Changeset 47444 in vbox for trunk/src/VBox/VMM

Timestamp:

Jul 29, 2013 12:37:31 AM (12 years ago)

Author:

vboxsync

Message:

IEM,HM,PGM: Started on string I/O optimizations using IEM (disabled). Cleaned up confusing status code handling in hmR0VmxCheckForceFlags (involving PGM) as well as some use of incorrect doxygen groups (@name).

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/IEMAll.cpp (modified) (5 diffs)
• VMMAll/IEMAllCImplStrInstr.cpp.h (modified) (13 diffs)
• VMMAll/IEMAllInstructions.cpp.h (modified) (12 diffs)
• VMMAll/PGMAll.cpp (modified) (4 diffs)
• VMMR0/HMVMXR0.cpp (modified) (24 diffs)
• VMMR0/HWVMXR0.cpp (modified) (2 diffs)
• VMMR3/EM.cpp (modified) (1 diff)
• VMMR3/HM.cpp (modified) (1 diff)
• include/IEMInternal.h (modified) (2 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -742 +742 @@
     if (rcOldPassUp == VINF_SUCCESS)
         pIemCpu->rcPassUp = VBOXSTRICTRC_VAL(rcPassUp);
-    /* If both are EM scheduling code, use EM priority rules. */
+    /* If both are EM scheduling codes, use EM priority rules. */
     else if (   rcOldPassUp >= VINF_EM_FIRST && rcOldPassUp <= VINF_EM_LAST
              && rcPassUp    >= VINF_EM_FIRST && rcPassUp    <= VINF_EM_LAST)
@@ -764 +764 @@
         Log(("IEM: rcPassUp=%Rrc  rcOldPassUp=%Rrc!\n", VBOXSTRICTRC_VAL(rcPassUp), rcOldPassUp));
     return VINF_SUCCESS;
+}
+
+
+/**
+ * Initializes the execution state.
+ *
+ * @param   pIemCpu             The per CPU IEM state.
+ * @param   fBypassHandlers     Whether to bypass access handlers.
+ */
+DECLINLINE(void) iemInitExec(PIEMCPU pIemCpu, bool fBypassHandlers)
+{
+    PCPUMCTX pCtx  = pIemCpu->CTX_SUFF(pCtx);
+    PVMCPU   pVCpu = IEMCPU_TO_VMCPU(pIemCpu);
+
+#if defined(VBOX_STRICT) && (defined(IEM_VERIFICATION_MODE_FULL) || !defined(VBOX_WITH_RAW_MODE_NOT_R0))
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->cs));
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->ss));
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->es));
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->ds));
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->fs));
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->gs));
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->ldtr));
+    Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pCtx->tr));
+#endif
+
+#ifdef VBOX_WITH_RAW_MODE_NOT_R0
+    CPUMGuestLazyLoadHiddenCsAndSs(pVCpu);
+#endif
+    pIemCpu->uCpl               = CPUMGetGuestCPL(pVCpu);
+    IEMMODE enmMode = CPUMIsGuestIn64BitCodeEx(pCtx)
+                    ? IEMMODE_64BIT
+                    : pCtx->cs.Attr.n.u1DefBig /** @todo check if this is correct... */
+                    ? IEMMODE_32BIT
+                    : IEMMODE_16BIT;
+    pIemCpu->enmCpuMode         = enmMode;
+#ifdef VBOX_STRICT
+    pIemCpu->enmDefAddrMode     = (IEMMODE)0xc0fe;
+    pIemCpu->enmEffAddrMode     = (IEMMODE)0xc0fe;
+    pIemCpu->enmDefOpSize       = (IEMMODE)0xc0fe;
+    pIemCpu->enmEffOpSize       = (IEMMODE)0xc0fe;
+    pIemCpu->fPrefixes          = (IEMMODE)0xfeedbeef;
+    pIemCpu->uRexReg            = 127;
+    pIemCpu->uRexB              = 127;
+    pIemCpu->uRexIndex          = 127;
+    pIemCpu->iEffSeg            = 127;
+    pIemCpu->offOpcode          = 127;
+    pIemCpu->cbOpcode           = 127;
+#endif
+
+    pIemCpu->cActiveMappings    = 0;
+    pIemCpu->iNextMapping       = 0;
+    pIemCpu->rcPassUp           = VINF_SUCCESS;
+    pIemCpu->fBypassHandlers    = fBypassHandlers;
+#ifdef VBOX_WITH_RAW_MODE_NOT_R0
+    pIemCpu->fInPatchCode       = pIemCpu->uCpl == 0
+                               && pCtx->cs.u64Base == 0
+                               && pCtx->cs.u32Limit == UINT32_MAX
+                               && PATMIsPatchGCAddr(IEMCPU_TO_VM(pIemCpu), pCtx->eip);
+    if (!pIemCpu->fInPatchCode)
+        CPUMRawLeave(pVCpu, CPUMCTX2CORE(pCtx), VINF_SUCCESS);
+#endif
 }
 
@@ -9021 +9082 @@
 
 /**
- * The actual code execution bits of IEMExecOne, IEMExecOneEx, and
- * IEMExecOneWithPrefetchedByPC.
- *
- * @return  Strict VBox status code.
- * @param   pVCpu       The current virtual CPU.
+ * Makes status code addjustments (pass up from I/O and access handler)
+ * as well as maintaining statistics.
+ *
+ * @returns Strict VBox status code to pass up.
  * @param   pIemCpu     The IEM per CPU data.
- * @param   fExecuteInhibit     If set, execute the instruction following CLI,
- *                      POP SS and MOV SS,GR.
- */
-DECL_FORCE_INLINE(VBOXSTRICTRC) iemExecOneInner(PVMCPU pVCpu, PIEMCPU pIemCpu, bool fExecuteInhibit)
-{
-    uint8_t b; IEM_OPCODE_GET_NEXT_U8(&b);
-    VBOXSTRICTRC rcStrict = FNIEMOP_CALL(g_apfnOneByteMap[b]);
-    if (rcStrict == VINF_SUCCESS)
-        pIemCpu->cInstructions++;
-//#ifdef DEBUG
-//    AssertMsg(pIemCpu->offOpcode == cbInstr || rcStrict != VINF_SUCCESS, ("%u %u\n", pIemCpu->offOpcode, cbInstr));
-//#endif
-
-    /* Execute the next instruction as well if a cli, pop ss or
-       mov ss, Gr has just completed successfully. */
-    if (   fExecuteInhibit
-        && rcStrict == VINF_SUCCESS
-        && VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS)
-        && EMGetInhibitInterruptsPC(pVCpu) == pIemCpu->CTX_SUFF(pCtx)->rip )
-    {
-        rcStrict = iemInitDecoderAndPrefetchOpcodes(pIemCpu, pIemCpu->fBypassHandlers);
-        if (rcStrict == VINF_SUCCESS)
-        {
-            b; IEM_OPCODE_GET_NEXT_U8(&b);
-            rcStrict = FNIEMOP_CALL(g_apfnOneByteMap[b]);
-            if (rcStrict == VINF_SUCCESS)
-                pIemCpu->cInstructions++;
-        }
-        EMSetInhibitInterruptsPC(pVCpu, UINT64_C(0x7777555533331111));
-    }
-
-    /*
-     * Return value fiddling and statistics.
-     */
+ * @param   rcStrict    The status from executing an instruction.
+ */
+DECL_FORCE_INLINE(VBOXSTRICTRC) iemExecStatusCodeFiddling(PIEMCPU pIemCpu, VBOXSTRICTRC rcStrict)
+{
     if (rcStrict != VINF_SUCCESS)
     {
         if (RT_SUCCESS(rcStrict))
         {
-            AssertMsg(rcStrict >= VINF_EM_FIRST && rcStrict <= VINF_EM_LAST, ("rcStrict=%Rrc\n", VBOXSTRICTRC_VAL(rcStrict)));
+            AssertMsg(   (rcStrict >= VINF_EM_FIRST && rcStrict <= VINF_EM_LAST)
+                      || rcStrict == VINF_IOM_R3_IOPORT_READ
+                      || rcStrict == VINF_IOM_R3_IOPORT_WRITE
+                      || rcStrict == VINF_IOM_R3_MMIO_READ
+                      || rcStrict == VINF_IOM_R3_MMIO_READ_WRITE
+                      || rcStrict == VINF_IOM_R3_MMIO_WRITE
+                      , ("rcStrict=%Rrc\n", VBOXSTRICTRC_VAL(rcStrict)));
             int32_t const rcPassUp = pIemCpu->rcPassUp;
             if (rcPassUp == VINF_SUCCESS)
@@ -9100 +9136 @@
     }
 
+    return rcStrict;
+}
+
+
+/**
+ * The actual code execution bits of IEMExecOne, IEMExecOneEx, and
+ * IEMExecOneWithPrefetchedByPC.
+ *
+ * @return  Strict VBox status code.
+ * @param   pVCpu       The current virtual CPU.
+ * @param   pIemCpu     The IEM per CPU data.
+ * @param   fExecuteInhibit     If set, execute the instruction following CLI,
+ *                      POP SS and MOV SS,GR.
+ */
+DECL_FORCE_INLINE(VBOXSTRICTRC) iemExecOneInner(PVMCPU pVCpu, PIEMCPU pIemCpu, bool fExecuteInhibit)
+{
+    uint8_t b; IEM_OPCODE_GET_NEXT_U8(&b);
+    VBOXSTRICTRC rcStrict = FNIEMOP_CALL(g_apfnOneByteMap[b]);
+    if (rcStrict == VINF_SUCCESS)
+        pIemCpu->cInstructions++;
+//#ifdef DEBUG
+//    AssertMsg(pIemCpu->offOpcode == cbInstr || rcStrict != VINF_SUCCESS, ("%u %u\n", pIemCpu->offOpcode, cbInstr));
+//#endif
+
+    /* Execute the next instruction as well if a cli, pop ss or
+       mov ss, Gr has just completed successfully. */
+    if (   fExecuteInhibit
+        && rcStrict == VINF_SUCCESS
+        && VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS)
+        && EMGetInhibitInterruptsPC(pVCpu) == pIemCpu->CTX_SUFF(pCtx)->rip )
+    {
+        rcStrict = iemInitDecoderAndPrefetchOpcodes(pIemCpu, pIemCpu->fBypassHandlers);
+        if (rcStrict == VINF_SUCCESS)
+        {
+            b; IEM_OPCODE_GET_NEXT_U8(&b);
+            rcStrict = FNIEMOP_CALL(g_apfnOneByteMap[b]);
+            if (rcStrict == VINF_SUCCESS)
+                pIemCpu->cInstructions++;
+        }
+        EMSetInhibitInterruptsPC(pVCpu, UINT64_C(0x7777555533331111));
+    }
+
+    /*
+     * Return value fiddling, statistics and sanity assertions.
+     */
+    rcStrict = iemExecStatusCodeFiddling(pIemCpu, rcStrict);
+
     Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pIemCpu->CTX_SUFF(pCtx)->cs));
     Assert(CPUMSELREG_ARE_HIDDEN_PARTS_VALID(pVCpu, &pIemCpu->CTX_SUFF(pCtx)->ss));
@@ -9481 +9564 @@
 #endif
 
+
+
+/**
+ * Interface for HM and EM for executing string I/O OUT (write) instructions.
+ *
+ * This API ASSUMES that the caller has already verified that the guest code is
+ * allowed to access the I/O port.  (The I/O port is in the DX register in the
+ * guest state.)
+ *
+ * @returns Strict VBox status code.
+ * @param   pVCpu               The cross context per virtual CPU structure.
+ * @param   cbValue             The size of the I/O port access (1, 2, or 4).
+ * @param   enmAddrMode         The addressing mode.
+ * @param   fRepPrefix          Indicates whether a repeat prefix is used
+ *                              (doesn't matter which for this instruction).
+ * @param   cbInstr             The instruction length in bytes.
+ * @param   iEffSeg             The effective segment address.
+ */
+VMM_INT_DECL(VBOXSTRICTRC) IEMExecStringIoWrite(PVMCPU pVCpu, uint8_t cbValue, IEMMODE enmAddrMode,
+                                                bool fRepPrefix, uint8_t cbInstr, uint8_t iEffSeg)
+{
+    AssertMsgReturn(iEffSeg < X86_SREG_COUNT, ("%#x\n", iEffSeg), VERR_IEM_INVALID_EFF_SEG);
+    AssertReturn(cbInstr - 1U <= 14U, VERR_IEM_INVALID_INSTR_LENGTH);
+
+    /*
+     * State init.
+     */
+    PIEMCPU pIemCpu = &pVCpu->iem.s;
+    iemInitExec(pIemCpu, false /*fBypassHandlers*/);
+
+    /*
+     * Switch orgy for getting to the right handler.
+     */
+    VBOXSTRICTRC rcStrict;
+    if (fRepPrefix)
+    {
+        switch (enmAddrMode)
+        {
+            case IEMMODE_16BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_rep_outs_op8_addr16(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_rep_outs_op16_addr16(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_rep_outs_op32_addr16(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_32BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_rep_outs_op8_addr32(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_rep_outs_op16_addr32(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_rep_outs_op32_addr32(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_64BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_rep_outs_op8_addr64(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_rep_outs_op16_addr64(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_rep_outs_op32_addr64(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            default:
+                AssertMsgFailedReturn(("enmAddrMode=%d\n", enmAddrMode), VERR_IEM_INVALID_ADDRESS_MODE);
+        }
+    }
+    else
+    {
+        switch (enmAddrMode)
+        {
+            case IEMMODE_16BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_outs_op8_addr16(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_outs_op16_addr16(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_outs_op32_addr16(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_32BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_outs_op8_addr32(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_outs_op16_addr32(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_outs_op32_addr32(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_64BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_outs_op8_addr64(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_outs_op16_addr64(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_outs_op32_addr64(pIemCpu, cbInstr, iEffSeg, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            default:
+                AssertMsgFailedReturn(("enmAddrMode=%d\n", enmAddrMode), VERR_IEM_INVALID_ADDRESS_MODE);
+        }
+    }
+
+    return iemExecStatusCodeFiddling(pIemCpu, rcStrict);
+}
+
+
+/**
+ * Interface for HM and EM for executing string I/O IN (read) instructions.
+ *
+ * This API ASSUMES that the caller has already verified that the guest code is
+ * allowed to access the I/O port.  (The I/O port is in the DX register in the
+ * guest state.)
+ *
+ * @returns Strict VBox status code.
+ * @param   pVCpu               The cross context per virtual CPU structure.
+ * @param   cbValue             The size of the I/O port access (1, 2, or 4).
+ * @param   enmAddrMode         The addressing mode.
+ * @param   fRepPrefix          Indicates whether a repeat prefix is used
+ *                              (doesn't matter which for this instruction).
+ * @param   cbInstr             The instruction length in bytes.
+ */
+VMM_INT_DECL(VBOXSTRICTRC) IEMExecStringIoRead(PVMCPU pVCpu, uint8_t cbValue, IEMMODE enmAddrMode,
+                                               bool fRepPrefix, uint8_t cbInstr)
+{
+    AssertReturn(cbInstr - 1U <= 14U, VERR_IEM_INVALID_INSTR_LENGTH);
+
+    /*
+     * State init.
+     */
+    PIEMCPU pIemCpu = &pVCpu->iem.s;
+    iemInitExec(pIemCpu, false /*fBypassHandlers*/);
+
+    /*
+     * Switch orgy for getting to the right handler.
+     */
+    VBOXSTRICTRC rcStrict;
+    if (fRepPrefix)
+    {
+        switch (enmAddrMode)
+        {
+            case IEMMODE_16BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_rep_ins_op8_addr16(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_rep_ins_op16_addr16(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_rep_ins_op32_addr16(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_32BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_rep_ins_op8_addr32(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_rep_ins_op16_addr32(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_rep_ins_op32_addr32(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_64BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_rep_ins_op8_addr64(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_rep_ins_op16_addr64(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_rep_ins_op32_addr64(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            default:
+                AssertMsgFailedReturn(("enmAddrMode=%d\n", enmAddrMode), VERR_IEM_INVALID_ADDRESS_MODE);
+        }
+    }
+    else
+    {
+        switch (enmAddrMode)
+        {
+            case IEMMODE_16BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_ins_op8_addr16(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_ins_op16_addr16(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_ins_op32_addr16(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_32BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_ins_op8_addr32(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_ins_op16_addr32(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_ins_op32_addr32(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            case IEMMODE_64BIT:
+                switch (cbValue)
+                {
+                    case 1: rcStrict = iemCImpl_ins_op8_addr64(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 2: rcStrict = iemCImpl_ins_op16_addr64(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    case 4: rcStrict = iemCImpl_ins_op32_addr64(pIemCpu, cbInstr, true /*fIoChecked*/); break;
+                    default:
+                        AssertMsgFailedReturn(("cbValue=%#x\n", cbValue), VERR_IEM_INVALID_OPERAND_SIZE);
+                }
+                break;
+
+            default:
+                AssertMsgFailedReturn(("enmAddrMode=%d\n", enmAddrMode), VERR_IEM_INVALID_ADDRESS_MODE);
+        }
+    }
+
+    return iemExecStatusCodeFiddling(pIemCpu, rcStrict);
+}
+

trunk/src/VBox/VMM/VMMAll/IEMAllCImplStrInstr.cpp.h

@@ -1018 +1018 @@
  * Implements 'INS' (no rep)
  */
-IEM_CIMPL_DEF_0(RT_CONCAT4(iemCImpl_ins_op,OP_SIZE,_addr,ADDR_SIZE))
+IEM_CIMPL_DEF_1(RT_CONCAT4(iemCImpl_ins_op,OP_SIZE,_addr,ADDR_SIZE), bool, fIoChecked)
 {
     PVM             pVM  = IEMCPU_TO_VM(pIemCpu);
@@ -1038 +1038 @@
      * ASSUMES nothing is read from the I/O port before traps are taken.
      */
-    rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, pCtx->dx, OP_SIZE / 8);
-    if (rcStrict != VINF_SUCCESS)
-        return rcStrict;
+    if (!fIoChecked)
+    {
+        rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, pCtx->dx, OP_SIZE / 8);
+        if (rcStrict != VINF_SUCCESS)
+            return rcStrict;
+    }
 
     OP_TYPE        *puMem;
@@ -1077 +1080 @@
  * Implements 'REP INS'.
  */
-IEM_CIMPL_DEF_0(RT_CONCAT4(iemCImpl_rep_ins_op,OP_SIZE,_addr,ADDR_SIZE))
+IEM_CIMPL_DEF_1(RT_CONCAT4(iemCImpl_rep_ins_op,OP_SIZE,_addr,ADDR_SIZE), bool, fIoChecked)
 {
     PVM         pVM   = IEMCPU_TO_VM(pIemCpu);
@@ -1087 +1090 @@
      */
     uint16_t const  u16Port    = pCtx->dx;
-    VBOXSTRICTRC rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, u16Port, OP_SIZE / 8);
-    if (rcStrict != VINF_SUCCESS)
-        return rcStrict;
+    VBOXSTRICTRC    rcStrict;
+    if (!fIoChecked)
+    {
+        rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, u16Port, OP_SIZE / 8);
+        if (rcStrict != VINF_SUCCESS)
+            return rcStrict;
+    }
 
     ADDR_TYPE       uCounterReg = pCtx->ADDR_rCX;
@@ -1148 +1155 @@
             /** @todo Change the I/O manager interface to make use of
              *        mapped buffers instead of leaving those bits to the
-             *        device implementation? */
+             *        device implementation! */
             PGMPAGEMAPLOCK PgLockMem;
             OP_TYPE *puMem;
@@ -1171 +1178 @@
                     {
                         if (IOM_SUCCESS(rcStrict))
+                        {
                             rcStrict = iemSetPassUpStatus(pIemCpu, rcStrict);
-                        if (uCounterReg == 0)
-                            iemRegAddToRip(pIemCpu, cbInstr);
+                            if (uCounterReg == 0)
+                                iemRegAddToRip(pIemCpu, cbInstr);
+                        }
                         iemMemPageUnmap(pIemCpu, GCPhysMem, IEM_ACCESS_DATA_W, puMem, &PgLockMem);
                         return rcStrict;
@@ -1226 +1235 @@
             if (rcStrict != VINF_SUCCESS)
             {
-                if (IOM_SUCCESS(rcStrict))
-                    rcStrict = iemSetPassUpStatus(pIemCpu, rcStrict);
                 if (uCounterReg == 0)
                     iemRegAddToRip(pIemCpu, cbInstr);
+                rcStrict = iemSetPassUpStatus(pIemCpu, rcStrict);
                 return rcStrict;
             }
@@ -1246 +1254 @@
  * Implements 'OUTS' (no rep)
  */
-IEM_CIMPL_DEF_1(RT_CONCAT4(iemCImpl_outs_op,OP_SIZE,_addr,ADDR_SIZE), uint8_t, iEffSeg)
+IEM_CIMPL_DEF_2(RT_CONCAT4(iemCImpl_outs_op,OP_SIZE,_addr,ADDR_SIZE), uint8_t, iEffSeg, bool, fIoChecked)
 {
     PVM             pVM  = IEMCPU_TO_VM(pIemCpu);
@@ -1257 +1265 @@
      * ASSUMES nothing is read from the I/O port before traps are taken.
      */
-    rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, pCtx->dx, OP_SIZE / 8);
-    if (rcStrict != VINF_SUCCESS)
-        return rcStrict;
+    if (!fIoChecked)
+    {
+        rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, pCtx->dx, OP_SIZE / 8);
+        if (rcStrict != VINF_SUCCESS)
+            return rcStrict;
+    }
 
     OP_TYPE uValue;
@@ -1287 +1298 @@
  * Implements 'REP OUTS'.
  */
-IEM_CIMPL_DEF_1(RT_CONCAT4(iemCImpl_rep_outs_op,OP_SIZE,_addr,ADDR_SIZE), uint8_t, iEffSeg)
+IEM_CIMPL_DEF_2(RT_CONCAT4(iemCImpl_rep_outs_op,OP_SIZE,_addr,ADDR_SIZE), uint8_t, iEffSeg, bool, fIoChecked)
 {
     PVM         pVM   = IEMCPU_TO_VM(pIemCpu);
@@ -1297 +1308 @@
      */
     uint16_t const  u16Port    = pCtx->dx;
-    VBOXSTRICTRC rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, u16Port, OP_SIZE / 8);
-    if (rcStrict != VINF_SUCCESS)
-        return rcStrict;
+    VBOXSTRICTRC    rcStrict;
+    if (!fIoChecked)
+    {
+        rcStrict = iemHlpCheckPortIOPermission(pIemCpu, pCtx, u16Port, OP_SIZE / 8);
+        if (rcStrict != VINF_SUCCESS)
+            return rcStrict;
+    }
 
     ADDR_TYPE       uCounterReg = pCtx->ADDR_rCX;
@@ -1372 +1387 @@
                     {
                         if (IOM_SUCCESS(rcStrict))
+                        {
                             rcStrict = iemSetPassUpStatus(pIemCpu, rcStrict);
-                        if (uCounterReg == 0)
-                            iemRegAddToRip(pIemCpu, cbInstr);
+                            if (uCounterReg == 0)
+                                iemRegAddToRip(pIemCpu, cbInstr);
+                        }
                         iemMemPageUnmap(pIemCpu, GCPhysMem, IEM_ACCESS_DATA_R, puMem, &PgLockMem);
                         return rcStrict;
@@ -1422 +1439 @@
             {
                 if (IOM_SUCCESS(rcStrict))
+                {
+                    if (uCounterReg == 0)
+                        iemRegAddToRip(pIemCpu, cbInstr);
                     rcStrict = iemSetPassUpStatus(pIemCpu, rcStrict);
-                if (uCounterReg == 0)
-                    iemRegAddToRip(pIemCpu, cbInstr);
+                }
                 return rcStrict;
             }

trunk/src/VBox/VMM/VMMAll/IEMAllInstructions.cpp.h

@@ -8385 +8385 @@
         switch (pIemCpu->enmEffAddrMode)
         {
-            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op8_addr16);
-            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op8_addr32);
-            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op8_addr64);
+            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op8_addr16, false);
+            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op8_addr32, false);
+            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op8_addr64, false);
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }
@@ -8396 +8396 @@
         switch (pIemCpu->enmEffAddrMode)
         {
-            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op8_addr16);
-            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op8_addr32);
-            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op8_addr64);
+            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op8_addr16, false);
+            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op8_addr32, false);
+            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op8_addr64, false);
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }
@@ -8417 +8417 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op16_addr16);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op16_addr32);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op16_addr64);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op16_addr16, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op16_addr32, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op16_addr64, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }
@@ -8427 +8427 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op32_addr16);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op32_addr32);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_rep_ins_op32_addr64);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op32_addr16, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op32_addr32, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_ins_op32_addr64, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }
@@ -8444 +8444 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op16_addr16);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op16_addr32);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op16_addr64);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op16_addr16, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op16_addr32, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op16_addr64, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }
@@ -8454 +8454 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op32_addr16);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op32_addr32);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_0(iemCImpl_ins_op32_addr64);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op32_addr16, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op32_addr32, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_ins_op32_addr64, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }
@@ -8475 +8475 @@
         switch (pIemCpu->enmEffAddrMode)
         {
-            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op8_addr16, pIemCpu->iEffSeg);
-            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op8_addr32, pIemCpu->iEffSeg);
-            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op8_addr64, pIemCpu->iEffSeg);
+            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op8_addr16, pIemCpu->iEffSeg, false);
+            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op8_addr32, pIemCpu->iEffSeg, false);
+            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op8_addr64, pIemCpu->iEffSeg, false);
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }
@@ -8486 +8486 @@
         switch (pIemCpu->enmEffAddrMode)
         {
-            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op8_addr16, pIemCpu->iEffSeg);
-            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op8_addr32, pIemCpu->iEffSeg);
-            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op8_addr64, pIemCpu->iEffSeg);
+            case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op8_addr16, pIemCpu->iEffSeg, false);
+            case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op8_addr32, pIemCpu->iEffSeg, false);
+            case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op8_addr64, pIemCpu->iEffSeg, false);
             IEM_NOT_REACHED_DEFAULT_CASE_RET();
         }
@@ -8507 +8507 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op16_addr16, pIemCpu->iEffSeg);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op16_addr32, pIemCpu->iEffSeg);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op16_addr64, pIemCpu->iEffSeg);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op16_addr16, pIemCpu->iEffSeg, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op16_addr32, pIemCpu->iEffSeg, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op16_addr64, pIemCpu->iEffSeg, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }
@@ -8517 +8517 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op32_addr16, pIemCpu->iEffSeg);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op32_addr32, pIemCpu->iEffSeg);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_rep_outs_op32_addr64, pIemCpu->iEffSeg);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op32_addr16, pIemCpu->iEffSeg, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op32_addr32, pIemCpu->iEffSeg, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_rep_outs_op32_addr64, pIemCpu->iEffSeg, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }
@@ -8534 +8534 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op16_addr16, pIemCpu->iEffSeg);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op16_addr32, pIemCpu->iEffSeg);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op16_addr64, pIemCpu->iEffSeg);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op16_addr16, pIemCpu->iEffSeg, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op16_addr32, pIemCpu->iEffSeg, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op16_addr64, pIemCpu->iEffSeg, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }
@@ -8544 +8544 @@
                 switch (pIemCpu->enmEffAddrMode)
                 {
-                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op32_addr16, pIemCpu->iEffSeg);
-                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op32_addr32, pIemCpu->iEffSeg);
-                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_1(iemCImpl_outs_op32_addr64, pIemCpu->iEffSeg);
+                    case IEMMODE_16BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op32_addr16, pIemCpu->iEffSeg, false);
+                    case IEMMODE_32BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op32_addr32, pIemCpu->iEffSeg, false);
+                    case IEMMODE_64BIT: return IEM_MC_DEFER_TO_CIMPL_2(iemCImpl_outs_op32_addr64, pIemCpu->iEffSeg, false);
                     IEM_NOT_REACHED_DEFAULT_CASE_RET();
                 }

trunk/src/VBox/VMM/VMMAll/PGMAll.cpp

@@ -1767 +1767 @@
  * @remarks This must be called *AFTER* PGMUpdateCR3.
  *
- * @returns VBox status code.
  * @param   pVCpu               Pointer to the VMCPU.
  * @param   paPdpes             The four PDPE values. The array pointed to must
@@ -1774 +1773 @@
  * @remarks No-long-jump zone!!!
  */
-VMM_INT_DECL(int) PGMGstUpdatePaePdpes(PVMCPU pVCpu, PCX86PDPE paPdpes)
+VMM_INT_DECL(void) PGMGstUpdatePaePdpes(PVMCPU pVCpu, PCX86PDPE paPdpes)
 {
     Assert(pVCpu->pgm.s.enmShadowMode == PGMMODE_EPT);
@@ -1795 +1794 @@
 
     VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_HM_UPDATE_PAE_PDPES);
-    return VINF_SUCCESS;
 }
 
@@ -2037 +2035 @@
  * @returns VBox status code.
  * @retval  VINF_SUCCESS.
- * @retval  (If applied when not in nested mode: VINF_PGM_SYNC_CR3 if monitoring
- *          requires a CR3 sync. This can safely be ignored and overridden since
- *          the FF will be set too then.)
+ * @retval  VINF_PGM_SYNC_CR3 if monitoring requires a CR3 sync (not for nested
+ *          paging modes).  This can safely be ignored and overridden since the
+ *          FF will be set too then.
  * @param   pVCpu       Pointer to the VMCPU.
  * @param   cr3         The new cr3.

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -29 +29 @@
 #include <VBox/vmm/pdmapi.h>
 #include <VBox/vmm/dbgf.h>
+#include <VBox/vmm/iem.h>
 #include <VBox/vmm/iom.h>
 #include <VBox/vmm/selm.h>
@@ -111 +112 @@
 /** @} */
 
-/**
+/** @name
  * Flags to skip redundant reads of some common VMCS fields that are not part of
  * the guest-CPU state but are in the transient structure.
@@ -121 +122 @@
 #define HMVMX_UPDATED_TRANSIENT_EXIT_INTERRUPTION_INFO        RT_BIT(4)
 #define HMVMX_UPDATED_TRANSIENT_EXIT_INTERRUPTION_ERROR_CODE  RT_BIT(5)
-
-/**
- * @name Exception bitmap mask for real-mode guests (real-on-v86).
+/** @} */
+
+/**
+ * Exception bitmap mask for real-mode guests (real-on-v86).
  *
  * We need to intercept all exceptions manually (except #PF). #NM is also
@@ -136 +138 @@
                                       | RT_BIT(X86_XCPT_MF)             | RT_BIT(X86_XCPT_AC)    | RT_BIT(X86_XCPT_MC)    \
                                       | RT_BIT(X86_XCPT_XF))
-/** @} */
-
-/**
- * @name Exception bitmap mask for all contributory exceptions.
+
+/**
+ * Exception bitmap mask for all contributory exceptions.
  *
  * Page fault is deliberately excluded here as it's conditional as to whether
@@ -146 +147 @@
 #define HMVMX_CONTRIBUTORY_XCPT_MASK  (  RT_BIT(X86_XCPT_GP) | RT_BIT(X86_XCPT_NP) | RT_BIT(X86_XCPT_SS) | RT_BIT(X86_XCPT_TS) \
                                        | RT_BIT(X86_XCPT_DE))
-/** @} */
 
 /** Maximum VM-instruction error number. */
@@ -164 +164 @@
 *   Structures and Typedefs                                                    *
 *******************************************************************************/
-/** @name VMX transient.
+/**
+ * VMX transient state.
  *
  * A state structure for holding miscellaneous information across
  * VMX non-root operation and restored after the transition.
- *
- * @{ */
+ */
 typedef struct VMXTRANSIENT
 {
@@ -197 +197 @@
     /** The VM-exit instruction-length field. */
     uint32_t        cbInstr;
+    /** The VM-exit instruction-information field. */
+    union
+    {
+        /** Plain unsigned int representation. */
+        uint32_t    u;
+        /** INS and OUTS information. */
+        struct
+        {
+            uint32_t    u6Reserved0 : 6;
+            /** The address size; 0=16-bit, 1=32-bit, 2=64-bit, rest undefined. */
+            uint32_t    u3AddrSize : 3;
+            uint32_t    u5Reserved1 : 5;
+            /** The segment register (X86_SREG_XXX). */
+            uint32_t    iSegReg : 3;
+            uint32_t    uReserved2 : 14;
+        } StrIo;
+    }               ExitInstrInfo;
     /** Whether the VM-entry failed or not. */
     bool            fVMEntryFailed;
     /** Alignment. */
-    uint8_t         abAlignment1[7];
+    uint8_t         abAlignment1[3];
 
     /** The VM-entry interruption-information field. */
@@ -221 +238 @@
      *  contributory exception or a page-fault. */
     bool            fVectoringPF;
-} VMXTRANSIENT, *PVMXTRANSIENT;
+} VMXTRANSIENT;
 AssertCompileMemberAlignment(VMXTRANSIENT, uExitReason,    sizeof(uint64_t));
 AssertCompileMemberAlignment(VMXTRANSIENT, uExitIntrInfo,  sizeof(uint64_t));
 AssertCompileMemberAlignment(VMXTRANSIENT, uEntryIntrInfo, sizeof(uint64_t));
-/** @} */
+AssertCompileMemberSize(VMXTRANSIENT, ExitInstrInfo, sizeof(uint32_t));
+/** Pointer to VMX transient state. */
+typedef VMXTRANSIENT *PVMXTRANSIENT;
 
 
@@ -249 +268 @@
     VMXMSREXIT_PASSTHRU_WRITE
 } VMXMSREXITWRITE;
+
+/**
+ * VM-exit handler.
+ *
+ * @returns VBox status code.
+ * @param   pVCpu           Pointer to the VMCPU.
+ * @param   pMixedCtx       Pointer to the guest-CPU context. The data may be
+ *                          out-of-sync. Make sure to update the required
+ *                          fields before using them.
+ * @param   pVmxTransient   Pointer to the VMX-transient structure.
+ */
+#ifndef HMVMX_USE_FUNCTION_TABLE
+typedef int FNVMEXITHANDLER(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
+#else
+typedef DECLCALLBACK(int) FNVMEXITHANDLER(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
+/** Pointer to VM-exit handler. */
+typedef FNVMEXITHANDLER *PFNVMEXITHANDLER;
+#endif
 
 
@@ -263 +300 @@
 #ifndef HMVMX_USE_FUNCTION_TABLE
 DECLINLINE(int)           hmR0VmxHandleExit(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient, uint32_t rcReason);
-#define HMVMX_EXIT_DECL   static int
+# define HMVMX_EXIT_DECL  static int
 #else
-#define HMVMX_EXIT_DECL   static DECLCALLBACK(int)
+# define HMVMX_EXIT_DECL  static DECLCALLBACK(int)
 #endif
 
-HMVMX_EXIT_DECL hmR0VmxExitXcptOrNmi(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitExtInt(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitTripleFault(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitInitSignal(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitSipi(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitIoSmi(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitSmi(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitIntWindow(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitNmiWindow(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitTaskSwitch(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitCpuid(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitGetsec(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitHlt(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitInvd(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitInvlpg(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitRdpmc(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitRdtsc(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitRsm(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitSetPendingXcptUD(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitMovCRx(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitMovDRx(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitIoInstr(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitRdmsr(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitWrmsr(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitErrInvalidGuestState(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitErrMsrLoad(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitErrUndefined(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitMwait(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitMtf(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitMonitor(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitPause(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitErrMachineCheck(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitTprBelowThreshold(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitApicAccess(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitXdtrAccess(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitXdtrAccess(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitEptViolation(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitEptMisconfig(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitRdtscp(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitPreemptTimer(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitWbinvd(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitXsetbv(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitRdrand(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-HMVMX_EXIT_DECL hmR0VmxExitInvpcid(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
+/** @name VM-exit handlers.
+ * @{
+ */
+static FNVMEXITHANDLER hmR0VmxExitXcptOrNmi;
+static FNVMEXITHANDLER hmR0VmxExitExtInt;
+static FNVMEXITHANDLER hmR0VmxExitTripleFault;
+static FNVMEXITHANDLER hmR0VmxExitInitSignal;
+static FNVMEXITHANDLER hmR0VmxExitSipi;
+static FNVMEXITHANDLER hmR0VmxExitIoSmi;
+static FNVMEXITHANDLER hmR0VmxExitSmi;
+static FNVMEXITHANDLER hmR0VmxExitIntWindow;
+static FNVMEXITHANDLER hmR0VmxExitNmiWindow;
+static FNVMEXITHANDLER hmR0VmxExitTaskSwitch;
+static FNVMEXITHANDLER hmR0VmxExitCpuid;
+static FNVMEXITHANDLER hmR0VmxExitGetsec;
+static FNVMEXITHANDLER hmR0VmxExitHlt;
+static FNVMEXITHANDLER hmR0VmxExitInvd;
+static FNVMEXITHANDLER hmR0VmxExitInvlpg;
+static FNVMEXITHANDLER hmR0VmxExitRdpmc;
+static FNVMEXITHANDLER hmR0VmxExitRdtsc;
+static FNVMEXITHANDLER hmR0VmxExitRsm;
+static FNVMEXITHANDLER hmR0VmxExitSetPendingXcptUD;
+static FNVMEXITHANDLER hmR0VmxExitMovCRx;
+static FNVMEXITHANDLER hmR0VmxExitMovDRx;
+static FNVMEXITHANDLER hmR0VmxExitIoInstr;
+static FNVMEXITHANDLER hmR0VmxExitRdmsr;
+static FNVMEXITHANDLER hmR0VmxExitWrmsr;
+static FNVMEXITHANDLER hmR0VmxExitErrInvalidGuestState;
+static FNVMEXITHANDLER hmR0VmxExitErrMsrLoad;
+static FNVMEXITHANDLER hmR0VmxExitErrUndefined;
+static FNVMEXITHANDLER hmR0VmxExitMwait;
+static FNVMEXITHANDLER hmR0VmxExitMtf;
+static FNVMEXITHANDLER hmR0VmxExitMonitor;
+static FNVMEXITHANDLER hmR0VmxExitPause;
+static FNVMEXITHANDLER hmR0VmxExitErrMachineCheck;
+static FNVMEXITHANDLER hmR0VmxExitTprBelowThreshold;
+static FNVMEXITHANDLER hmR0VmxExitApicAccess;
+static FNVMEXITHANDLER hmR0VmxExitXdtrAccess;
+static FNVMEXITHANDLER hmR0VmxExitXdtrAccess;
+static FNVMEXITHANDLER hmR0VmxExitEptViolation;
+static FNVMEXITHANDLER hmR0VmxExitEptMisconfig;
+static FNVMEXITHANDLER hmR0VmxExitRdtscp;
+static FNVMEXITHANDLER hmR0VmxExitPreemptTimer;
+static FNVMEXITHANDLER hmR0VmxExitWbinvd;
+static FNVMEXITHANDLER hmR0VmxExitXsetbv;
+static FNVMEXITHANDLER hmR0VmxExitRdrand;
+static FNVMEXITHANDLER hmR0VmxExitInvpcid;
+/** @} */
 
 static int      hmR0VmxExitXcptNM(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
@@ -326 +367 @@
 *******************************************************************************/
 #ifdef HMVMX_USE_FUNCTION_TABLE
-/**
- * VM-exit handler.
- *
- * @returns VBox status code.
- * @param   pVCpu           Pointer to the VMCPU.
- * @param   pMixedCtx       Pointer to the guest-CPU context. The data may be
- *                          out-of-sync. Make sure to update the required
- *                          fields before using them.
- * @param   pVmxTransient   Pointer to the VMX-transient structure.
- */
-typedef DECLCALLBACK(int) FNVMEXITHANDLER(PVMCPU pVCpu, PCPUMCTX pMixedCtx, PVMXTRANSIENT pVmxTransient);
-/** Pointer to VM-exit handler. */
-typedef FNVMEXITHANDLER *const PFNVMEXITHANDLER;
 
 /**
@@ -582 +610 @@
 
 /**
+ * Reads the VM-exit instruction-information field from the VMCS into
+ * the VMX transient structure.
+ *
+ * @returns VBox status code.
+ * @param   pVCpu           The cross context per CPU structure.
+ * @param   pVmxTransient   Pointer to the VMX transient structure.
+ */
+DECLINLINE(int) hmR0VmxReadExitInstrInfoVmcs(PVMCPU pVCpu, PVMXTRANSIENT pVmxTransient)
+{
+    if (!(pVmxTransient->fVmcsFieldsRead & HMVMX_UPDATED_TRANSIENT_EXIT_INSTR_LEN))
+    {
+        int rc = VMXReadVmcs32(VMX_VMCS32_RO_EXIT_INSTR_INFO, &pVmxTransient->cbInstr);
+        AssertRCReturn(rc, rc);
+        pVmxTransient->fVmcsFieldsRead |= HMVMX_UPDATED_TRANSIENT_EXIT_INSTR_LEN;
+    }
+    return VINF_SUCCESS;
+}
+
+
+/**
  * Reads the exit qualification from the VMCS into the VMX transient structure.
  *
@@ -5717 +5765 @@
     Assert(VMMRZCallRing3IsEnabled(pVCpu));
 
-    int rc = VERR_INTERNAL_ERROR_5;
     if (   VM_FF_IS_PENDING(pVM, VM_FF_HM_TO_R3_MASK | VM_FF_REQUEST | VM_FF_PGM_POOL_FLUSH_PENDING | VM_FF_PDM_DMA)
         || VMCPU_FF_IS_PENDING(pVCpu,  VMCPU_FF_HM_TO_R3_MASK | VMCPU_FF_PGM_SYNC_CR3 | VMCPU_FF_PGM_SYNC_CR3_NON_GLOBAL
@@ -5723 +5770 @@
     {
         /* We need the control registers now, make sure the guest-CPU context is updated. */
-        rc = hmR0VmxSaveGuestControlRegs(pVCpu, pMixedCtx);
-        AssertRCReturn(rc, rc);
+        int rc2 = hmR0VmxSaveGuestControlRegs(pVCpu, pMixedCtx);
+        AssertRCReturn(rc2, rc2);
 
         /* Pending HM CR3 sync. */
         if (VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_HM_UPDATE_CR3))
         {
-            rc = PGMUpdateCR3(pVCpu, pMixedCtx->cr3);
-            Assert(rc == VINF_SUCCESS || rc == VINF_PGM_SYNC_CR3);
+            int rc2 = PGMUpdateCR3(pVCpu, pMixedCtx->cr3);
+            AssertMsgReturn(rc2 == VINF_SUCCESS || rc2 == VINF_PGM_SYNC_CR3,
+                            ("%Rrc\n", rc2), RT_FAILURE_NP(rc2) ? rc2 : VERR_IPE_UNEXPECTED_INFO_STATUS);
             Assert(!VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_HM_UPDATE_CR3));
         }
@@ -5737 +5785 @@
         if (VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_HM_UPDATE_PAE_PDPES))
         {
-            rc = PGMGstUpdatePaePdpes(pVCpu, &pVCpu->hm.s.aPdpes[0]);
-            AssertRC(rc);
+            PGMGstUpdatePaePdpes(pVCpu, &pVCpu->hm.s.aPdpes[0]);
             Assert(!VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_HM_UPDATE_PAE_PDPES));
         }
@@ -5745 +5792 @@
         if (VMCPU_FF_IS_PENDING(pVCpu,VMCPU_FF_PGM_SYNC_CR3 | VMCPU_FF_PGM_SYNC_CR3_NON_GLOBAL))
         {
-            rc = PGMSyncCR3(pVCpu, pMixedCtx->cr0, pMixedCtx->cr3, pMixedCtx->cr4, VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_PGM_SYNC_CR3));
-            if (rc != VINF_SUCCESS)
+            int rc2 = PGMSyncCR3(pVCpu, pMixedCtx->cr0, pMixedCtx->cr3, pMixedCtx->cr4, VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_PGM_SYNC_CR3));
+            if (rc2 != VINF_SUCCESS)
             {
-                AssertRC(rc);
-                Log4(("hmR0VmxCheckForceFlags: PGMSyncCR3 forcing us back to ring-3. rc=%d\n", rc));
-                return rc;
+                AssertRC(rc2);
+                Log4(("hmR0VmxCheckForceFlags: PGMSyncCR3 forcing us back to ring-3. rc2=%d\n", rc2));
+                return rc2;
             }
         }
@@ -5760 +5807 @@
         {
             STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchHmToR3FF);
-            rc = RT_UNLIKELY(VM_FF_IS_PENDING(pVM, VM_FF_PGM_NO_MEMORY)) ? VINF_EM_NO_MEMORY : VINF_EM_RAW_TO_R3;
-            Log4(("hmR0VmxCheckForceFlags: HM_TO_R3 forcing us back to ring-3. rc=%d\n", rc));
-            return rc;
+            int rc2 = RT_UNLIKELY(VM_FF_IS_PENDING(pVM, VM_FF_PGM_NO_MEMORY)) ? VINF_EM_NO_MEMORY : VINF_EM_RAW_TO_R3;
+            Log4(("hmR0VmxCheckForceFlags: HM_TO_R3 forcing us back to ring-3. rc=%d\n", rc2));
+            return rc2;
         }
 
@@ -5789 +5836 @@
 
     /* Paranoia. */
-    Assert(rc != VERR_EM_INTERPRETER);
     return VINF_SUCCESS;
 }
@@ -7205 +7251 @@
         case VMX_EXIT_RDTSCP:                  rc = hmR0VmxExitRdtscp(pVCpu, pMixedCtx, pVmxTransient); break;
         case VMX_EXIT_APIC_ACCESS:             rc = hmR0VmxExitApicAccess(pVCpu, pMixedCtx, pVmxTransient); break;
-        case VMX_EXIT_XCPT_NMI:                rc = hmR0VmxExitXcptOrNmi(pVCpu, pMixedCtx, pVmxTransient); break;
+        case VMX_EXIT_XCPT_OR_NMI:             rc = hmR0VmxExitXcptOrNmi(pVCpu, pMixedCtx, pVmxTransient); break;
         case VMX_EXIT_MOV_CRX:                 rc = hmR0VmxExitMovCRx(pVCpu, pMixedCtx, pVmxTransient); break;
         case VMX_EXIT_EXT_INT:                 rc = hmR0VmxExitExtInt(pVCpu, pMixedCtx, pVmxTransient); break;
@@ -8334 +8380 @@
     bool     fIOWrite  = (   VMX_EXIT_QUALIFICATION_IO_DIRECTION(pVmxTransient->uExitQualification)
                           == VMX_EXIT_QUALIFICATION_IO_DIRECTION_OUT);
-    bool     fIOString = (VMX_EXIT_QUALIFICATION_IO_STRING(pVmxTransient->uExitQualification) == 1);
-    AssertReturn(uIOWidth <= 3 && uIOWidth != 2, VERR_HM_IPE_3);
+    bool     fIOString = VMX_EXIT_QUALIFICATION_IO_IS_STRING(pVmxTransient->uExitQualification);
+    AssertReturn(uIOWidth <= 3 && uIOWidth != 2, VERR_HMVMX_IPE_1);
 
     /* I/O operation lookup arrays. */
@@ -8343 +8389 @@
     const uint32_t cbValue  = s_aIOSizes[uIOWidth];
     const uint32_t cbInstr  = pVmxTransient->cbInstr;
+    bool fUpdateRipAlready  = false; /* ugly hack, should be temporary. */
     PVM pVM                 = pVCpu->CTX_SUFF(pVM);
     if (fIOString)
     {
-        /* INS/OUTS - I/O String instruction. */
-        /** @todo for now manually disassemble later optimize by getting the fields from
-         *        the VMCS. VMX_VMCS_RO_EXIT_GUEST_LINEAR_ADDR contains the flat pointer
-         *        operand of the instruction. VMX_VMCS32_RO_EXIT_INSTR_INFO contains
-         *        segment prefix info.
-         *  bird: The linear address isn't worth more than a few ticks, esp. for
-         *        32-bit guests where we'd have to do limit checks.  Main point,
-         *        though, is that AMD doesn't have it. They both have segment reg,
-         *        address mode (size) and operand size. Though, Intel didn't have the
-         *        segment+addrsize on the early models (Footnote 3 on table 27-8, volume
-         *        3, July 2013 edition). */
+        /*
+         * INS/OUTS - I/O String instruction.
+         *
+         * Use instruction-information if available, otherwise fall back on
+         * interpreting the instruction.
+         */
+#if 0 /* Not quite ready, seem iSegReg assertion trigger once... Do we perhaps need to always read that in longjmp / preempt scenario? */
+        AssertReturn(pMixedCtx->dx == uIOPort, VERR_HMVMX_IPE_2);
+        if (MSR_IA32_VMX_BASIC_INFO_VMCS_INS_OUTS(pVM->hm.s.vmx.msr.vmx_basic_info))
+        {
+            rc  = hmR0VmxReadExitIntrInfoVmcs(pVCpu, pVmxTransient);
+            /** @todo optimize this, IEM should request the additional state if it needs it (GP, PF, ++). */
+            rc |= hmR0VmxSaveGuestState(pVCpu, pMixedCtx);
+            AssertRCReturn(rc, rc);
+            AssertReturn(pVmxTransient->ExitInstrInfo.StrIo.u3AddrSize <= 2, VERR_HMVMX_IPE_3);
+            AssertCompile(IEMMODE_16BIT == 0 && IEMMODE_32BIT == 1 && IEMMODE_64BIT == 2);
+            IEMMODE enmAddrMode = (IEMMODE)pVmxTransient->ExitInstrInfo.StrIo.u3AddrSize;
+            bool    fRep        = VMX_EXIT_QUALIFICATION_IO_IS_REP(pVmxTransient->uExitQualification);
+            if (fIOWrite)
+            {
+                rc = IEMExecStringIoWrite(pVCpu, cbValue, enmAddrMode, fRep, cbInstr,
+                                          pVmxTransient->ExitInstrInfo.StrIo.iSegReg);
+                //if (rc == VINF_IOM_R3_IOPORT_WRITE)
+                //    hmR0SavePendingIOPortWriteStr(pVCpu, pMixedCtx->rip, cbValue, enmAddrMode, fRep, cbInstr,
+                //                                  pVmxTransient->ExitInstrInfo.StrIo.iSegReg);
+            }
+            else
+            {
+                AssertMsgReturn(pVmxTransient->ExitInstrInfo.StrIo.iSegReg == X86_SREG_ES,
+                                ("%#x (%#llx)\n", pVmxTransient->ExitInstrInfo.StrIo.iSegReg, pVmxTransient->ExitInstrInfo.u),
+                                VERR_HMVMX_IPE_4);
+                rc = IEMExecStringIoRead(pVCpu, cbValue, enmAddrMode, fRep, cbInstr);
+                //if (rc == VINF_IOM_R3_IOPORT_READ)
+                //    hmR0SavePendingIOPortReadStr(pVCpu, pMixedCtx->rip, cbValue, enmAddrMode, fRep, cbInstr);
+            }
+        }
+        else
+        {
+            /** @todo optimize this, IEM should request the additional state if it needs it (GP, PF, ++). */
+            rc = hmR0VmxSaveGuestState(pVCpu, pMixedCtx);
+            AssertRCReturn(rc, rc);
+            rc = IEMExecOne(pVCpu);
+        }
+        /** @todo IEM needs to be setting these flags somehow. */
+        pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_RIP;
+        fUpdateRipAlready = true;
+
+#else
         PDISCPUSTATE pDis = &pVCpu->hm.s.DisState;
         rc = EMInterpretDisasCurrent(pVM, pVCpu, pDis, NULL);
@@ -8381 +8465 @@
             rc = VINF_EM_RAW_EMULATE_INSTR;
         }
+#endif
     }
     else
     {
-        /* IN/OUT - I/O instruction. */
+        /*
+         * IN/OUT - I/O instruction.
+         */
         const uint32_t uAndVal = s_aIOOpAnd[uIOWidth];
-        Assert(!VMX_EXIT_QUALIFICATION_IO_REP(pVmxTransient->uExitQualification));
+        Assert(!VMX_EXIT_QUALIFICATION_IO_IS_REP(pVmxTransient->uExitQualification));
         if (fIOWrite)
         {
@@ -8413 +8500 @@
     if (IOM_SUCCESS(rc))
     {
-        pMixedCtx->rip += cbInstr;
-        pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_RIP;
+        if (!fUpdateRipAlready)
+        {
+            pMixedCtx->rip += cbInstr;
+            pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_RIP;
+        }
         if (RT_LIKELY(rc == VINF_SUCCESS))
         {
@@ -8422 +8512 @@
              * Note that the I/O breakpoint type is undefined if CR4.DE is 0.
              */
+            /** @todo We're not honoring I/O BPs if informational status code is returned.
+             *        We're also ignoring our own debugger's attempt at using I/O
+             *        breakpoints.  The whole host & guest debugger stuff needs to be
+             *        looked over at some point.  For now, it's just best effort. */
             rc = hmR0VmxSaveGuestDebugRegs(pVCpu, pMixedCtx);      /* For DR7. */
             AssertRCReturn(rc, rc);

trunk/src/VBox/VMM/VMMR0/HWVMXR0.cpp

@@ -1613 +1613 @@
         rc = VMXReadVmcs64(VMX_VMCS64_GUEST_PDPTE3_FULL, &aPdpes[3].u); AssertRCReturn(rc, rc);
 
-        rc = PGMGstUpdatePaePdpes(pVCpu, &aPdpes[0]);
+        PGMGstUpdatePaePdpes(pVCpu, &aPdpes[0]);
         AssertRCReturn(rc, rc);
     }
@@ -4598 +4598 @@
 
         uint32_t cbSize = g_aIOSize[uIOWidth];
-        if (VMX_EXIT_QUALIFICATION_IO_STRING(exitQualification))
+        if (VMX_EXIT_QUALIFICATION_IO_IS_STRING(exitQualification))
         {
             /* ins/outs */

trunk/src/VBox/VMM/VMMR3/EM.cpp

@@ -1499 +1499 @@
             AssertPtr(pPdpes);
 
-            int rc2 = PGMGstUpdatePaePdpes(pVCpu, pPdpes);
-            if (RT_FAILURE(rc2))
-                return rc2;
+            PGMGstUpdatePaePdpes(pVCpu, pPdpes);
             Assert(!VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_HM_UPDATE_PAE_PDPES));
         }

trunk/src/VBox/VMM/VMMR3/HM.cpp

@@ -980 +980 @@
     LogRel(("HM: VMCS memory type              = %x\n", MSR_IA32_VMX_BASIC_INFO_VMCS_MEM_TYPE(pVM->hm.s.vmx.msr.vmx_basic_info)));
     LogRel(("HM: Dual-monitor treatment        = %d\n", MSR_IA32_VMX_BASIC_INFO_VMCS_DUAL_MON(pVM->hm.s.vmx.msr.vmx_basic_info)));
+    LogRel(("HM: OUTS & INS instruction-info   = %d\n", MSR_IA32_VMX_BASIC_INFO_VMCS_INS_OUTS(pVM->hm.s.vmx.msr.vmx_basic_info)));
     LogRel(("HM: Max resume loops              = %RX32\n", pVM->hm.s.cMaxResumeLoops));
 

trunk/src/VBox/VMM/include/IEMInternal.h

@@ -19 +19 @@
 #define ___IEMInternal_h
 
+#include <VBox/vmm/cpum.h>
+#include <VBox/vmm/iem.h>
 #include <VBox/vmm/stam.h>
-#include <VBox/vmm/cpum.h>
 #include <VBox/param.h>
 
@@ -50 +51 @@
 typedef RTFLOAT32U const *PCRTFLOAT32U;
 
-
-/**
- * Operand or addressing mode.
- */
-typedef enum IEMMODE
-{
-    IEMMODE_16BIT = 0,
-    IEMMODE_32BIT,
-    IEMMODE_64BIT
-} IEMMODE;
-AssertCompileSize(IEMMODE, 4);
 
 /**