Changeset 48037 in vbox

Timestamp:

Aug 23, 2013 6:11:36 PM (12 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

88372

Message:

VMM/HM: Preemption hooks, work in progress. Hopefully I didn't break the non-hook case.

Location:

trunk

Files:

• include/VBox/vmm/hm.h (modified) (1 diff)
• src/VBox/VMM/VMMR0/HMR0.cpp (modified) (7 diffs)
• src/VBox/VMM/VMMR0/HMSVMR0.cpp (modified) (7 diffs)
• src/VBox/VMM/VMMR0/HMVMXR0.cpp (modified) (29 diffs)
• src/VBox/VMM/include/HMInternal.h (modified) (1 diff)

trunk/include/VBox/vmm/hm.h

@@ -224 +224 @@
 VMMR0_INT_DECL(int)             HMR0Enter(PVM pVM, PVMCPU pVCpu);
 VMMR0_INT_DECL(int)             HMR0Leave(PVM pVM, PVMCPU pVCpu);
-VMMR0_INT_DECL(void)            HMR0EnterEx(PVMCPU pVCpu);
-VMMR0_INT_DECL(int)             HMR0LeaveEx(PVMCPU pVCpu);
+VMMR0_INT_DECL(int)             HMR0EnterCpu(PVMCPU pVCpu);
+VMMR0_INT_DECL(int)             HMR0LeaveCpu(PVMCPU pVCpu);
 VMMR0_INT_DECL(void)            HMR0ThreadCtxCallback(RTTHREADCTXEVENT enmEvent, void *pvUser);
 VMMR0_INT_DECL(bool)            HMR0SuspendPending(void);

trunk/src/VBox/VMM/VMMR0/HMR0.cpp

@@ -1402 +1402 @@
 
 /**
- * Initializes the bare minimum state required for entering HM context.
- *
+ * Turns on HM on the CPU if necessary and initializes the bare minimum state
+ * required for entering HM context.
+ *
+ * @returns VBox status code.
  * @param   pvCpu       Pointer to the VMCPU.
  *
  * @remarks No-long-jump zone!!!
  */
-VMMR0_INT_DECL(void) HMR0EnterEx(PVMCPU pVCpu)
+VMMR0_INT_DECL(int) HMR0EnterCpu(PVMCPU pVCpu)
 {
     Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
 
+    int              rc    = VINF_SUCCESS;
     RTCPUID          idCpu = RTMpCpuId();
     PHMGLOBALCPUINFO pCpu = &g_HvmR0.aCpuInfo[idCpu];
@@ -1418 +1421 @@
     /* Enable VT-x or AMD-V if local init is required, or enable if it's a freshly onlined CPU. */
     if (!pCpu->fConfigured)
-        hmR0EnableCpu(pVCpu->CTX_SUFF(pVM), idCpu);
-
-    /* Reload host-context (back from ring-3/migrated CPUs), reload guest CR0 (for FPU bits). */
-    pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_HOST_CONTEXT | HM_CHANGED_GUEST_CR0;
+        rc = hmR0EnableCpu(pVCpu->CTX_SUFF(pVM), idCpu);
+
+    /* Reload host-context (back from ring-3/migrated CPUs), reload host context & shared bits. */
+    pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_HOST_CONTEXT | HM_CHANGED_HOST_GUEST_SHARED_STATE;
     pVCpu->hm.s.idEnteredCpu = idCpu;
+    return rc;
 }
 
@@ -1437 +1441 @@
 VMMR0_INT_DECL(int) HMR0Enter(PVM pVM, PVMCPU pVCpu)
 {
-    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
-
     /* Make sure we can't enter a session after we've disabled HM in preparation of a suspend. */
     AssertReturn(!ASMAtomicReadBool(&g_HvmR0.fSuspended), VERR_HM_SUSPEND_PENDING);
+    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
 
     /* Load the bare minimum state required for entering HM. */
-    HMR0EnterEx(pVCpu);
+    int rc = HMR0EnterCpu(pVCpu);
+    AssertRCReturn(rc, rc);
 
 #ifdef VBOX_WITH_2X_4GB_ADDR_SPACE
@@ -1455 +1459 @@
     Assert(pCpu);
     Assert(pCtx);
-    Assert(pVCpu->hm.s.fContextUseFlags & (HM_CHANGED_HOST_CONTEXT | HM_CHANGED_GUEST_CR0));
-
-    int rc  = g_HvmR0.pfnEnterSession(pVM, pVCpu, pCpu);
-    AssertMsgRC(rc, ("pfnEnterSession failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu));
+    Assert(pVCpu->hm.s.fContextUseFlags & (HM_CHANGED_HOST_CONTEXT | HM_CHANGED_HOST_GUEST_SHARED_STATE));
+
+    rc = g_HvmR0.pfnEnterSession(pVM, pVCpu, pCpu);
+    AssertMsgRCReturn(rc, ("pfnEnterSession failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu), rc);
 
     /* Load the host as we may be resuming code after a longjmp and quite
        possibly be scheduled on a different CPU. */
-    rc |= g_HvmR0.pfnSaveHostState(pVM, pVCpu);
-    AssertMsgRC(rc, ("pfnSaveHostState failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu));
+    rc = g_HvmR0.pfnSaveHostState(pVM, pVCpu);
+    AssertMsgRCReturn(rc, ("pfnSaveHostState failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu), rc);
 
     /** @todo This is not needed to be done here anymore, can fix/optimize later. */
-    rc |= g_HvmR0.pfnLoadGuestState(pVM, pVCpu, pCtx);
-    AssertMsgRC(rc, ("pfnLoadGuestState failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu));
+    rc = g_HvmR0.pfnLoadGuestState(pVM, pVCpu, pCtx);
+    AssertMsgRCReturn(rc, ("pfnLoadGuestState failed. rc=%Rrc pVCpu=%p HostCpuId=%u\n", rc, pVCpu, idCpu), rc);
 
 #ifdef VBOX_WITH_2X_4GB_ADDR_SPACE
@@ -1483 +1487 @@
 
 /**
- * Deinitializes the bare minimum state used for HM context.
+ * Deinitializes the bare minimum state used for HM context and if necessary
+ * disable HM on the CPU.
  *
  * @returns VBox status code.
  * @param   pVCpu       Pointer to the VMCPU.
  */
-VMMR0_INT_DECL(int) HMR0LeaveEx(PVMCPU pVCpu)
+VMMR0_INT_DECL(int) HMR0LeaveCpu(PVMCPU pVCpu)
 {
     Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
@@ -1509 +1514 @@
     VMCPU_FF_SET(pVCpu, VMCPU_FF_TLB_FLUSH);
 
+    /* Clear the VCPU <-> host CPU mapping as we've left HM context. */
+    ASMAtomicWriteU32(&pVCpu->idHostCpu, NIL_RTCPUID);
+
     return VINF_SUCCESS;
 }
@@ -1525 +1533 @@
 VMMR0_INT_DECL(int) HMR0Leave(PVM pVM, PVMCPU pVCpu)
 {
-    /** @todo r=bird: This can't be entirely right? */
-    AssertReturn(!ASMAtomicReadBool(&g_HvmR0.fSuspended), VERR_HM_SUSPEND_PENDING);
-
-    PCPUMCTX pCtx = CPUMQueryGuestCtxPtr(pVCpu);
-    AssertPtr(pCtx);
-
-    bool fDisabledPreempt = false;
-    RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
-    if (RTThreadPreemptIsEnabled(NIL_RTTHREAD))
-    {
-        Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
-        RTThreadPreemptDisable(&PreemptState);
-        fDisabledPreempt = true;
-    }
-
-    int rc = g_HvmR0.pfnLeaveSession(pVM, pVCpu, pCtx);
-
-    if (!VMMR0ThreadCtxHooksAreRegistered(pVCpu))
-    {
-        /* Keep track of the CPU owning the VMCS for debugging scheduling weirdness
-           and ring-3 calls when thread-context hooks are not supported. */
-        RTCPUID idCpu = RTMpCpuId();
-        AssertMsgStmt(   pVCpu->hm.s.idEnteredCpu == idCpu
-                      || RT_FAILURE_NP(rc), ("Owner is %u, I'm %u", pVCpu->hm.s.idEnteredCpu, idCpu),
-                      rc = VERR_HM_WRONG_CPU_1);
-    }
-
-    /* Leave HM context, takes care of local init (term). */
-    if (RT_SUCCESS(rc))
-    {
-        rc = HMR0LeaveEx(pVCpu);
-        AssertRCReturn(rc, rc);
-    }
-
-    /* Deregister hook now that we've left HM context before re-enabling preemption. */
-    /** @todo This is bad. Deregistering here means we need to VMCLEAR always
-     *        (longjmp/exit-to-r3) in VT-x which is not efficient. */
-    if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
-        VMMR0ThreadCtxHooksDeregister(pVCpu);
-
-    if (fDisabledPreempt)
-        RTThreadPreemptRestore(&PreemptState);
-
-    /* Guest FPU and debug state shouldn't be active now, it's likely that we're going back to ring-3. */
-    Assert(!CPUMIsGuestFPUStateActive(pVCpu));
-    Assert(!CPUMIsGuestDebugStateActive(pVCpu));
-
-    return rc;
+    /* Nothing to do currently. Taken care of HMR0LeaveCpu() and in hmR0VmxLeaveSession() and hmR0SvmLeaveSession(). */
+    /** @todo refactor later to more common code. */
+    return VINF_SUCCESS;
 }
 

trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp

@@ -1611 +1611 @@
             VMMRZCallRing3Disable(pVCpu);                        /* No longjmps (log-flush, locks) in this fragile context. */
 
-            hmR0SvmLeave(pVM, pVCpu, pCtx);
-
-            int rc = HMR0LeaveEx(pVCpu);                         /* Leave HM context, takes care of local init (term). */
+            if (!pVCpu->hm.s.fLeaveDone)
+            {
+                hmR0SvmLeave(pVM, pVCpu, pCtx);
+                pVCpu->hm.s.fLeaveDone = true;
+            }
+
+            int rc = HMR0LeaveCpu(pVCpu);                         /* Leave HM context, takes care of local init (term). */
             AssertRC(rc); NOREF(rc);
 
@@ -1632 +1636 @@
              * initializing AMD-V if necessary (onlined CPUs, local init etc.)
              */
-            HMR0EnterEx(pVCpu);
-            Assert(pVCpu->hm.s.fContextUseFlags & (HM_CHANGED_HOST_CONTEXT | HM_CHANGED_GUEST_CR0));
+            int rc = HMR0EnterCpu(pVCpu);
+            AssertRC(rc); NOREF(rc);
+            Assert(pVCpu->hm.s.fContextUseFlags & (HM_CHANGED_HOST_CONTEXT | HM_CHANGED_HOST_GUEST_SHARED_STATE));
 
             pVCpu->hm.s.fLeaveDone = false;
@@ -1718 +1723 @@
                                       | HM_CHANGED_SVM_RESERVED3);
 
-    AssertMsg(!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST),
-             ("Missed updating flags while loading guest state. pVM=%p pVCpu=%p fContextUseFlags=%#RX32\n",
-              pVM, pVCpu, pVCpu->hm.s.fContextUseFlags));
+    /* All the guest state bits should be loaded except maybe the host context and shared host/guest bits. */
+    AssertMsg(   !(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST)
+              || !(pVCpu->hm.s.fContextUseFlags & ~(HM_CHANGED_HOST_CONTEXT | HM_CHANGED_HOST_GUEST_SHARED_STATE)),
+               ("Missed updating flags while loading guest state. pVM=%p pVCpu=%p fContextUseFlags=%#RX32\n",
+                pVM, pVCpu, pVCpu->hm.s.fContextUseFlags));
 
     Log4(("Load: CS:RIP=%04x:%RX64 EFL=%#x SS:RSP=%04x:%RX64\n", pCtx->cs.Sel, pCtx->rip, pCtx->eflags.u, pCtx->ss, pCtx->rsp));
@@ -1899 +1906 @@
 static void hmR0SvmLeave(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
 {
+    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
     Assert(!VMMRZCallRing3IsEnabled(pVCpu));
     Assert(VMMR0IsLogFlushDisabled(pVCpu));
 
+    /* Restore host FPU state if necessary and resync on next R0 reentry .*/
+    if (CPUMIsGuestFPUStateActive(pVCpu))
+    {
+        CPUMR0SaveGuestFPU(pVM, pVCpu, pCtx);
+        Assert(!CPUMIsGuestFPUStateActive(pVCpu));
+        pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_CR0;
+    }
+
+    /*
+     * Restore host debug registers if necessary and resync on next R0 reentry.
+     */
+#ifdef VBOX_STRICT
+    if (CPUMIsHyperDebugStateActive(pVCpu))
+    {
+        PSVMVMCB pVmcb = (PSVMVMCB)pVCpu->hm.s.svm.pvVmcb;
+        Assert(pVmcb->ctrl.u16InterceptRdDRx == 0xffff);
+        Assert(pVmcb->ctrl.u16InterceptWrDRx == 0xffff);
+    }
+#endif
+    if (CPUMR0DebugStateMaybeSaveGuestAndRestoreHost(pVCpu, false /* save DR6 */))
+        pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_DEBUG;
+
+    Assert(!CPUMIsHyperDebugStateActive(pVCpu));
+    Assert(!CPUMIsGuestDebugStateActive(pVCpu));
+
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatEntry);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatLoadGuestState);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit1);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit2);
+    STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchLongJmpToR3);
+
+    VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED_HM, VMCPUSTATE_STARTED_EXEC);
+}
+
+
+DECLINLINE(void) hmR0SvmLeaveSession(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
+{
+    Assert(!VMMRZCallRing3IsEnabled(pVCpu));
+
     /* Avoid repeating this work when thread-context hooks are used and we had been preempted before
-       which would've done this work from the SVMR0ThreadCtxCallback(). */
+       which would've done this work from the VMXR0ThreadCtxCallback(). */
     RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
     bool fPreemptDisabled = false;
@@ -1915 +1962 @@
     if (!pVCpu->hm.s.fLeaveDone)
     {
-        /* Restore host FPU state if necessary and resync on next R0 reentry .*/
-        if (CPUMIsGuestFPUStateActive(pVCpu))
-        {
-            CPUMR0SaveGuestFPU(pVM, pVCpu, pCtx);
-            Assert(!CPUMIsGuestFPUStateActive(pVCpu));
-            pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_CR0;
-        }
-
-        /*
-         * Restore host debug registers if necessary and resync on next R0 reentry.
-         */
-#ifdef VBOX_STRICT
-        if (CPUMIsHyperDebugStateActive(pVCpu))
-        {
-            PSVMVMCB pVmcb = (PSVMVMCB)pVCpu->hm.s.svm.pvVmcb;
-            Assert(pVmcb->ctrl.u16InterceptRdDRx == 0xffff);
-            Assert(pVmcb->ctrl.u16InterceptWrDRx == 0xffff);
-        }
-#endif
-        if (CPUMR0DebugStateMaybeSaveGuestAndRestoreHost(pVCpu, false /* save DR6 */))
-            pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_DEBUG;
-
-        Assert(!CPUMIsHyperDebugStateActive(pVCpu));
-        Assert(!CPUMIsGuestDebugStateActive(pVCpu));
-
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatEntry);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatLoadGuestState);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit1);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit2);
-        STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchLongJmpToR3);
-
-        VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED_HM, VMCPUSTATE_STARTED_EXEC);
-
+        hmR0SvmLeave(pVM, pVCpu, pCtx);
         pVCpu->hm.s.fLeaveDone = true;
     }
+
+    /* Deregister hook now that we've left HM context before re-enabling preemption. */
+    /** @todo This is bad. Deregistering here means we need to VMCLEAR always
+     *        (longjmp/exit-to-r3) in VT-x which is not efficient. */
+    if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+        VMMR0ThreadCtxHooksDeregister(pVCpu);
+
+    /* Leave HM context. This takes care of local init (term). */
+    int rc = HMR0LeaveCpu(pVCpu);
+    AssertRC(rc); NOREF(rc);
 
     /* Restore preemption if we previous disabled it ourselves. */
@@ -1968 +1993 @@
 static void hmR0SvmLongJmpToRing3(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
 {
-    hmR0SvmLeave(pVM, pVCpu, pCtx);
+    hmR0SvmLeaveSession(pVM, pVCpu, pCtx);
 }
 
@@ -2041 +2066 @@
 
     /* Sync. the necessary state for going back to ring-3. */
-    hmR0SvmLeave(pVM, pVCpu, pCtx);
+    hmR0SvmLeaveSession(pVM, pVCpu, pCtx);
     STAM_COUNTER_DEC(&pVCpu->hm.s.StatSwitchLongJmpToR3);
 

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -2963 +2963 @@
 
 /**
- * Loads the guest control registers (CR0, CR3, CR4) into the guest-state area
- * in the VMCS.
+ * Loads the guest CR0 control register into the guest-state area in the VMCS.
+ * CR0 is partially shared with the host and we have to consider the FPU bits.
  *
  * @returns VBox status code.
@@ -2975 +2975 @@
  * @remarks No-long-jump zone!!!
  */
-static int hmR0VmxLoadGuestControlRegs(PVMCPU pVCpu, PCPUMCTX pCtx)
-{
-    int rc  = VINF_SUCCESS;
-    PVM pVM = pVCpu->CTX_SUFF(pVM);
-
+static int hmR0VmxLoadSharedCR0(PVMCPU pVCpu, PCPUMCTX pMixedCtx)
+{
     /*
      * Guest CR0.
      * Guest FPU.
      */
+    int rc = VINF_SUCCESS;
     if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_CR0)
     {
-        Assert(!(pCtx->cr0 >> 32));
-        uint32_t u32GuestCR0 = pCtx->cr0;
+        Assert(!(pMixedCtx->cr0 >> 32));
+        uint32_t u32GuestCR0 = pMixedCtx->cr0;
+        PVM      pVM         = pVCpu->CTX_SUFF(pVM);
 
         /* The guest's view (read access) of its CR0 is unblemished. */
@@ -2998 +2997 @@
         if (pVM->hm.s.fNestedPaging)
         {
-            if (CPUMIsGuestPagingEnabledEx(pCtx))
+            if (CPUMIsGuestPagingEnabledEx(pMixedCtx))
             {
                 /* The guest has paging enabled, let it access CR3 without causing a VM exit if supported. */
@@ -3043 +3042 @@
         /* Catch floating point exceptions if we need to report them to the guest in a different way. */
         bool fInterceptMF = false;
-        if (!(pCtx->cr0 & X86_CR0_NE))
+        if (!(pMixedCtx->cr0 & X86_CR0_NE))
             fInterceptMF = true;
 
@@ -3138 +3137 @@
         pVCpu->hm.s.fContextUseFlags &= ~HM_CHANGED_GUEST_CR0;
     }
+    return rc;
+}
+
+
+/**
+ * Loads the guest control registers (CR3, CR4) into the guest-state area
+ * in the VMCS.
+ *
+ * @returns VBox status code.
+ * @param   pVM         Pointer to the VM.
+ * @param   pVCpu       Pointer to the VMCPU.
+ * @param   pMixedCtx   Pointer to the guest-CPU context. The data may be
+ *                      out-of-sync. Make sure to update the required fields
+ *                      before using them.
+ *
+ * @remarks No-long-jump zone!!!
+ */
+static int hmR0VmxLoadGuestCR3AndCR4(PVMCPU pVCpu, PCPUMCTX pMixedCtx)
+{
+    int rc  = VINF_SUCCESS;
+    PVM pVM = pVCpu->CTX_SUFF(pVM);
 
     /*
@@ -3173 +3193 @@
 
             if (   pVM->hm.s.vmx.fUnrestrictedGuest
-                || CPUMIsGuestPagingEnabledEx(pCtx))
+                || CPUMIsGuestPagingEnabledEx(pMixedCtx))
             {
                 /* If the guest is in PAE mode, pass the PDPEs to VT-x using the VMCS fields. */
-                if (CPUMIsGuestInPAEModeEx(pCtx))
+                if (CPUMIsGuestInPAEModeEx(pMixedCtx))
                 {
                     rc  = PGMGstGetPaePdpes(pVCpu, &pVCpu->hm.s.aPdpes[0]);                         AssertRCReturn(rc, rc);
@@ -3187 +3207 @@
                 /* The guest's view of its CR3 is unblemished with Nested Paging when the guest is using paging or we
                    have Unrestricted Execution to handle the guest when it's not using paging. */
-                GCPhysGuestCR3 = pCtx->cr3;
+                GCPhysGuestCR3 = pMixedCtx->cr3;
             }
             else
@@ -3228 +3248 @@
     if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_CR4)
     {
-        Assert(!(pCtx->cr4 >> 32));
-        uint32_t u32GuestCR4 = pCtx->cr4;
+        Assert(!(pMixedCtx->cr4 >> 32));
+        uint32_t u32GuestCR4 = pMixedCtx->cr4;
 
         /* The guest's view of its CR4 is unblemished. */
@@ -3251 +3271 @@
         if (pVM->hm.s.fNestedPaging)
         {
-            if (   !CPUMIsGuestPagingEnabledEx(pCtx)
+            if (   !CPUMIsGuestPagingEnabledEx(pMixedCtx)
                 && !pVM->hm.s.vmx.fUnrestrictedGuest)
             {
@@ -3327 +3347 @@
  * This also sets up whether #DB and MOV DRx accesses cause VM exits.
  *
+ * The guest debug bits are partially shared with the host (e.g. DR6, DR0-3).
+ *
  * @returns VBox status code.
  * @param   pVCpu       Pointer to the VMCPU.
@@ -3335 +3357 @@
  * @remarks No-long-jump zone!!!
  */
-static int hmR0VmxLoadGuestDebugState(PVMCPU pVCpu, PCPUMCTX pMixedCtx)
+static int hmR0VmxLoadSharedDebugState(PVMCPU pVCpu, PCPUMCTX pMixedCtx)
 {
     if (!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_DEBUG))
@@ -3457 +3479 @@
  * Strict function to validate segment registers.
  *
- * @remarks Requires CR0.
+ * @remarks ASSUMES CR0 is up to date.
  */
 static void hmR0VmxValidateSegmentRegs(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
@@ -3488 +3510 @@
         Assert((pCtx->ss.Sel & X86_SEL_RPL) == (pCtx->cs.Sel & X86_SEL_RPL));
         Assert(pCtx->ss.Attr.n.u2Dpl == (pCtx->ss.Sel & X86_SEL_RPL));
-        Assert(!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_CR0));
         if (   !(pCtx->cr0 & X86_CR0_PE)
             || pCtx->cs.Attr.n.u4Type == 3)
@@ -3689 +3710 @@
  *                      before using them.
  *
- * @remarks Requires CR0 (strict builds validation).
+ * @remarks ASSUMES CR0 is up to date (strict builds validation).
  * @remarks No-long-jump zone!!!
  */
@@ -6071 +6092 @@
     Assert(VMMR0IsLogFlushDisabled(pVCpu));
 
+    RTCPUID idCpu = RTMpCpuId();
+    Log4Func(("HostCpuId=%u\n", idCpu));
+
+    /* Save the guest state if necessary. */
+    if (pVCpu->hm.s.vmx.fUpdatedGuestState != HMVMX_UPDATED_GUEST_ALL)
+    {
+        int rc = hmR0VmxSaveGuestState(pVCpu, pMixedCtx);
+        AssertRC(rc);
+        Assert(pVCpu->hm.s.vmx.fUpdatedGuestState == HMVMX_UPDATED_GUEST_ALL);
+    }
+
+    /* Restore host FPU state if necessary and resync on next R0 reentry .*/
+    if (CPUMIsGuestFPUStateActive(pVCpu))
+    {
+        CPUMR0SaveGuestFPU(pVM, pVCpu, pMixedCtx);
+        Assert(!CPUMIsGuestFPUStateActive(pVCpu));
+        pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_CR0;
+    }
+
+    /* Restore host debug registers if necessary and resync on next R0 reentry. */
+#ifdef VBOX_STRICT
+    if (CPUMIsHyperDebugStateActive(pVCpu))
+        Assert(pVCpu->hm.s.vmx.u32ProcCtls & VMX_VMCS_CTRL_PROC_EXEC_MOV_DR_EXIT);
+#endif
+    if (CPUMR0DebugStateMaybeSaveGuestAndRestoreHost(pVCpu, true /* save DR6 */))
+        pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_DEBUG;
+    Assert(!CPUMIsGuestDebugStateActive(pVCpu));
+    Assert(!CPUMIsHyperDebugStateActive(pVCpu));
+
+    /* Restore host-state bits that VT-x only restores partially. */
+    if (pVCpu->hm.s.vmx.fRestoreHostFlags)
+    {
+        Log4Func(("Restoring Host State: fRestoreHostFlags=%#RX32 HostCpuId=%u\n", pVCpu->hm.s.vmx.fRestoreHostFlags, idCpu));
+        VMXRestoreHostState(pVCpu->hm.s.vmx.fRestoreHostFlags, &pVCpu->hm.s.vmx.RestoreHost);
+        pVCpu->hm.s.vmx.fRestoreHostFlags = 0;
+    }
+
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatEntry);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatLoadGuestState);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit1);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit2);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExitIO);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExitMovCRx);
+    STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExitXcptNmi);
+    STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchLongJmpToR3);
+
+    VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED_HM, VMCPUSTATE_STARTED_EXEC);
+
+    /** @todo This kinda defeats the purpose of having preemption hooks.
+     *  The problem is, deregistering the hooks should be moved to a place that
+     *  lasts until the EMT is about to be destroyed not everytime while leaving HM
+     *  context.
+     */
+    if (pVCpu->hm.s.vmx.uVmcsState & HMVMX_VMCS_STATE_ACTIVE)
+    {
+        int rc = VMXClearVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
+        AssertRC(rc);
+        pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_CLEAR;
+        Log4Func(("Cleared Vmcs. HostCpuId=%u\n", idCpu));
+    }
+
+    pVCpu->hm.s.vmx.uVmcsState &= ~HMVMX_VMCS_STATE_LAUNCHED;
+    NOREF(idCpu);
+}
+
+
+DECLINLINE(void) hmR0VmxLeaveSession(PVM pVM, PVMCPU pVCpu, PCPUMCTX pMixedCtx)
+{
+    Assert(!VMMRZCallRing3IsEnabled(pVCpu));
+
     /* Avoid repeating this work when thread-context hooks are used and we had been preempted before
        which would've done this work from the VMXR0ThreadCtxCallback(). */
@@ -6082 +6173 @@
     }
 
-    RTCPUID idCpu = RTMpCpuId();
-    Log4Func(("HostCpuId=%u\n", idCpu));
-
     if (!pVCpu->hm.s.fLeaveDone)
     {
-        Log4Func(("Leaving: HostCpuId=%u\n", idCpu));
-
-        /* Save the guest state if necessary. */
-        if (pVCpu->hm.s.vmx.fUpdatedGuestState != HMVMX_UPDATED_GUEST_ALL)
-        {
-            int rc = hmR0VmxSaveGuestState(pVCpu, pMixedCtx);
-            AssertRC(rc);
-            Assert(pVCpu->hm.s.vmx.fUpdatedGuestState == HMVMX_UPDATED_GUEST_ALL);
-        }
-
-        /* Restore host FPU state if necessary and resync on next R0 reentry .*/
-        if (CPUMIsGuestFPUStateActive(pVCpu))
-        {
-            CPUMR0SaveGuestFPU(pVM, pVCpu, pMixedCtx);
-            Assert(!CPUMIsGuestFPUStateActive(pVCpu));
-            pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_CR0;
-        }
-
-        /* Restore host debug registers if necessary and resync on next R0 reentry. */
-#ifdef VBOX_STRICT
-        if (CPUMIsHyperDebugStateActive(pVCpu))
-            Assert(pVCpu->hm.s.vmx.u32ProcCtls & VMX_VMCS_CTRL_PROC_EXEC_MOV_DR_EXIT);
-#endif
-        if (CPUMR0DebugStateMaybeSaveGuestAndRestoreHost(pVCpu, true /* save DR6 */))
-            pVCpu->hm.s.fContextUseFlags |= HM_CHANGED_GUEST_DEBUG;
-        Assert(!CPUMIsGuestDebugStateActive(pVCpu));
-        Assert(!CPUMIsHyperDebugStateActive(pVCpu));
-
-        /* Restore host-state bits that VT-x only restores partially. */
-        if (pVCpu->hm.s.vmx.fRestoreHostFlags)
-        {
-            Log4Func(("Restoring Host State: fRestoreHostFlags=%#RX32 HostCpuId=%u\n", pVCpu->hm.s.vmx.fRestoreHostFlags, idCpu));
-            VMXRestoreHostState(pVCpu->hm.s.vmx.fRestoreHostFlags, &pVCpu->hm.s.vmx.RestoreHost);
-            pVCpu->hm.s.vmx.fRestoreHostFlags = 0;
-        }
-
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatEntry);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatLoadGuestState);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit1);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExit2);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExitIO);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExitMovCRx);
-        STAM_PROFILE_ADV_SET_STOPPED(&pVCpu->hm.s.StatExitXcptNmi);
-        STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchLongJmpToR3);
-
-        VMCPU_CMPXCHG_STATE(pVCpu, VMCPUSTATE_STARTED_HM, VMCPUSTATE_STARTED_EXEC);
-
-        /** @todo This kinda defeats the purpose of having preemption hooks.
-         *  The problem is, deregistering the hooks should be moved to a place that
-         *  lasts until the EMT is about to be destroyed not everytime while leaving HM
-         *  context.
-         */
-        if (pVCpu->hm.s.vmx.uVmcsState & HMVMX_VMCS_STATE_ACTIVE)
-        {
-            int rc = VMXClearVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
-            AssertRC(rc);
-            pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_CLEAR;
-            Log4Func(("Cleared Vmcs. HostCpuId=%u\n", idCpu));
-        }
-
-        pVCpu->hm.s.vmx.uVmcsState &= ~HMVMX_VMCS_STATE_LAUNCHED;
+        hmR0VmxLeave(pVM, pVCpu, pMixedCtx);
         pVCpu->hm.s.fLeaveDone = true;
     }
 
-    NOREF(idCpu);
+    /* Deregister hook now that we've left HM context before re-enabling preemption. */
+    /** @todo This is bad. Deregistering here means we need to VMCLEAR always
+     *        (longjmp/exit-to-r3) in VT-x which is not efficient. */
+    if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
+        VMMR0ThreadCtxHooksDeregister(pVCpu);
+
+    /* Leave HM context. This takes care of local init (term). */
+    int rc = HMR0LeaveCpu(pVCpu);
+    AssertRC(rc); NOREF(rc);
 
     /* Restore preemption if we previous disabled it ourselves. */
@@ -6172 +6208 @@
 DECLINLINE(void) hmR0VmxLongJmpToRing3(PVM pVM, PVMCPU pVCpu, PCPUMCTX pMixedCtx)
 {
-    hmR0VmxLeave(pVM, pVCpu, pMixedCtx);
+    hmR0VmxLeaveSession(pVM, pVCpu, pMixedCtx);
 }
 
@@ -6225 +6261 @@
 
     /* Save guest state and restore host state bits. */
-    hmR0VmxLeave(pVM, pVCpu, pMixedCtx);
+    hmR0VmxLeaveSession(pVM, pVCpu, pMixedCtx);
     STAM_COUNTER_DEC(&pVCpu->hm.s.StatSwitchLongJmpToR3);
 
@@ -6895 +6931 @@
 
             /* Save the guest-state, restore host-state (FPU, debug etc.). */
-            hmR0VmxLeave(pVM, pVCpu, pMixedCtx);
+            if (!pVCpu->hm.s.fLeaveDone)
+            {
+                hmR0VmxLeave(pVM, pVCpu, pMixedCtx);
+                pVCpu->hm.s.fLeaveDone = true;
+            }
 
             /* Leave HM context, takes care of local init (term). */
-            int rc = HMR0LeaveEx(pVCpu);
-            AssertRC(rc);
+            int rc = HMR0LeaveCpu(pVCpu);
+            AssertRC(rc); NOREF(rc);
 
             /* Restore longjmp state. */
             VMMRZCallRing3Enable(pVCpu);
-            NOREF(rc);
             break;
         }
@@ -6920 +6959 @@
             /* Initialize the bare minimum state required for HM. This takes care of
                initializing VT-x if necessary (onlined CPUs, local init etc.) */
-            HMR0EnterEx(pVCpu);
-            Assert(pVCpu->hm.s.fContextUseFlags & (HM_CHANGED_HOST_CONTEXT | HM_CHANGED_GUEST_CR0));
+            int rc = HMR0EnterCpu(pVCpu);
+            AssertRC(rc);
+            Assert(pVCpu->hm.s.fContextUseFlags & (HM_CHANGED_HOST_CONTEXT | HM_CHANGED_HOST_GUEST_SHARED_STATE));
 
             /* Load the active VMCS as the current one. */
             if (pVCpu->hm.s.vmx.uVmcsState & HMVMX_VMCS_STATE_CLEAR)
             {
-                int rc = VMXActivateVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
+                rc = VMXActivateVmcs(pVCpu->hm.s.vmx.HCPhysVmcs);
                 AssertRC(rc); NOREF(rc);
                 pVCpu->hm.s.vmx.uVmcsState = HMVMX_VMCS_STATE_ACTIVE;
@@ -7075 +7115 @@
     AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestActivityState! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
 
-    rc = hmR0VmxLoadGuestControlRegs(pVCpu, pMixedCtx);
-    AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestControlRegs: rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
-
-    /* Must be done after CR0 is loaded (strict builds require CR0 for segment register validation checks). */
+    rc = hmR0VmxLoadGuestCR3AndCR4(pVCpu, pMixedCtx);
+    AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestCR3AndCR4: rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
+
+    /* Assumes CR0 is up-to-date (strict builds require CR0 for segment register validation checks). */
     rc = hmR0VmxLoadGuestSegmentRegs(pVCpu, pMixedCtx);
     AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestSegmentRegs: rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
 
-    rc = hmR0VmxLoadGuestDebugState(pVCpu, pMixedCtx);
-    AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestDebugState: rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
-
     rc = hmR0VmxLoadGuestMsrs(pVCpu, pMixedCtx);
     AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestMsrs! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
@@ -7091 +7128 @@
     AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestApicState! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
 
-    /* Must be done after hmR0VmxLoadGuestDebugState() as it may have updated eflags.TF for debugging purposes. */
+    /*
+     * Loading Rflags here is fine, even though Rflags.TF might depend on guest debug state (which is not loaded here).
+     * It is re-evaluated and updated if necessary in hmR0VmxLoadSharedState().
+     */
     rc = hmR0VmxLoadGuestRipRspRflags(pVCpu, pMixedCtx);
     AssertLogRelMsgRCReturn(rc, ("hmR0VmxLoadGuestRipRspRflags! rc=%Rrc (pVM=%p pVCpu=%p)\n", rc, pVM, pVCpu), rc);
@@ -7109 +7149 @@
     STAM_PROFILE_ADV_STOP(&pVCpu->hm.s.StatLoadGuestState, x);
     return rc;
+}
+
+
+/**
+ * Loads the state shared between the host and guest into the VMCS.
+ *
+ * @param   pVM         Pointer to the VM.
+ * @param   pVCpu       Pointer to the VMCPU.
+ * @param   pCtx        Pointer to the guest-CPU context.
+ *
+ * @remarks No-long-jump zone!!!
+ */
+static void hmR0VmxLoadSharedState(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
+{
+    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
+    Assert(!VMMRZCallRing3IsEnabled(pVCpu));
+
+    if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_CR0)
+    {
+        int rc = hmR0VmxLoadSharedCR0(pVCpu, pCtx);
+        AssertRC(rc);
+    }
+
+    if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_DEBUG)
+    {
+        int rc = hmR0VmxLoadSharedDebugState(pVCpu, pCtx);
+        AssertRC(rc);
+
+        /* Loading shared debug bits might have changed eflags.TF bit for debugging purposes. */
+        if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_RFLAGS)
+        {
+            rc = hmR0VmxLoadGuestRflags(pVCpu, pCtx);
+            AssertRC(rc);
+        }
+    }
+
+    AssertMsg(!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_HOST_GUEST_SHARED_STATE), ("fContextUseFlags=%#x\n",
+                                                                                     pVCpu->hm.s.fContextUseFlags));
 }
 
@@ -7137 +7215 @@
 }
 
-/**
- * Wrapper for loading the guest-state bits in the inner VT-x execution loop.
+
+/**
+ * Worker for loading the guest-state bits in the inner VT-x execution loop.
  *
  * @param   pVM             Pointer to the VM.
@@ -7166 +7245 @@
     }
 
-#ifdef VBOX_STRICT
-    /* When thread-context hooks are available, we could be preempted which means re-updating Guest.CR0
-       (shared FPU state) and debug controls (shared debug state). This is done in hmR0VmxPreRunGuestCommitted() */
-    if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
-    {
-        AssertMsg(   !(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST)
-                  ||  (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST) == HM_CHANGED_GUEST_CR0
-                  ||  (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST) == (HM_CHANGED_GUEST_CR0 | HM_CHANGED_GUEST_DEBUG),
-                     ("fContextUseFlags=%#x\n", pVCpu->hm.s.fContextUseFlags));
-    }
-    else
-    {
-        AssertMsg(!(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST), ("fContextUseFlags=%#x\n",
-                                                                           pVCpu->hm.s.fContextUseFlags));
-    }
-#endif
+    /* All the guest state bits should be loaded except maybe the host context and shared host/guest bits. */
+    AssertMsg(   !(pVCpu->hm.s.fContextUseFlags & HM_CHANGED_ALL_GUEST)
+              || !(pVCpu->hm.s.fContextUseFlags & ~(HM_CHANGED_HOST_CONTEXT | HM_CHANGED_HOST_GUEST_SHARED_STATE)),
+              ("fContextUseFlags=%#x\n", pVCpu->hm.s.fContextUseFlags));
 
 #ifdef HMVMX_ALWAYS_CHECK_GUEST_STATE
@@ -7256 +7323 @@
     /*
      * When thread-context hooks are used, load the required guest-state bits
-     * here before we go ahead and disable interrupts.
+     * here before we go ahead and disable interrupts. We can handle getting preempted
+     * while loading the guest state.
      */
     if (VMMR0ThreadCtxHooksAreRegistered(pVCpu))
@@ -7311 +7379 @@
     Assert(!VMMRZCallRing3IsEnabled(pVCpu));
     Assert(VMMR0IsLogFlushDisabled(pVCpu));
-
 #ifndef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
     /** @todo I don't see the point of this, VMMR0EntryFast() already disables interrupts for the entire period. */
@@ -7317 +7384 @@
     VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC);
 #endif
+    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
 
     /*
@@ -7340 +7408 @@
     {
         /*
-         * If we got preempted previously while loading the guest state, the guest FPU and debug
-         * state need to be re-updated because we share them with the host state.
+         * If we are injecting events real-on-v86 mode guest then we potentially have to update
+         * RIP and other registers, i.e. hmR0VmxPreRunGuest()->hmR0VmxInjectPendingEvent().
+         * Just reload the state here if we're in real-on-v86 mode.
          */
-        if (!pVCpu->hm.s.vmx.RealMode.fRealOnV86Active)
-        {
-            if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_CR0)
-                hmR0VmxLoadGuestControlRegs(pVCpu, pMixedCtx);
-            if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_GUEST_DEBUG)
-                hmR0VmxLoadGuestDebugState(pVCpu, pMixedCtx);
-        }
-        else
-        {
-            /*
-             * If we are injecting events real-on-v86 mode guest then we potentially have to update
-             * RIP and other registers. Just reload the state here if we're in real-on-v86 mode.
-             */
+        if (pVCpu->hm.s.vmx.RealMode.fRealOnV86Active)
             hmR0VmxLoadGuestStateOptimal(pVM, pVCpu, pMixedCtx);
-        }
-    }
+    }
+
+    /* Load the state shared between host and guest (FPU, debug). */
+    if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_HOST_GUEST_SHARED_STATE)
+        hmR0VmxLoadSharedState(pVM, pVCpu, pMixedCtx);
     AssertMsg(!pVCpu->hm.s.fContextUseFlags, ("fContextUseFlags=%#x\n", pVCpu->hm.s.fContextUseFlags));
+
 
     /*

trunk/src/VBox/VMM/include/HMInternal.h

@@ -131 +131 @@
 
 #define HM_CHANGED_HOST_CONTEXT                  RT_BIT(21)
+
+/* Bits shared between host and guest. */
+#define HM_CHANGED_HOST_GUEST_SHARED_STATE       (  HM_CHANGED_GUEST_CR0                \
+                                                  | HM_CHANGED_GUEST_DEBUG)
 /** @} */