We long ago fixed the emulator to not inject exceptions behind our back. Therefore, assert that that a PV event (including interrupts, because that would be buggy too) isn't pending, rather than skipping the #DB injection if one is.
On the other hand, the io_emul() stubs which use X86EMUL_DONE rather than X86EMUL_OKAY may have pending breakpoints to inject after the IO access is complete, not to mention a pending singlestep. Signed-off-by: Andrew Cooper <[email protected]> --- CC: Jan Beulich <[email protected]> CC: Roger Pau Monné <[email protected]> CC: Wei Liu <[email protected]> CC: Jinoh Kang <[email protected]> --- xen/arch/x86/pv/emul-priv-op.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index 142bc4818cb5..257891a2a2dd 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -1358,14 +1358,18 @@ int pv_emulate_privileged_op(struct cpu_user_regs *regs) switch ( rc ) { case X86EMUL_OKAY: + case X86EMUL_DONE: + ASSERT(!curr->arch.pv.trap_bounce.flags); + if ( ctxt.ctxt.retire.singlestep ) ctxt.bpmatch |= DR_STEP; + if ( ctxt.bpmatch ) { curr->arch.dr6 |= ctxt.bpmatch | DR_STATUS_RESERVED_ONE; - if ( !(curr->arch.pv.trap_bounce.flags & TBF_EXCEPTION) ) - pv_inject_hw_exception(X86_EXC_DB, X86_EVENT_NO_EC); + pv_inject_hw_exception(X86_EXC_DB, X86_EVENT_NO_EC); } + /* fall through */ case X86EMUL_RETRY: return EXCRET_fault_fixed; -- 2.30.2
