On Thu, Jun 15, 2017 at 2:09 PM, Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote: > > > On 15/06/2017 13:20, Ladi Prosek wrote: >> Example: NMI singlestepping is enabled while running L1 guest. The >> instruction to step over is VMRUN and nested vmrun emulation stashes >> rflags to hsave->save.rflags. Then if singlestepping is disabled >> while still in L2, TF/RF will be cleared from the nested VMCB but the >> next nested VM exit will restore them from hsave->save.rflags and >> cause an unexpected DB exception. > > Stupid question ahead, why is NMI singlestepping even using RF? To be sure that the DB is really going to be singlestep and not a regular breakpoint? Otherwise db_interception would have to do more checks and maybe inject DB_VECTOR even if nmi_singlestep is on. Hmm.. but we fail to deliver such a regular breakpoint DB to the guest right now, don't we :/ > I should fire up my AMD box and see whether changing it breaks > eventinj.flat... > > Paolo
