@@ -, +, @@ 
 compat_create_bounce_frame()
---
 xen/arch/x86/x86_64/compat/entry.S | 3 +++
 xen/arch/x86/x86_64/entry.S        | 1 +
 2 files changed, 4 insertions(+)
--- a/xen/arch/x86/x86_64/compat/entry.S	
+++ a/xen/arch/x86/x86_64/compat/entry.S	
@@ -351,6 +351,7 @@ compat_create_bounce_frame:
         ASSERT_INTERRUPTS_ENABLED
         mov   %fs,%edi
         testb $2,UREGS_cs+8(%rsp)
+        ASM_STAC
         jz    1f
         /* Push new frame at registered guest-OS stack base. */
         movl  VCPU_kernel_sp(%rbx),%esi
@@ -403,6 +404,7 @@ UNLIKELY_START(nz, compat_bounce_failsafe)
         movl  %ds,%eax
 .Lft12: movl  %eax,%fs:0*4(%rsi)        # DS
 UNLIKELY_END(compat_bounce_failsafe)
+        ASM_CLAC
         /* Rewrite our stack frame and return to guest-OS mode. */
         /* IA32 Ref. Vol. 3: TF, VM, RF and NT flags are cleared on trap. */
         andl  $~(X86_EFLAGS_VM|X86_EFLAGS_RF|\
@@ -448,6 +450,7 @@ compat_crash_page_fault_4:
         addl  $4,%esi
 compat_crash_page_fault:
 .Lft14: mov   %edi,%fs
+        ASM_CLAC
         movl  %esi,%edi
         call  show_page_walk
         jmp   dom_crash_sync_extable
--- a/xen/arch/x86/x86_64/entry.S	
+++ a/xen/arch/x86/x86_64/entry.S	
@@ -462,6 +462,7 @@ domain_crash_page_fault_16:
 domain_crash_page_fault_8:
         addq  $8,%rsi
 domain_crash_page_fault:
+        ASM_CLAC
         movq  %rsi,%rdi
         call  show_page_walk
 ENTRY(dom_crash_sync_extable)
--