LBR virtualization removed

[NotRequiem]

I've detected a very very improbable, but possible race condition in my previous LRB check due to how a context switch would be handled by the kernel in a race condition where my function would read the static volatile pointer to determine if the last branch record was populated in the vectored exception handler. Sumarized control flow of the bug is as following:

most probable branch case:
CALL executes
ICEBP executes
CPU triggers #DB. LBRs are frozen.
kernel enters KiTrap01
kernel reads the TOS MSR.
kernel populates ExceptionRecord->ExceptionInformation[0] with the address
kernel dispatches exception to vmaware's veh

best guess on some reports where this technique false flags:
CALL executes.
external hardware interrupt fires in APIC/X2APIC.
in the kernel, CPU jumps to ISR
kernel decides thread's time slice (quantum) is over
KiSwapContext is called to switch to another thread.
kernel does not save and restore the full LBR stack
kernel reschedules VMAware's thread
kernel re-injects pending #DB (from TF or ICEBP)
trap handler attempts to read the LBR MSR if DebugControl set from MSR_LASTBRANCH_TOS, finds it empty, and consequently sets ExceptionInformation[0] = 0.
kernel builds EXCEPTION_RECORD structure to pass to RtlDispatchException (which calls RtlAddVectoredExceptionHandler, setting LBR to 0

so basically scheduler preemption can fuck up the detection because we cannot increment IRQL