Re: [PATCH v2 2/6] KVM: x86: Prioritize DR7.GD #DB over #GP due to illegal DR6/7 value

[Maciej W. Rozycki]

On Wed, 3 Jun 2026, Sean Christopherson wrote:

> When emulating a MOV DR, specifically a write to DR6 or DR7, treat a #DB
> due to DR7.GD (General Detect) as higher priority than a #GP due to an
> illegal value.  While neither Intel's SDM nor AMD's APM says anything
> about the relative priority, empirical testing on Intel and AMD shows that
> the #DB has higher priority.  

 It has to.  The primary reason for the existence of DR7.GD is to prevent 
software being debugged such as an OS kernel from clobbering the debug 
register state when executed under the control of an ICE or a JTAG (XDP) 
debug probe.  Under these circumstances #GP remains an ordinary exception 
routed via the IDT to a handler provided by the OS, however #DB traps into 
the ICE or SMM mode instead and the OS handler is never reached.

 This is also the reason why DR7.GD gets cleared at the same time -- so
that the debug firmware can then access the debug state rather than making 
the exception trigger again -- and for the existence of the ICEBP aka INT1 
instruction -- so that #DB can be triggered and control regained by the 
debug firmware via a software breakpoint, since the number of hardware 
breakpoints is limited (and #BP is an ordinary exception).

 It's unsurprising that the priority of these exceptions is not documented 
well in the processor developer's manuals given that x86 hardware debug 
features remain vaguely documented overall in public resources.  Though I 
note the Intel wording for the GD bit is "[it] causes a debug exception to 
be generated prior to any MOV instruction that accesses a debug register." 
so I think it actually implies no action resulting from the execution of 
the affected instruction happens, including in particular any exception it 
might otherwise trigger.

 FWIW,

  Maciej