Your solution seems sane, but I'd like a better understanding of what happens. Therefore...
On 18/02/2016 17:53, Egbert S. wrote: > As a result, the newly reconstructed TB rebuilds the 'imul' > micro-operation sequence , but still retrieving the original 0x51 > immediate byte operand (and not the expected 0x10). ... can you provide the backtrace where QEMU translates the 'imul' from within tb_invalidate_phys_page_fast? Paolo
