Changeset 48130 in vbox for trunk/src

Timestamp:

Aug 28, 2013 5:14:38 PM (12 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

88510

Message:

VMM: Enable thread-context hooks. Reimplemented event injection logic for VT-x and AMD-V.

Location:

trunk/src/VBox/VMM

Files:

• VMMR0/HMSVMR0.cpp (modified) (10 diffs)
• VMMR0/HMVMXR0.cpp (modified) (15 diffs)
• VMMR0/VMMR0.cpp (modified) (3 diffs)
• VMMR3/EM.cpp (modified) (1 diff)
• include/HMInternal.h (modified) (1 diff)

trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp

@@ -196 +196 @@
 {
     /** The host's rflags/eflags. */
-    RTCCUINTREG     uEFlags;
+    RTCCUINTREG     uEflags;
 #if HC_ARCH_BITS == 32
     uint32_t        u32Alignment0;
@@ -2365 +2365 @@
 
 /**
- * Injects any pending events into the guest if the guest is in a state to
- * receive them.
+ * Evaluates the event to be delivered to the guest and sets it as the pending
+ * event.
  *
  * @param   pVCpu       Pointer to the VMCPU.
  * @param   pCtx        Pointer to the guest-CPU context.
  */
-static void hmR0SvmInjectPendingEvent(PVMCPU pVCpu, PCPUMCTX pCtx)
-{
-    Assert(!TRPMHasTrap(pVCpu));
+static void hmR0SvmEvaluatePendingEvent(PVMCPU pVCpu, PCPUMCTX pCtx)
+{
+    Assert(!pVCpu->hm.s.Event.fPending);
     Log4Func(("\n"));
 
@@ -2382 +2382 @@
     SVMEVENT Event;
     Event.u = 0;
-    if (pVCpu->hm.s.Event.fPending)                                /* First, inject any pending HM events. */
-    {
-        Event.u = pVCpu->hm.s.Event.u64IntrInfo;
-        Assert(Event.n.u1Valid);
-        bool fInject = true;
-        if (   Event.n.u3Type == SVM_EVENT_EXTERNAL_IRQ
-            && (   fBlockInt
-                || fIntShadow))
-        {
-            fInject = false;
-        }
-        else if (   Event.n.u3Type == SVM_EVENT_NMI
-                 && fIntShadow)
-        {
-            fInject = false;
-        }
-
-        if (fInject)
-        {
-            Log4(("Injecting pending HM event.\n"));
-
-            hmR0SvmInjectEventVmcb(pVCpu, pVmcb, pCtx, &Event);
-            pVCpu->hm.s.Event.fPending = false;
-
-#ifdef VBOX_WITH_STATISTICS
-            if (Event.n.u3Type == SVM_EVENT_EXTERNAL_IRQ)
-                STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectInterrupt);
-            else
-                STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectXcpt);
-#endif
-        }
-        else
-            hmR0SvmSetVirtIntrIntercept(pVmcb);
-    }                                                              /** @todo SMI. SMIs take priority over NMIs. */
-    else if (VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_INTERRUPT_NMI))   /* NMI. NMIs take priority over regular interrupts . */
+                                                              /** @todo SMI. SMIs take priority over NMIs. */
+    if (VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_INTERRUPT_NMI))   /* NMI. NMIs take priority over regular interrupts . */
     {
         if (!fIntShadow)
         {
-            Log4(("Injecting NMI\n"));
+            Log4(("Pending NMI\n"));
 
             Event.n.u1Valid  = 1;
@@ -2426 +2393 @@
             Event.n.u3Type   = SVM_EVENT_NMI;
 
-            hmR0SvmInjectEventVmcb(pVCpu, pVmcb, pCtx, &Event);
+            hmR0SvmSetPendingEvent(pVCpu, &Event, 0 /* GCPtrFaultAddress */);
             VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INTERRUPT_NMI);
-
-            STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectXcpt);
         }
         else
@@ -2436 +2401 @@
     else if (VMCPU_FF_IS_PENDING(pVCpu, (VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC)))
     {
-        /* Check if there are guest external interrupts (PIC/APIC) pending and inject them, if the guest can receive them. */
+        /*
+         * Check if the guest can receive external interrupts (PIC/APIC). Once we do PDMGetInterrupt() we -must- deliver
+         * the interrupt ASAP. We must not execute any guest code until we inject the interrupt which is why it is
+         * evaluated here and not set as pending, solely based on the force-flags.
+         */
         if (   !fBlockInt
             && !fIntShadow)
@@ -2450 +2419 @@
                 Event.n.u3Type   = SVM_EVENT_EXTERNAL_IRQ;
 
-                hmR0SvmInjectEventVmcb(pVCpu, pVmcb, pCtx, &Event);
-                STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectInterrupt);
+                hmR0SvmSetPendingEvent(pVCpu, &Event, 0 /* GCPtrFaultAddress */);
             }
             else
@@ -2462 +2430 @@
         else
             hmR0SvmSetVirtIntrIntercept(pVmcb);
+    }
+}
+
+
+/**
+ * Injects any pending events into the guest if the guest is in a state to
+ * receive them.
+ *
+ * @param   pVCpu       Pointer to the VMCPU.
+ * @param   pCtx        Pointer to the guest-CPU context.
+ */
+static void hmR0SvmInjectPendingEvent(PVMCPU pVCpu, PCPUMCTX pCtx)
+{
+    Assert(!TRPMHasTrap(pVCpu));
+    Assert(!VMMRZCallRing3IsEnabled(pVCpu));
+    Log4Func(("\n"));
+
+    const bool fIntShadow = !!hmR0SvmGetGuestIntrShadow(pVCpu, pCtx);
+    const bool fBlockInt  = !(pCtx->eflags.u32 & X86_EFL_IF);
+    PSVMVMCB pVmcb        = (PSVMVMCB)pVCpu->hm.s.svm.pvVmcb;
+
+    SVMEVENT Event;
+    Event.u = 0;
+    if (pVCpu->hm.s.Event.fPending)                                /* First, inject any pending HM events. */
+    {
+#if defined(VBOX_STRICT) || defined(VBOX_WITH_STATISTICS)
+        Event.u = pVCpu->hm.s.Event.u64IntrInfo;
+        Assert(Event.n.u1Valid);
+        bool fInject = true;
+        if (Event.n.u3Type == SVM_EVENT_EXTERNAL_IRQ)
+        {
+            Assert(!fBlockInt);
+            Assert(!fIntShadow);
+        }
+        else if (Event.n.u3Type == SVM_EVENT_NMI)
+            Assert(!fIntShadow);
+#endif
+
+        Log4(("Injecting pending HM event.\n"));
+        hmR0SvmInjectEventVmcb(pVCpu, pVmcb, pCtx, &Event);
+        pVCpu->hm.s.Event.fPending = false;
+
+#ifdef VBOX_WITH_STATISTICS
+        if (Event.n.u3Type == SVM_EVENT_EXTERNAL_IRQ)
+            STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectInterrupt);
+        else
+            STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectXcpt);
+#endif
     }
 
@@ -2719 +2735 @@
         return rc;
 
+    if (TRPMHasTrap(pVCpu))
+        hmR0SvmTrpmTrapToPendingEvent(pVCpu);
+    else if (!pVCpu->hm.s.Event.fPending)
+        hmR0SvmEvaluatePendingEvent(pVCpu, pCtx);
+
 #ifdef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
-    /* We disable interrupts so that we don't miss any interrupts that would flag preemption (IPI/timers etc.) */
-    pSvmTransient->uEFlags = ASMIntDisableFlags();
-    if (RTThreadPreemptIsPending(NIL_RTTHREAD))
-    {
-        ASMSetFlags(pSvmTransient->uEFlags);
+    /*
+     * We disable interrupts so that we don't miss any interrupts that would flag preemption (IPI/timers etc.)
+     * when thread-context hooks aren't used and we've been running with preemption disabled for a while.
+     *
+     * We need to check for force-flags that could've possible been altered since we last checked them (e.g.
+     * by PDMGetInterrupt() leaving the PDM critical section, see @bugref{6398}).
+     *
+     * We also check a couple of other force-flags as a last opportunity to get the EMT back to ring-3 before
+     * executing guest code.
+     */
+    pSvmTransient->uEflags = ASMIntDisableFlags();
+    if (   VM_FF_IS_PENDING(pVM, VM_FF_EMT_RENDEZVOUS | VM_FF_TM_VIRTUAL_SYNC)
+        || VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_HM_TO_R3_MASK))
+    {
+        ASMSetFlags(pSvmTransient->uEflags);
+        STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchHmToR3FF);
+        return VINF_EM_RAW_TO_R3;
+    }
+    else if (RTThreadPreemptIsPending(NIL_RTTHREAD))
+    {
+        ASMSetFlags(pSvmTransient->uEflags);
         STAM_COUNTER_INC(&pVCpu->hm.s.StatPendingHostIrq);
-        /* Don't use VINF_EM_RAW_INTERRUPT_HYPER as we can't assume the host does kernel preemption. Maybe some day? */
         return VINF_EM_RAW_INTERRUPT;
     }
+
+    /* Indicate the start of guest execution. No more longjmps or returns to ring-3 from this point!!! */
     VMCPU_ASSERT_STATE(pVCpu, VMCPUSTATE_STARTED_HM);
     VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC);
 #endif
-
-    /* Convert any pending TRPM traps to HM events for injection. */
-    /** @todo Optimization: move this before disabling interrupts, restore state
-     *        using pVmcb->ctrl.EventInject.u. */
-    if (TRPMHasTrap(pVCpu))
-        hmR0SvmTrpmTrapToPendingEvent(pVCpu);
-
-    hmR0SvmInjectPendingEvent(pVCpu, pCtx);
 
     return VINF_SUCCESS;
@@ -2765 +2795 @@
 #ifndef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
     /** @todo I don't see the point of this, VMMR0EntryFast() already disables interrupts for the entire period. */
-    pSvmTransient->uEFlags = ASMIntDisableFlags();
+    /** @todo get rid of this. */
+    pSvmTransient->uEflags = ASMIntDisableFlags();
     VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC);
 #endif
+
+    hmR0SvmInjectPendingEvent(pVCpu, pCtx);
 
     /*
@@ -2913 +2946 @@
 
     Assert(!(ASMGetFlags() & X86_EFL_IF));
-    ASMSetFlags(pSvmTransient->uEFlags);                        /* Enable interrupts. */
+    ASMSetFlags(pSvmTransient->uEflags);                        /* Enable interrupts. */
 
     VMMRZCallRing3SetNotification(pVCpu, hmR0SvmCallRing3Callback, pMixedCtx);

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -6345 +6345 @@
 
 /**
- * Injects any pending events into the guest if the guest is in a state to
- * receive them.
- *
- * @returns VBox status code (informational status codes included).
+ * Evaluates the event to be delivered to the guest and sets it as the pending
+ * event.
+ *
  * @param   pVCpu           Pointer to the VMCPU.
  * @param   pMixedCtx       Pointer to the guest-CPU context. The data may be
@@ -6354 +6353 @@
  *                          before using them.
  */
-static int hmR0VmxInjectPendingEvent(PVMCPU pVCpu, PCPUMCTX pMixedCtx)
-{
+static void hmR0VmxEvaluatePendingEvent(PVMCPU pVCpu, PCPUMCTX pMixedCtx)
+{
+    Assert(!pVCpu->hm.s.Event.fPending);
+
     /* Get the current interruptibility-state of the guest and then figure out what can be injected. */
     uint32_t uIntrState = hmR0VmxGetGuestIntrState(pVCpu, pMixedCtx);
@@ -6364 +6365 @@
     Assert(   !(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_NMI)      /* We don't support block-by-NMI and SMI yet.*/
            && !(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_SMI));
-    Assert(!fBlockSti || pMixedCtx->eflags.Bits.u1IF);       /* Cannot set block-by-STI when interrupts are disabled. */
+    Assert(!fBlockSti || pMixedCtx->eflags.Bits.u1IF);     /* Cannot set block-by-STI when interrupts are disabled. */
     Assert(!TRPMHasTrap(pVCpu));
 
-    int rc = VINF_SUCCESS;
-    if (pVCpu->hm.s.Event.fPending)     /* First, inject any pending HM events. */
-    {
-        uint32_t uIntrType = VMX_EXIT_INTERRUPTION_INFO_TYPE(pVCpu->hm.s.Event.u64IntrInfo);
-        bool fInject = true;
-        if (uIntrType == VMX_EXIT_INTERRUPTION_INFO_TYPE_EXT_INT)
-        {
-            rc = hmR0VmxSaveGuestRflags(pVCpu, pMixedCtx);
-            AssertRCReturn(rc, rc);
-            const bool fBlockInt = !(pMixedCtx->eflags.u32 & X86_EFL_IF);
-            if (   fBlockInt
-                || fBlockSti
-                || fBlockMovSS)
-            {
-                fInject = false;
-            }
-        }
-        else if (   uIntrType == VMX_EXIT_INTERRUPTION_INFO_TYPE_NMI
-                 && (   fBlockMovSS
-                     || fBlockSti))
-        {
-            /* On some CPUs block-by-STI also blocks NMIs. See Intel spec. 26.3.1.5 "Checks On Guest Non-Register State". */
-            fInject = false;
-        }
-
-        if (fInject)
-        {
-            Log4(("Injecting pending event vcpu[%RU32]\n", pVCpu->idCpu));
-            rc = hmR0VmxInjectEventVmcs(pVCpu, pMixedCtx, pVCpu->hm.s.Event.u64IntrInfo, pVCpu->hm.s.Event.cbInstr,
-                                        pVCpu->hm.s.Event.u32ErrCode, pVCpu->hm.s.Event.GCPtrFaultAddress, &uIntrState);
-            AssertRCReturn(rc, rc);
-            pVCpu->hm.s.Event.fPending = false;
-
-#ifdef VBOX_WITH_STATISTICS
-            if (uIntrType == VMX_EXIT_INTERRUPTION_INFO_TYPE_EXT_INT)
-                STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectInterrupt);
-            else
-                STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectXcpt);
-#endif
-        }
-        else
-            hmR0VmxSetIntWindowExitVmcs(pVCpu);
-    }                                                           /** @todo SMI. SMIs take priority over NMIs. */
-    else if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INTERRUPT_NMI))    /* NMI. NMIs take priority over regular interrupts . */
+                                                           /** @todo SMI. SMIs take priority over NMIs. */
+    if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INTERRUPT_NMI))    /* NMI. NMIs take priority over regular interrupts . */
     {
         /* On some CPUs block-by-STI also blocks NMIs. See Intel spec. 26.3.1.5 "Checks On Guest Non-Register State". */
@@ -6416 +6375 @@
             && !fBlockSti)
         {
-            Log4(("Injecting NMI\n"));
+            /* On some CPUs block-by-STI also blocks NMIs. See Intel spec. 26.3.1.5 "Checks On Guest Non-Register State". */
+            Log4(("Pending NMI vcpu[%RU32]\n", pVCpu->idCpu));
             uint32_t u32IntrInfo = X86_XCPT_NMI | VMX_EXIT_INTERRUPTION_INFO_VALID;
             u32IntrInfo         |= (VMX_EXIT_INTERRUPTION_INFO_TYPE_NMI << VMX_EXIT_INTERRUPTION_INFO_TYPE_SHIFT);
-            rc = hmR0VmxInjectEventVmcs(pVCpu, pMixedCtx, u32IntrInfo, 0 /* cbInstr */, 0 /* u32ErrCode */,
-                                        0 /* GCPtrFaultAddress */, &uIntrState);
-            AssertRCReturn(rc, rc);
+
+            hmR0VmxSetPendingEvent(pVCpu, u32IntrInfo, 0 /* cbInstr */, 0 /* u32ErrCode */, 0 /* GCPtrFaultAddres */);
             VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INTERRUPT_NMI);
-
-            STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectXcpt);
         }
         else
@@ -6432 +6389 @@
              && !pVCpu->hm.s.fSingleInstruction)
     {
-        /* Check if there are guest external interrupts (PIC/APIC) pending and inject them if the guest can receive them. */
-        rc = hmR0VmxSaveGuestRflags(pVCpu, pMixedCtx);
-        AssertRCReturn(rc, rc);
+        /*
+         * Check if the guest can receive external interrupts (PIC/APIC). Once we do PDMGetInterrupt() we -must- deliver
+         * the interrupt ASAP. We must not execute any guest code until we inject the interrupt which is why it is
+         * evaluated here and not set as pending, solely based on the force-flags.
+         */
+        int rc = hmR0VmxSaveGuestRflags(pVCpu, pMixedCtx);
+        AssertRC(rc);
         const bool fBlockInt = !(pMixedCtx->eflags.u32 & X86_EFL_IF);
         if (   !fBlockInt
@@ -6444 +6405 @@
             if (RT_SUCCESS(rc))
             {
-                Log4(("Injecting interrupt u8Interrupt=%#x\n", u8Interrupt));
+                Log4(("Pending interrupt vcpu[%RU32] u8Interrupt=%#x \n", pVCpu->idCpu, u8Interrupt));
                 uint32_t u32IntrInfo = u8Interrupt | VMX_EXIT_INTERRUPTION_INFO_VALID;
                 u32IntrInfo         |= (VMX_EXIT_INTERRUPTION_INFO_TYPE_EXT_INT << VMX_EXIT_INTERRUPTION_INFO_TYPE_SHIFT);
-                rc = hmR0VmxInjectEventVmcs(pVCpu, pMixedCtx, u32IntrInfo, 0 /* cbInstr */,  0 /* u32ErrCode */,
-                                            0 /* GCPtrFaultAddress */, &uIntrState);
-
-                STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectInterrupt);
+
+                hmR0VmxSetPendingEvent(pVCpu, u32IntrInfo, 0 /* cbInstr */, 0 /* u32ErrCode */, 0 /* GCPtrfaultAddress */);
             }
             else
@@ -6457 +6416 @@
                 Assert(!VMCPU_FF_IS_PENDING(pVCpu, (VMCPU_FF_INTERRUPT_APIC | VMCPU_FF_INTERRUPT_PIC)));
                 STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchGuestIrq);
-                rc = VINF_SUCCESS;
             }
         }
@@ -6463 +6421 @@
             hmR0VmxSetIntWindowExitVmcs(pVCpu);
     }
-
-    /*
-     * Delivery pending debug exception if the guest is single-stepping. The interruptibility-state could have been changed by
-     * hmR0VmxInjectEventVmcs() (e.g. real-on-v86 injecting software interrupts), re-evaluate it and set the BS bit.
-     */
-    fBlockMovSS = !!(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_MOVSS);
-    fBlockSti   = !!(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_STI);
+}
+
+
+/**
+ * Injects any pending events into the guest if the guest is in a state to
+ * receive them.
+ *
+ * @returns VBox status code (informational status codes included).
+ * @param   pVCpu           Pointer to the VMCPU.
+ * @param   pMixedCtx       Pointer to the guest-CPU context. The data may be
+ *                          out-of-sync. Make sure to update the required fields
+ *                          before using them.
+ *
+ * @remarks No-long-jump zone!!!
+ */
+static int hmR0VmxInjectPendingEvent(PVMCPU pVCpu, PCPUMCTX pMixedCtx)
+{
+    /* Get the current interruptibility-state of the guest and then figure out what can be injected. */
+    uint32_t uIntrState = hmR0VmxGetGuestIntrState(pVCpu, pMixedCtx);
+    bool fBlockMovSS    = !!(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_MOVSS);
+    bool fBlockSti      = !!(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_STI);
+
+    Assert(!fBlockSti || (pVCpu->hm.s.vmx.fUpdatedGuestState & HMVMX_UPDATED_GUEST_RFLAGS));
+    Assert(   !(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_NMI)      /* We don't support block-by-NMI and SMI yet.*/
+           && !(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_SMI));
+    Assert(!fBlockSti || pMixedCtx->eflags.Bits.u1IF);       /* Cannot set block-by-STI when interrupts are disabled. */
+    Assert(!TRPMHasTrap(pVCpu));
+
+    int rc = VINF_SUCCESS;
+    if (pVCpu->hm.s.Event.fPending)
+    {
+#if defined(VBOX_STRICT) || defined(VBOX_WITH_STATISTICS)
+        uint32_t uIntrType = VMX_EXIT_INTERRUPTION_INFO_TYPE(pVCpu->hm.s.Event.u64IntrInfo);
+        if (uIntrType == VMX_EXIT_INTERRUPTION_INFO_TYPE_EXT_INT)
+        {
+            rc = hmR0VmxSaveGuestRflags(pVCpu, pMixedCtx);
+            AssertRCReturn(rc, rc);
+            const bool fBlockInt = !(pMixedCtx->eflags.u32 & X86_EFL_IF);
+            Assert(!fBlockInt);
+            Assert(!fBlockSti);
+            Assert(!fBlockMovSS);
+        }
+        else if (uIntrType == VMX_EXIT_INTERRUPTION_INFO_TYPE_NMI)
+        {
+            Assert(!fBlockSti);
+            Assert(!fBlockMovSS);
+        }
+#endif
+        Log4(("Injecting pending event vcpu[%RU32] u64IntrInfo=%#RX64\n", pVCpu->idCpu, pVCpu->hm.s.Event.u64IntrInfo));
+        rc = hmR0VmxInjectEventVmcs(pVCpu, pMixedCtx, pVCpu->hm.s.Event.u64IntrInfo, pVCpu->hm.s.Event.cbInstr,
+                                    pVCpu->hm.s.Event.u32ErrCode, pVCpu->hm.s.Event.GCPtrFaultAddress, &uIntrState);
+        AssertRCReturn(rc, rc);
+
+        pVCpu->hm.s.Event.fPending = false;
+
+        /* Update the interruptibility-state as it could have been changed by
+           hmR0VmxInjectEventVmcs() (e.g. real-on-v86 guest injecting software interrupts) */
+        fBlockMovSS = !!(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_MOVSS);
+        fBlockSti   = !!(uIntrState & VMX_VMCS_GUEST_INTERRUPTIBILITY_STATE_BLOCK_STI);
+
+#ifdef VBOX_WITH_STATISTICS
+        if (uIntrType == VMX_EXIT_INTERRUPTION_INFO_TYPE_EXT_INT)
+            STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectInterrupt);
+        else
+            STAM_COUNTER_INC(&pVCpu->hm.s.StatInjectXcpt);
+#endif
+    }
+
+    /* Delivery pending debug exception if the guest is single-stepping. Evaluate and set the BS bit. */
     int rc2 = VINF_SUCCESS;
     if (   fBlockSti
@@ -7323 +7343 @@
 
     /*
-     * When thread-context hooks are used, load the required guest-state bits
-     * here before we go ahead and disable interrupts. We can handle getting preempted
+     * When thread-context hooks are used, load the required guest-state bits here
+     * before we go ahead and disable interrupts. We can handle getting preempted
      * while loading the guest state.
      */
@@ -7330 +7350 @@
         hmR0VmxLoadGuestStateOptimal(pVM, pVCpu, pMixedCtx);
 
+    /*
+     * Evaluate events as pending-for-injection into the guest. Toggling of force-flags here is safe as long as
+     * we update TRPM on premature exits to ring-3 before executing guest code. We must NOT restore the force-flags.
+     */
+    if (TRPMHasTrap(pVCpu))
+        hmR0VmxTrpmTrapToPendingEvent(pVCpu);
+    else if (!pVCpu->hm.s.Event.fPending)
+        hmR0VmxEvaluatePendingEvent(pVCpu, pMixedCtx);
+
 #ifdef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
-    /* We disable interrupts so that we don't miss any interrupts that would flag preemption (IPI/timers etc.) */
+    /*
+     * We disable interrupts so that we don't miss any interrupts that would flag preemption (IPI/timers etc.)
+     * when thread-context hooks aren't used and we've been running with preemption disabled for a while.
+     *
+     * We need to check for force-flags that could've possible been altered since we last checked them (e.g.
+     * by PDMGetInterrupt() leaving the PDM critical section, see @bugref{6398}).
+     *
+     * We also check a couple of other force-flags as a last opportunity to get the EMT back to ring-3 before
+     * executing guest code.
+     */
     pVmxTransient->uEflags = ASMIntDisableFlags();
-    if (RTThreadPreemptIsPending(NIL_RTTHREAD))
+    if (   VM_FF_IS_PENDING(pVM, VM_FF_EMT_RENDEZVOUS | VM_FF_TM_VIRTUAL_SYNC)
+        || VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_HM_TO_R3_MASK))
+    {
+        ASMSetFlags(pVmxTransient->uEflags);
+        STAM_COUNTER_INC(&pVCpu->hm.s.StatSwitchHmToR3FF);
+        return VINF_EM_RAW_TO_R3;
+    }
+    else if (RTThreadPreemptIsPending(NIL_RTTHREAD))
     {
         ASMSetFlags(pVmxTransient->uEflags);
         STAM_COUNTER_INC(&pVCpu->hm.s.StatPendingHostIrq);
-        /* Don't use VINF_EM_RAW_INTERRUPT_HYPER as we can't assume the host does kernel preemption. Maybe some day? */
         return VINF_EM_RAW_INTERRUPT;
     }
+
+    /* Indicate the start of guest execution. No more longjmps or returns to ring-3 from this point!!! */
     VMCPU_ASSERT_STATE(pVCpu, VMCPUSTATE_STARTED_HM);
     VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC);
@@ -7345 +7391 @@
 
     /*
-     * Evaluates and injects any pending events, toggling force-flags and updating the guest-interruptibility
-     * state (interrupt shadow) in the VMCS. This -can- potentially be reworked to be done before disabling
-     * interrupts and handle returning to ring-3 afterwards, but requires very careful state restoration.
+     * Event injection might result in triple-faulting the VM (real-on-v86 case), which is why it's
+     * done here and not in hmR0VmxPreRunGuestCommitted() which doesn't expect failures.
      */
-    /** @todo Rework event evaluation and injection to be completely separate.
-     *  Update: Tried it, problem with handling halts. Control never returns to VT-x
-     *        if we exit VT-x with external interrupt pending in a TRPM event.
-     *        The EM loop probably needs to check for interrupts while halting. */
-    if (TRPMHasTrap(pVCpu))
-        hmR0VmxTrpmTrapToPendingEvent(pVCpu);
-
     rc = hmR0VmxInjectPendingEvent(pVCpu, pMixedCtx);
-    AssertRCReturn(rc, rc);
     return rc;
 }
@@ -7383 +7420 @@
 #ifndef VBOX_WITH_VMMR0_DISABLE_PREEMPTION
     /** @todo I don't see the point of this, VMMR0EntryFast() already disables interrupts for the entire period. */
+    /** @todo get rid of this. */
     pVmxTransient->uEflags = ASMIntDisableFlags();
     VMCPU_SET_STATE(pVCpu, VMCPUSTATE_STARTED_EXEC);
@@ -7389 +7427 @@
 
     /*
-     * Load the host state bits as we may've been preempted
-     * (only happens when thread-context hooks are used).
+     * Load the host state bits as we may've been preempted (only happens when
+     * thread-context hooks are used).
      */
-    int rc = VINF_SUCCESS;
     if (pVCpu->hm.s.fContextUseFlags & HM_CHANGED_HOST_CONTEXT)
     {
         Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu));
-        rc = hmR0VmxSaveHostState(pVM, pVCpu);
+        int rc = hmR0VmxSaveHostState(pVM, pVCpu);
         AssertRC(rc);
     }
@@ -7402 +7439 @@
 
     /*
-     * When thread-context hooks are not used we need to load the required
-     * guest state bits here i.e. when we can no longer be preempted.
+     * When thread-context hooks are -not- used we need to load the required
+     * guest state bits here i.e. when we can no longer be rescheduled.
      */
     if (!VMMR0ThreadCtxHooksAreRegistered(pVCpu))
@@ -7411 +7448 @@
         /*
          * If we are injecting events to a real-on-v86 mode guest, we may have to update
-         * RIP and soem other registers, i.e. hmR0VmxInjectPendingEvent()->hmR0VmxInjectEventVmcs().
+         * RIP and some other registers, i.e. hmR0VmxInjectPendingEvent()->hmR0VmxInjectEventVmcs().
          * Reload only the necessary state, the assertion will catch if other parts of the code
          * change.

trunk/src/VBox/VMM/VMMR0/VMMR0.cpp

@@ -441 +441 @@
     VMCPU_ASSERT_EMT(pVCpu);
     Assert(pVCpu->vmm.s.hR0ThreadCtx == NIL_RTTHREADCTX);
-#if 0 /* Not stable yet. */
+#if defined(RT_OS_LINUX) || defined(RT_OS_SOLARIS)
     int rc = RTThreadCtxHooksCreate(&pVCpu->vmm.s.hR0ThreadCtx);
     if (   RT_FAILURE(rc)
@@ -546 +546 @@
              * infinitum). Let's just disable preemption for now...
              */
-            bool fPreemptDisabled = false;
-            RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
-            if (RTThreadPreemptIsEnabled(NIL_RTTHREAD))
-            {
-                RTThreadPreemptDisable(&PreemptState);
-                fPreemptDisabled = true;
-            }
+            HM_DISABLE_PREEMPT_IF_NEEDED();
 
             /* We need to update the VCPU <-> host CPU mapping. */
@@ -562 +556 @@
 
             /* Restore preemption. */
-            if (fPreemptDisabled)
-                RTThreadPreemptRestore(&PreemptState);
+            HM_RESTORE_PREEMPT_IF_NEEDED();
             break;
         }

trunk/src/VBox/VMM/VMMR3/EM.cpp

@@ -2527 +2527 @@
                         }
                     }
+                    else if (TRPMHasTrap(pVCpu))
+                        rc = VINF_EM_RESCHEDULE;
                     else
                         rc = VMR3WaitHalted(pVM, pVCpu, !(CPUMGetGuestEFlags(pVCpu) & X86_EFL_IF));

trunk/src/VBox/VMM/include/HMInternal.h

@@ -136 +136 @@
                                                   | HM_CHANGED_GUEST_DEBUG)
 /** @} */
-
-/** Disables preemption if required. */
-# define HM_DISABLE_PREEMPT_IF_NEEDED() \
-   RTTHREADPREEMPTSTATE PreemptStateInternal = RTTHREADPREEMPTSTATE_INITIALIZER; \
-   bool fPreemptDisabledInternal = false; \
-   if (RTThreadPreemptIsEnabled(NIL_RTTHREAD)) \
-   { \
-       Assert(VMMR0ThreadCtxHooksAreRegistered(pVCpu)); \
-       RTThreadPreemptDisable(&PreemptStateInternal); \
-       fPreemptDisabledInternal = true; \
-   }
-
-/** Restores preemption if previously disabled by HM_DISABLE_PREEMPT(). */
-# define HM_RESTORE_PREEMPT_IF_NEEDED() \
-   do \
-   { \
-        if (fPreemptDisabledInternal) \
-            RTThreadPreemptRestore(&PreemptStateInternal); \
-   } while (0)
 
 /** Maximum number of page flushes we are willing to remember before considering a full TLB flush. */