Changeset 49019 in vbox for trunk/src/VBox/VMM/VMMR0

Timestamp:

Oct 10, 2013 8:45:11 AM (12 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

89768

Message:

VMM: FPU cleanup.

Location:

trunk/src/VBox/VMM/VMMR0

Files:

• CPUMR0.cpp (modified) (12 diffs)
• CPUMR0A.asm (modified) (8 diffs)
• HMSVMR0.cpp (modified) (2 diffs)
• HMVMXR0.cpp (modified) (2 diffs)

trunk/src/VBox/VMM/VMMR0/CPUMR0.cpp

@@ -117 +117 @@
  * for the guest which do not exist on this CPU. We have seen systems where the
  * X86_CPUID_FEATURE_ECX_MONITOR feature flag is only set on some host CPUs, see
- * @{bugref 5436}.
+ * @bugref{5436}.
  *
  * @note This function might be called simultaneously on more than one CPU!
@@ -235 +235 @@
         uint32_t cExt = 0;
         ASMCpuId(0x80000000, &cExt, &u32Dummy, &u32Dummy, &u32Dummy);
-        if (    cExt >= 0x80000001
-            &&  cExt <= 0x8000ffff)
+        if (ASMIsValidExtRange(cExt))
         {
             uint32_t fExtFeaturesEDX = ASMCpuId_EDX(0x80000001);
@@ -280 +279 @@
 
 /**
- * Lazily sync the guest-FPU/XMM state if possible.
- *
- * Loads the guest-FPU state, if it isn't already loaded, into the CPU if the
- * guest is not expecting a #NM trap.
+ * Trap handler for device-not-available fault (#NM).
+ * Device not available, FP or (F)WAIT instruction.
  *
  * @returns VBox status code.
@@ -289 +286 @@
  * @retval VINF_EM_RAW_GUEST_TRAP if it is a guest trap.
  *
- * @remarks This relies on CPUMIsGuestFPUStateActive() reflecting reality.
- */
-VMMR0_INT_DECL(int) CPUMR0LoadGuestFPU(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
+ * @param   pVM         Pointer to the VM.
+ * @param   pVCpu       Pointer to the VMCPU.
+ * @param   pCtx        Pointer to the guest-CPU context.
+ */
+VMMR0_INT_DECL(int) CPUMR0Trap07Handler(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
 {
     Assert(pVM->cpum.s.CPUFeatures.edx.u1FXSR);
@@ -299 +298 @@
     if (CPUMIsGuestFPUStateActive(pVCpu))
     {
-        Assert(    ((pCtx->cr0 & (X86_CR0_MP | X86_CR0_EM | X86_CR0_TS)) == (X86_CR0_MP | X86_CR0_TS | X86_CR0_EM))
-               ||  ((pCtx->cr0 & (X86_CR0_MP | X86_CR0_EM | X86_CR0_TS)) == (X86_CR0_MP | X86_CR0_TS)));
+        Assert(    ((pCtx->cr0 & (X86_CR0_MP | X86_CR0_EM | X86_CR0_TS)) == (X86_CR0_MP | X86_CR0_TS))
+               ||  ((pCtx->cr0 & (X86_CR0_MP | X86_CR0_EM | X86_CR0_TS)) == (X86_CR0_MP | X86_CR0_TS | X86_CR0_EM)));
         return VINF_EM_RAW_GUEST_TRAP;
     }
@@ -338 +337 @@
     }
 
+    return CPUMR0LoadGuestFPU(pVM, pVCpu, pCtx);
+}
+
+
+/**
+ * Saves the host-FPU/XMM state and loads the guest-FPU state into the CPU.
+ *
+ * @returns VBox status code.
+ *
+ * @param pVM       Pointer to the VM.
+ * @param pVCpu     Pointer to the VMCPU.
+ * @param pCtx      Pointer to the guest-CPU context.
+ */
+VMMR0_INT_DECL(int) CPUMR0LoadGuestFPU(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx)
+{
+    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
 #if HC_ARCH_BITS == 32 && defined(VBOX_WITH_64_BITS_GUESTS) && !defined(VBOX_WITH_HYBRID_32BIT_KERNEL)
     if (CPUMIsGuestInLongModeEx(pCtx))
@@ -346 +361 @@
         cpumR0SaveHostFPUState(&pVCpu->cpum.s);
 
-        /* Restore the state on entry as we need to be in 64 bits mode to access the full state. */
+        /* Restore the state on entry as we need to be in 64-bit mode to access the full state. */
         pVCpu->cpum.s.fUseFlags |= CPUM_SYNC_FPU_STATE;
     }
@@ -352 +367 @@
 #endif
     {
-#ifndef CPUM_CAN_HANDLE_NM_TRAPS_IN_KERNEL_MODE
-# if defined(VBOX_WITH_HYBRID_32BIT_KERNEL) || defined(VBOX_WITH_KERNEL_USING_XMM) /** @todo remove the #else here and move cpumHandleLazyFPUAsm back to VMMGC after branching out 3.0!!. */
         Assert(!(pVCpu->cpum.s.fUseFlags & CPUM_USED_MANUAL_XMM_RESTORE));
         /** @todo Move the FFXR handling down into
-         *        cpumR0SaveHostRestoreguestFPUState to optimize the
+         *        cpumR0SaveHostRestoreGuestFPUState to optimize the
          *        VBOX_WITH_KERNEL_USING_XMM handling. */
         /* Clear MSR_K6_EFER_FFXSR or else we'll be unable to save/restore the XMM state with fxsave/fxrstor. */
-        uint64_t SavedEFER = 0;
+        uint64_t uHostEfer    = 0;
+        bool     fRestoreEfer = false;
         if (pVM->cpum.s.CPUFeaturesExt.edx & X86_CPUID_AMD_FEATURE_EDX_FFXSR)
         {
-            SavedEFER = ASMRdMsr(MSR_K6_EFER);
-            if (SavedEFER & MSR_K6_EFER_FFXSR)
+            uHostEfer = ASMRdMsr(MSR_K6_EFER);
+            if (uHostEfer & MSR_K6_EFER_FFXSR)
             {
-                ASMWrMsr(MSR_K6_EFER, SavedEFER & ~MSR_K6_EFER_FFXSR);
+                ASMWrMsr(MSR_K6_EFER, uHostEfer & ~MSR_K6_EFER_FFXSR);
                 pVCpu->cpum.s.fUseFlags |= CPUM_USED_MANUAL_XMM_RESTORE;
+                fRestoreEfer = true;
             }
         }
@@ -374 +389 @@
 
         /* Restore EFER. */
-        if (pVCpu->cpum.s.fUseFlags & CPUM_USED_MANUAL_XMM_RESTORE)
-            ASMWrMsr(MSR_K6_EFER, SavedEFER);
-
-# else
-        uint64_t oldMsrEFERHost = 0;
-        uint32_t oldCR0 = ASMGetCR0();
-
-        /* Clear MSR_K6_EFER_FFXSR or else we'll be unable to save/restore the XMM state with fxsave/fxrstor. */
-        if (pVM->cpum.s.CPUFeaturesExt.edx & X86_CPUID_AMD_FEATURE_EDX_FFXSR)
-        {
-            /** @todo Do we really need to read this every time?? The host could change this on the fly though.
-             *  bird: what about starting by skipping the ASMWrMsr below if we didn't
-             *        change anything? Ditto for the stuff in CPUMR0SaveGuestFPU. */
-            oldMsrEFERHost = ASMRdMsr(MSR_K6_EFER);
-            if (oldMsrEFERHost & MSR_K6_EFER_FFXSR)
-            {
-                ASMWrMsr(MSR_K6_EFER, oldMsrEFERHost & ~MSR_K6_EFER_FFXSR);
-                pVCpu->cpum.s.fUseFlags |= CPUM_USED_MANUAL_XMM_RESTORE;
-            }
-        }
-
-        /* If we sync the FPU/XMM state on-demand, then we can continue execution as if nothing has happened. */
-        int rc = CPUMHandleLazyFPU(pVCpu);
-        AssertRC(rc);
-        Assert(CPUMIsGuestFPUStateActive(pVCpu));
-
-        /* Restore EFER MSR */
-        if (pVCpu->cpum.s.fUseFlags & CPUM_USED_MANUAL_XMM_RESTORE)
-            ASMWrMsr(MSR_K6_EFER, oldMsrEFERHost);
-
-        /* CPUMHandleLazyFPU could have changed CR0; restore it. */
-        ASMSetCR0(oldCR0);
-# endif
-
-#else  /* CPUM_CAN_HANDLE_NM_TRAPS_IN_KERNEL_MODE */
-
-        /*
-         * Save the FPU control word and MXCSR, so we can restore the state properly afterwards.
-         * We don't want the guest to be able to trigger floating point/SSE exceptions on the host.
-         */
-        pVCpu->cpum.s.Host.fpu.FCW = CPUMGetFCW();
-        if (pVM->cpum.s.CPUFeatures.edx.u1SSE)
-            pVCpu->cpum.s.Host.fpu.MXCSR = CPUMGetMXCSR();
-
-        cpumR0LoadFPU(pCtx);
-
-        /*
-         * The MSR_K6_EFER_FFXSR feature is AMD only so far, but check the cpuid just in case Intel adds it in the future.
-         *
-         * MSR_K6_EFER_FFXSR changes the behaviour of fxsave and fxrstore: the XMM state isn't saved/restored
-         */
-        if (pVM->cpum.s.CPUFeaturesExt.edx & X86_CPUID_AMD_FEATURE_EDX_FFXSR)
-        {
-            /** @todo Do we really need to read this every time?? The host could change this on the fly though. */
-            uint64_t msrEFERHost = ASMRdMsr(MSR_K6_EFER);
-
-            if (msrEFERHost & MSR_K6_EFER_FFXSR)
-            {
-                /* fxrstor doesn't restore the XMM state! */
-                cpumR0LoadXMM(pCtx);
-                pVCpu->cpum.s.fUseFlags |= CPUM_USED_MANUAL_XMM_RESTORE;
-            }
-        }
-
-#endif /* CPUM_CAN_HANDLE_NM_TRAPS_IN_KERNEL_MODE */
+        if (fRestoreEfer)
+            ASMWrMsr(MSR_K6_EFER, uHostEfer);
     }
 
@@ -474 +426 @@
 #endif
     {
-#ifndef CPUM_CAN_HANDLE_NM_TRAPS_IN_KERNEL_MODE
-# ifdef VBOX_WITH_KERNEL_USING_XMM
+#ifdef VBOX_WITH_KERNEL_USING_XMM
         /*
          * We've already saved the XMM registers in the assembly wrapper, so
@@ -486 +437 @@
         uint128_t aGuestXmmRegs[16];
         memcpy(&aGuestXmmRegs[0], &pVCpu->cpum.s.Guest.fpu.aXMM[0], sizeof(aGuestXmmRegs));
-# endif
+#endif
 
         /* Clear MSR_K6_EFER_FFXSR or else we'll be unable to save/restore the XMM state with fxsave/fxrstor. */
-        uint64_t oldMsrEFERHost = 0;
-        bool fRestoreEfer = false;
+        uint64_t uHostEfer    = 0;
+        bool     fRestoreEfer = false;
         if (pVCpu->cpum.s.fUseFlags & CPUM_USED_MANUAL_XMM_RESTORE)
         {
-            oldMsrEFERHost = ASMRdMsr(MSR_K6_EFER);
-            if (oldMsrEFERHost & MSR_K6_EFER_FFXSR)
+            uHostEfer = ASMRdMsr(MSR_K6_EFER);
+            if (uHostEfer & MSR_K6_EFER_FFXSR)
             {
-                ASMWrMsr(MSR_K6_EFER, oldMsrEFERHost & ~MSR_K6_EFER_FFXSR);
+                ASMWrMsr(MSR_K6_EFER, uHostEfer & ~MSR_K6_EFER_FFXSR);
                 fRestoreEfer = true;
             }
         }
+
         cpumR0SaveGuestRestoreHostFPUState(&pVCpu->cpum.s);
 
         /* Restore EFER MSR */
         if (fRestoreEfer)
-            ASMWrMsr(MSR_K6_EFER, oldMsrEFERHost | MSR_K6_EFER_FFXSR);
-
-# ifdef VBOX_WITH_KERNEL_USING_XMM
+            ASMWrMsr(MSR_K6_EFER, uHostEfer | MSR_K6_EFER_FFXSR);
+
+#ifdef VBOX_WITH_KERNEL_USING_XMM
         memcpy(&pVCpu->cpum.s.Guest.fpu.aXMM[0], &aGuestXmmRegs[0], sizeof(aGuestXmmRegs));
-# endif
-
-#else  /* CPUM_CAN_HANDLE_NM_TRAPS_IN_KERNEL_MODE */
-# ifdef VBOX_WITH_KERNEL_USING_XMM
-#  error "Fix all the NM_TRAPS_IN_KERNEL_MODE code path. I'm not going to fix unused code now."
-# endif
-        cpumR0SaveFPU(pCtx);
-        if (pVCpu->cpum.s.fUseFlags & CPUM_USED_MANUAL_XMM_RESTORE)
-        {
-            /* fxsave doesn't save the XMM state! */
-            cpumR0SaveXMM(pCtx);
-        }
-
-        /*
-         * Restore the original FPU control word and MXCSR.
-         * We don't want the guest to be able to trigger floating point/SSE exceptions on the host.
-         */
-        cpumR0SetFCW(pVCpu->cpum.s.Host.fpu.FCW);
-        if (pVM->cpum.s.CPUFeatures.edx.u1SSE)
-            cpumR0SetMXCSR(pVCpu->cpum.s.Host.fpu.MXCSR);
-#endif /* CPUM_CAN_HANDLE_NM_TRAPS_IN_KERNEL_MODE */
+#endif
     }
 
@@ -591 +523 @@
 VMMR0_INT_DECL(bool) CPUMR0DebugStateMaybeSaveGuestAndRestoreHost(PVMCPU pVCpu, bool fDr6)
 {
+    Assert(!RTThreadPreemptIsEnabled(NIL_RTTHREAD));
     bool const fDrXLoaded = RT_BOOL(pVCpu->cpum.s.fUseFlags & (CPUM_USED_DEBUG_REGS_GUEST | CPUM_USED_DEBUG_REGS_HYPER));
 

trunk/src/VBox/VMM/VMMR0/CPUMR0A.asm

@@ -67 +67 @@
 BEGINCODE
 
+;; Macro for FXSAVE/FXRSTOR leaky behaviour on AMD CPUs, see cpumR3CheckLeakyFpu().
+; Cleans the FPU state, if necessary, before restoring the FPU.
+;
+; This macro ASSUMES CR0.TS is not set!
+; @remarks Trashes xAX!!
+; Changes here should also be reflected in CPUMAllA.asm's copy!
+%macro CLEANFPU 0
+    test    dword [xDX + CPUMCPU.fUseFlags], CPUM_USE_FFXSR_LEAKY
+    jz      .nothing_to_clean
+
+    xor     eax, eax
+    fnstsw  ax               ; Get FSW
+    test    eax, RT_BIT(7)   ; If FSW.ES (bit 7) is set, clear it to not cause FPU exceptions
+                             ; while clearing & loading the FPU bits in 'clean_fpu'
+    jz      .clean_fpu
+    fnclex
+
+.clean_fpu:
+    ffree   st7              ; Clear FPU stack register(7)'s tag entry to prevent overflow if a wraparound occurs
+                             ; for the upcoming push (load)
+    fild    dword [xDX + CPUMCPU.Guest.fpu] ; Explicit FPU load to overwrite FIP, FOP, FDP registers in the FPU.
+
+.nothing_to_clean:
+%endmacro
+
+;; Macro to save and modify CR0 (if necessary) before touching the FPU state
+;  so as to not cause any FPU exceptions.
+;
+; @remarks Uses xCX for backing-up CR0 (if CR0 needs to be modified) otherwise clears xCX.
+; @remarks Trashes xAX.
+%macro SAVE_CR0_CLEAR_FPU_TRAPS 0
+    xor     ecx, ecx
+    mov     xAX, cr0
+    test    eax, X86_CR0_TS | X86_CR0_EM    ; Make sure its safe to access the FPU state.
+    jz      %%skip_cr0_write
+    mov     xCX, xAX                        ; Save old CR0
+    and     xAX, ~(X86_CR0_TS | X86_CR0_EM)
+    mov     cr0, xAX
+%%skip_cr0_write:
+%endmacro
+
+;; Macro to restore CR0 from xCX if necessary.
+;
+; @remarks xCX should contain the CR0 value to restore or 0 if no restoration is needed.
+%macro RESTORE_CR0 0
+    cmp     ecx, 0
+    je      %%skip_cr0_restore
+    mov     cr0, xCX
+%%skip_cr0_restore:
+%endmacro
 
 ;;
@@ -91 +141 @@
     or      dword [xDX + CPUMCPU.fUseFlags], (CPUM_USED_FPU | CPUM_USED_FPU_SINCE_REM)
 
-    mov     xAX, cr0                    ; Make sure its safe to access the FPU state.
-    mov     xCX, xAX                    ; save old CR0
-    and     xAX, ~(X86_CR0_TS | X86_CR0_EM)
-    mov     cr0, xAX                    ;; @todo optimize this.
+    ; Clear CR0 FPU bits to not cause exceptions, uses xCX
+    SAVE_CR0_CLEAR_FPU_TRAPS
+    ; Do NOT use xCX from this point!
 
 %ifdef VBOX_WITH_HYBRID_32BIT_KERNEL
@@ -129 +178 @@
 
 .done:
-    mov     cr0, xCX                    ; and restore old CR0 again ;; @todo optimize this.
+    ; Restore CR0 from xCX if it was previously saved.
+    RESTORE_CR0
     popf
     xor     eax, eax
@@ -167 +217 @@
     or      dword [xDX + CPUMCPU.fUseFlags], (CPUM_USED_FPU | CPUM_USED_FPU_SINCE_REM)
 
-    mov     xAX, cr0                    ; Make sure its safe to access the FPU state.
-    mov     xCX, xAX                    ; save old CR0
-    and     xAX, ~(X86_CR0_TS | X86_CR0_EM)
-    mov     cr0, xAX                    ;; @todo optimize this.
+    ; Clear CR0 FPU bits to not cause exceptions, uses xCX
+    SAVE_CR0_CLEAR_FPU_TRAPS
+    ; Do NOT use xCX from this point!
 
     fxsave  [xDX + CPUMCPU.Host.fpu]    ; ASSUMES that all VT-x/AMD-V boxes support fxsave/fxrstor (safe assumption)
 
-    mov     cr0, xCX                    ; and restore old CR0 again ;; @todo optimize this.
+    ; Restore CR0 from xCX if it was saved previously.
+    RESTORE_CR0
+
     popf
     xor     eax, eax
@@ -210 +261 @@
     cli                                 ; interrupt occurs while we're doing fxsave/fxrstor/cr0.
 
-    mov     xAX, cr0                    ; Make sure it's safe to access the FPU state.
-    mov     xCX, xAX                    ; save old CR0
-    and     xAX, ~(X86_CR0_TS | X86_CR0_EM)
-    mov     cr0, xAX                    ;; @todo optimize this.
+    ; Clear CR0 FPU bits to not cause exceptions, uses xCX
+    SAVE_CR0_CLEAR_FPU_TRAPS
+    ; Do NOT use xCX from this point!
 
 %ifdef VBOX_WITH_HYBRID_32BIT_KERNEL
@@ -233 +283 @@
 
 .done:
-    mov     cr0, xCX                    ; and restore old CR0 again ;; @todo optimize this.
+    ; Restore CR0 from xCX if it was previously saved.
+    RESTORE_CR0
     and     dword [xDX + CPUMCPU.fUseFlags], ~CPUM_USED_FPU
     popf
@@ -281 +332 @@
     cli                                 ; interrupt occurs while we're doing fxsave/fxrstor/cr0.
 
-    mov     xAX, cr0
-    mov     xCX, xAX                    ; save old CR0
-    and     xAX, ~(X86_CR0_TS | X86_CR0_EM)
-    mov     cr0, xAX
+    ; Clear CR0 FPU bits to not cause exceptions, uses xCX
+    SAVE_CR0_CLEAR_FPU_TRAPS
+    ; Do NOT use xCX from this point!
 
 %ifdef VBOX_WITH_HYBRID_32BIT_KERNEL
@@ -301 +351 @@
 
 .done:
-    mov     cr0, xCX                    ; and restore old CR0 again
+    ; Restore CR0 from xCX if it was previously saved.
+    RESTORE_CR0
     and     dword [xDX + CPUMCPU.fUseFlags], ~CPUM_USED_FPU
     popf

trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp

@@ -4833 +4833 @@
         Assert(!pSvmTransient->fWasGuestFPUStateActive);
 #endif
-        /* Lazy FPU loading; load the guest-FPU state transparently and continue execution of the guest. */
-        rc = CPUMR0LoadGuestFPU(pVCpu->CTX_SUFF(pVM), pVCpu, pCtx);
+        rc = CPUMR0Trap07Handler(pVCpu->CTX_SUFF(pVM), pVCpu, pCtx);
         Assert(rc == VINF_EM_RAW_GUEST_TRAP || (rc == VINF_SUCCESS && CPUMIsGuestFPUStateActive(pVCpu)));
     }
@@ -4843 +4842 @@
     if (rc == VINF_SUCCESS)
     {
+        /* Guest FPU state was activated, we'll want to change CR0 FPU intercepts before the next VM-reentry. */
         VMCPU_HMCF_SET(pVCpu, HM_CHANGED_GUEST_CR0);
         STAM_COUNTER_INC(&pVCpu->hm.s.StatExitShadowNM);

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -10472 +10472 @@
         Assert(!pVmxTransient->fWasGuestFPUStateActive);
 #endif
-        /* Lazy FPU loading; load the guest-FPU state transparently and continue execution of the guest. */
-        rc = CPUMR0LoadGuestFPU(pVCpu->CTX_SUFF(pVM), pVCpu, pMixedCtx);
+        rc = CPUMR0Trap07Handler(pVCpu->CTX_SUFF(pVM), pVCpu, pMixedCtx);
         Assert(rc == VINF_EM_RAW_GUEST_TRAP || (rc == VINF_SUCCESS && CPUMIsGuestFPUStateActive(pVCpu)));
     }
@@ -10482 +10481 @@
     if (rc == VINF_SUCCESS)
     {
+        /* Guest FPU state was activated, we'll want to change CR0 FPU intercepts before the next VM-reentry. */
         VMCPU_HMCF_SET(pVCpu, HM_CHANGED_GUEST_CR0);
         STAM_COUNTER_INC(&pVCpu->hm.s.StatExitShadowNM);