Index: /trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h =================================================================== --- /trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h (revision 65179) +++ /trunk/src/VBox/VMM/VMMAll/IEMAllCImpl.cpp.h (revision 65180) @@ -2456,5 +2456,4 @@ pCtx->cs.u64Base = u64Base; pVCpu->iem.s.enmCpuMode = iemCalcCpuMode(pCtx); - pCtx->rsp = uNewOuterRsp; pCtx->ss.Sel = uNewOuterSs; pCtx->ss.ValidSel = uNewOuterSs; @@ -2466,4 +2465,8 @@ else pCtx->ss.u64Base = X86DESC_BASE(&DescSs.Legacy); + if (!pCtx->ss.Attr.n.u1DefBig) + pCtx->sp = (uint16_t)uNewOuterRsp; + else + pCtx->rsp = uNewOuterRsp; pVCpu->iem.s.uCpl = (uNewCs & X86_SEL_RPL); @@ -2529,5 +2532,8 @@ /* commit */ - pCtx->rsp = uNewRsp; + if (!pCtx->ss.Attr.n.u1DefBig) + pCtx->sp = (uint16_t)uNewRsp; + else + pCtx->rsp = uNewRsp; if (enmEffOpSize == IEMMODE_16BIT) pCtx->rip = uNewRip & UINT16_MAX; /** @todo Testcase: When exactly does this occur? With call it happens prior to the limit check according to Intel... */ @@ -3404,8 +3410,5 @@ pCtx->cs.u64Base = X86DESC_BASE(&DescCS.Legacy); pVCpu->iem.s.enmCpuMode = iemCalcCpuMode(pCtx); - if (!pCtx->ss.Attr.n.u1DefBig) - pCtx->sp = (uint16_t)uNewESP; - else - pCtx->rsp = uNewESP; + pCtx->ss.Sel = uNewSS; pCtx->ss.ValidSel = uNewSS; @@ -3414,4 +3417,8 @@ pCtx->ss.u32Limit = cbLimitSs; pCtx->ss.u64Base = X86DESC_BASE(&DescSS.Legacy); + if (!pCtx->ss.Attr.n.u1DefBig) + pCtx->sp = (uint16_t)uNewESP; + else + pCtx->rsp = uNewESP; pVCpu->iem.s.uCpl = uNewCs & X86_SEL_RPL; @@ -3477,5 +3484,8 @@ pCtx->cs.u64Base = X86DESC_BASE(&DescCS.Legacy); pVCpu->iem.s.enmCpuMode = iemCalcCpuMode(pCtx); - pCtx->rsp = uNewRsp; + if (!pCtx->ss.Attr.n.u1DefBig) + pCtx->sp = (uint16_t)uNewRsp; + else + pCtx->rsp = uNewRsp; /* Done! */ }