Changeset 18927 in vbox for trunk/src/VBox/VMM/VMMR0

Timestamp:

Apr 16, 2009 11:41:38 AM (16 years ago)

Author:

vboxsync

Message:

Big step to separate VMM data structures for guest SMP. (pgm, em)

Location:

trunk/src/VBox/VMM/VMMR0

Files:

• CPUMR0.cpp (modified) (1 diff)
• HWACCMR0.cpp (modified) (6 diffs)
• HWSVMR0.cpp (modified) (33 diffs)
• HWVMXR0.cpp (modified) (34 diffs)
• PDMR0Device.cpp (modified) (5 diffs)
• PGMR0.cpp (modified) (6 diffs)
• PGMR0Bth.h (modified) (1 diff)
• VMMR0.cpp (modified) (3 diffs)

trunk/src/VBox/VMM/VMMR0/CPUMR0.cpp

@@ -222 +222 @@
 
         /* If we sync the FPU/XMM state on-demand, then we can continue execution as if nothing has happened. */
-        int rc = CPUMHandleLazyFPU(pVM, pVCpu);
+        int rc = CPUMHandleLazyFPU(pVCpu);
         AssertRC(rc);
         Assert(CPUMIsGuestFPUStateActive(pVCpu));

trunk/src/VBox/VMM/VMMR0/HWACCMR0.cpp

@@ -954 +954 @@
     ASMAtomicWriteBool(&pCpu->fInUse, true);
 
-    pCtx = CPUMQueryGuestCtxPtrEx(pVM, pVCpu);
+    pCtx = CPUMQueryGuestCtxPtr(pVCpu);
 
     /* Always load the guest's FPU/XMM state on-demand. */
-    CPUMDeactivateGuestFPUState(pVM);
+    CPUMDeactivateGuestFPUState(pVCpu);
 
     /* Always load the guest's debug state on-demand. */
-    CPUMDeactivateGuestDebugState(pVM);
+    CPUMDeactivateGuestDebugState(pVCpu);
 
     /* Always reload the host context and the guest's CR0 register. (!!!!) */
@@ -1009 +1009 @@
     AssertReturn(!ASMAtomicReadBool(&HWACCMR0Globals.fSuspended), VERR_HWACCM_SUSPEND_PENDING);
 
-    pCtx = CPUMQueryGuestCtxPtrEx(pVM, pVCpu);
+    pCtx = CPUMQueryGuestCtxPtr(pVCpu);
 
     /* Note:  It's rather tricky with longjmps done by e.g. Log statements or the page fault handler.
@@ -1067 +1067 @@
 #endif
 
-    pCtx = CPUMQueryGuestCtxPtrEx(pVM, pVCpu);
+    pCtx = CPUMQueryGuestCtxPtr(pVCpu);
 
     rc = HWACCMR0Globals.pfnRunGuestCode(pVM, pVCpu, pCtx);
@@ -1124 +1124 @@
     int      rc;
 
-    pCtx = CPUMQueryGuestCtxPtrEx(pVM, pVCpu);
+    pCtx = CPUMQueryGuestCtxPtr(pVCpu);
 
     STAM_PROFILE_ADV_START(&pVCpu->hwaccm.s.StatWorldSwitch3264, z);   
@@ -1374 +1374 @@
  *
  * @param   pVM         The VM to operate on.
+ * @param   pVCpu       The VMCPU to operate on.
  * @param   pCtx        The context to format.
  */
-VMMR0DECL(void) HWACCMDumpRegs(PVM pVM, PCPUMCTX pCtx)
+VMMR0DECL(void) HWACCMDumpRegs(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
 {
     /*
@@ -1421 +1422 @@
      * Format the registers.
      */
-    if (CPUMIsGuestIn64BitCode(pVM, CPUMCTX2CORE(pCtx)))
+    if (CPUMIsGuestIn64BitCode(pVCpu, CPUMCTX2CORE(pCtx)))
     {
         Log(("rax=%016RX64 rbx=%016RX64 rcx=%016RX64 rdx=%016RX64\n"

trunk/src/VBox/VMM/VMMR0/HWSVMR0.cpp

@@ -49 +49 @@
 *   Internal Functions                                                         *
 *******************************************************************************/
-static int SVMR0InterpretInvpg(PVM pVM, PCPUMCTXCORE pRegFrame, uint32_t uASID);
+static int SVMR0InterpretInvpg(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, uint32_t uASID);
 
 /*******************************************************************************
@@ -671 +671 @@
                 enmShwPagingMode = PGMGetHostMode(pVM);
 
-            pVMCB->ctrl.u64NestedPagingCR3  = PGMGetNestedCR3(pVM, enmShwPagingMode);
+            pVMCB->ctrl.u64NestedPagingCR3  = PGMGetNestedCR3(pVCpu, enmShwPagingMode);
             Assert(pVMCB->ctrl.u64NestedPagingCR3);
             pVMCB->guest.u64CR3             = pCtx->cr3;
@@ -677 +677 @@
         else
         {
-            pVMCB->guest.u64CR3             = PGMGetHyperCR3(pVM);
+            pVMCB->guest.u64CR3             = PGMGetHyperCR3(pVCpu);
             Assert(pVMCB->guest.u64CR3 || VM_FF_ISPENDING(pVM, VM_FF_PGM_SYNC_CR3 | VM_FF_PGM_SYNC_CR3_NON_GLOBAL));
         }
@@ -736 +736 @@
         /* Sync the debug state now if any breakpoint is armed. */
         if (    (pCtx->dr[7] & (X86_DR7_ENABLED_MASK|X86_DR7_GD))
-            &&  !CPUMIsGuestDebugStateActive(pVM)
+            &&  !CPUMIsGuestDebugStateActive(pVCpu)
             &&  !DBGFIsStepping(pVM))
         {
@@ -869 +869 @@
     if (VM_FF_ISSET(pVM, VM_FF_INHIBIT_INTERRUPTS))
     {
-        Log(("VM_FF_INHIBIT_INTERRUPTS at %RGv successor %RGv\n", (RTGCPTR)pCtx->rip, EMGetInhibitInterruptsPC(pVM)));
-        if (pCtx->rip != EMGetInhibitInterruptsPC(pVM))
+        Log(("VM_FF_INHIBIT_INTERRUPTS at %RGv successor %RGv\n", (RTGCPTR)pCtx->rip, EMGetInhibitInterruptsPC(pVM, pVCpu)));
+        if (pCtx->rip != EMGetInhibitInterruptsPC(pVM, pVCpu))
         {
             /* Note: we intentionally don't clear VM_FF_INHIBIT_INTERRUPTS here.
@@ -1071 +1071 @@
     if (exitCode == (uint64_t)SVM_EXIT_INVALID)          /* Invalid guest state. */
     {
-        HWACCMDumpRegs(pVM, pCtx);
+        HWACCMDumpRegs(pVM, pVCpu, pCtx);
 #ifdef DEBUG
         Log(("ctrl.u16InterceptRdCRx            %x\n",      pVMCB->ctrl.u16InterceptRdCRx));
@@ -1235 +1235 @@
         &&  pCtx->cr3 != pVMCB->guest.u64CR3)
     {
-        CPUMSetGuestCR3(pVM, pVMCB->guest.u64CR3);
-        PGMUpdateCR3(pVM, pVMCB->guest.u64CR3);
+        CPUMSetGuestCR3(pVCpu, pVMCB->guest.u64CR3);
+        PGMUpdateCR3(pVM, pVCpu, pVMCB->guest.u64CR3);
     }
 
@@ -1245 +1245 @@
     {
         Log(("uInterruptState %x rip=%RGv\n", pVMCB->ctrl.u64IntShadow, (RTGCPTR)pCtx->rip));
-        EMSetInhibitInterruptsPC(pVM, pCtx->rip);
+        EMSetInhibitInterruptsPC(pVM, pVCpu, pCtx->rip);
     }
     else
@@ -1413 +1413 @@
 
             /* Forward it to our trap handler first, in case our shadow pages are out of sync. */
-            rc = PGMTrap0eHandler(pVM, errCode, CPUMCTX2CORE(pCtx), (RTGCPTR)uFaultAddress);
+            rc = PGMTrap0eHandler(pVM, pVCpu, errCode, CPUMCTX2CORE(pCtx), (RTGCPTR)uFaultAddress);
             Log2(("PGMTrap0eHandler %RGv returned %Rrc\n", (RTGCPTR)pCtx->rip, rc));
             if (rc == VINF_SUCCESS)
@@ -1558 +1558 @@
             enmShwPagingMode = PGMGetHostMode(pVM);
 
-        rc = PGMR0Trap0eHandlerNestedPaging(pVM, enmShwPagingMode, errCode, CPUMCTX2CORE(pCtx), uFaultAddress);
+        rc = PGMR0Trap0eHandlerNestedPaging(pVM, pVCpu, enmShwPagingMode, errCode, CPUMCTX2CORE(pCtx), uFaultAddress);
         Log2(("PGMR0Trap0eHandlerNestedPaging %RGv returned %Rrc\n", (RTGCPTR)pCtx->rip, rc));
         if (rc == VINF_SUCCESS)
@@ -1609 +1609 @@
         Log2(("SVM: Cpuid at %RGv for %x\n", (RTGCPTR)pCtx->rip, pCtx->eax));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitCpuid);
-        rc = EMInterpretCpuId(pVM, CPUMCTX2CORE(pCtx));
+        rc = EMInterpretCpuId(pVM, pVCpu, CPUMCTX2CORE(pCtx));
         if (rc == VINF_SUCCESS)
         {
@@ -1626 +1626 @@
         Log2(("SVM: Rdtsc\n"));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitRdtsc);
-        rc = EMInterpretRdtsc(pVM, CPUMCTX2CORE(pCtx));
+        rc = EMInterpretRdtsc(pVM, pVCpu, CPUMCTX2CORE(pCtx));
         if (rc == VINF_SUCCESS)
         {
@@ -1642 +1642 @@
         Log2(("SVM: Rdpmc %x\n", pCtx->ecx));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitRdpmc);
-        rc = EMInterpretRdpmc(pVM, CPUMCTX2CORE(pCtx));
+        rc = EMInterpretRdpmc(pVM, pVCpu, CPUMCTX2CORE(pCtx));
         if (rc == VINF_SUCCESS)
         {
@@ -1657 +1657 @@
         Log2(("SVM: Rdtscp\n"));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitRdtsc);
-        rc = EMInterpretRdtscp(pVM, pCtx);
+        rc = EMInterpretRdtscp(pVM, pVCpu, pCtx);
         if (rc == VINF_SUCCESS)
         {
@@ -1678 +1678 @@
 
         /* Truly a pita. Why can't SVM give the same information as VT-x? */
-        rc = SVMR0InterpretInvpg(pVM, CPUMCTX2CORE(pCtx), pVMCB->ctrl.TLBCtrl.n.u32ASID);
+        rc = SVMR0InterpretInvpg(pVM, pVCpu, CPUMCTX2CORE(pCtx), pVMCB->ctrl.TLBCtrl.n.u32ASID);
         if (rc == VINF_SUCCESS)
         {
@@ -1696 +1696 @@
         Log2(("SVM: %RGv mov cr%d, \n", (RTGCPTR)pCtx->rip, exitCode - SVM_EXIT_WRITE_CR0));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitCRxWrite[exitCode - SVM_EXIT_WRITE_CR0]);
-        rc = EMInterpretInstruction(pVM, CPUMCTX2CORE(pCtx), 0, &cbSize);
+        rc = EMInterpretInstruction(pVM, pVCpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
 
         switch (exitCode - SVM_EXIT_WRITE_CR0)
@@ -1721 +1721 @@
             &&  VM_FF_ISPENDING(pVM, VM_FF_PGM_SYNC_CR3 | VM_FF_PGM_SYNC_CR3_NON_GLOBAL))
         {
-            rc = PGMSyncCR3(pVM, CPUMGetGuestCR0(pVM), CPUMGetGuestCR3(pVM), CPUMGetGuestCR4(pVM), VM_FF_ISSET(pVM, VM_FF_PGM_SYNC_CR3));
+            rc = PGMSyncCR3(pVM, pVCpu, pCtx->cr0, pCtx->cr3, pCtx->cr4, VM_FF_ISSET(pVM, VM_FF_PGM_SYNC_CR3));
             AssertRC(rc);
 
@@ -1727 +1727 @@
 
             /* Must be set by PGMSyncCR3 */
-            Assert(rc != VINF_SUCCESS || PGMGetGuestMode(pVM) <= PGMMODE_PROTECTED || pVCpu->hwaccm.s.fForceTLBFlush);
+            Assert(rc != VINF_SUCCESS || PGMGetGuestMode(pVCpu) <= PGMMODE_PROTECTED || pVCpu->hwaccm.s.fForceTLBFlush);
         }
         if (rc == VINF_SUCCESS)
@@ -1750 +1750 @@
         Log2(("SVM: %RGv mov x, cr%d\n", (RTGCPTR)pCtx->rip, exitCode - SVM_EXIT_READ_CR0));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitCRxRead[exitCode - SVM_EXIT_READ_CR0]);
-        rc = EMInterpretInstruction(pVM, CPUMCTX2CORE(pCtx), 0, &cbSize);
+        rc = EMInterpretInstruction(pVM, pVCpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
         if (rc == VINF_SUCCESS)
         {
@@ -1789 +1789 @@
         }
 
-        rc = EMInterpretInstruction(pVM, CPUMCTX2CORE(pCtx), 0, &cbSize);
+        rc = EMInterpretInstruction(pVM, pVCpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
         if (rc == VINF_SUCCESS)
         {
@@ -1829 +1829 @@
         }
 
-        rc = EMInterpretInstruction(pVM, CPUMCTX2CORE(pCtx), 0, &cbSize);
+        rc = EMInterpretInstruction(pVM, pVCpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
         if (rc == VINF_SUCCESS)
         {
@@ -1881 +1881 @@
 
             /* Disassemble manually to deal with segment prefixes. */
-            rc = EMInterpretDisasOne(pVM, CPUMCTX2CORE(pCtx), &Cpu, NULL);
+            rc = EMInterpretDisasOne(pVM, pVCpu, CPUMCTX2CORE(pCtx), &Cpu, NULL);
             if (rc == VINF_SUCCESS)
             {
@@ -1949 +1949 @@
                             SVM_EVENT Event;
 
-                            Assert(CPUMIsGuestDebugStateActive(pVM));
+                            Assert(CPUMIsGuestDebugStateActive(pVCpu));
 
                             /* Clear all breakpoint status flags and set the one we just hit. */
@@ -2048 +2048 @@
         /* Note: the intel manual claims there's a REX version of RDMSR that's slightly different, so we play safe by completely disassembling the instruction. */
         Log(("SVM: %s\n", (pVMCB->ctrl.u64ExitInfo1 == 0) ? "rdmsr" : "wrmsr"));
-        rc = EMInterpretInstruction(pVM, CPUMCTX2CORE(pCtx), 0, &cbSize);
+        rc = EMInterpretInstruction(pVM, pVCpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
         if (rc == VINF_SUCCESS)
         {
@@ -2092 +2092 @@
 
     /* Signal changes for the recompiler. */
-    CPUMSetChangedFlags(pVM, CPUM_CHANGED_SYSENTER_MSR | CPUM_CHANGED_LDTR | CPUM_CHANGED_GDTR | CPUM_CHANGED_IDTR | CPUM_CHANGED_TR | CPUM_CHANGED_HIDDEN_SEL_REGS);
+    CPUMSetChangedFlags(pVCpu, CPUM_CHANGED_SYSENTER_MSR | CPUM_CHANGED_LDTR | CPUM_CHANGED_GDTR | CPUM_CHANGED_IDTR | CPUM_CHANGED_TR | CPUM_CHANGED_HIDDEN_SEL_REGS);
 
     /* If we executed vmrun and an external irq was pending, then we don't have to do a full sync the next time. */
@@ -2154 +2154 @@
 
     /* Save the guest debug state if necessary. */
-    if (CPUMIsGuestDebugStateActive(pVM))
+    if (CPUMIsGuestDebugStateActive(pVCpu))
     {
         CPUMR0SaveGuestDebugState(pVM, pVCpu, pCtx, false /* skip DR6 */);
@@ -2172 +2172 @@
 
 
-static int svmR0InterpretInvlPg(PVM pVM, PDISCPUSTATE pCpu, PCPUMCTXCORE pRegFrame, uint32_t uASID)
+static int svmR0InterpretInvlPg(PVM pVM, PVMCPU pVCpu, PDISCPUSTATE pCpu, PCPUMCTXCORE pRegFrame, uint32_t uASID)
 {
     OP_PARAMVAL param1;
@@ -2197 +2197 @@
      * (in absence of segment override prefixes)????
      */
-    rc = PGMInvalidatePage(pVM, addr);
+    rc = PGMInvalidatePage(pVM, pVCpu, addr);
     if (RT_SUCCESS(rc))
     {
@@ -2223 +2223 @@
  *                      Updates the EIP if an instruction was executed successfully.
  */
-static int SVMR0InterpretInvpg(PVM pVM, PCPUMCTXCORE pRegFrame, uint32_t uASID)
+static int SVMR0InterpretInvpg(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pRegFrame, uint32_t uASID)
 {
     /*
@@ -2239 +2239 @@
 
             Cpu.mode = enmMode;
-            rc = EMInterpretDisasOneEx(pVM, pbCode, pRegFrame, &Cpu, &cbOp);
+            rc = EMInterpretDisasOneEx(pVM, pVCpu, pbCode, pRegFrame, &Cpu, &cbOp);
             Assert(RT_FAILURE(rc) || Cpu.pCurInstr->opcode == OP_INVLPG);
             if (RT_SUCCESS(rc) && Cpu.pCurInstr->opcode == OP_INVLPG)
             {
                 Assert(cbOp == Cpu.opsize);
-                rc = svmR0InterpretInvlPg(pVM, &Cpu, pRegFrame, uASID);
+                rc = svmR0InterpretInvlPg(pVM, pVCpu, &Cpu, pRegFrame, uASID);
                 if (RT_SUCCESS(rc))
                 {
@@ -2285 +2285 @@
 #if HC_ARCH_BITS == 32
         /* If we get a flush in 64 bits guest mode, then force a full TLB flush. Invlpga takes only 32 bits addresses. */
-        if (CPUMIsGuestInLongMode(pVM))
+        if (CPUMIsGuestInLongMode(pVCpu))
             pVCpu->hwaccm.s.fForceTLBFlush = true;
         else
@@ -2351 +2351 @@
     RTHCUINTREG     uFlags;
 
-    /* @todo This code is not guest SMP safe (hyper context) */
+    /* @todo This code is not guest SMP safe (hyper stack) */
     AssertReturn(pVM->cCPUs == 1, VERR_ACCESS_DENIED);
     Assert(pfnHandler);
@@ -2357 +2357 @@
     uFlags = ASMIntDisableFlags();
 
-    CPUMSetHyperESP(pVM, VMMGetStackRC(pVM));
-    CPUMSetHyperEIP(pVM, pfnHandler);
+    CPUMSetHyperESP(pVCpu, VMMGetStackRC(pVM));
+    CPUMSetHyperEIP(pVCpu, pfnHandler);
     for (int i=(int)cbParam-1;i>=0;i--)
-        CPUMPushHyper(pVM, paParam[i]);
+        CPUMPushHyper(pVCpu, paParam[i]);
 
     STAM_PROFILE_ADV_START(&pVCpu->hwaccm.s.StatWorldSwitch3264, z);

trunk/src/VBox/VMM/VMMR0/HWVMXR0.cpp

@@ -1056 +1056 @@
         for (unsigned i=0;i<4;i++)
         {
-            Pdpe = PGMGstGetPaePDPtr(pVM, i);
+            Pdpe = PGMGstGetPaePDPtr(pVCpu, i);
             int rc = VMXWriteVMCS64(VMX_VMCS_GUEST_PDPTR0_FULL + i*2, Pdpe.u);
             AssertRC(rc);
@@ -1181 +1181 @@
         if (pVM->hwaccm.s.vmx.pRealModeTSS)
         {
-            PGMMODE enmGuestMode = PGMGetGuestMode(pVM);
+            PGMMODE enmGuestMode = PGMGetGuestMode(pVCpu);
             if (pVCpu->hwaccm.s.vmx.enmLastSeenGuestMode != enmGuestMode)
             {
@@ -1491 +1491 @@
         if (pVM->hwaccm.s.fNestedPaging)
         {
-            Assert(PGMGetHyperCR3(pVM));
-            pVCpu->hwaccm.s.vmx.GCPhysEPTP = PGMGetHyperCR3(pVM);
+            Assert(PGMGetHyperCR3(pVCpu));
+            pVCpu->hwaccm.s.vmx.GCPhysEPTP = PGMGetHyperCR3(pVCpu);
 
             Assert(!(pVCpu->hwaccm.s.vmx.GCPhysEPTP & 0xfff));
@@ -1525 +1525 @@
         else
         {
-            val = PGMGetHyperCR3(pVM);
+            val = PGMGetHyperCR3(pVCpu);
             Assert(val || VM_FF_ISPENDING(pVM, VM_FF_PGM_SYNC_CR3 | VM_FF_PGM_SYNC_CR3_NON_GLOBAL));
         }
@@ -1550 +1550 @@
         /* Sync the debug state now if any breakpoint is armed. */
         if (    (pCtx->dr[7] & (X86_DR7_ENABLED_MASK|X86_DR7_GD))
-            &&  !CPUMIsGuestDebugStateActive(pVM)
+            &&  !CPUMIsGuestDebugStateActive(pVCpu)
             &&  !DBGFIsStepping(pVM))
         {
@@ -1693 +1693 @@
         Assert(uInterruptState <= 2);    /* only sti & mov ss */
         Log(("uInterruptState %x eip=%RGv\n", uInterruptState, pCtx->rip));
-        EMSetInhibitInterruptsPC(pVM, pCtx->rip);
+        EMSetInhibitInterruptsPC(pVM, pVCpu, pCtx->rip);
     }
     else
@@ -1702 +1702 @@
     VMXReadCachedVMCS(VMX_VMCS64_GUEST_CR0,              &val);
     val = (valShadow & pVCpu->hwaccm.s.vmx.cr0_mask) | (val & ~pVCpu->hwaccm.s.vmx.cr0_mask);
-    CPUMSetGuestCR0(pVM, val);
+    CPUMSetGuestCR0(pVCpu, val);
 
     VMXReadCachedVMCS(VMX_VMCS_CTRL_CR4_READ_SHADOW,     &valShadow);
     VMXReadCachedVMCS(VMX_VMCS64_GUEST_CR4,              &val);
     val = (valShadow & pVCpu->hwaccm.s.vmx.cr4_mask) | (val & ~pVCpu->hwaccm.s.vmx.cr4_mask);
-    CPUMSetGuestCR4(pVM, val);
+    CPUMSetGuestCR4(pVCpu, val);
 
     /* Note: no reason to sync back the CRx registers. They can't be changed by the guest. */
@@ -1717 +1717 @@
 
         /* Can be updated behind our back in the nested paging case. */
-        CPUMSetGuestCR2(pVM, pCache->cr2);
+        CPUMSetGuestCR2(pVCpu, pCache->cr2);
 
         VMXReadCachedVMCS(VMX_VMCS64_GUEST_CR3, &val);
@@ -1723 +1723 @@
         if (val != pCtx->cr3)
         {
-            CPUMSetGuestCR3(pVM, val);
-            PGMUpdateCR3(pVM, val);
+            CPUMSetGuestCR3(pVCpu, val);
+            PGMUpdateCR3(pVM, pVCpu, val);
         }
         /* Prefetch the four PDPT entries in PAE mode. */
@@ -2036 +2036 @@
     if (VM_FF_ISSET(pVM, VM_FF_INHIBIT_INTERRUPTS))
     {
-        Log(("VM_FF_INHIBIT_INTERRUPTS at %RGv successor %RGv\n", (RTGCPTR)pCtx->rip, EMGetInhibitInterruptsPC(pVM)));
-        if (pCtx->rip != EMGetInhibitInterruptsPC(pVM))
+        Log(("VM_FF_INHIBIT_INTERRUPTS at %RGv successor %RGv\n", (RTGCPTR)pCtx->rip, EMGetInhibitInterruptsPC(pVM, pVCpu)));
+        if (pCtx->rip != EMGetInhibitInterruptsPC(pVM, pVCpu))
         {
             /* Note: we intentionally don't clear VM_FF_INHIBIT_INTERRUPTS here.
@@ -2276 +2276 @@
 
     if (exitReason == VMX_EXIT_ERR_INVALID_GUEST_STATE)
-        HWACCMDumpRegs(pVM, pCtx);
+        HWACCMDumpRegs(pVM, pVCpu, pCtx);
 #endif
 
@@ -2388 +2388 @@
 
                 /* Forward it to our trap handler first, in case our shadow pages are out of sync. */
-                rc = PGMTrap0eHandler(pVM, errCode, CPUMCTX2CORE(pCtx), (RTGCPTR)exitQualification);
+                rc = PGMTrap0eHandler(pVM, pVCpu, errCode, CPUMCTX2CORE(pCtx), (RTGCPTR)exitQualification);
                 Log2(("PGMTrap0eHandler %RGv returned %Rrc\n", (RTGCPTR)pCtx->rip, rc));
                 if (rc == VINF_SUCCESS)
@@ -2538 +2538 @@
                 LogFlow(("Real mode X86_XCPT_GP instruction emulation at %RGv\n", (RTGCPTR)pCtx->rip));
 
-                rc = EMInterpretDisasOne(pVM, CPUMCTX2CORE(pCtx), &Cpu, &cbOp);
+                rc = EMInterpretDisasOne(pVM, pVCpu, CPUMCTX2CORE(pCtx), &Cpu, &cbOp);
                 if (RT_SUCCESS(rc))
                 {
@@ -2735 +2735 @@
 
                     default:
-                        rc = EMInterpretInstructionCPU(pVM, &Cpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
+                        rc = EMInterpretInstructionCPU(pVM, pVCpu, &Cpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
                         break;
                     }
@@ -2853 +2853 @@
 
         /* Handle the pagefault trap for the nested shadow table. */
-        rc = PGMR0Trap0eHandlerNestedPaging(pVM, PGMMODE_EPT, errCode, CPUMCTX2CORE(pCtx), GCPhys);
+        rc = PGMR0Trap0eHandlerNestedPaging(pVM, pVCpu, PGMMODE_EPT, errCode, CPUMCTX2CORE(pCtx), GCPhys);
         Log2(("PGMR0Trap0eHandlerNestedPaging %RGv returned %Rrc\n", (RTGCPTR)pCtx->rip, rc));
         if (rc == VINF_SUCCESS)
@@ -2908 +2908 @@
         Log2(("VMX: Cpuid %x\n", pCtx->eax));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitCpuid);
-        rc = EMInterpretCpuId(pVM, CPUMCTX2CORE(pCtx));
+        rc = EMInterpretCpuId(pVM, pVCpu, CPUMCTX2CORE(pCtx));
         if (rc == VINF_SUCCESS)
         {
@@ -2925 +2925 @@
         Log2(("VMX: Rdpmc %x\n", pCtx->ecx));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitRdpmc);
-        rc = EMInterpretRdpmc(pVM, CPUMCTX2CORE(pCtx));
+        rc = EMInterpretRdpmc(pVM, pVCpu, CPUMCTX2CORE(pCtx));
         if (rc == VINF_SUCCESS)
         {
@@ -2941 +2941 @@
         Log2(("VMX: Rdtsc\n"));
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitRdtsc);
-        rc = EMInterpretRdtsc(pVM, CPUMCTX2CORE(pCtx));
+        rc = EMInterpretRdtsc(pVM, pVCpu, CPUMCTX2CORE(pCtx));
         if (rc == VINF_SUCCESS)
         {
@@ -2959 +2959 @@
 
         STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitInvpg);
-        rc = EMInterpretInvlpg(pVM, CPUMCTX2CORE(pCtx), exitQualification);
+        rc = EMInterpretInvlpg(pVM, pVCpu, CPUMCTX2CORE(pCtx), exitQualification);
         if (rc == VINF_SUCCESS)
         {
@@ -2977 +2977 @@
         /* Note: the intel manual claims there's a REX version of RDMSR that's slightly different, so we play safe by completely disassembling the instruction. */
         Log2(("VMX: %s\n", (exitReason == VMX_EXIT_RDMSR) ? "rdmsr" : "wrmsr"));
-        rc = EMInterpretInstruction(pVM, CPUMCTX2CORE(pCtx), 0, &cbSize);
+        rc = EMInterpretInstruction(pVM, pVCpu, CPUMCTX2CORE(pCtx), 0, &cbSize);
         if (rc == VINF_SUCCESS)
         {
@@ -2998 +2998 @@
             Log2(("VMX: %RGv mov cr%d, x\n", (RTGCPTR)pCtx->rip, VMX_EXIT_QUALIFICATION_CRX_REGISTER(exitQualification)));
             STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitCRxWrite[VMX_EXIT_QUALIFICATION_CRX_REGISTER(exitQualification)]);
-            rc = EMInterpretCRxWrite(pVM, CPUMCTX2CORE(pCtx),
+            rc = EMInterpretCRxWrite(pVM, pVCpu, CPUMCTX2CORE(pCtx),
                                      VMX_EXIT_QUALIFICATION_CRX_REGISTER(exitQualification),
                                      VMX_EXIT_QUALIFICATION_CRX_GENREG(exitQualification));
@@ -3029 +3029 @@
                 &&  VM_FF_ISPENDING(pVM, VM_FF_PGM_SYNC_CR3 | VM_FF_PGM_SYNC_CR3_NON_GLOBAL))
             {
-                rc = PGMSyncCR3(pVM, CPUMGetGuestCR0(pVM), CPUMGetGuestCR3(pVM), CPUMGetGuestCR4(pVM), VM_FF_ISSET(pVM, VM_FF_PGM_SYNC_CR3));
+                rc = PGMSyncCR3(pVM, pVCpu, pCtx->cr0, pCtx->cr3, pCtx->cr4, VM_FF_ISSET(pVM, VM_FF_PGM_SYNC_CR3));
                 AssertRC(rc);
             }
@@ -3043 +3043 @@
             Assert(VMX_EXIT_QUALIFICATION_CRX_REGISTER(exitQualification) != 8 || !(pVM->hwaccm.s.vmx.msr.vmx_proc_ctls.n.allowed1 & VMX_VMCS_CTRL_PROC_EXEC_CONTROLS_USE_TPR_SHADOW));
 
-            rc = EMInterpretCRxRead(pVM, CPUMCTX2CORE(pCtx),
+            rc = EMInterpretCRxRead(pVM, pVCpu, CPUMCTX2CORE(pCtx),
                                     VMX_EXIT_QUALIFICATION_CRX_GENREG(exitQualification),
                                     VMX_EXIT_QUALIFICATION_CRX_REGISTER(exitQualification));
@@ -3051 +3051 @@
             Log2(("VMX: clts\n"));
             STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitCLTS);
-            rc = EMInterpretCLTS(pVM);
+            rc = EMInterpretCLTS(pVM, pVCpu);
             pVCpu->hwaccm.s.fContextUseFlags |= HWACCM_CHANGED_GUEST_CR0;
             break;
@@ -3058 +3058 @@
             Log2(("VMX: lmsw %x\n", VMX_EXIT_QUALIFICATION_CRX_LMSW_DATA(exitQualification)));
             STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitLMSW);
-            rc = EMInterpretLMSW(pVM, CPUMCTX2CORE(pCtx), VMX_EXIT_QUALIFICATION_CRX_LMSW_DATA(exitQualification));
+            rc = EMInterpretLMSW(pVM, pVCpu, CPUMCTX2CORE(pCtx), VMX_EXIT_QUALIFICATION_CRX_LMSW_DATA(exitQualification));
             pVCpu->hwaccm.s.fContextUseFlags |= HWACCM_CHANGED_GUEST_CR0;
             break;
@@ -3107 +3107 @@
             Log2(("VMX: mov drx%d, genreg%d\n", VMX_EXIT_QUALIFICATION_DRX_REGISTER(exitQualification), VMX_EXIT_QUALIFICATION_DRX_GENREG(exitQualification)));
             STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitDRxWrite);
-            rc = EMInterpretDRxWrite(pVM, CPUMCTX2CORE(pCtx),
+            rc = EMInterpretDRxWrite(pVM, pVCpu, CPUMCTX2CORE(pCtx),
                                      VMX_EXIT_QUALIFICATION_DRX_REGISTER(exitQualification),
                                      VMX_EXIT_QUALIFICATION_DRX_GENREG(exitQualification));
@@ -3117 +3117 @@
             Log2(("VMX: mov x, drx\n"));
             STAM_COUNTER_INC(&pVCpu->hwaccm.s.StatExitDRxRead);
-            rc = EMInterpretDRxRead(pVM, CPUMCTX2CORE(pCtx),
+            rc = EMInterpretDRxRead(pVM, pVCpu, CPUMCTX2CORE(pCtx),
                                     VMX_EXIT_QUALIFICATION_DRX_GENREG(exitQualification),
                                     VMX_EXIT_QUALIFICATION_DRX_REGISTER(exitQualification));
@@ -3168 +3168 @@
             /** @todo VMX_VMCS_EXIT_GUEST_LINEAR_ADDR contains the flat pointer operand of the instruction. */
             /** @todo VMX_VMCS32_RO_EXIT_INSTR_INFO also contains segment prefix info. */
-            rc = EMInterpretDisasOne(pVM, CPUMCTX2CORE(pCtx), &Cpu, NULL);
+            rc = EMInterpretDisasOne(pVM, pVCpu, CPUMCTX2CORE(pCtx), &Cpu, NULL);
             if (rc == VINF_SUCCESS)
             {
@@ -3236 +3236 @@
                             uint64_t uDR6;
 
-                            Assert(CPUMIsGuestDebugStateActive(pVM));
+                            Assert(CPUMIsGuestDebugStateActive(pVCpu));
 
                             uDR6 = ASMGetDR6();
@@ -3459 +3459 @@
 
     /* Signal changes for the recompiler. */
-    CPUMSetChangedFlags(pVM, CPUM_CHANGED_SYSENTER_MSR | CPUM_CHANGED_LDTR | CPUM_CHANGED_GDTR | CPUM_CHANGED_IDTR | CPUM_CHANGED_TR | CPUM_CHANGED_HIDDEN_SEL_REGS);
+    CPUMSetChangedFlags(pVCpu, CPUM_CHANGED_SYSENTER_MSR | CPUM_CHANGED_LDTR | CPUM_CHANGED_GDTR | CPUM_CHANGED_IDTR | CPUM_CHANGED_TR | CPUM_CHANGED_HIDDEN_SEL_REGS);
 
     /* If we executed vmlaunch/vmresume and an external irq was pending, then we don't have to do a full sync the next time. */
@@ -3541 +3541 @@
 
     /* Save the guest debug state if necessary. */
-    if (CPUMIsGuestDebugStateActive(pVM))
+    if (CPUMIsGuestDebugStateActive(pVCpu))
     {
         CPUMR0SaveGuestDebugState(pVM, pVCpu, pCtx, true /* save DR6 */);
@@ -3598 +3598 @@
 #if HC_ARCH_BITS == 32
     /* If we get a flush in 64 bits guest mode, then force a full TLB flush. Invvpid probably takes only 32 bits addresses. (@todo) */
-    if (   CPUMIsGuestInLongMode(pVM)
+    if (   CPUMIsGuestInLongMode(pVCpu)
         && !VMX_IS_64BIT_HOST_MODE())
     {
@@ -3919 +3919 @@
     RTHCPHYS        pPageCpuPhys;
 
-    /* @todo This code is not guest SMP safe (hyper context) */
+    /* @todo This code is not guest SMP safe (hyper stack) */
     AssertReturn(pVM->cCPUs == 1, VERR_ACCESS_DENIED);
     AssertReturn(pVM->hwaccm.s.pfnHost32ToGuest64R0, VERR_INTERNAL_ERROR);
@@ -3944 +3944 @@
     ASMSetCR4(ASMGetCR4() & ~X86_CR4_VMXE);
 
-    CPUMSetHyperESP(pVM, VMMGetStackRC(pVM));
-    CPUMSetHyperEIP(pVM, pfnHandler);
+    CPUMSetHyperESP(pVCpu, VMMGetStackRC(pVM));
+    CPUMSetHyperEIP(pVCpu, pfnHandler);
     for (int i=(int)cbParam-1;i>=0;i--)
-        CPUMPushHyper(pVM, paParam[i]);
+        CPUMPushHyper(pVCpu, paParam[i]);
 
     STAM_PROFILE_ADV_START(&pVCpu->hwaccm.s.StatWorldSwitch3264, z);

trunk/src/VBox/VMM/VMMR0/PDMR0Device.cpp

@@ -30 +30 @@
 #include <VBox/mm.h>
 #include <VBox/vm.h>
+#include <VBox/vmm.h>
 #include <VBox/patm.h>
 #include <VBox/hwaccm.h>
@@ -70 +71 @@
 static DECLCALLBACK(PVM)  pdmR0DevHlp_GetVM(PPDMDEVINS pDevIns);
 static DECLCALLBACK(bool) pdmR0DevHlp_CanEmulateIoBlock(PPDMDEVINS pDevIns);
+static DECLCALLBACK(PVMCPU) pdmR0DevHlp_GetVMCPU(PPDMDEVINS pDevIns);
 /** @} */
 
@@ -138 +140 @@
     pdmR0DevHlp_GetVM,
     pdmR0DevHlp_CanEmulateIoBlock,
+    pdmR0DevHlp_GetVMCPU,
     PDM_DEVHLPR0_VERSION
 };
@@ -286 +289 @@
     LogFlow(("pdmR0DevHlp_A20IsEnabled: caller=%p/%d:\n", pDevIns, pDevIns->iInstance));
 
-    bool fEnabled = PGMPhysIsA20Enabled(pDevIns->Internal.s.pVMR0);
+    bool fEnabled = PGMPhysIsA20Enabled(VMMGetCpu(pDevIns->Internal.s.pVMR0));
 
     Log(("pdmR0DevHlp_A20IsEnabled: caller=%p/%d: returns %RTbool\n", pDevIns, pDevIns->iInstance, fEnabled));
@@ -362 +365 @@
     PDMDEV_ASSERT_DEVINS(pDevIns);
     LogFlow(("pdmR0DevHlp_GetVM: caller='%p'/%d\n", pDevIns, pDevIns->iInstance));
-    return HWACCMCanEmulateIoBlock(pDevIns->Internal.s.pVMR0);
-}
-
+    return HWACCMCanEmulateIoBlock(VMMGetCpu(pDevIns->Internal.s.pVMR0));
+}
+
+
+/** @copydoc PDMDEVHLPR0::pfnGetVMCPU */
+static DECLCALLBACK(PVMCPU) pdmR0DevHlp_GetVMCPU(PPDMDEVINS pDevIns)
+{
+    PDMDEV_ASSERT_DEVINS(pDevIns);
+    LogFlow(("pdmR0DevHlp_GetVMCPU: caller='%p'/%d\n", pDevIns, pDevIns->iInstance));
+    return VMMGetCpu(pDevIns->Internal.s.pVMR0);
+}
 
 

trunk/src/VBox/VMM/VMMR0/PGMR0.cpp

@@ -168 +168 @@
  * @returns VBox status code (appropriate for trap handling and GC return).
  * @param   pVM                 VM Handle.
+ * @param   pVCpu               VMCPU Handle.
  * @param   enmShwPagingMode    Paging mode for the nested page tables
  * @param   uErr                The trap error code.
@@ -173 +174 @@
  * @param   pvFault             The fault address.
  */
-VMMR0DECL(int) PGMR0Trap0eHandlerNestedPaging(PVM pVM, PGMMODE enmShwPagingMode, RTGCUINT uErr, PCPUMCTXCORE pRegFrame, RTGCPHYS pvFault)
+VMMR0DECL(int) PGMR0Trap0eHandlerNestedPaging(PVM pVM, PVMCPU pVCpu, PGMMODE enmShwPagingMode, RTGCUINT uErr, PCPUMCTXCORE pRegFrame, RTGCPHYS pvFault)
 {
     int rc;
 
     LogFlow(("PGMTrap0eHandler: uErr=%#x pvFault=%RGp eip=%RGv\n", uErr, pvFault, (RTGCPTR)pRegFrame->rip));
-    STAM_PROFILE_START(&pVM->pgm.s.StatRZTrap0e, a);
-    STAM_STATS({ pVM->pgm.s.CTX_SUFF(pStatTrap0eAttribution) = NULL; } );
+    STAM_PROFILE_START(&pVCpu->pgm.s.StatRZTrap0e, a);
+    STAM_STATS({ pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution) = NULL; } );
 
     /* AMD uses the host's paging mode; Intel has a single mode (EPT). */
@@ -193 +194 @@
         {
             if (uErr & X86_TRAP_PF_RW)
-                STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eUSNotPresentWrite);
+                STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eUSNotPresentWrite);
             else
-                STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eUSNotPresentRead);
+                STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eUSNotPresentRead);
         }
         else if (uErr & X86_TRAP_PF_RW)
-            STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eUSWrite);
+            STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eUSWrite);
         else if (uErr & X86_TRAP_PF_RSVD)
-            STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eUSReserved);
+            STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eUSReserved);
         else if (uErr & X86_TRAP_PF_ID)
-            STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eUSNXE);
+            STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eUSNXE);
         else
-            STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eUSRead);
+            STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eUSRead);
     }
     else
@@ -211 +212 @@
         {
             if (uErr & X86_TRAP_PF_RW)
-                STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eSVNotPresentWrite);
+                STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eSVNotPresentWrite);
             else
-                STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eSVNotPresentRead);
+                STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eSVNotPresentRead);
         }
         else if (uErr & X86_TRAP_PF_RW)
-            STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eSVWrite);
+            STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eSVWrite);
         else if (uErr & X86_TRAP_PF_ID)
-            STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eSNXE);
+            STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eSNXE);
         else if (uErr & X86_TRAP_PF_RSVD)
-            STAM_COUNTER_INC(&pVM->pgm.s.StatRZTrap0eSVReserved);
+            STAM_COUNTER_INC(&pVCpu->pgm.s.StatRZTrap0eSVReserved);
     }
 #endif
@@ -233 +234 @@
     {
     case PGMMODE_32_BIT:
-        rc = PGM_BTH_NAME_32BIT_PROT(Trap0eHandler)(pVM, uErr, pRegFrame, pvFault);
+        rc = PGM_BTH_NAME_32BIT_PROT(Trap0eHandler)(pVM, pVCpu, uErr, pRegFrame, pvFault);
         break;
     case PGMMODE_PAE:
     case PGMMODE_PAE_NX:
-        rc = PGM_BTH_NAME_PAE_PROT(Trap0eHandler)(pVM, uErr, pRegFrame, pvFault);
+        rc = PGM_BTH_NAME_PAE_PROT(Trap0eHandler)(pVM, pVCpu, uErr, pRegFrame, pvFault);
         break;
     case PGMMODE_AMD64:
     case PGMMODE_AMD64_NX:
-        rc = PGM_BTH_NAME_AMD64_PROT(Trap0eHandler)(pVM, uErr, pRegFrame, pvFault);
+        rc = PGM_BTH_NAME_AMD64_PROT(Trap0eHandler)(pVM, pVCpu, uErr, pRegFrame, pvFault);
         break;
     case PGMMODE_EPT:
-        rc = PGM_BTH_NAME_EPT_PROT(Trap0eHandler)(pVM, uErr, pRegFrame, pvFault);
+        rc = PGM_BTH_NAME_EPT_PROT(Trap0eHandler)(pVM, pVCpu, uErr, pRegFrame, pvFault);
         break;
     default:
@@ -253 +254 @@
     if (rc == VINF_PGM_SYNCPAGE_MODIFIED_PDE)
         rc = VINF_SUCCESS;
-    STAM_STATS({ if (!pVM->pgm.s.CTX_SUFF(pStatTrap0eAttribution))
-                    pVM->pgm.s.CTX_SUFF(pStatTrap0eAttribution) = &pVM->pgm.s.StatRZTrap0eTime2Misc; });
-    STAM_PROFILE_STOP_EX(&pVM->pgm.s.StatRZTrap0e, pVM->pgm.s.CTX_SUFF(pStatTrap0eAttribution), a);
+    STAM_STATS({ if (!pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution))
+                    pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution) = &pVCpu->pgm.s.StatRZTrap0eTime2Misc; });
+    STAM_PROFILE_STOP_EX(&pVCpu->pgm.s.StatRZTrap0e, pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution), a);
     return rc;
 }

trunk/src/VBox/VMM/VMMR0/PGMR0Bth.h

@@ -25 +25 @@
 *******************************************************************************/
 __BEGIN_DECLS
-PGM_BTH_DECL(int, Trap0eHandler)(PVM pVM, RTGCUINT uErr, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault);
+PGM_BTH_DECL(int, Trap0eHandler)(PVM pVM, PVMCPU pVCpu, RTGCUINT uErr, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault);
 __END_DECLS
 

trunk/src/VBox/VMM/VMMR0/VMMR0.cpp

@@ -529 +529 @@
 VMMR0DECL(void) VMMR0EntryFast(PVM pVM, unsigned idCpu, VMMR0OPERATION enmOperation)
 {
+    PVMCPU pVCpu = &pVM->aCpus[idCpu];
+
     if (RT_UNLIKELY(idCpu >= pVM->cCPUs))
     {
@@ -551 +553 @@
 
 #ifndef VBOX_WITH_2X_4GB_ADDR_SPACE_IN_R0
-                if (RT_UNLIKELY(!PGMGetHyperCR3(pVM)))
+                if (RT_UNLIKELY(!PGMGetHyperCR3(pVCpu)))
                 {
                     pVM->vmm.s.iLastGZRc = VERR_PGM_NO_CR3_SHADOW_ROOT;
@@ -797 +799 @@
 
 #ifndef VBOX_WITH_2X_4GB_ADDR_SPACE_IN_R0
-            if (RT_UNLIKELY(!PGMGetHyperCR3(pVM)))
+            if (RT_UNLIKELY(!PGMGetHyperCR3(VMMGetCpu0(pVM))))
                 return VERR_PGM_NO_CR3_SHADOW_ROOT;
 #endif