Changeset 47989 in vbox

Timestamp:

Aug 22, 2013 1:56:52 PM (11 years ago)

Author:

vboxsync

Message:

VMM/VMMR0: Preemption hooks implemented and enabled for Solaris and Linux hosts.

Location:

trunk

Files:

• include/VBox/vmm/vm.h (modified) (1 diff)
• include/VBox/vmm/vmm.h (modified) (2 diffs)
• src/VBox/VMM/VMMAll/VMMAll.cpp (modified) (1 diff)
• src/VBox/VMM/VMMR0/HMR0.cpp (modified) (9 diffs)
• src/VBox/VMM/VMMR0/HMSVMR0.cpp (modified) (12 diffs)
• src/VBox/VMM/VMMR0/HMVMXR0.cpp (modified) (35 diffs)
• src/VBox/VMM/VMMR0/VMMR0.cpp (modified) (9 diffs)
• src/VBox/VMM/include/HMInternal.h (modified) (4 diffs)

trunk/include/VBox/vmm/vm.h

@@ -651 +651 @@
 # define VMCPU_ASSERT_EMT(pVCpu)            Assert(VMCPU_IS_EMT(pVCpu))
 #elif defined(IN_RING0)
-# define VMCPU_ASSERT_EMT(pVCpu)            Assert(VMCPU_IS_EMT(pVCpu))
+# define VMCPU_ASSERT_EMT(pVCpu)            AssertMsg(VMCPU_IS_EMT(pVCpu), \
+                                                      ("Not emulation thread! Thread=%RTnthrd ThreadEMT=%RTnthrd idCpu=%u\n", \
+                                                      RTThreadNativeSelf(), (pVCpu) ? (pVCpu)->hNativeThreadR0 : 0, \
+                                                      (pVCpu) ? (pVCpu)->idCpu : 0))
 #else
 # define VMCPU_ASSERT_EMT(pVCpu) \

trunk/include/VBox/vmm/vmm.h

@@ -498 +498 @@
 VMMR0DECL(int)       VMMR0TermVM(PVM pVM, PGVM pGVM);
 VMMR0_INT_DECL(bool) VMMR0IsLongJumpArmed(PVMCPU pVCpu);
+VMMR0_INT_DECL(bool) VMMR0IsInRing3LongJump(PVMCPU pVCpu);
 VMMR0DECL(int)       VMMR0ThreadCtxHooksCreate(PVMCPU pVCpu);
 VMMR0DECL(void)      VMMR0ThreadCtxHooksRelease(PVMCPU pVCpu);
@@ -506 +507 @@
 
 # ifdef LOG_ENABLED
-VMMR0DECL(void)     VMMR0LogFlushDisable(PVMCPU pVCpu);
-VMMR0DECL(void)     VMMR0LogFlushEnable(PVMCPU pVCpu);
-VMMR0DECL(bool)     VMMR0IsLogFlushDisabled(PVMCPU pVCpu);
+VMMR0DECL(void)      VMMR0LogFlushDisable(PVMCPU pVCpu);
+VMMR0DECL(void)      VMMR0LogFlushEnable(PVMCPU pVCpu);
+VMMR0DECL(bool)      VMMR0IsLogFlushDisabled(PVMCPU pVCpu);
 # else
-#  define           VMMR0LogFlushDisable(pVCpu)     do { } while(0)
-#  define           VMMR0LogFlushEnable(pVCpu)      do { } while(0)
-#  define           VMMR0IsLogFlushDisabled(pVCpu)  (true)
+#  define            VMMR0LogFlushDisable(pVCpu)     do { } while(0)
+#  define            VMMR0LogFlushEnable(pVCpu)      do { } while(0)
+#  define            VMMR0IsLogFlushDisabled(pVCpu)  (true)
 # endif /* LOG_ENABLED */
 #endif /* IN_RING0 */

trunk/src/VBox/VMM/VMMAll/VMMAll.cpp

@@ -253 +253 @@
         return &pVM->aCpus[0];
 
-    /* Search first by host cpu id (most common case)
+    /*
+     * Search first by host cpu id (most common case)
      * and then by native thread id (page fusion case).
      */
-
-    /* RTMpCpuId had better be cheap. */
-    RTCPUID idHostCpu = RTMpCpuId();
-
-    /** @todo optimize for large number of VCPUs when that becomes more common. */
-    for (VMCPUID idCpu = 0; idCpu < pVM->cCpus; idCpu++)
-    {
-        PVMCPU pVCpu = &pVM->aCpus[idCpu];
-
-        if (pVCpu->idHostCpu == idHostCpu)
-            return pVCpu;
+    if (!RTThreadPreemptIsEnabled(NIL_RTTHREAD))
+    {
+        /** @todo r=ramshankar: This doesn't buy us anything in terms of performance
+         *        leaving it here for hysterical raisins and as a reference if we
+         *        implemented a hashing approach in the future. */
+
+        /* RTMpCpuId had better be cheap. */
+        RTCPUID idHostCpu = RTMpCpuId();
+
+        /** @todo optimize for large number of VCPUs when that becomes more common. */
+        for (VMCPUID idCpu = 0; idCpu < pVM->cCpus; idCpu++)
+        {
+            PVMCPU pVCpu = &pVM->aCpus[idCpu];
+
+            if (pVCpu->idHostCpu == idHostCpu)
+                return pVCpu;
+        }
     }
 

trunk/src/VBox/VMM/VMMR0/HMR0.cpp

@@ -475 +475 @@
                     }
 
-                    /* Enter VMX Root Mode */
+                    /*
+                     * The only way of checking if we're in VMX root mode or not is to try and enter it.
+                     * There is no instruction or control bit that tells us if we're in VMX root mode.
+                     * Therefore, try and enter VMX root mode here.
+                     */
                     rc = VMXEnable(HCPhysScratchPage);
                     if (RT_SUCCESS(rc))
@@ -989 +993 @@
     {
         Assert(g_HvmR0.aCpuInfo[i].hMemObj == NIL_RTR0MEMOBJ);
-        g_HvmR0.aCpuInfo[i].fConfigured = false;
-        g_HvmR0.aCpuInfo[i].cTlbFlushes = 0;
+        g_HvmR0.aCpuInfo[i].fConfigured  = false;
+        g_HvmR0.aCpuInfo[i].cTlbFlushes  = 0;
+        g_HvmR0.aCpuInfo[i].uCurrentAsid = 0;
     }
 
@@ -1012 +1017 @@
          * We're doing the job ourselves.
          */
-        /* Allocate one page per cpu for the global vt-x and amd-v pages */
+        /* Allocate one page per cpu for the global VT-x and AMD-V pages */
         for (unsigned i = 0; i < RT_ELEMENTS(g_HvmR0.aCpuInfo); i++)
         {
@@ -1030 +1035 @@
     }
 
-    if (RT_SUCCESS(rc) && g_HvmR0.fGlobalInit)
+    if (   RT_SUCCESS(rc)
+        && g_HvmR0.fGlobalInit)
     {
         /* First time, so initialize each cpu/core. */
@@ -1411 +1417 @@
 
     /* Enable VT-x or AMD-V if local init is required, or enable if it's a freshly onlined CPU. */
-    if (   !pCpu->fConfigured
-        || !g_HvmR0.fGlobalInit)
-    {
+    if (!pCpu->fConfigured)
         hmR0EnableCpu(pVCpu->CTX_SUFF(pVM), idCpu);
-    }
 
     /* Reload host-context (back from ring-3/migrated CPUs), reload guest CR0 (for FPU bits). */
@@ -1455 +1458 @@
 
     int rc  = g_HvmR0.pfnEnterSession(pVM, pVCpu, pCpu);
-    AssertRC(rc);
+    AssertMsgRC(rc, ("pfnEnterSession failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu));
 
     /* Load the host as we may be resuming code after a longjmp and quite
        possibly be scheduled on a different CPU. */
     rc |= g_HvmR0.pfnSaveHostState(pVM, pVCpu);
-    AssertRC(rc);
+    AssertMsgRC(rc, ("pfnSaveHostState failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu));
 
     /** @todo This is not needed to be done here anymore, can fix/optimize later. */
     rc |= g_HvmR0.pfnLoadGuestState(pVM, pVCpu, pCtx);
-    AssertRC(rc);
+    AssertMsgRC(rc, ("pfnLoadGuestState failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu));
 
 #ifdef VBOX_WITH_2X_4GB_ADDR_SPACE
@@ -1489 +1492 @@
     Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
 
-    if (!g_HvmR0.fGlobalInit)
-    {
-        RTCPUID idCpu = RTMpCpuId();
+    RTCPUID          idCpu = RTMpCpuId();
+    PHMGLOBALCPUINFO pCpu  = &g_HvmR0.aCpuInfo[idCpu];
+
+    if (   !g_HvmR0.fGlobalInit
+        && pCpu->fConfigured)
+    {
         int rc = hmR0DisableCpu(idCpu);
         AssertRCReturn(rc, rc);
+        Assert(!pCpu->fConfigured);
     }
 
     /* Reset these to force a TLB flush for the next entry. */
     pVCpu->hm.s.idLastCpu    = NIL_RTCPUID;
+    pVCpu->hm.s.idEnteredCpu = NIL_RTCPUID;
     pVCpu->hm.s.uCurrentAsid = 0;
     VMCPU_FF_SET(pVCpu, VMCPU_FF_TLB_FLUSH);
@@ -1520 +1528 @@
     AssertReturn(!ASMAtomicReadBool(&g_HvmR0.fSuspended), VERR_HM_SUSPEND_PENDING);
 
-    PCPUMCTX pCtx  = CPUMQueryGuestCtxPtr(pVCpu);
+    PCPUMCTX pCtx = CPUMQueryGuestCtxPtr(pVCpu);
     AssertPtr(pCtx);
 
+    bool fDisabledPreempt = false;
+    RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
+    if (RTThreadPreemptIsEnabled(NIL_RTTHREAD))
+    {
+        Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
+        RTThreadPreemptDisable(&PreemptState);
+        fDisabledPreempt = true;
+    }
+
     int rc = g_HvmR0.pfnLeaveSession(pVM, pVCpu, pCtx);
 
-    /*
-     * When thread-context hooks are not used, leave HM context and if necessary disable HM on the CPU.
-     * When thread-context hooks -are- used, this work would be done in the VT-x and AMD-V thread-context callback.
-     */
     if (!VMMR0ThreadCtxHooksAreRegistered(pVCpu))
     {
-        Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
-        RTCPUID idCpu = RTMpCpuId();
-
         /* Keep track of the CPU owning the VMCS for debugging scheduling weirdness
            and ring-3 calls when thread-context hooks are not supported. */
+        RTCPUID idCpu = RTMpCpuId();
         AssertMsgStmt(   pVCpu->hm.s.idEnteredCpu == idCpu
                       || RT_FAILURE_NP(rc), ("Owner is %u, I'm %u", pVCpu->hm.s.idEnteredCpu, idCpu),
                       rc = VERR_HM_WRONG_CPU_1);
-
+    }
+
+    /* Leave HM context, takes care of local init (term). */
+    if (RT_SUCCESS(rc))
+    {
         rc = HMR0LeaveEx(pVCpu);
         AssertRCReturn(rc, rc);
     }
+
+    /* Deregister hook now that we've left HM context before re-enabling preemption. */
+    /** @todo This is bad. Deregistering here means we need to VMCLEAR always
+     *        (longjmp/exit-to-r3) in VT-x which is not efficient. */
+    if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+        VMMR0ThreadCtxHooksDeregister(pVCpu);
+
+    if (fDisabledPreempt)
+        RTThreadPreemptRestore(&PreemptState);
 
     /* Guest FPU and debug state shouldn't be active now, it's likely that we're going back to ring-3. */
@@ -1548 +1572 @@
     Assert(!CPUMIsGuestDebugStateActive(pVCpu));
 
-    pVCpu->hm.s.idEnteredCpu = NIL_RTCPUID;
     return rc;
 }

trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp

@@ -119 +119 @@
     } while (0)
 
+/** Assert that preemption is disabled or covered by thread-context hooks. */
+#define HMSVM_ASSERT_PREEMPT_SAFE()           Assert(   VMMR0ThreadCtxHooksAreRegistered(pVCpu) \
+                                                     || !RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+
+/** Assert that we haven't migrated CPUs when thread-context hooks are not
+ *  used. */
+#define HMSVM_ASSERT_CPU_SAFE()               AssertMsg(   VMMR0ThreadCtxHooksAreRegistered(pVCpu) \
+                                                        || pVCpu->hm.s.idEnteredCpu == RTMpCpuId(), \
+                                                        ("Illegal migration! Entered on CPU %u Current %u\n", \
+                                                        pVCpu->hm.s.idEnteredCpu, RTMpCpuId()));
 
 /** Exception bitmap mask for all contributory exceptions.
@@ -1571 +1581 @@
 VMMR0DECL(int) SVMR0Leave(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
 {
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
     NOREF(pVM);
     NOREF(pVCpu);
@@ -1595 +1604 @@
         {
             Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+            Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
+            VMCPU_ASSERT_EMT(pVCpu);
 
             PVM         pVM  = pVCpu->CTX_SUFF(pVM);
@@ -1611 +1622 @@
         case RTTHREADCTXEVENT_RESUMED:
         {
-            /* Disable preemption, we don't want to be migrated to another CPU while re-initializing AMD-V state. */
-            RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
-            RTThreadPreemptDisable(&PreemptState);
-
-            /* Initialize the bare minimum state required for HM. This takes care of
-               initializing AMD-V if necessary (onlined CPUs, local init etc.) */
+            Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+            Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
+            VMCPU_ASSERT_EMT(pVCpu);
+
+            VMMRZCallRing3Disable(pVCpu);                        /* No longjmps (log-flush, locks) in this fragile context. */
+
+            /*
+             * Initialize the bare minimum state required for HM. This takes care of
+             * initializing AMD-V if necessary (onlined CPUs, local init etc.)
+             */
             HMR0EnterEx(pVCpu);
             Assert(pVCpu->hm.s.fContextUseFlags & (HM_CHANGED_HOST_CONTEXT | HM_CHANGED_GUEST_CR0));
 
             pVCpu->hm.s.fLeaveDone = false;
-            RTThreadPreemptRestore(&PreemptState);
+            VMMRZCallRing3Enable(pVCpu);                        /* Restore longjmp state. */
             break;
         }
@@ -1911 +1926 @@
          * Restore host debug registers if necessary and resync on next R0 reentry.
          */
-    #ifdef VBOX_STRICT
+#ifdef VBOX_STRICT
         if (CPUMIsHyperDebugStateActive(pVCpu))
         {
@@ -1918 +1933 @@
             Assert(pVmcb->ctrl.u16InterceptWrDRx == 0xffff);
         }
-    #endif
+#endif
         if (CPUMR0DebugStateMaybeSaveGuestAndRestoreHost(pVCpu, false /* save DR6 */))
             pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_DEBUG;
@@ -1976 +1991 @@
     Assert(pvUser);
     Assert(VMMRZCallRing3IsEnabled(pVCpu));
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMSVM_ASSERT_PREEMPT_SAFE();
 
     VMMRZCallRing3Disable(pVCpu);
@@ -2006 +2021 @@
     Assert(pVCpu);
     Assert(pCtx);
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMSVM_ASSERT_PREEMPT_SAFE();
 
     if (RT_UNLIKELY(rcExit == VERR_SVM_INVALID_GUEST_STATE))
@@ -2450 +2465 @@
 static void hmR0SvmReportWorldSwitchError(PVM pVM, PVMCPU pVCpu, int rcVMRun, PCPUMCTX pCtx)
 {
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMSVM_ASSERT_PREEMPT_SAFE();
     PSVMVMCB pVmcb = (PSVMVMCB)pVCpu->hm.s.svm.pvVmcb;
 
@@ -2931 +2946 @@
 {
     Assert(VMMRZCallRing3IsEnabled(pVCpu));
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMSVM_ASSERT_PREEMPT_SAFE();
 
     SVMTRANSIENT SvmTransient;
@@ -2942 +2957 @@
     {
         Assert(!HMR0SuspendPending());
-        AssertMsg(pVCpu->hm.s.idEnteredCpu == RTMpCpuId(),
-                  ("Illegal migration! Entered on CPU %u Current %u cLoops=%u\n", (unsigned)pVCpu->hm.s.idEnteredCpu,
-                  (unsigned)RTMpCpuId(), cLoops));
+        HMSVM_ASSERT_CPU_SAFE();
 
         /* Preparatory work for running guest code, this may return to ring-3 for some last minute updates. */
@@ -3252 +3265 @@
         AssertPtr(pSvmTransient); \
         Assert(ASMIntAreEnabled()); \
-        Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD)); \
+        HMSVM_ASSERT_PREEMPT_SAFE(); \
         HMSVM_ASSERT_PREEMPT_CPUID_VAR(); \
         Log4Func(("vcpu[%u] -v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-\n", (uint32_t)pVCpu->idCpu)); \
-        Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD)); \
+        HMSVM_ASSERT_PREEMPT_SAFE(); \
         if (VMMR0IsLogFlushDisabled(pVCpu)) \
             HMSVM_ASSERT_PREEMPT_CPUID(); \

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -64 +64 @@
 
 /** Determine which tagged-TLB flush handler to use. */
-#define HMVMX_FLUSH_TAGGED_TLB_EPT_VPID          0
-#define HMVMX_FLUSH_TAGGED_TLB_EPT               1
-#define HMVMX_FLUSH_TAGGED_TLB_VPID              2
-#define HMVMX_FLUSH_TAGGED_TLB_NONE              3
+#define HMVMX_FLUSH_TAGGED_TLB_EPT_VPID           0
+#define HMVMX_FLUSH_TAGGED_TLB_EPT                1
+#define HMVMX_FLUSH_TAGGED_TLB_VPID               2
+#define HMVMX_FLUSH_TAGGED_TLB_NONE               3
 
 /** @name Updated-guest-state flags.
@@ -125 +125 @@
 /** @} */
 
+/** @name
+ * States of the VMCS.
+ *
+ * This does not reflect all possible VMCS states but currently only those
+ * needed for maintaining the VMCS consistently even when thread-context hooks
+ * are used. Maybe later this can be extended (i.e. Nested Virtualization).
+ */
+#define HMVMX_VMCS_STATE_CLEAR                         RT_BIT(0)
+#define HMVMX_VMCS_STATE_ACTIVE                        RT_BIT(1)
+#define HMVMX_VMCS_STATE_LAUNCHED                      RT_BIT(2)
+/** @} */
+
 /**
  * Exception bitmap mask for real-mode guests (real-on-v86).
@@ -161 +173 @@
 #endif
 
+/** Assert that preemption is disabled or covered by thread-context hooks. */
+#define HMVMX_ASSERT_PREEMPT_SAFE()       Assert(   VMMR0ThreadCtxHooksAreRegistered(pVCpu)   \
+                                                 || !RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+
+/** Assert that we haven't migrated CPUs when thread-context hooks are not
+ *  used. */
+#define HMVMX_ASSERT_CPU_SAFE()           AssertMsg(   VMMR0ThreadCtxHooksAreRegistered(pVCpu) \
+                                                    || pVCpu->hm.s.idEnteredCpu == RTMpCpuId(), \
+                                                    ("Illegal migration! Entered on CPU %u Current %u\n", \
+                                                    pVCpu->hm.s.idEnteredCpu, RTMpCpuId())); \
 
 /*******************************************************************************
@@ -208 +230 @@
             uint32_t    u6Reserved0 : 6;
             /** The address size; 0=16-bit, 1=32-bit, 2=64-bit, rest undefined. */
-            uint32_t    u3AddrSize : 3;
+            uint32_t    u3AddrSize  : 3;
             uint32_t    u5Reserved1 : 5;
             /** The segment register (X86_SREG_XXX). */
-            uint32_t    iSegReg : 3;
-            uint32_t    uReserved2 : 14;
+            uint32_t    iSegReg     : 3;
+            uint32_t    uReserved2  : 14;
         } StrIo;
     }               ExitInstrInfo;
@@ -2149 +2171 @@
                                     hmR0VmxUpdateErrorRecord(pVM, pVCpu, rc), rc);
 
+        pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_CLEAR;
+
         hmR0VmxUpdateErrorRecord(pVM, pVCpu, rc);
     }
@@ -2831 +2855 @@
         rc = VMXWriteVmcsGstN(VMX_VMCS_GUEST_RIP, pMixedCtx->rip);
         AssertRCReturn(rc, rc);
-        Log4(("Load: VMX_VMCS_GUEST_RIP=%#RX64\n", pMixedCtx->rip));
         pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_GUEST_RIP;
+        Log4(("Load: VMX_VMCS_GUEST_RIP=%#RX64 fContextUseFlags=%#x\n", pMixedCtx->rip, pVCpu->hm.s.fContextUseFlags));
     }
     return rc;
@@ -2856 +2880 @@
         rc = VMXWriteVmcsGstN(VMX_VMCS_GUEST_RSP, pMixedCtx->rsp);
         AssertRCReturn(rc, rc);
+        pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_GUEST_RSP;
         Log4(("Load: VMX_VMCS_GUEST_RSP=%#RX64\n", pMixedCtx->rsp));
-        pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_GUEST_RSP;
     }
     return rc;
@@ -2902 +2926 @@
         AssertRCReturn(rc, rc);
 
+        pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_GUEST_RFLAGS;
         Log4(("Load: VMX_VMCS_GUEST_RFLAGS=%#RX32\n", Eflags.u32));
-        pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_GUEST_RFLAGS;
     }
     return rc;
@@ -4047 +4071 @@
      * Refer MSDN docs. "Configuring Programs for 64-bit / x64 Software Conventions / Register Usage" for details.
      */
+    const bool fResumeVM = !!(pVCpu->hm.s.vmx.uVmcsState & HMVMX_VMCS_STATE_LAUNCHED);
+    /** @todo Add stats for resume vs launch. */
 #ifdef VBOX_WITH_KERNEL_USING_XMM
-    return HMR0VMXStartVMWrapXMM(pVCpu->hm.s.fResumeVM, pCtx, &pVCpu->hm.s.vmx.VMCSCache, pVM, pVCpu, pVCpu->hm.s.vmx.pfnStartVM);
+    return HMR0VMXStartVMWrapXMM(fResumeVM, pCtx, &pVCpu->hm.s.vmx.VMCSCache, pVM, pVCpu, pVCpu->hm.s.vmx.pfnStartVM);
 #else
-    return pVCpu->hm.s.vmx.pfnStartVM(pVCpu->hm.s.fResumeVM, pCtx, &pVCpu->hm.s.vmx.VMCSCache, pVM, pVCpu);
+    return pVCpu->hm.s.vmx.pfnStartVM(fResumeVM, pCtx, &pVCpu->hm.s.vmx.VMCSCache, pVM, pVCpu);
 #endif
 }
@@ -4071 +4097 @@
     Assert(pCtx);
     Assert(pVmxTransient);
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMVMX_ASSERT_PREEMPT_SAFE();
 
     Log4(("VM-entry failure: %Rrc\n", rcVMRun));
@@ -4086 +4112 @@
             rc    |= hmR0VmxReadExitQualificationVmcs(pVCpu, pVmxTransient);
             AssertRC(rc);
+
+            pVCpu->hm.s.vmx.LastError.idEnteredCpu = pVCpu->hm.s.idEnteredCpu;
+            /* LastError.idCurrentCpu was already updated in hmR0VmxPreRunGuestCommitted().
+               Cannot do it here as we may have been long preempted. */
 
 #ifdef VBOX_STRICT
@@ -6045 +6075 @@
     if (!pVCpu->hm.s.fLeaveDone)
     {
+        Log4Func(("HostCpuId=%u\n", RTMpCpuId()));
+
         /* Save the guest state if necessary. */
         if (pVCpu->hm.s.vmx.fUpdatedGuestState != HMVMX_UPDATED_GUEST_ALL)
@@ -6062 +6094 @@
 
         /* Restore host debug registers if necessary and resync on next R0 reentry. */
-    #ifdef VBOX_STRICT
+#ifdef VBOX_STRICT
         if (CPUMIsHyperDebugStateActive(pVCpu))
             Assert(pVCpu->hm.s.vmx.u32ProcCtls & VMX_VMCS_CTRL_PROC_EXEC_MOV_DR_EXIT);
-    #endif
+#endif
         if (CPUMR0DebugStateMaybeSaveGuestAndRestoreHost(pVCpu, true /* save DR6 */))
             pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_DEBUG;
@@ -6089 +6121 @@
         VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED_HM, VMCPUSTATE_STARTED_EXEC);
 
+        /** @todo This kinda defeats the purpose of having preemption hooks.
+         *  The problem is, deregistering the hooks should be moved to a place that
+         *  lasts until the EMT is about to be destroyed not everytime while leaving HM
+         *  context.
+         */
+        if (pVCpu->hm.s.vmx.uVmcsState & HMVMX_VMCS_STATE_ACTIVE)
+        {
+            int rc = VMXClearVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
+            AssertRC(rc);
+            pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_CLEAR;
+        }
+
         pVCpu->hm.s.fLeaveDone = true;
     }
@@ -6136 +6180 @@
     Assert(pVCpu);
     Assert(pMixedCtx);
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMVMX_ASSERT_PREEMPT_SAFE();
 
     if (RT_UNLIKELY(rcExit == VERR_VMX_INVALID_GUEST_STATE))
@@ -6196 +6240 @@
 
     /* On our way back from ring-3 the following needs to be done. */
-    /** @todo This can change with preemption hooks. */
     if (rcExit == VINF_EM_RAW_INTERRUPT)
         pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_HOST_CONTEXT;
@@ -6225 +6268 @@
     Assert(pvUser);
     Assert(VMMRZCallRing3IsEnabled(pVCpu));
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMVMX_ASSERT_PREEMPT_SAFE();
 
     VMMRZCallRing3Disable(pVCpu);
@@ -6787 +6830 @@
 #endif
 
-    /* Load the active VMCS as the current one. */
+    /*
+     * The VMCS state here will not be reliable because we deregister the hook in VMMR0EntryFast()
+     * on the way out. If we had got a preempt/resume callback -after- hmR0VmxLeave() but before
+     * deregistering the hook, the VMCS state will be ACTIVE. Once deregistered we no longer get
+     * notifications and lose track. Following that if we get rescheduled to another host CPU, the
+     * VMCS state says ACTIVE even though it really is not.
+     *
+     * Load the VCPU's VMCS as the current (and active) one.
+     */
     int rc = VMXActivateVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
     if (RT_FAILURE(rc))
         return rc;
-
-    /** @todo this will change with preemption hooks where can VMRESUME as long
-     *        as we're no preempted. */
-    pVCpu->hm.s.fResumeVM  = false;
+    pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_ACTIVE;
+
     pVCpu->hm.s.fLeaveDone = false;
     return VINF_SUCCESS;
@@ -6814 +6863 @@
         case RTTHREADCTXEVENT_PREEMPTING:
         {
+            /** @todo Stats. */
             Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
-            Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));     /* Paranoia. */
-
-            PVM         pVM       = pVCpu->CTX_SUFF(pVM);
-            PCPUMCTX    pMixedCtx = CPUMQueryGuestCtxPtr(pVCpu);
-            VMMRZCallRing3Disable(pVCpu);                        /* No longjmps (log-flush, locks) in this fragile context. */
-            hmR0VmxLeave(pVM, pVCpu, pMixedCtx);                 /* Save the guest-state, restore host-state (FPU, debug etc.). */
-
-            int rc = VMXClearVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);   /* Flush VMCS CPU state to VMCS region in memory. */
-            AssertRC(rc); NOREF(rc);
-
-            rc = HMR0LeaveEx(pVCpu);                             /* Leave HM context, takes care of local init (term). */
-            AssertRC(rc); NOREF(rc);
-
-            VMMRZCallRing3Enable(pVCpu);                         /* Restore longjmp state. */
+            Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
+            VMCPU_ASSERT_EMT(pVCpu);
+
+            PVM      pVM       = pVCpu->CTX_SUFF(pVM);
+            PCPUMCTX pMixedCtx = CPUMQueryGuestCtxPtr(pVCpu);
+
+            /* No longjmps (logger flushes, locks) in this fragile context. */
+            VMMRZCallRing3Disable(pVCpu);
+            Log4Func(("Preempting: HostCpuId=%u\n", RTMpCpuId()));
+
+            /* Save the guest-state, restore host-state (FPU, debug etc.). */
+            hmR0VmxLeave(pVM, pVCpu, pMixedCtx);
+
+            /* Flush VMCS CPU state to the VMCS region in memory. */
+            int rc;
+            if (pVCpu->hm.s.vmx.uVmcsState & HMVMX_VMCS_STATE_ACTIVE)
+            {
+                rc = VMXClearVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
+                AssertRC(rc);
+                pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_CLEAR;
+            }
+
+            /* Leave HM context, takes care of local init (term). */
+            rc = HMR0LeaveEx(pVCpu);
+            AssertRC(rc);
+
+            /* Restore longjmp state. */
+            VMMRZCallRing3Enable(pVCpu);
+            NOREF(rc);
             break;
         }
@@ -6834 +6899 @@
         case RTTHREADCTXEVENT_RESUMED:
         {
-            /* Disable preemption, we don't want to be migrated to another CPU while re-initializing VT-x state. */
-            RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
-            RTThreadPreemptDisable(&PreemptState);
+            /** @todo Stats. */
+            Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+            Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
+            VMCPU_ASSERT_EMT(pVCpu);
+
+            /* No longjmps here, as we don't want to trigger preemption (& its hook) while resuming. */
+            VMMRZCallRing3Disable(pVCpu);
+            Log4Func(("Resumed: HostCpuId=%u\n", RTMpCpuId()));
 
             /* Initialize the bare minimum state required for HM. This takes care of
@@ -6844 +6914 @@
 
             /* Load the active VMCS as the current one. */
-            int rc = VMXActivateVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
-            AssertRC(rc);
-
-            pVCpu->hm.s.fResumeVM  = false;
+            if (pVCpu->hm.s.vmx.uVmcsState & HMVMX_VMCS_STATE_CLEAR)
+            {
+                int rc = VMXActivateVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
+                AssertRC(rc); NOREF(rc);
+                pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_ACTIVE;
+                Log4Func(("Activated: HostCpuId=%u\n", RTMpCpuId()));
+            }
             pVCpu->hm.s.fLeaveDone = false;
-
-            /* Restore preemption, migrating to another CPU should be fine now. */
-            RTThreadPreemptRestore(&PreemptState);
+            VMMRZCallRing3Enable(pVCpu);
             break;
         }
@@ -6871 +6942 @@
 VMMR0DECL(int) VMXR0Leave(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
 {
-    AssertPtr(pVCpu);
+    NOREF(pVCpu);
     NOREF(pVM);
     NOREF(pCtx);
 
-    if (!VMMR0ThreadCtxHooksAreRegistered(pVCpu))
-    {
-        Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
-
-        /*
-         * Sync the current VMCS (writes back internal data back into the VMCS region in memory)
-         * and mark the VMCS launch-state as "clear".
-         */
-        int rc = VMXClearVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
-        return rc;
-    }
-
-    /* With thread-context hooks, nothing to do here. It's taken care of in VMXR0ThreadCtxCallback(). */
+    /* Everything is taken care of in hmR0VmxLeave() and VMXR0ThreadCtxCallback()'s preempt event. */
     return VINF_SUCCESS;
 }
@@ -6904 +6963 @@
  * @remarks No-long-jump zone!!!
  */
+static int hmR0VmxSaveHostState(PVM pVM, PVMCPU pVCpu)
+{
+    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+
+    if (!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_HOST_CONTEXT))
+        return VINF_SUCCESS;
+
+    int rc = hmR0VmxSaveHostControlRegs(pVM, pVCpu);
+    AssertLogRelMsgRCReturn(rc, ("hmR0VmxSaveHostControlRegisters failed! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
+
+    rc = hmR0VmxSaveHostSegmentRegs(pVM, pVCpu);
+    AssertLogRelMsgRCReturn(rc, ("hmR0VmxSaveHostSegmentRegisters failed! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
+
+    rc = hmR0VmxSaveHostMsrs(pVM, pVCpu);
+    AssertLogRelMsgRCReturn(rc, ("hmR0VmxSaveHostMsrs failed! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
+
+    pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_HOST_CONTEXT;
+    return rc;
+}
+
+
+/**
+ * Saves the host state in the VMCS host-state.
+ *
+ * @returns VBox status code.
+ * @param   pVM         Pointer to the VM.
+ * @param   pVCpu       Pointer to the VMCPU.
+ *
+ * @remarks No-long-jump zone!!!
+ */
 VMMR0DECL(int) VMXR0SaveHostState(PVM pVM, PVMCPU pVCpu)
 {
     AssertPtr(pVM);
     AssertPtr(pVCpu);
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
 
     LogFlowFunc(("pVM=%p pVCpu=%p\n", pVM, pVCpu));
-
-    /* Nothing to do if the host-state-changed flag isn't set. This will later be optimized when preemption hooks are in place. */
-    if (!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_HOST_CONTEXT))
-        return VINF_SUCCESS;
-
-    int rc = hmR0VmxSaveHostControlRegs(pVM, pVCpu);
-    AssertLogRelMsgRCReturn(rc, ("hmR0VmxSaveHostControlRegisters failed! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
-
-    rc = hmR0VmxSaveHostSegmentRegs(pVM, pVCpu);
-    AssertLogRelMsgRCReturn(rc, ("hmR0VmxSaveHostSegmentRegisters failed! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
-
-    rc = hmR0VmxSaveHostMsrs(pVM, pVCpu);
-    AssertLogRelMsgRCReturn(rc, ("hmR0VmxSaveHostMsrs failed! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
-
-    pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_HOST_CONTEXT;
-    return rc;
+    return hmR0VmxSaveHostState(pVM, pVCpu);
 }
 
@@ -6953 +7026 @@
     AssertPtr(pVCpu);
     AssertPtr(pMixedCtx);
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMVMX_ASSERT_PREEMPT_SAFE();
 
 #ifdef LOG_ENABLED
     /** @todo r=ramshankar: I'm not able to use VMMRZCallRing3Disable() here,
-     *        probably not initialized yet? Anyway this will do for now. */
+     *        probably not initialized yet? Anyway this will do for now.
+     *
+     *  Update: Should be possible once VMXR0LoadGuestState() is removed as an
+     *  interface and disable ring-3 calls when thread-context hooks are not
+     *  available. */
     bool fCallerDisabledLogFlush = VMMR0IsLogFlushDisabled(pVCpu);
     VMMR0LogFlushDisable(pVCpu);
@@ -7014 +7091 @@
     pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_GUEST_CR2;
 
-    AssertMsg(!pVCpu->hm.s.fContextUseFlags,
+    AssertMsg(!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST),
              ("Missed updating flags while loading guest state. pVM=%p pVCpu=%p idCpu=%RU32 fContextUseFlags=%#RX32\n",
               pVM, pVCpu, pVCpu->idCpu, pVCpu->hm.s.fContextUseFlags));
@@ -7045 +7122 @@
     /*
      * Avoid reloading the guest state on longjmp reentrants and do it lazily just before executing the guest.
-     * This only helps when we get rescheduled more than once to a different host CPU on a longjmp trip before
-     * finally executing guest code.
+     * When thread-context hooks are not used: This only helps when we get rescheduled more than once to a
+     * different host CPU on a longjmp trip before finally executing guest code.
+     *
+     * When thread-context hooks are used: We avoid loading the guest state here for the above reason plus
+     * we can avoid doing it while preemption is disabled (which it is here).
      */
     return VINF_SUCCESS;
+}
+
+/**
+ * Wrapper for loading the guest-state bits in the inner VT-x execution loop.
+ *
+ * @param   pVM             Pointer to the VM.
+ * @param   pVCpu           Pointer to the VMCPU.
+ * @param   pMixedCtx       Pointer to the guest-CPU context. The data may be
+ *                          out-of-sync. Make sure to update the required fields
+ *                          before using them.
+ */
+DECLINLINE(void) hmR0VmxLoadGuestStateOptimal(PVM pVM, PVMCPU pVCpu, PCPUMCTX pMixedCtx)
+{
+    Log5(("LoadFlags=%#RX32\n", pVCpu->hm.s.fContextUseFlags));
+#ifdef HMVMX_SYNC_FULL_GUEST_STATE
+    pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_ALL_GUEST;
+#endif
+
+    if (pVCpu->hm.s.fContextUseFlags == HM_CHANGED_GUEST_RIP)
+    {
+        int rc = hmR0VmxLoadGuestRip(pVCpu, pMixedCtx);
+        AssertRC(rc);
+        STAM_COUNTER_INC(&pVCpu->hm.s.StatLoadMinimal);
+    }
+    else if (pVCpu->hm.s.fContextUseFlags)
+    {
+        int rc = hmR0VmxLoadGuestState(pVM, pVCpu, pMixedCtx);
+        AssertRC(rc);
+        STAM_COUNTER_INC(&pVCpu->hm.s.StatLoadFull);
+    }
+
+    /* When thread-context hooks are available, we could be preempted which means re-updating Guest.CR0
+       (shared FPU state) and debug controls (shared debug state). This is done in hmR0VmxPreRunGuestCommitted() */
+#ifdef VBOX_STRICT
+    if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+    {
+        AssertMsg(   !(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST)
+                  ||  (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST) == HM_CHANGED_GUEST_CR0
+                  ||  (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST) == (HM_CHANGED_GUEST_CR0 | HM_CHANGED_GUEST_DEBUG),
+                     ("fContextUseFlags=%#x\n", pVCpu->hm.s.fContextUseFlags));
+    }
+    else
+    {
+        AssertMsg(!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST), ("fContextUseFlags=%#x\n",
+                                                                           pVCpu->hm.s.fContextUseFlags));
+    }
+#endif
+
+#ifdef HMVMX_ALWAYS_CHECK_GUEST_STATE
+    uint32_t uInvalidReason = hmR0VmxCheckGuestState(pVM, pVCpu, pMixedCtx);
+    if (uInvalidReason != VMX_IGS_REASON_NOT_FOUND)
+        Log4(("hmR0VmxCheckGuestState returned %#x\n", uInvalidReason));
+#endif
 }
 
@@ -7114 +7247 @@
     }
 #endif /* !IEM_VERIFICATION_MODE_FULL */
+
+    /*
+     * When thread-context hooks are used, load the required guest-state bits
+     * here before we go ahead and disable interrupts.
+     */
+    if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+        hmR0VmxLoadGuestStateOptimal(pVM, pVCpu, pMixedCtx);
 
 #ifdef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
@@ -7172 +7312 @@
 #endif
 
-    /* Load the required guest state bits (for guest-state changes in the inner execution loop). */
+    /*
+     * Load the host state bits as we may've been preempted
+     * (only happens when thread-context hooks are used).
+     */
+    int rc = VINF_SUCCESS;
+    if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_HOST_CONTEXT)
+    {
+        Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
+        rc = hmR0VmxSaveHostState(pVM, pVCpu);
+        AssertRC(rc);
+    }
     Assert(!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_HOST_CONTEXT));
-    Log5(("LoadFlags=%#RX32\n", pVCpu->hm.s.fContextUseFlags));
-#ifdef HMVMX_SYNC_FULL_GUEST_STATE
-    pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_ALL_GUEST;
-#endif
-    int rc = VINF_SUCCESS;
-    if (pVCpu->hm.s.fContextUseFlags == HM_CHANGED_GUEST_RIP)
-    {
-        rc = hmR0VmxLoadGuestRip(pVCpu, pMixedCtx);
-        STAM_COUNTER_INC(&pVCpu->hm.s.StatLoadMinimal);
-    }
-    else if (pVCpu->hm.s.fContextUseFlags)
-    {
-        rc = hmR0VmxLoadGuestState(pVM, pVCpu, pMixedCtx);
-        STAM_COUNTER_INC(&pVCpu->hm.s.StatLoadFull);
-    }
-    AssertRC(rc);
-    AssertMsg(!pVCpu->hm.s.fContextUseFlags, ("fContextUseFlags =%#x\n", pVCpu->hm.s.fContextUseFlags));
-
-#ifdef HMVMX_ALWAYS_CHECK_GUEST_STATE
-    uint32_t uInvalidReason = hmR0VmxCheckGuestState(pVM, pVCpu, pMixedCtx);
-    if (uInvalidReason != VMX_IGS_REASON_NOT_FOUND)
-        Log4(("hmR0VmxCheckGuestState returned %#x\n", uInvalidReason));
-#endif
-
-    /* Cache the TPR-shadow for checking on every VM-exit if it might have changed. */
+
+    /*
+     * When thread-context hooks are not used we need to load the required
+     * guest state bits here i.e. when we can no longer be preempted.
+     */
+    if (!VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+        hmR0VmxLoadGuestStateOptimal(pVM, pVCpu, pMixedCtx);
+    else
+    {
+        /*
+         * If we got preempted previously while loading the guest state, the guest FPU and debug
+         * state need to be re-updated because we share them with the host state.
+         */
+        if (!pVCpu->hm.s.vmx.RealMode.fRealOnV86Active)
+        {
+            if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_CR0)
+                hmR0VmxLoadGuestControlRegs(pVCpu, pMixedCtx);
+            if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_DEBUG)
+                hmR0VmxLoadGuestDebugState(pVCpu, pMixedCtx);
+        }
+        else
+        {
+            /*
+             * If we are injecting events real-on-v86 mode guest then we potentially have to update
+             * RIP and other registers. Just reload the state here if we're in real-on-v86 mode.
+             */
+            hmR0VmxLoadGuestStateOptimal(pVM, pVCpu, pMixedCtx);
+        }
+    }
+    AssertMsg(!pVCpu->hm.s.fContextUseFlags, ("fContextUseFlags=%#x\n", pVCpu->hm.s.fContextUseFlags));
+
+    /*
+     * Cache the TPR-shadow for checking on every VM-exit if it might have changed.
+     */
     if (pVCpu->hm.s.vmx.u32ProcCtls & VMX_VMCS_CTRL_PROC_EXEC_USE_TPR_SHADOW)
         pVmxTransient->u8GuestTpr = pVCpu->hm.s.vmx.pbVirtApic[0x80];
@@ -7211 +7370 @@
     ASMAtomicWriteBool(&pVCpu->hm.s.fCheckedTLBFlush, true);    /* Used for TLB-shootdowns, set this across the world switch. */
     hmR0VmxFlushTaggedTlb(pVCpu);                               /* Invalidate the appropriate guest entries from the TLB. */
-    Assert(HMR0GetCurrentCpu()->idCpu == pVCpu->hm.s.idLastCpu);
+
+    RTCPUID idCurrentCpu = HMR0GetCurrentCpu()->idCpu;
+    Assert(idCurrentCpu == pVCpu->hm.s.idLastCpu);
+    pVCpu->hm.s.vmx.LastError.idCurrentCpu = idCurrentCpu;      /* Update the error reporting info. with the current host CPU. */
 
     STAM_PROFILE_ADV_STOP_START(&pVCpu->hm.s.StatEntry, &pVCpu->hm.s.StatInGC, x);
 
     TMNotifyStartOfExecution(pVCpu);                            /* Finally, notify TM to resume its clocks as we're about
-                                                                    to start executing. */
+                                                                   to start executing. */
 
 #ifndef VBOX_WITH_AUTO_MSR_LOAD_RESTORE
@@ -7280 +7442 @@
 
     ASMSetFlags(pVmxTransient->uEflags);                        /* Enable interrupts. */
-    pVCpu->hm.s.fResumeVM = true;                               /* Use VMRESUME instead of VMLAUNCH in the next run. */
+    pVCpu->hm.s.vmx.uVmcsState |= HMVMX_VMCS_STATE_LAUNCHED;    /* Use VMRESUME instead of VMLAUNCH in the next run. */
 
     /* Save the basic VM-exit reason. Refer Intel spec. 24.9.1 "Basic VM-exit Information". */
@@ -7348 +7510 @@
     {
         Assert(!HMR0SuspendPending());
-        AssertMsg(pVCpu->hm.s.idEnteredCpu == RTMpCpuId(),
-                  ("Illegal migration! Entered on CPU %u Current %u cLoops=%u\n", (unsigned)pVCpu->hm.s.idEnteredCpu,
-                  (unsigned)RTMpCpuId(), cLoops));
+        HMVMX_ASSERT_CPU_SAFE();
 
         /* Preparatory work for running guest code, this may return to ring-3 for some last minute updates. */
@@ -7431 +7591 @@
     {
         Assert(!HMR0SuspendPending());
-        AssertMsg(pVCpu->hm.s.idEnteredCpu == RTMpCpuId(),
-                  ("Illegal migration! Entered on CPU %u Current %u cLoops=%u\n", (unsigned)pVCpu->hm.s.idEnteredCpu,
-                  (unsigned)RTMpCpuId(), cLoops));
+        HMVMX_ASSERT_CPU_SAFE();
 
         /* Preparatory work for running guest code, this may return to ring-3 for some last minute updates. */
@@ -7519 +7677 @@
 {
     Assert(VMMRZCallRing3IsEnabled(pVCpu));
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    HMVMX_ASSERT_PREEMPT_SAFE();
 
     int rc;
@@ -7628 +7786 @@
                 Assert(pVmxTransient->fVMEntryFailed == false); \
                 Assert(ASMIntAreEnabled()); \
-                Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD)); \
+                HMVMX_ASSERT_PREEMPT_SAFE(); \
                 HMVMX_ASSERT_PREEMPT_CPUID_VAR(); \
                 Log4Func(("vcpu[%RU32] -v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v-v\n", pVCpu->idCpu)); \
-                Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD)); \
+                HMVMX_ASSERT_PREEMPT_SAFE(); \
                 if (VMMR0IsLogFlushDisabled(pVCpu)) \
                     HMVMX_ASSERT_PREEMPT_CPUID(); \
@@ -9335 +9493 @@
         pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_RIP;
         fUpdateRipAlready = true;
-
 #else
         PDISCPUSTATE pDis = &pVCpu->hm.s.DisState;

trunk/src/VBox/VMM/VMMR0/VMMR0.cpp

@@ -468 +468 @@
  * Registers the thread-context hook for this VCPU.
  *
+ * @returns VBox status code.
  * @param   pVCpu           Pointer to the VMCPU.
  * @param   pfnThreadHook   Pointer to the thread-context callback.
- * @returns VBox status code.
  *
  * @thread EMT.
@@ -476 +476 @@
 VMMR0DECL(int) VMMR0ThreadCtxHooksRegister(PVMCPU pVCpu, PFNRTTHREADCTXHOOK pfnThreadHook)
 {
+    VMCPU_ASSERT_EMT(pVCpu);
     return RTThreadCtxHooksRegister(pVCpu->vmm.s.hR0ThreadCtx, pfnThreadHook, pVCpu);
 }
@@ -485 +486 @@
  * @returns VBox status code.
  * @param   pVCpu       Pointer to the VMCPU.
+ *
  * @thread EMT.
  */
@@ -517 +519 @@
 {
     return RTThreadCtxHooksAreRegistered(pVCpu->vmm.s.hR0ThreadCtx);
+}
+
+
+/**
+ * VMM ring-0 thread-context callback.
+ *
+ * This does common HM state updating and calls the HM-specific thread-context
+ * callback.
+ *
+ * @param   enmEvent    The thread-context event.
+ * @param   pvUser      Opaque pointer to the VMCPU.
+ */
+static void vmmR0ThreadCtxCallback(RTTHREADCTXEVENT enmEvent, void *pvUser)
+{
+    PVMCPU pVCpu = (PVMCPU)pvUser;
+
+    switch (enmEvent)
+    {
+        case RTTHREADCTXEVENT_RESUMED:
+        {
+            /** @todo Linux may call us with preemption enabled (really!) but technically we
+             * cannot get preempted here, otherwise we end up in an infinite recursion
+             * scenario (i.e. preempted in resume hook -> preempt hook -> resume hook... ad
+             * infinitum). Let's just disable preemption for now...
+             */
+            bool fPreemptDisabled = false;
+            RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
+            if (RTThreadPreemptIsEnabled(NIL_RTTHREAD))
+            {
+                RTThreadPreemptDisable(&PreemptState);
+                fPreemptDisabled = true;
+            }
+
+            /* We need to update the VCPU <-> host CPU mapping. */
+            RTCPUID idHostCpu = RTMpCpuId();
+            ASMAtomicWriteU32(&pVCpu->idHostCpu, idHostCpu);
+
+            /* Invoke the HM-specific thread-context callback. */
+            HMR0ThreadCtxCallback(enmEvent, pvUser);
+
+            /* Restore preemption. */
+            if (fPreemptDisabled)
+                RTThreadPreemptRestore(&PreemptState);
+            break;
+        }
+
+        case RTTHREADCTXEVENT_PREEMPTING:
+            /*
+             * Sigh. See VMMGetCpu() used by VMCPU_ASSERT_EMT(). We cannot let several VCPUs
+             * have the same host CPU associated with it.
+             */
+            ASMAtomicWriteU32(&pVCpu->idHostCpu, NIL_RTCPUID);
+            /* fallthru, no break! */
+        default:
+            /* Invoke the HM-specific thread-context callback. */
+            HMR0ThreadCtxCallback(enmEvent, pvUser);
+            break;
+    }
+
 }
 
@@ -838 +899 @@
             RTCCUINTREG uFlags = ASMIntDisableFlags();
 #endif
+            /* Update the VCPU <-> host CPU mapping before doing anything else. */
             ASMAtomicWriteU32(&pVCpu->idHostCpu, RTMpCpuId());
             if (pVM->vmm.s.fUsePeriodicPreemptionTimers)
                 GVMMR0SchedUpdatePeriodicPreemptionTimer(pVM, pVCpu->idHostCpu, TMCalcHostTimerFrequency(pVM, pVCpu));
-
 #ifdef LOG_ENABLED
             if (pVCpu->idCpu > 0)
@@ -855 +916 @@
             }
 #endif
-            int rc;
+
+            int  rc;
+            bool fPreemptRestored = false;
             if (!HMR0SuspendPending())
             {
-                /** @todo VMMR0ThreadCtxHooks support. */
+                /* Register thread-context hooks if required. */
+#ifdef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
+                if (    VMMR0ThreadCtxHooksAreCreated(pVCpu)
+                    && !VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+                {
+                    rc = VMMR0ThreadCtxHooksRegister(pVCpu, vmmR0ThreadCtxCallback);
+                    AssertRC(rc);
+                }
+#endif
+
+                /* Enter HM context. */
                 rc = HMR0Enter(pVM, pVCpu);
+
+                /* When preemption hooks are in place, enable preemption now that we're in HM context. */
+                if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+                {
+                    fPreemptRestored = true;
+                    RTThreadPreemptRestore(&PreemptState);
+                }
+
                 if (RT_SUCCESS(rc))
                 {
                     VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_HM);
 
-                    rc = vmmR0CallRing3SetJmp(&pVCpu->vmm.s.CallRing3JmpBufR0, HMR0RunGuestCode, pVM, pVCpu); /* this may resume code. */
+                    /* Setup the longjmp machinery and execute guest code. */
+                    rc = vmmR0CallRing3SetJmp(&pVCpu->vmm.s.CallRing3JmpBufR0, HMR0RunGuestCode, pVM, pVCpu);
+
+                    /* Leave HM context. This deregisters thread-context hooks if any. */
                     int rc2 = HMR0Leave(pVM, pVCpu);
                     AssertRC(rc2);
@@ -888 +972 @@
             pVCpu->vmm.s.iLastGZRc = rc;
 
+            /* Clear the VCPU <-> host CPU mapping as we've left HM context. */
             ASMAtomicWriteU32(&pVCpu->idHostCpu, NIL_RTCPUID);
+
 #ifdef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
-            RTThreadPreemptRestore(&PreemptState);
+            if (!fPreemptRestored)
+                RTThreadPreemptRestore(&PreemptState);
 #elif !defined(RT_OS_WINDOWS)
             ASMSetFlags(uFlags);
@@ -1487 +1574 @@
  *
  * @returns @c true / @c false
- * @param   pVCpu           The caller's cross context virtual CPU structure.
+ * @param   pVCpu           Pointer to the VMCPU.
  * @thread  EMT
  * @sa      VMMIsLongJumpArmed
@@ -1500 +1587 @@
         && !pVCpu->vmm.s.CallRing3JmpBufR0.fInRing3Call;
 #endif
+}
+
+
+/**
+ * Checks whether we've done a ring-3 long jump.
+ *
+ * @returns @c true / @c false
+ * @param   pVCpu       Pointer to the VMCPU.
+ * @thread EMT
+ */
+VMMR0_INT_DECL(bool) VMMR0IsInRing3LongJump(PVMCPU pVCpu)
+{
+    return pVCpu->vmm.s.CallRing3JmpBufR0.fInRing3Call;
 }
 

trunk/src/VBox/VMM/include/HMInternal.h

@@ -88 +88 @@
 #define HM_CHANGED_GUEST_SEGMENT_REGS            RT_BIT(7)
 #define HM_CHANGED_GUEST_DEBUG                   RT_BIT(8)
-# define HM_CHANGED_GUEST_RIP                    RT_BIT(9)
-# define HM_CHANGED_GUEST_RSP                    RT_BIT(10)
-# define HM_CHANGED_GUEST_RFLAGS                 RT_BIT(11)
-# define HM_CHANGED_GUEST_CR2                    RT_BIT(12)
-# define HM_CHANGED_GUEST_SYSENTER_CS_MSR        RT_BIT(13)
-# define HM_CHANGED_GUEST_SYSENTER_EIP_MSR       RT_BIT(14)
-# define HM_CHANGED_GUEST_SYSENTER_ESP_MSR       RT_BIT(15)
+#define HM_CHANGED_GUEST_RIP                     RT_BIT(9)
+#define HM_CHANGED_GUEST_RSP                     RT_BIT(10)
+#define HM_CHANGED_GUEST_RFLAGS                  RT_BIT(11)
+#define HM_CHANGED_GUEST_CR2                     RT_BIT(12)
+#define HM_CHANGED_GUEST_SYSENTER_CS_MSR         RT_BIT(13)
+#define HM_CHANGED_GUEST_SYSENTER_EIP_MSR        RT_BIT(14)
+#define HM_CHANGED_GUEST_SYSENTER_ESP_MSR        RT_BIT(15)
 /* VT-x specific state. */
-# define HM_CHANGED_VMX_GUEST_AUTO_MSRS          RT_BIT(16)
-# define HM_CHANGED_VMX_GUEST_ACTIVITY_STATE     RT_BIT(17)
-# define HM_CHANGED_VMX_GUEST_APIC_STATE         RT_BIT(18)
-# define HM_CHANGED_VMX_ENTRY_CTLS               RT_BIT(19)
-# define HM_CHANGED_VMX_EXIT_CTLS                RT_BIT(20)
+#define HM_CHANGED_VMX_GUEST_AUTO_MSRS           RT_BIT(16)
+#define HM_CHANGED_VMX_GUEST_ACTIVITY_STATE      RT_BIT(17)
+#define HM_CHANGED_VMX_GUEST_APIC_STATE          RT_BIT(18)
+#define HM_CHANGED_VMX_ENTRY_CTLS                RT_BIT(19)
+#define HM_CHANGED_VMX_EXIT_CTLS                 RT_BIT(20)
 /* AMD-V specific state. */
-# define HM_CHANGED_SVM_GUEST_EFER_MSR           RT_BIT(16)
-# define HM_CHANGED_SVM_GUEST_APIC_STATE         RT_BIT(17)
-# define HM_CHANGED_SVM_RESERVED1                RT_BIT(18)
-# define HM_CHANGED_SVM_RESERVED2                RT_BIT(19)
-# define HM_CHANGED_SVM_RESERVED3                RT_BIT(20)
-
-# define HM_CHANGED_ALL_GUEST                   (  HM_CHANGED_GUEST_CR0                \
-                                                 | HM_CHANGED_GUEST_CR3                \
-                                                 | HM_CHANGED_GUEST_CR4                \
-                                                 | HM_CHANGED_GUEST_GDTR               \
-                                                 | HM_CHANGED_GUEST_IDTR               \
-                                                 | HM_CHANGED_GUEST_LDTR               \
-                                                 | HM_CHANGED_GUEST_TR                 \
-                                                 | HM_CHANGED_GUEST_SEGMENT_REGS       \
-                                                 | HM_CHANGED_GUEST_DEBUG              \
-                                                 | HM_CHANGED_GUEST_RIP                \
-                                                 | HM_CHANGED_GUEST_RSP                \
-                                                 | HM_CHANGED_GUEST_RFLAGS             \
-                                                 | HM_CHANGED_GUEST_CR2                \
-                                                 | HM_CHANGED_GUEST_SYSENTER_CS_MSR    \
-                                                 | HM_CHANGED_GUEST_SYSENTER_EIP_MSR   \
-                                                 | HM_CHANGED_GUEST_SYSENTER_ESP_MSR   \
-                                                 | HM_CHANGED_VMX_GUEST_AUTO_MSRS      \
-                                                 | HM_CHANGED_VMX_GUEST_ACTIVITY_STATE \
-                                                 | HM_CHANGED_VMX_GUEST_APIC_STATE     \
-                                                 | HM_CHANGED_VMX_ENTRY_CTLS           \
-                                                 | HM_CHANGED_VMX_EXIT_CTLS)
-
-#define HM_CHANGED_HOST_CONTEXT                 RT_BIT(21)
+#define HM_CHANGED_SVM_GUEST_EFER_MSR            RT_BIT(16)
+#define HM_CHANGED_SVM_GUEST_APIC_STATE          RT_BIT(17)
+#define HM_CHANGED_SVM_RESERVED1                 RT_BIT(18)
+#define HM_CHANGED_SVM_RESERVED2                 RT_BIT(19)
+#define HM_CHANGED_SVM_RESERVED3                 RT_BIT(20)
+
+#define HM_CHANGED_ALL_GUEST                     (  HM_CHANGED_GUEST_CR0                \
+                                                  | HM_CHANGED_GUEST_CR3                \
+                                                  | HM_CHANGED_GUEST_CR4                \
+                                                  | HM_CHANGED_GUEST_GDTR               \
+                                                  | HM_CHANGED_GUEST_IDTR               \
+                                                  | HM_CHANGED_GUEST_LDTR               \
+                                                  | HM_CHANGED_GUEST_TR                 \
+                                                  | HM_CHANGED_GUEST_SEGMENT_REGS       \
+                                                  | HM_CHANGED_GUEST_DEBUG              \
+                                                  | HM_CHANGED_GUEST_RIP                \
+                                                  | HM_CHANGED_GUEST_RSP                \
+                                                  | HM_CHANGED_GUEST_RFLAGS             \
+                                                  | HM_CHANGED_GUEST_CR2                \
+                                                  | HM_CHANGED_GUEST_SYSENTER_CS_MSR    \
+                                                  | HM_CHANGED_GUEST_SYSENTER_EIP_MSR   \
+                                                  | HM_CHANGED_GUEST_SYSENTER_ESP_MSR   \
+                                                  | HM_CHANGED_VMX_GUEST_AUTO_MSRS      \
+                                                  | HM_CHANGED_VMX_GUEST_ACTIVITY_STATE \
+                                                  | HM_CHANGED_VMX_GUEST_APIC_STATE     \
+                                                  | HM_CHANGED_VMX_ENTRY_CTLS           \
+                                                  | HM_CHANGED_VMX_EXIT_CTLS)
+
+#define HM_CHANGED_HOST_CONTEXT                  RT_BIT(21)
 /** @} */
 
@@ -514 +514 @@
 typedef struct HMCPU
 {
-    /** Set if we don't have to flush the TLB on VM entry. */
-    bool                        fResumeVM;
     /** Set if we need to flush the TLB during the world switch. */
     bool                        fForceTLBFlush;
@@ -528 +526 @@
     /** Whether we've completed the inner HM leave function. */
     bool                        fLeaveDone;
-    uint8_t                     abAlignment[1];
+    uint8_t                     abAlignment[2];
 
     /** World switch exit counter. */
@@ -652 +650 @@
         } LastError;
 
+        /** State of the VMCS. */
+        uint32_t                    uVmcsState;
         /** Which host-state bits to restore before being preempted. */
         uint32_t                    fRestoreHostFlags;