoid advancing rip incorrectly on exc_inject

exc_inject advances the ripon every stage, so it can do so 3 times, but
there are only 2 vmmcall instructions that the guest runs. So, if a
failure happens on the last test, there is no vmmcall instruction to
trigger an exit.

Advance the rip only in the two stages in which vmmcall is expected to
run.

Signed-off-by: Nadav Amit <namit@vmware.com>
Message-Id: <20200630094516.22983-6-namit@vmware.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

1 files changed, 2 insertions, 2 deletions

diff --git a/x86/svm_tests.c b/x86/svm_tests.c
index b540527..48f2d8e 100644
--- a/x86/svm_tests.c
+++ b/x86/svm_tests.c
@@ -1593,8 +1593,6 @@ static void exc_inject_test(struct svm_test *test)
 
 static bool exc_inject_finished(struct svm_test *test)
 {
-    vmcb->save.rip += 3;
-
     switch (get_test_stage(test)) {
     case 0:
         if (vmcb->control.exit_code != SVM_EXIT_VMMCALL) {
@@ -1602,6 +1600,7 @@ static bool exc_inject_finished(struct svm_test *test)
                    vmcb->control.exit_code);
             return true;
         }
+        vmcb->save.rip += 3;
         vmcb->control.event_inj = NMI_VECTOR | SVM_EVTINJ_TYPE_EXEPT | SVM_EVTINJ_VALID;
         break;
 
@@ -1621,6 +1620,7 @@ static bool exc_inject_finished(struct svm_test *test)
                    vmcb->control.exit_code);
             return true;
         }
+        vmcb->save.rip += 3;
         report(count_exc == 1, "divide overflow exception injected");
         report(!(vmcb->control.event_inj & SVM_EVTINJ_VALID), "eventinj.VALID cleared");
         break;