Plz w0rk I cri

Signed-off-by: Ludvig Liljenberg <4257730+ludfjig@users.noreply.github.com>

Author: ludfjig

src/hyperlight_host/src/hypervisor/hyperlight_vm/x86_64.rs

@@ -292,6 +292,10 @@ impl HyperlightVm {
         let mut rflags = 1 << 1; // RFLAGS.1 is RES1
         if self.pending_tlb_flush {
             rflags |= 1 << 6; // set ZF if we need a tlb flush done before anything else executes
+            // Note: pending_tlb_flush is cleared AFTER run() returns successfully,
+            // not here. If the guest is cancelled before executing the flush
+            // (e.g. CancelPending causes WHvRunVirtualProcessor to return
+            // immediately), we must retry the flush on the next dispatch.
         }
         // set RIP and RSP, reset others
         let regs = CommonRegisters {
@@ -328,7 +332,11 @@ impl HyperlightVm {
             .map_err(DispatchGuestCallError::Run);
 
         // Clear the TLB flush flag only after run() returns. The guest
-        // may have been cancelled before it executed the flush.
+        // may have been cancelled before it executed the flush (the CR4
+        // PGE toggle in dispatch_function). If we cleared the flag
+        // eagerly before run(), a cancelled dispatch would consume it
+        // and the next dispatch would skip the flush, leaving stale
+        // GVA→GPA TLB entries from the pre-restore page tables.
         self.pending_tlb_flush = false;
 
         result