Changeset 30338 in vbox

Timestamp:

Jun 21, 2010 2:48:17 PM (14 years ago)

Author:

vboxsync

Message:

EM,IOM: Don't try write directly to the fault address as the backing page might be read-only (shared page, write monitored page or zero page) and require special handle. Took the simple way out, which is to take the same path as in ring-0/3. Converted the remaining EMGCA.asm bits to EMAllA.asm code.

Location:

trunk

Files:

: 8 edited

include/VBox/em.h (modified) (2 diffs)
include/VBox/mm.h (modified) (1 diff)
src/VBox/VMM/VMMAll/EMAll.cpp (modified) (12 diffs)
src/VBox/VMM/VMMAll/EMAllA.asm (modified) (6 diffs)
src/VBox/VMM/VMMAll/IOMAllMMIO.cpp (modified) (1 diff)
src/VBox/VMM/VMMAll/PGMAllPhys.cpp (modified) (1 diff)
src/VBox/VMM/VMMGC/EMGCA.asm (modified) (1 diff)
src/VBox/VMM/VMMGC/MMRamGC.cpp (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/include/VBox/em.h

-              r30050
+              r30338
 VMMDECL(uint32_t)   EMEmulateCmpXchg8b(void *pu32Param1, uint32_t *pEAX, uint32_t *pEDX, uint32_t uEBX, uint32_t uECX);
 VMMDECL(uint32_t)   EMEmulateLockCmpXchg8b(void *pu32Param1, uint32_t *pEAX, uint32_t *pEDX, uint32_t uEBX, uint32_t uECX);
+VMMDECL(uint32_t)   EMEmulateXAdd(void *pvParam1, void *pvParam2, size_t cbOp);
+VMMDECL(uint32_t)   EMEmulateLockXAdd(void *pvParam1, void *pvParam2, size_t cbOp);
 /** @} */
 …
  */
 VMMRCDECL(int)      EMGCTrap(PVM pVM, unsigned uTrap, PCPUMCTXCORE pRegFrame);
-VMMRCDECL(uint32_t) EMGCEmulateLockCmpXchg(RTRCPTR pu32Param1, uint32_t *pu32Param2, uint32_t u32Param3, size_t cbSize, uint32_t *pEflags);
-VMMRCDECL(uint32_t) EMGCEmulateCmpXchg(RTRCPTR pu32Param1, uint32_t *pu32Param2, uint32_t u32Param3, size_t cbSize, uint32_t *pEflags);
-VMMRCDECL(uint32_t) EMGCEmulateLockCmpXchg8b(RTRCPTR pu32Param1, uint32_t *pEAX, uint32_t *pEDX, uint32_t uEBX, uint32_t uECX, uint32_t *pEflags);
-VMMRCDECL(uint32_t) EMGCEmulateCmpXchg8b(RTRCPTR pu32Param1, uint32_t *pEAX, uint32_t *pEDX, uint32_t uEBX, uint32_t uECX, uint32_t *pEflags);
-VMMRCDECL(uint32_t) EMGCEmulateLockXAdd(RTRCPTR pu32Param1, uint32_t *pu32Param2, size_t cbSize, uint32_t *pEflags);
-VMMRCDECL(uint32_t) EMGCEmulateXAdd(RTRCPTR pu32Param1, uint32_t *pu32Param2, size_t cbSize, uint32_t *pEflags);
 /** @} */
 #endif /* IN_RC */

trunk/include/VBox/mm.h

-              r30050
+              r30338
 VMMRCDECL(void)     MMGCRamDeregisterTrapHandler(PVM pVM);
 VMMRCDECL(int)      MMGCRamReadNoTrapHandler(void *pDst, void *pSrc, size_t cb);
+/**
+ * @deprecated Don't use this as it doesn't check the page state.
+ */
 VMMRCDECL(int)      MMGCRamWriteNoTrapHandler(void *pDst, void *pSrc, size_t cb);
 VMMRCDECL(int)      MMGCRamRead(PVM pVM, void *pDst, void *pSrc, size_t cb);

trunk/src/VBox/VMM/VMMAll/EMAll.cpp

-              r29287
+              r30338
 DECLINLINE(int) emRamWrite(PVM pVM, PVMCPU pVCpu, PCPUMCTXCORE pCtxCore, RTGCPTR GCPtrDst, const void *pvSrc, uint32_t cb)
+{
+#ifdef IN_RC
+    int rc = MMGCRamWrite(pVM, (void *)(uintptr_t)GCPtrDst, (void *)pvSrc, cb);
+    if (RT_LIKELY(rc != VERR_ACCESS_DENIED))
+        return rc;
+    /*
+     * The page pool cache may end up here in some cases because it
+     * flushed one of the shadow mappings used by the trapping
+     * instruction and it either flushed the TLB or the CPU reused it.
+     * We want to play safe here, verifying that we've got write
+     * access doesn't cost us much (see PGMPhysGCPtr2GCPhys()).
+     */
+#endif
+    /* Don't use MMGCRamWrite here as it does not respect zero pages, shared
+       pages or write monitored pages. */
     return PGMPhysInterpretedWriteNoHandlers(pVCpu, pCtxCore, GCPtrDst, pvSrc, cb, /*fMayTrap*/ false);
+}
 …
     RTGCPTR GCPtrPar1 = param1.val.val64;
     GCPtrPar1 = emConvertToFlatAddr(pVM, pRegFrame, pDis, &pDis->param1, GCPtrPar1);
-#ifdef IN_RC
-    pvParam1  = (void *)(uintptr_t)GCPtrPar1;
-#else
     PGMPAGEMAPLOCK Lock;
     rc = PGMPhysGCPtr2CCPtr(pVCpu, GCPtrPar1, &pvParam1, &Lock);
     AssertRCReturn(rc, VERR_EM_INTERPRETER);
-#endif
     /* Try emulate it with a one-shot #PF handler in place. (RC) */
 …
     RTGCUINTREG32 eflags = 0;
-#ifdef IN_RC
-    MMGCRamRegisterTrapHandler(pVM);
-#endif
     rc = pfnEmulate(pvParam1, ValPar2, pDis->param2.size, &eflags);
-#ifdef IN_RC
-    MMGCRamDeregisterTrapHandler(pVM);
-#else
     PGMPhysReleasePageMappingLock(pVM, &Lock);
-#endif
     if (RT_FAILURE(rc))
+    {
 …
 #endif
-#ifdef IN_RC
-    pvParam1  = (void *)(uintptr_t)GCPtrPar1;
-#else
     PGMPAGEMAPLOCK Lock;
     rc = PGMPhysGCPtr2CCPtr(pVCpu, GCPtrPar1, &pvParam1, &Lock);
     AssertRCReturn(rc, VERR_EM_INTERPRETER);
-#endif
     Log2(("emInterpretLockBitTest %s: pvFault=%RGv GCPtrPar1=%RGv imm=%RX64\n", emGetMnemonic(pDis), pvFault, GCPtrPar1, ValPar2));
 …
     /* Try emulate it with a one-shot #PF handler in place. (RC) */
     RTGCUINTREG32 eflags = 0;
-#ifdef IN_RC
-    MMGCRamRegisterTrapHandler(pVM);
-#endif
     rc = pfnEmulate(pvParam1, ValPar2, &eflags);
-#ifdef IN_RC
-    MMGCRamDeregisterTrapHandler(pVM);
-#else
     PGMPhysReleasePageMappingLock(pVM, &Lock);
-#endif
     if (RT_FAILURE(rc))
+    {
 …
 #endif /* !IN_RC */
-#ifndef IN_RC
 /**
 …
+}
+#else /* IN_RC */
 /**
  * [LOCK] CMPXCHG emulation.
  */
 static int emInterpretCmpXchg(PVM pVM, PVMCPU pVCpu, PDISCPUSTATE pDis, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault, uint32_t *pcbSize)
+#ifdef IN_RC /** @todo test+enable for HWACCM as well. */
+/**
+ * [LOCK] XADD emulation.
+ */
+static int emInterpretXAdd(PVM pVM, PVMCPU pVCpu, PDISCPUSTATE pDis, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault, uint32_t *pcbSize)
+{
     Assert(pDis->mode != CPUMODE_64BIT);    /** @todo check */
+    OP_PARAMVAL param1, param2;
+    OP_PARAMVAL param1;
+    void *pvParamReg2;
+    size_t cbParamReg2;
     /* Source to make DISQueryParamVal read the register value - ugly hack */
 …
         return VERR_EM_INTERPRETER;
+    rc = DISQueryParamVal(pRegFrame, pDis, &pDis->param2, &param2, PARAM_SOURCE);
+    rc = DISQueryParamRegPtr(pRegFrame, pDis, &pDis->param2, &pvParamReg2, &cbParamReg2);
+    Assert(cbParamReg2 <= 4);
     if(RT_FAILURE(rc))
         return VERR_EM_INTERPRETER;
+#ifdef IN_RC
     if (TRPMHasTrap(pVCpu))
+    {
         if (TRPMGetErrorCode(pVCpu) & X86_TRAP_PF_RW)
+        {
+            RTRCPTR pParam1;
+            uint32_t valpar, eflags;
+#endif
+            RTGCPTR         GCPtrPar1;
+            void           *pvParam1;
+            uint32_t        eflags;
+            PGMPAGEMAPLOCK  Lock;
             AssertReturn(pDis->param1.size == pDis->param2.size, VERR_EM_INTERPRETER);
 …
+            {
             case PARMTYPE_ADDRESS:
+                pParam1 = (RTRCPTR)(uintptr_t)emConvertToFlatAddr(pVM, pRegFrame, pDis, &pDis->param1, (RTRCUINTPTR)param1.val.val64);
+                EM_ASSERT_FAULT_RETURN(pParam1 == (RTRCPTR)pvFault, VERR_EM_INTERPRETER);
+                GCPtrPar1 = emConvertToFlatAddr(pVM, pRegFrame, pDis, &pDis->param1, (RTRCUINTPTR)param1.val.val64);
+#ifdef IN_RC
+                EM_ASSERT_FAULT_RETURN(GCPtrPar1 == pvFault, VERR_EM_INTERPRETER);
+#endif
+                rc = PGMPhysGCPtr2CCPtr(pVCpu, GCPtrPar1, &pvParam1, &Lock);
+                AssertRCReturn(rc, VERR_EM_INTERPRETER);
                 break;
 …
+            }
+            switch(param2.type)
+            {
+            case PARMTYPE_IMMEDIATE: /* register actually */
+                valpar = param2.val.val32;
+                break;
+            default:
+                return VERR_EM_INTERPRETER;
+            }
+            LogFlow(("%s %RRv eax=%08x %08x\n", emGetMnemonic(pDis), pParam1, pRegFrame->eax, valpar));
+            MMGCRamRegisterTrapHandler(pVM);
+            LogFlow(("XAdd %RGv=%p reg=%ll08x\n", GCPtrPar1, pvParam1, *(uint64_t *)pvParamReg2));
             if (pDis->prefix & PREFIX_LOCK)
                 rc = EMGCEmulateLockCmpXchg(pParam1, &pRegFrame->eax, valpar, pDis->param2.size, &eflags);
+                eflags = EMEmulateLockXAdd(pvParam1, pvParamReg2, cbParamReg2);
             else
+                rc = EMGCEmulateCmpXchg(pParam1, &pRegFrame->eax, valpar, pDis->param2.size, &eflags);
+            MMGCRamDeregisterTrapHandler(pVM);
+            if (RT_FAILURE(rc))
+            {
+                Log(("%s %RGv eax=%08x %08x -> emulation failed due to page fault!\n", emGetMnemonic(pDis), pParam1, pRegFrame->eax, valpar));
+                return VERR_EM_INTERPRETER;
+            }
+            LogFlow(("%s %RRv eax=%08x %08x ZF=%d\n", emGetMnemonic(pDis), pParam1, pRegFrame->eax, valpar, !!(eflags & X86_EFL_ZF)));
+                eflags = EMEmulateXAdd(pvParam1, pvParamReg2, cbParamReg2);
+            LogFlow(("XAdd %RGv=%p reg=%ll08x ZF=%d\n", GCPtrPar1, pvParam1, *(uint64_t *)pvParamReg2, !!(eflags & X86_EFL_ZF) ));
             /* Update guest's eflags and finish. */
 …
                                   | (eflags                &  (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
+            *pcbSize = param2.size;
+            *pcbSize = cbParamReg2;
+            PGMPhysReleasePageMappingLock(pVM, &Lock);
             return VINF_SUCCESS;
+#ifdef IN_RC
+        }
+    }
     return VERR_EM_INTERPRETER;
+}
+/**
+ * [LOCK] CMPXCHG8B emulation.
+ */
+static int emInterpretCmpXchg8b(PVM pVM, PVMCPU pVCpu, PDISCPUSTATE pDis, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault, uint32_t *pcbSize)
+{
+    Assert(pDis->mode != CPUMODE_64BIT);    /** @todo check */
+    OP_PARAMVAL param1;
+    /* Source to make DISQueryParamVal read the register value - ugly hack */
+    int rc = DISQueryParamVal(pRegFrame, pDis, &pDis->param1, &param1, PARAM_SOURCE);
+    if(RT_FAILURE(rc))
+        return VERR_EM_INTERPRETER;
+    if (TRPMHasTrap(pVCpu))
+    {
+        if (TRPMGetErrorCode(pVCpu) & X86_TRAP_PF_RW)
+        {
+            RTRCPTR pParam1;
+            uint32_t eflags;
+            AssertReturn(pDis->param1.size == 8, VERR_EM_INTERPRETER);
+            switch(param1.type)
+            {
+            case PARMTYPE_ADDRESS:
+                pParam1 = (RTRCPTR)(uintptr_t)emConvertToFlatAddr(pVM, pRegFrame, pDis, &pDis->param1, (RTRCUINTPTR)param1.val.val64);
+                EM_ASSERT_FAULT_RETURN(pParam1 == (RTRCPTR)pvFault, VERR_EM_INTERPRETER);
+                break;
+            default:
+                return VERR_EM_INTERPRETER;
+            }
+            LogFlow(("%s %RRv=%08x eax=%08x\n", emGetMnemonic(pDis), pParam1, pRegFrame->eax));
+            MMGCRamRegisterTrapHandler(pVM);
+            if (pDis->prefix & PREFIX_LOCK)
+                rc = EMGCEmulateLockCmpXchg8b(pParam1, &pRegFrame->eax, &pRegFrame->edx, pRegFrame->ebx, pRegFrame->ecx, &eflags);
+            else
+                rc = EMGCEmulateCmpXchg8b(pParam1, &pRegFrame->eax, &pRegFrame->edx, pRegFrame->ebx, pRegFrame->ecx, &eflags);
+            MMGCRamDeregisterTrapHandler(pVM);
+            if (RT_FAILURE(rc))
+            {
+                Log(("%s %RGv=%08x eax=%08x -> emulation failed due to page fault!\n", emGetMnemonic(pDis), pParam1, pRegFrame->eax));
+                return VERR_EM_INTERPRETER;
+            }
+            LogFlow(("%s %RGv=%08x eax=%08x ZF=%d\n", emGetMnemonic(pDis), pParam1, pRegFrame->eax, !!(eflags & X86_EFL_ZF)));
+            /* Update guest's eflags and finish; note that *only* ZF is affected. */
+            pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_ZF))
+                                  | (eflags                &  (X86_EFL_ZF));
+            *pcbSize = 8;
+            return VINF_SUCCESS;
+        }
+    }
+    return VERR_EM_INTERPRETER;
+}
+#endif /* IN_RC */
+#ifdef IN_RC
+/**
+ * [LOCK] XADD emulation.
+ */
+static int emInterpretXAdd(PVM pVM, PVMCPU pVCpu, PDISCPUSTATE pDis, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault, uint32_t *pcbSize)
+{
+    Assert(pDis->mode != CPUMODE_64BIT);    /** @todo check */
+    OP_PARAMVAL param1;
+    uint32_t *pParamReg2;
+    size_t cbSizeParamReg2;
+    /* Source to make DISQueryParamVal read the register value - ugly hack */
+    int rc = DISQueryParamVal(pRegFrame, pDis, &pDis->param1, &param1, PARAM_SOURCE);
+    if(RT_FAILURE(rc))
+        return VERR_EM_INTERPRETER;
+    rc = DISQueryParamRegPtr(pRegFrame, pDis, &pDis->param2, (void **)&pParamReg2, &cbSizeParamReg2);
+    Assert(cbSizeParamReg2 <= 4);
+    if(RT_FAILURE(rc))
+        return VERR_EM_INTERPRETER;
+    if (TRPMHasTrap(pVCpu))
+    {
+        if (TRPMGetErrorCode(pVCpu) & X86_TRAP_PF_RW)
+        {
+            RTRCPTR pParam1;
+            uint32_t eflags;
+            AssertReturn(pDis->param1.size == pDis->param2.size, VERR_EM_INTERPRETER);
+            switch(param1.type)
+            {
+            case PARMTYPE_ADDRESS:
+                pParam1 = (RTRCPTR)(uintptr_t)emConvertToFlatAddr(pVM, pRegFrame, pDis, &pDis->param1, (RTRCUINTPTR)param1.val.val64);
+                EM_ASSERT_FAULT_RETURN(pParam1 == (RTRCPTR)pvFault, VERR_EM_INTERPRETER);
+                break;
+            default:
+                return VERR_EM_INTERPRETER;
+            }
+            LogFlow(("XAdd %RRv=%08x reg=%08x\n", pParam1, *pParamReg2));
+            MMGCRamRegisterTrapHandler(pVM);
+            if (pDis->prefix & PREFIX_LOCK)
+                rc = EMGCEmulateLockXAdd(pParam1, pParamReg2, cbSizeParamReg2, &eflags);
+            else
+                rc = EMGCEmulateXAdd(pParam1, pParamReg2, cbSizeParamReg2, &eflags);
+            MMGCRamDeregisterTrapHandler(pVM);
+            if (RT_FAILURE(rc))
+            {
+                Log(("XAdd %RGv reg=%08x -> emulation failed due to page fault!\n", pParam1, *pParamReg2));
+                return VERR_EM_INTERPRETER;
+            }
+            LogFlow(("XAdd %RGv reg=%08x ZF=%d\n", pParam1, *pParamReg2, !!(eflags & X86_EFL_ZF)));
+            /* Update guest's eflags and finish. */
+            pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
+                                  | (eflags                &  (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
+            *pcbSize = cbSizeParamReg2;
+            return VINF_SUCCESS;
+        }
+    }
+    return VERR_EM_INTERPRETER;
+#endif
+}
 #endif /* IN_RC */
 …
  * @copydoc EMInterpretInstructionCPU
  */
+DECLINLINE(int) emInterpretInstructionCPU(PVM pVM, PVMCPU pVCpu, PDISCPUSTATE pDis, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault, uint32_t *pcbSize, EMCODETYPE enmCodeType)
+DECLINLINE(int) emInterpretInstructionCPU(PVM pVM, PVMCPU pVCpu, PDISCPUSTATE pDis, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault,
+                                          uint32_t *pcbSize, EMCODETYPE enmCodeType)
+{
     Assert(enmCodeType == EMCODETYPE_SUPERVISOR || enmCodeType == EMCODETYPE_ALL);

trunk/src/VBox/VMM/VMMAll/EMAllA.asm

-              r28800
+              r30338
 ;; @def MY_PTR_REG
 ; The register we use for value pointers (And,Or,Dec,Inc).
+; The register we use for value pointers (And,Or,Dec,Inc,XAdd).
 %ifdef RT_ARCH_AMD64
  %define MY_PTR_REG     rcx
 …
 BITS 32
 %endif ; VBOX_WITH_HYBRID_32BIT_KERNEL_IN_R0
-%ifdef IN_RC
-; #PF resume point.
-GLOBALNAME EMEmulateLockAnd_Error
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-%endif
 ENDPROC     EMEmulateLockAnd
 …
 BITS 32
 %endif ; VBOX_WITH_HYBRID_32BIT_KERNEL_IN_R0
-%ifdef IN_RC
-; #PF resume point.
-GLOBALNAME EMEmulateLockOr_Error
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-%endif
 ENDPROC     EMEmulateLockOr
 …
 BITS 32
 %endif ; VBOX_WITH_HYBRID_32BIT_KERNEL_IN_R0
-%ifdef IN_RC
-; #PF resume point.
-GLOBALNAME EMEmulateLockXor_Error
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-%endif
 ENDPROC     EMEmulateLockXor
 …
     mov     eax, VINF_SUCCESS
     retn
-%ifdef IN_RC
-; #PF resume point.
-GLOBALNAME EMEmulateLockBtr_Error
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-%endif
 ENDPROC     EMEmulateLockBtr
 …
 ENDPROC     EMEmulateCmpXchg8b
+;;
+; Emulate LOCK XADD instruction.
+; VMMDECL(uint32_t)   EMEmulateLockXAdd(void *pvParam1, void *pvParam2, size_t cbOp);
+;
+; @returns (eax=)eflags
+; @param    [esp + 04h]  gcc:rdi  msc:rcx  Param 1 - First parameter - pointer to data item.
+; @param    [esp + 08h]  gcc:rsi  msc:rdx  Param 2 - Second parameter - pointer to second parameter (general register)
+; @param    [esp + 0ch]  gcc:rdx  msc:r8   Param 3 - Size of parameters - {1,2,4,8}.
+;
+align 16
+BEGINPROC   EMEmulateLockXAdd
+%ifdef RT_ARCH_AMD64
+ %ifdef RT_OS_WINDOWS
+    mov     rax, r8                     ; eax = size of parameters
+ %else  ; !RT_OS_WINDOWS
+    mov     rax, rdx                    ; rax = size of parameters
+    mov     rcx, rdi                    ; rcx = first parameter
+    mov     rdx, rsi                    ; rdx = second parameter
+ %endif ; !RT_OS_WINDOWS
+%else   ; !RT_ARCH_AMD64
+    mov     eax, [esp + 0ch]            ; eax = size of parameters
+    mov     ecx, [esp + 04h]            ; ecx = first parameter
+    mov     edx, [esp + 08h]            ; edx = second parameter
+%endif
+    ; switch on size
+%ifdef CAN_DO_8_BYTE_OP
+    cmp     al, 8
+    je short .do_qword                  ; 8 bytes variant
+%endif
+    cmp     al, 4
+    je short .do_dword                  ; 4 bytes variant
+    cmp     al, 2
+    je short .do_word                   ; 2 byte variant
+    cmp     al, 1
+    je short .do_byte                   ; 1 bytes variant
+    int3
+    ; workers
+%ifdef RT_ARCH_AMD64
+.do_qword:
+    mov     rax, qword [xDX]            ; load 2nd parameter's value
+    lock xadd qword [MY_PTR_REG], rax   ; do 8 bytes XADD
+    mov     qword [xDX], rax
+    jmp     short .done
+%endif
+.do_dword:
+    mov     eax, dword [xDX]            ; load 2nd parameter's value
+    lock xadd dword [MY_PTR_REG], eax   ; do 4 bytes XADD
+    mov     dword [xDX], eax
+    jmp     short .done
+.do_word:
+    mov     eax, dword [xDX]            ; load 2nd parameter's value
+    lock xadd word [MY_PTR_REG], ax     ; do 2 bytes XADD
+    mov     word [xDX], ax
+    jmp     short .done
+.do_byte:
+    mov     eax, dword [xDX]            ; load 2nd parameter's value
+    lock xadd byte [MY_PTR_REG], al     ; do 1 bytes XADD
+    mov     byte [xDX], al
+.done:
+    ; collect flags and return.
+    pushf
+    pop     MY_RET_REG
+    retn
+%ifdef VBOX_WITH_HYBRID_32BIT_KERNEL_IN_R0
+.do_qword:
+    db      0xea                        ; jmp far .sixtyfourbit_mode
+    dd      .sixtyfourbit_mode, NAME(SUPR0Abs64bitKernelCS)
+BITS 64
+.sixtyfourbit_mode:
+    and     esp, 0ffffffffh
+    and     edx, 0ffffffffh
+    and     MY_PTR_REG, 0ffffffffh
+    mov     rax, qword [rdx]            ; load 2nd parameter's value
+    and     [MY_PTR_REG64], rax         ; do 8 bytes XADD
+    jmp far [.fpret wrt rip]
+.fpret:                                 ; 16:32 Pointer to .done.
+    dd      .done, NAME(SUPR0AbsKernelCS)
+BITS 32
+%endif ; VBOX_WITH_HYBRID_32BIT_KERNEL_IN_R0
+ENDPROC     EMEmulateLockXAdd
+;;
+; Emulate XADD instruction.
+; VMMDECL(uint32_t)   EMEmulateXAdd(void *pvParam1, void *pvParam2, size_t cbOp);
+;
+; @returns eax=eflags
+; @param    [esp + 04h]  gcc:rdi  msc:rcx  Param 1 - First parameter - pointer to data item.
+; @param    [esp + 08h]  gcc:rsi  msc:rdx  Param 2 - Second parameter - pointer to second parameter (general register)
+; @param    [esp + 0ch]  gcc:rdx  msc:r8   Param 3 - Size of parameters - {1,2,4,8}.
+align 16
+BEGINPROC   EMEmulateXAdd
+%ifdef RT_ARCH_AMD64
+%ifdef RT_OS_WINDOWS
+    mov     rax, r8                     ; eax = size of parameters
+%else   ; !RT_OS_WINDOWS
+    mov     rax, rdx                    ; rax = size of parameters
+    mov     rcx, rdi                    ; rcx = first parameter
+    mov     rdx, rsi                    ; rdx = second parameter
+%endif  ; !RT_OS_WINDOWS
+%else   ; !RT_ARCH_AMD64
+    mov     eax, [esp + 0ch]            ; eax = size of parameters
+    mov     ecx, [esp + 04h]            ; ecx = first parameter
+    mov     edx, [esp + 08h]            ; edx = second parameter
+%endif
+    ; switch on size
+%ifdef CAN_DO_8_BYTE_OP
+    cmp     al, 8
+    je short .do_qword                  ; 8 bytes variant
+%endif
+    cmp     al, 4
+    je short .do_dword                  ; 4 bytes variant
+    cmp     al, 2
+    je short .do_word                   ; 2 byte variant
+    cmp     al, 1
+    je short .do_byte                   ; 1 bytes variant
+    int3
+    ; workers
+%ifdef RT_ARCH_AMD64
+.do_qword:
+    mov     rax, qword [xDX]            ; load 2nd parameter's value
+    xadd    qword [MY_PTR_REG], rax   ; do 8 bytes XADD
+    mov     qword [xDX], rax
+    jmp     short .done
+%endif
+.do_dword:
+    mov     eax, dword [xDX]            ; load 2nd parameter's value
+    xadd    dword [MY_PTR_REG], eax     ; do 4 bytes XADD
+    mov     dword [xDX], eax
+    jmp     short .done
+.do_word:
+    mov     eax, dword [xDX]            ; load 2nd parameter's value
+    xadd    word [MY_PTR_REG], ax       ; do 2 bytes XADD
+    mov     word [xDX], ax
+    jmp     short .done
+.do_byte:
+    mov     eax, dword [xDX]            ; load 2nd parameter's value
+    xadd    byte [MY_PTR_REG], al       ; do 1 bytes XADD
+    mov     byte [xDX], al
+.done:
+    ; collect flags and return.
+    pushf
+    pop     MY_RET_REG
+    retn
+%ifdef VBOX_WITH_HYBRID_32BIT_KERNEL_IN_R0
+.do_qword:
+    db      0xea                        ; jmp far .sixtyfourbit_mode
+    dd      .sixtyfourbit_mode, NAME(SUPR0Abs64bitKernelCS)
+BITS 64
+.sixtyfourbit_mode:
+    and     esp, 0ffffffffh
+    and     edx, 0ffffffffh
+    and     MY_PTR_REG, 0ffffffffh
+    mov     rax, qword [rdx]            ; load 2nd parameter's value
+    and     [MY_PTR_REG64], rax         ; do 8 bytes XADD
+    jmp far [.fpret wrt rip]
+.fpret:                                 ; 16:32 Pointer to .done.
+    dd      .done, NAME(SUPR0AbsKernelCS)
+BITS 32
+%endif ; VBOX_WITH_HYBRID_32BIT_KERNEL_IN_R0
+ENDPROC     EMEmulateXAdd

trunk/src/VBox/VMM/VMMAll/IOMAllMMIO.cpp

-              r29436
+              r30338
      *        raw mode code. Some thought needs to be spent on theoretical concurrency issues as
      *        as well since we're not behind the pgm lock and handler may change between calls.
-     *        MMGCRamWriteNoTrapHandler may also trap if the page isn't shadowed, or was kicked
-     *        out from both the shadow pt (SMP or our changes) and TLB.
+     *
+     *        Currently MMGCRamWriteNoTrapHandler may also fail when it hits a write access handler.
+     *        PGMPhysInterpretedWriteNoHandlers/PGMPhysWriteGCPtr OTOH may mess up the state
+     *        of some shadowed structure in R0. */
+#ifdef IN_RC
+    NOREF(pCtxCore);
+    return MMGCRamWriteNoTrapHandler((void *)(uintptr_t)GCPtrDst, pvSrc, cb);
+#elif IN_RING0
+     *        PGMPhysInterpretedWriteNoHandlers/PGMPhysWriteGCPtr may mess up
+     *        the state of some shadowed structures. */
+#if defined(IN_RING0) || defined(IN_RC)
     return PGMPhysInterpretedWriteNoHandlers(pVCpu, pCtxCore, GCPtrDst, pvSrc, cb, false /*fRaiseTrap*/);
 #else

trunk/src/VBox/VMM/VMMAll/PGMAllPhys.cpp

-              r30078
+              r30338
      * 4. Set access bits if required.
      */
+    /** @todo Since this method is frequently used by EMInterpret or IOM
+     *        upon a write fault to an write access monitored page, we can
+     *        reuse the guest page table walking from the \#PF code. */
     int rc;
     unsigned cb1 = PAGE_SIZE - (GCPtrDst & PAGE_OFFSET_MASK);

trunk/src/VBox/VMM/VMMGC/EMGCA.asm

-              r28800
+              r30338
 BEGINCODE
-;;
-; Emulate LOCK CMPXCHG instruction, CDECL calling conv.
-; VMMRCDECL(uint32_t) EMGCEmulateLockCmpXchg(RTGCPTR pu32Param1, uint32_t *pu32Param2, uint32_t u32Param3, size_t cbSize, uint32_t *pEflags);
+;
-; @returns eax=0 if data written, other code - invalid access, #PF was generated.
-; @param    [esp + 04h]    Param 1 - First parameter - pointer to first parameter
-; @param    [esp + 08h]    Param 2 - Second parameter - pointer to second parameter (eax)
-; @param    [esp + 0ch]    Param 3 - Third parameter - third parameter
-; @param    [esp + 10h]    Param 4 - Size of parameters, only 1/2/4 is valid.
-; @param    [esp + 14h]    Param 4 - Pointer to eflags (out)
-; @uses     eax, ecx, edx
+;
-align 16
-BEGINPROC   EMGCEmulateLockCmpXchg
-    push    ebx
-    mov     ecx, [esp + 04h + 4]        ; ecx = first parameter
-    mov     ebx, [esp + 08h + 4]        ; ebx = 2nd parameter (eax)
-    mov     edx, [esp + 0ch + 4]        ; edx = third parameter
-    mov     eax, [esp + 10h + 4]        ; eax = size of parameters
-    cmp     al, 4
-    je short .do_dword                  ; 4 bytes variant
-    cmp     al, 2
-    je short .do_word                   ; 2 byte variant
-    cmp     al, 1
-    je short .do_byte                   ; 1 bytes variant
-    int3
-.do_dword:
-    ; load 2nd parameter's value
-    mov     eax, dword [ebx]
-    lock cmpxchg dword [ecx], edx            ; do 4 bytes CMPXCHG
-    mov     dword [ebx], eax
-    jmp     short .done
-.do_word:
-    ; load 2nd parameter's value
-    mov     eax, dword [ebx]
-    lock cmpxchg word [ecx], dx              ; do 2 bytes CMPXCHG
-    mov     word [ebx], ax
-    jmp     short .done
-.do_byte:
-    ; load 2nd parameter's value
-    mov     eax, dword [ebx]
-    lock cmpxchg byte [ecx], dl              ; do 1 bytes CMPXCHG
-    mov     byte [ebx], al
-.done:
-    ; collect flags and return.
-    pushf
-    pop     eax
-    mov     edx, [esp + 14h + 4]            ; eflags pointer
-    mov     dword [edx], eax
-    pop     ebx
-    mov     eax, VINF_SUCCESS
-    retn
-; Read error - we will be here after our page fault handler.
-GLOBALNAME EMGCEmulateLockCmpXchg_Error
-    pop     ebx
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-ENDPROC     EMGCEmulateLockCmpXchg
-;;
-; Emulate CMPXCHG instruction, CDECL calling conv.
-; VMMRCDECL(uint32_t) EMGCEmulateCmpXchg(RTGCPTR pu32Param1, uint32_t *pu32Param2, uint32_t u32Param3, size_t cbSize, uint32_t *pEflags);
+;
-; @returns eax=0 if data written, other code - invalid access, #PF was generated.
-; @param    [esp + 04h]    Param 1 - First parameter - pointer to first parameter
-; @param    [esp + 08h]    Param 2 - Second parameter - pointer to second parameter (eax)
-; @param    [esp + 0ch]    Param 3 - Third parameter - third parameter
-; @param    [esp + 10h]    Param 4 - Size of parameters, only 1/2/4 is valid.
-; @param    [esp + 14h]    Param 4 - Pointer to eflags (out)
-; @uses     eax, ecx, edx
+;
-align 16
-BEGINPROC   EMGCEmulateCmpXchg
-    push    ebx
-    mov     ecx, [esp + 04h + 4]        ; ecx = first parameter
-    mov     ebx, [esp + 08h + 4]        ; ebx = 2nd parameter (eax)
-    mov     edx, [esp + 0ch + 4]        ; edx = third parameter
-    mov     eax, [esp + 10h + 4]        ; eax = size of parameters
-    cmp     al, 4
-    je short .do_dword                  ; 4 bytes variant
-    cmp     al, 2
-    je short .do_word                   ; 2 byte variant
-    cmp     al, 1
-    je short .do_byte                   ; 1 bytes variant
-    int3
-.do_dword:
-    ; load 2nd parameter's value
-    mov     eax, dword [ebx]
-    cmpxchg dword [ecx], edx            ; do 4 bytes CMPXCHG
-    mov     dword [ebx], eax
-    jmp     short .done
-.do_word:
-    ; load 2nd parameter's value
-    mov     eax, dword [ebx]
-    cmpxchg word [ecx], dx              ; do 2 bytes CMPXCHG
-    mov     word [ebx], ax
-    jmp     short .done
-.do_byte:
-    ; load 2nd parameter's value
-    mov     eax, dword [ebx]
-    cmpxchg byte [ecx], dl              ; do 1 bytes CMPXCHG
-    mov     byte [ebx], al
-.done:
-    ; collect flags and return.
-    pushf
-    pop     eax
-    mov     edx, [esp + 14h + 4]        ; eflags pointer
-    mov     dword [edx], eax
-    pop     ebx
-    mov     eax, VINF_SUCCESS
-    retn
-; Read error - we will be here after our page fault handler.
-GLOBALNAME EMGCEmulateCmpXchg_Error
-    pop     ebx
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-ENDPROC     EMGCEmulateCmpXchg
-;;
-; Emulate LOCK CMPXCHG8B instruction, CDECL calling conv.
-; VMMRCDECL(uint32_t) EMGCEmulateLockCmpXchg8b(RTGCPTR pu32Param1, uint32_t *pEAX, uint32_t *pEDX, uint32_t uEBX, uint32_t uECX, uint32_t *pEflags);
+;
-; @returns eax=0 if data written, other code - invalid access, #PF was generated.
-; @param    [esp + 04h]    Param 1 - First parameter - pointer to first parameter
-; @param    [esp + 08h]    Param 2 - Address of the eax register
-; @param    [esp + 0ch]    Param 3 - Address of the edx register
-; @param    [esp + 10h]    Param 4 - EBX
-; @param    [esp + 14h]    Param 5 - ECX
-; @param    [esp + 18h]    Param 6 - Pointer to eflags (out)
-; @uses     eax, ecx, edx
+;
-align 16
-BEGINPROC   EMGCEmulateLockCmpXchg8b
-    push    ebp
-    push    ebx
-    mov     ebp, [esp + 04h + 8]        ; ebp = first parameter
-    mov     eax, [esp + 08h + 8]        ; &EAX
-    mov     eax, dword [eax]
-    mov     edx, [esp + 0ch + 8]        ; &EDX
-    mov     edx, dword [edx]
-    mov     ebx, [esp + 10h + 8]        ; EBX
-    mov     ecx, [esp + 14h + 8]        ; ECX
-%ifdef RT_OS_OS2
-    lock cmpxchg8b [ebp]                ; do CMPXCHG8B
-%else
-    lock cmpxchg8b qword [ebp]          ; do CMPXCHG8B
-%endif
-    mov     ebx, dword [esp + 08h + 8]
-    mov     dword [ebx], eax
-    mov     ebx, dword [esp + 0ch + 8]
-    mov     dword [ebx], edx
-    ; collect flags and return.
-    pushf
-    pop     eax
-    mov     edx, [esp + 18h + 8]            ; eflags pointer
-    mov     dword [edx], eax
-    pop     ebx
-    pop     ebp
-    mov     eax, VINF_SUCCESS
-    retn
-; Read error - we will be here after our page fault handler.
-GLOBALNAME EMGCEmulateLockCmpXchg8b_Error
-    pop     ebx
-    pop     ebp
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-ENDPROC     EMGCEmulateLockCmpXchg8b
-;;
-; Emulate CMPXCHG8B instruction, CDECL calling conv.
-; VMMRCDECL(uint32_t) EMGCEmulateCmpXchg8b(RTGCPTR pu32Param1, uint32_t *pEAX, uint32_t *pEDX, uint32_t uEBX, uint32_t uECX, uint32_t *pEflags);
+;
-; @returns eax=0 if data written, other code - invalid access, #PF was generated.
-; @param    [esp + 04h]    Param 1 - First parameter - pointer to first parameter
-; @param    [esp + 08h]    Param 2 - Address of the eax register
-; @param    [esp + 0ch]    Param 3 - Address of the edx register
-; @param    [esp + 10h]    Param 4 - EBX
-; @param    [esp + 14h]    Param 5 - ECX
-; @param    [esp + 18h]    Param 6 - Pointer to eflags (out)
-; @uses     eax, ecx, edx
+;
-align 16
-BEGINPROC   EMGCEmulateCmpXchg8b
-    push    ebp
-    push    ebx
-    mov     ebp, [esp + 04h + 8]        ; ebp = first parameter
-    mov     eax, [esp + 08h + 8]        ; &EAX
-    mov     eax, dword [eax]
-    mov     edx, [esp + 0ch + 8]        ; &EDX
-    mov     edx, dword [edx]
-    mov     ebx, [esp + 10h + 8]        ; EBX
-    mov     ecx, [esp + 14h + 8]        ; ECX
-%ifdef RT_OS_OS2
-    cmpxchg8b [ebp]                     ; do CMPXCHG8B
-%else
-    cmpxchg8b qword [ebp]               ; do CMPXCHG8B
-%endif
-    mov     ebx, dword [esp + 08h + 8]
-    mov     dword [ebx], eax
-    mov     ebx, dword [esp + 0ch + 8]
-    mov     dword [ebx], edx
-    ; collect flags and return.
-    pushf
-    pop     eax
-    mov     edx, [esp + 18h + 8]            ; eflags pointer
-    mov     dword [edx], eax
-    pop     ebx
-    pop     ebp
-    mov     eax, VINF_SUCCESS
-    retn
-; Read error - we will be here after our page fault handler.
-GLOBALNAME EMGCEmulateCmpXchg8b_Error
-    pop     ebx
-    pop     ebp
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-ENDPROC     EMGCEmulateCmpXchg8b
-;;
-; Emulate LOCK XADD instruction, CDECL calling conv.
-; VMMRCDECL(uint32_t) EMGCEmulateLockXAdd(RTGCPTR pu32Param1, uint32_t *pu32Param2, uint32_t u32Param3, size_t cbSize, uint32_t *pEflags);
+;
-; @returns eax=0 if data exchanged, other code - invalid access, #PF was generated.
-; @param    [esp + 04h]    Param 1 - First parameter - pointer to first parameter
-; @param    [esp + 08h]    Param 2 - Second parameter - pointer to second parameter (general register)
-; @param    [esp + 0ch]    Param 3 - Size of parameters, only 1/2/4 is valid.
-; @param    [esp + 10h]    Param 4 - Pointer to eflags (out)
-; @uses     eax, ecx, edx
+;
-align 16
-BEGINPROC   EMGCEmulateLockXAdd
-    mov     ecx, [esp + 04h + 0]        ; ecx = first parameter
-    mov     edx, [esp + 08h + 0]        ; edx = 2nd parameter
-    mov     eax, [esp + 0ch + 0]        ; eax = size of parameters
-    cmp     al, 4
-    je short .do_dword                  ; 4 bytes variant
-    cmp     al, 2
-    je short .do_word                   ; 2 byte variant
-    cmp     al, 1
-    je short .do_byte                   ; 1 bytes variant
-    int3
-.do_dword:
-    ; load 2nd parameter's value
-    mov     eax, dword [edx]
-    lock xadd dword [ecx], eax              ; do 4 bytes XADD
-    mov     dword [edx], eax
-    jmp     short .done
-.do_word:
-    ; load 2nd parameter's value
-    mov     eax, dword [edx]
-    lock xadd word [ecx], ax                ; do 2 bytes XADD
-    mov     word [edx], ax
-    jmp     short .done
-.do_byte:
-    ; load 2nd parameter's value
-    mov     eax, dword [edx]
-    lock xadd byte [ecx], al                ; do 1 bytes XADD
-    mov     byte [edx], al
-.done:
-    ; collect flags and return.
-    mov     edx, [esp + 10h + 0]            ; eflags pointer
-    pushf
-    pop     dword [edx]
-    mov     eax, VINF_SUCCESS
-    retn
-; Read error - we will be here after our page fault handler.
-GLOBALNAME EMGCEmulateLockXAdd_Error
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-ENDPROC     EMGCEmulateLockXAdd
-;;
-; Emulate XADD instruction, CDECL calling conv.
-; VMMRCDECL(uint32_t) EMGCEmulateXAdd(RTGCPTR pu32Param1, uint32_t *pu32Param2, uint32_t u32Param3, size_t cbSize, uint32_t *pEflags);
+;
-; @returns eax=0 if data written, other code - invalid access, #PF was generated.
-; @param    [esp + 04h]    Param 1 - First parameter - pointer to first parameter
-; @param    [esp + 08h]    Param 2 - Second parameter - pointer to second parameter (general register)
-; @param    [esp + 0ch]    Param 3 - Size of parameters, only 1/2/4 is valid.
-; @param    [esp + 10h]    Param 4 - Pointer to eflags (out)
-; @uses     eax, ecx, edx
+;
-align 16
-BEGINPROC   EMGCEmulateXAdd
-    mov     ecx, [esp + 04h + 0]        ; ecx = first parameter
-    mov     edx, [esp + 08h + 0]        ; edx = 2nd parameter (eax)
-    mov     eax, [esp + 0ch + 0]        ; eax = size of parameters
-    cmp     al, 4
-    je short .do_dword                  ; 4 bytes variant
-    cmp     al, 2
-    je short .do_word                   ; 2 byte variant
-    cmp     al, 1
-    je short .do_byte                   ; 1 bytes variant
-    int3
-.do_dword:
-    ; load 2nd parameter's value
-    mov     eax, dword [edx]
-    xadd    dword [ecx], eax            ; do 4 bytes XADD
-    mov     dword [edx], eax
-    jmp     short .done
-.do_word:
-    ; load 2nd parameter's value
-    mov     eax, dword [edx]
-    xadd    word [ecx], ax              ; do 2 bytes XADD
-    mov     word [edx], ax
-    jmp     short .done
-.do_byte:
-    ; load 2nd parameter's value
-    mov     eax, dword [edx]
-    xadd    byte [ecx], al              ; do 1 bytes XADD
-    mov     byte [edx], al
-.done:
-    ; collect flags and return.
-    mov     edx, [esp + 10h + 0]        ; eflags pointer
-    pushf
-    pop     dword [edx]
-    mov     eax, VINF_SUCCESS
-    retn
-; Read error - we will be here after our page fault handler.
-GLOBALNAME EMGCEmulateXAdd_Error
-    mov     eax, VERR_ACCESS_DENIED
-    ret
-ENDPROC     EMGCEmulateXAdd

trunk/src/VBox/VMM/VMMGC/MMRamGC.cpp

-              r28800
+              r30338
 DECLASM(void) MMGCRamReadNoTrapHandler_EndProc(void);
 DECLASM(void) MMGCRamWriteNoTrapHandler_EndProc(void);
-DECLASM(void) EMGCEmulateLockCmpXchg_EndProc(void);
-DECLASM(void) EMGCEmulateLockCmpXchg_Error(void);
-DECLASM(void) EMGCEmulateCmpXchg_EndProc(void);
-DECLASM(void) EMGCEmulateCmpXchg_Error(void);
-DECLASM(void) EMGCEmulateLockCmpXchg8b_EndProc(void);
-DECLASM(void) EMGCEmulateLockCmpXchg8b_Error(void);
-DECLASM(void) EMGCEmulateCmpXchg8b_EndProc(void);
-DECLASM(void) EMGCEmulateCmpXchg8b_Error(void);
-DECLASM(void) EMGCEmulateLockXAdd_EndProc(void);
-DECLASM(void) EMGCEmulateLockXAdd_Error(void);
-DECLASM(void) EMGCEmulateXAdd_EndProc(void);
-DECLASM(void) EMGCEmulateXAdd_Error(void);
-DECLASM(void) EMEmulateLockOr_EndProc(void);
-DECLASM(void) EMEmulateLockOr_Error(void);
-DECLASM(void) EMEmulateLockBtr_EndProc(void);
-DECLASM(void) EMEmulateLockBtr_Error(void);
 DECLASM(void) MMGCRamRead_Error(void);
 DECLASM(void) MMGCRamWrite_Error(void);
 …
  * @param   pSrc        Pointer to the data to write.
  * @param   cb          Size of data to write, only 1/2/4 is valid.
+ *
+ * @deprecated Don't use this as it doesn't check the page state.
  */
 VMMRCDECL(int) MMGCRamWrite(PVM pVM, void *pDst, void *pSrc, size_t cb)
 …
     /*
-     * Page fault inside EMGCEmulateLockCmpXchg()? Resume at _Error.
-     */
-    if (    (uintptr_t)&EMGCEmulateLockCmpXchg < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateLockCmpXchg_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMGCEmulateLockCmpXchg_Error;
-        return VINF_SUCCESS;
+    }
-    /*
-     * Page fault inside EMGCEmulateCmpXchg()? Resume at _Error.
-     */
-    if (    (uintptr_t)&EMGCEmulateCmpXchg < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateCmpXchg_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMGCEmulateCmpXchg_Error;
-        return VINF_SUCCESS;
+    }
-    /*
-     * Page fault inside EMGCEmulateLockCmpXchg8b()? Resume at _Error.
-     */
-    if (    (uintptr_t)&EMGCEmulateLockCmpXchg8b < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateLockCmpXchg8b_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMGCEmulateLockCmpXchg8b_Error;
-        return VINF_SUCCESS;
+    }
-    /*
-     * Page fault inside EMGCEmulateCmpXchg8b()? Resume at _Error.
-     */
-    if (    (uintptr_t)&EMGCEmulateCmpXchg8b < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateCmpXchg8b_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMGCEmulateCmpXchg8b_Error;
-        return VINF_SUCCESS;
+    }
-    /*
-     * Page fault inside EMGCEmulateLockXAdd()? Resume at _Error.
-     */
-    if (    (uintptr_t)&EMGCEmulateLockXAdd < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateLockXAdd_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMGCEmulateLockXAdd_Error;
-        return VINF_SUCCESS;
+    }
-    /*
-     * Page fault inside EMGCEmulateXAdd()? Resume at _Error.
-     */
-    if (    (uintptr_t)&EMGCEmulateXAdd < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateXAdd_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMGCEmulateXAdd_Error;
-        return VINF_SUCCESS;
+    }
-    /*
-     * Page fault inside EMEmulateLockOr()? Resume at *_Error.
-     */
-    if (    (uintptr_t)&EMEmulateLockOr < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMEmulateLockOr_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMEmulateLockOr_Error;
-        return VINF_SUCCESS;
+    }
-    /*
-     * Page fault inside EMEmulateLockBtr()? Resume at *_Error.
-     */
-    if (    (uintptr_t)&EMEmulateLockBtr < (uintptr_t)pRegFrame->eip
-        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMEmulateLockBtr_EndProc)
+    {
-        pRegFrame->eip = (uintptr_t)&EMEmulateLockBtr_Error;
-        return VINF_SUCCESS;
+    }
-    /*
      * #PF is not handled - cause guru meditation.
      */

Note: See TracChangeset for help on using the changeset viewer.

Changeset 30338 in vbox

Legend:

Download in other formats: