Changeset 5384 in vbox for trunk/src

Timestamp:

Oct 19, 2007 2:13:42 PM (17 years ago)

Author:

vboxsync

Message:

LOCK BTR and LOCK OR (for Solaris guests).

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/EMAll.cpp (modified) (10 diffs)
• VMMAll/EMAllA.asm (modified) (2 diffs)
• VMMGC/MMRamGC.cpp (modified) (3 diffs)

trunk/src/VBox/VMM/VMMAll/EMAll.cpp

@@ -50 +50 @@
 typedef DECLCALLBACK(uint32_t) PFN_EMULATE_PARAM2(uint32_t *pu32Param1, size_t val2);
 typedef DECLCALLBACK(uint32_t) PFN_EMULATE_PARAM3(uint32_t *pu32Param1, uint32_t val2, size_t val3);
+typedef DECLCALLBACK(int)      FNEMULATELOCKPARAM2(RTGCPTR GCPtrParam1, RTGCUINTREG Val2, uint32_t *pf);
+typedef FNEMULATELOCKPARAM2 *PFNEMULATELOCKPARAM2;
+typedef DECLCALLBACK(int)      FNEMULATELOCKPARAM3(RTGCPTR GCPtrParam1, RTGCUINTREG Val2, size_t cb, uint32_t *pf);
+typedef FNEMULATELOCKPARAM3 *PFNEMULATELOCKPARAM3;
 
 
@@ -345 +349 @@
 }
 
+#if defined(VBOX_STRICT) || defined(LOG_ENABLED)
+/** 
+ * Get the mnemonic for the disassembled instruction.
+ *  
+ * GC/R0 doesn't include the strings in the DIS tables because 
+ * of limited space. 
+ */ 
+static const char *emGetMnemonic(PDISCPUSTATE pCpu)
+{
+    switch (pCpu->pCurInstr->opcode)
+    {
+        case OP_XOR:        return "Xor";
+        case OP_OR:         return "Or";
+        case OP_AND:        return "And";
+        case OP_BTR:        return "Btr";
+        case OP_BTS:        return "Bts";
+        default:
+            AssertMsgFailed(("%d\n", pCpu->pCurInstr->opcode));
+            return "???";
+    }
+}
+#endif
+
 /**
  * XCHG instruction emulation.
@@ -738 +765 @@
 }
 
+#ifdef IN_GC
+/**
+ * LOCK XOR/OR/AND Emulation.
+ */
+static int emInterpretLockOrXorAnd(PVM pVM, PDISCPUSTATE pCpu, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault, 
+                                   uint32_t *pcbSize, PFNEMULATELOCKPARAM3 pfnEmulate)
+{
+    OP_PARAMVAL param1, param2;
+    int rc = DISQueryParamVal(pRegFrame, pCpu, &pCpu->param1, &param1, PARAM_DEST);
+    if(VBOX_FAILURE(rc))
+        return VERR_EM_INTERPRETER;
+
+    rc = DISQueryParamVal(pRegFrame, pCpu, &pCpu->param2, &param2, PARAM_SOURCE);
+    if(VBOX_FAILURE(rc))
+        return VERR_EM_INTERPRETER;
+
+    if (pCpu->param1.size != pCpu->param2.size)
+    {
+        AssertMsgReturn(pCpu->param1.size >= pCpu->param2.size, /* should never happen! */
+                        ("%s at %VGv parameter mismatch %d vs %d!!\n", emGetMnemonic(pCpu), pRegFrame->eip, pCpu->param1.size, pCpu->param2.size),
+                        VERR_EM_INTERPRETER);
+
+        /* Or %Ev, Ib -> just a hack to save some space; the data width of the 1st parameter determines the real width */
+        pCpu->param2.size = pCpu->param1.size;
+        param2.size       = param1.size;
+    }
+
+    /* The destination is always a virtual address */
+    AssertReturn(param1.type == PARMTYPE_ADDRESS, VERR_EM_INTERPRETER);
+    RTGCPTR GCPtrPar1 = (RTGCPTR)param1.val.val32;
+    GCPtrPar1 = emConvertToFlatAddr(pVM, pRegFrame, pCpu, &pCpu->param1, GCPtrPar1);
+
+# ifdef IN_GC
+    /* Safety check (in theory it could cross a page boundary and fault there though) */
+    Assert(   TRPMHasTrap(pVM)
+           && (TRPMGetErrorCode(pVM) & X86_TRAP_PF_RW));
+    AssertMsgReturn(GCPtrPar1 == pvFault, ("eip=%VGv, GCPtrPar1=%VGv pvFault=%VGv\n", pRegFrame->eip, GCPtrPar1, pvFault), VERR_EM_INTERPRETER);
+# endif
+
+    /* Register and immediate data == PARMTYPE_IMMEDIATE */
+    AssertReturn(param2.type == PARMTYPE_IMMEDIATE, VERR_EM_INTERPRETER);
+    RTGCUINTREG ValPar2 = param2.val.val32;
+
+    /* Try emulate it with a one-shot #PF handler in place. */
+    Log2(("%s %RGv imm%d=%RGr\n", emGetMnemonic(pCpu), GCPtrPar1, pCpu->param2.size*8, ValPar2));
+
+    RTGCUINTREG eflags = 0;
+    MMGCRamRegisterTrapHandler(pVM);
+    rc = pfnEmulate(GCPtrPar1, ValPar2, pCpu->param2.size, &eflags);
+    MMGCRamDeregisterTrapHandler(pVM);
+
+    if (RT_FAILURE(rc))
+    {
+        Log(("%s %RGv imm%d=%RGr -> emulation failed due to page fault!\n", emGetMnemonic(pCpu), GCPtrPar1, pCpu->param2.size*8, ValPar2));
+        return VERR_EM_INTERPRETER;
+    }
+
+    /* Update guest's eflags and finish. */
+    pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
+                          | (eflags                &  (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
+
+    *pcbSize = param2.size;
+    return VINF_SUCCESS;
+}
+#endif
 
 /**
@@ -952 +1044 @@
     return VERR_EM_INTERPRETER;
 }
+
+#ifdef IN_GC
+/**
+ * LOCK BTR/C/S Emulation.
+ */
+static int emInterpretLockBitTest(PVM pVM, PDISCPUSTATE pCpu, PCPUMCTXCORE pRegFrame, RTGCPTR pvFault, 
+                                  uint32_t *pcbSize, PFNEMULATELOCKPARAM2 pfnEmulate)
+{
+    OP_PARAMVAL param1, param2;
+    int rc = DISQueryParamVal(pRegFrame, pCpu, &pCpu->param1, &param1, PARAM_DEST);
+    if(VBOX_FAILURE(rc))
+        return VERR_EM_INTERPRETER;
+
+    rc = DISQueryParamVal(pRegFrame, pCpu, &pCpu->param2, &param2, PARAM_SOURCE);
+    if(VBOX_FAILURE(rc))
+        return VERR_EM_INTERPRETER;
+
+    /* The destination is always a virtual address */
+    if (param1.type != PARMTYPE_ADDRESS)
+        return VERR_EM_INTERPRETER;
+
+    RTGCPTR GCPtrPar1 = (RTGCPTR)param1.val.val32;
+    GCPtrPar1 = emConvertToFlatAddr(pVM, pRegFrame, pCpu, &pCpu->param1, GCPtrPar1);
+
+    /* Register and immediate data == PARMTYPE_IMMEDIATE */
+    AssertReturn(param2.type == PARMTYPE_IMMEDIATE, VERR_EM_INTERPRETER);
+    RTGCUINTREG ValPar2 = param2.val.val32;
+
+    Log2(("emInterpretLockBitTest %s: pvFault=%VGv GCPtrPar1=%RGv imm=%RGr\n", emGetMnemonic(pCpu), pvFault, GCPtrPar1, ValPar2));
+
+    /* Adjust the parameters so what we're dealing with is a bit within the byte pointed to. */
+    GCPtrPar1 = (RTGCPTR)((RTGCUINTPTR)GCPtrPar1 + ValPar2 / 8);
+    ValPar2 &= 7;
+# ifdef IN_GC
+    Assert(TRPMHasTrap(pVM));
+    AssertMsgReturn((RTGCPTR)((RTGCUINTPTR)GCPtrPar1 & ~(RTGCUINTPTR)3) == pvFault, 
+                    ("GCPtrPar1=%VGv pvFault=%VGv\n", GCPtrPar1, pvFault), 
+                    VERR_EM_INTERPRETER);
+# endif
+
+    /* Try emulate it with a one-shot #PF handler in place. */
+    RTGCUINTREG eflags = 0;
+    MMGCRamRegisterTrapHandler(pVM);
+    rc = pfnEmulate(GCPtrPar1, ValPar2, &eflags);
+    MMGCRamDeregisterTrapHandler(pVM);
+
+    if (RT_FAILURE(rc))
+    {
+        Log(("emInterpretLockBitTest %s: %RGv imm%d=%RGr -> emulation failed due to page fault!\n", 
+             emGetMnemonic(pCpu), GCPtrPar1, pCpu->param2.size*8, ValPar2));
+        return VERR_EM_INTERPRETER;
+    }
+
+    Log2(("emInterpretLockBitTest %s: GCPtrPar1=%RGv imm=%RGr CF=%d\n", emGetMnemonic(pCpu), GCPtrPar1, ValPar2, !!(eflags & X86_EFL_CF)));
+
+    /* Update guest's eflags and finish. */
+    pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
+                          | (eflags                &  (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
+
+    *pcbSize = 1;
+    return VINF_SUCCESS;
+}
+#endif /* IN_GC */
 
 /**
@@ -1101 +1256 @@
             uint32_t valpar, eflags;
 #ifdef VBOX_STRICT
-            uint32_t valpar1;
+            uint32_t valpar1 = 0; /// @todo used uninitialized...
 #endif
 
@@ -1766 +1921 @@
     if (    (pCpu->prefix & (PREFIX_REPNE | PREFIX_REP))
         ||  (   (pCpu->prefix & PREFIX_LOCK)
-             && (pCpu->pCurInstr->opcode != OP_CMPXCHG)
+             && pCpu->pCurInstr->opcode != OP_CMPXCHG
+             && pCpu->pCurInstr->opcode != OP_OR
+             && pCpu->pCurInstr->opcode != OP_BTR
             )
        )
@@ -1781 +1938 @@
     switch (pCpu->pCurInstr->opcode)
     {
-#define INTERPRET_CASE_EX_PARAM3(opcode,Instr,InstrFn, pfnEmulate) \
+#ifdef IN_GC
+# define INTERPRET_CASE_EX_LOCK_PARAM3(opcode, Instr, InstrFn, pfnEmulate, pfnEmulateLock) \
+        case opcode:\
+            if (pCpu->prefix & PREFIX_LOCK) \
+                rc = emInterpretLock##InstrFn(pVM, pCpu, pRegFrame, pvFault, pcbSize, pfnEmulateLock); \
+            else \
+                rc = emInterpret##InstrFn(pVM, pCpu, pRegFrame, pvFault, pcbSize, pfnEmulate); \
+            if (VBOX_SUCCESS(rc)) \
+                STAM_COUNTER_INC(&pVM->em.s.CTXSUFF(pStats)->CTXMID(Stat,Instr)); \
+            else \
+                STAM_COUNTER_INC(&pVM->em.s.CTXSUFF(pStats)->CTXMID(Stat,Failed##Instr)); \
+            return rc
+#else
+# define INTERPRET_CASE_EX_LOCK_PARAM3(opcode, Instr, InstrFn, pfnEmulate, pfnEmulateLock) \
+        INTERPRET_CASE_EX_PARAM3(opcode, Instr, InstrFn, pfnEmulate)
+#endif 
+#define INTERPRET_CASE_EX_PARAM3(opcode, Instr, InstrFn, pfnEmulate) \
         case opcode:\
             rc = emInterpret##InstrFn(pVM, pCpu, pRegFrame, pvFault, pcbSize, pfnEmulate); \
@@ -1789 +1962 @@
                 STAM_COUNTER_INC(&pVM->em.s.CTXSUFF(pStats)->CTXMID(Stat,Failed##Instr)); \
             return rc
-#define INTERPRET_CASE_EX_PARAM2(opcode,Instr,InstrFn, pfnEmulate) \
-        case opcode:\
-            rc = emInterpret##InstrFn(pVM, pCpu, pRegFrame, pvFault, pcbSize, pfnEmulate); \
-            if (VBOX_SUCCESS(rc)) \
-                STAM_COUNTER_INC(&pVM->em.s.CTXSUFF(pStats)->CTXMID(Stat,Instr)); \
-            else \
-                STAM_COUNTER_INC(&pVM->em.s.CTXSUFF(pStats)->CTXMID(Stat,Failed##Instr)); \
-            return rc
-#define INTERPRET_CASE(opcode,Instr) \
+
+#define INTERPRET_CASE_EX_PARAM2(opcode, Instr, InstrFn, pfnEmulate) \
+            INTERPRET_CASE_EX_PARAM3(opcode, Instr, InstrFn, pfnEmulate)
+#define INTERPRET_CASE_EX_LOCK_PARAM2(opcode, Instr, InstrFn, pfnEmulate, pfnEmulateLock) \
+            INTERPRET_CASE_EX_LOCK_PARAM3(opcode, Instr, InstrFn, pfnEmulate, pfnEmulateLock)
+
+#define INTERPRET_CASE(opcode, Instr) \
         case opcode:\
             rc = emInterpret##Instr(pVM, pCpu, pRegFrame, pvFault, pcbSize); \
@@ -1805 +1976 @@
                 STAM_COUNTER_INC(&pVM->em.s.CTXSUFF(pStats)->CTXMID(Stat,Failed##Instr)); \
             return rc
-#define INTERPRET_STAT_CASE(opcode,Instr) \
+#define INTERPRET_STAT_CASE(opcode, Instr) \
         case opcode: STAM_COUNTER_INC(&pVM->em.s.CTXSUFF(pStats)->CTXMID(Stat,Failed##Instr)); return VERR_EM_INTERPRETER;
 
         INTERPRET_CASE(OP_XCHG,Xchg);
-        INTERPRET_CASE_EX_PARAM2(OP_DEC,Dec,IncDec,EMEmulateDec);
-        INTERPRET_CASE_EX_PARAM2(OP_INC,Inc,IncDec,EMEmulateInc);
+        INTERPRET_CASE_EX_PARAM2(OP_DEC,Dec, IncDec, EMEmulateDec);
+        INTERPRET_CASE_EX_PARAM2(OP_INC,Inc, IncDec, EMEmulateInc);
         INTERPRET_CASE(OP_POP,Pop);
-        INTERPRET_CASE_EX_PARAM3(OP_OR, Or,  OrXorAnd, EMEmulateOr);
+        INTERPRET_CASE_EX_LOCK_PARAM3(OP_OR, Or, OrXorAnd, EMEmulateOr, EMEmulateLockOr);
         INTERPRET_CASE_EX_PARAM3(OP_XOR,Xor, OrXorAnd, EMEmulateXor);
         INTERPRET_CASE_EX_PARAM3(OP_AND,And, OrXorAnd, EMEmulateAnd);
@@ -1827 +1998 @@
         INTERPRET_CASE_EX_PARAM3(OP_SUB,Sub, AddSub, EMEmulateSub);
         INTERPRET_CASE(OP_ADC,Adc);
-        INTERPRET_CASE_EX_PARAM2(OP_BTR,Btr, BitTest, EMEmulateBtr);
+        INTERPRET_CASE_EX_LOCK_PARAM2(OP_BTR,Btr, BitTest, EMEmulateBtr, EMEmulateLockBtr);
         INTERPRET_CASE_EX_PARAM2(OP_BTS,Bts, BitTest, EMEmulateBts);
         INTERPRET_CASE_EX_PARAM2(OP_BTC,Btc, BitTest, EMEmulateBtc);

trunk/src/VBox/VMM/VMMAll/EMAllA.asm

@@ -235 +235 @@
 
 ;;
+; Emulate LOCK OR instruction.
+; EMDECL(int) EMEmulateLockOr(RTGCPTR GCPtrParam1, RTGCUINTREG Param2, size_t cbSize, RTGCUINTREG *pf);
+;
+; @returns VINF_SUCCESS on success, VERR_ACCESS_DENIED on \#PF (GC only).
+; @param    [esp + 04h]  gcc:rdi  msc:rcx   Param 1 - First parameter - pointer to data item (the real stuff).
+; @param    [esp + 08h]  gcc:rsi  msc:rdx   Param 2 - Second parameter- the immediate / register value.
+; @param    [esp + 0ch]  gcc:rdx  msc:r8    Param 3 - Size of the operation - 1, 2, 4 or 8 bytes.
+; @param    [esp + 10h]  gcc:rcx  msc:r9    Param 4 - Where to store the eflags on success.
+;                                                     only arithmetic flags are valid.
+align 16
+BEGINPROC   EMEmulateLockOr
+%ifdef RT_ARCH_AMD64
+%ifdef RT_OS_WINDOWS
+    mov     rax, r8                     ; eax = size of parameters
+%else   ; !RT_OS_WINDOWS
+    mov     rax, rdx                    ; rax = size of parameters
+    mov     rcx, rdi                    ; rcx = first parameter
+    mov     rdx, rsi                    ; rdx = second parameter
+%endif  ; !RT_OS_WINDOWS
+%else   ; !RT_ARCH_AMD64
+    mov     eax, [esp + 0ch]            ; eax = size of parameters
+    mov     ecx, [esp + 04h]            ; ecx = first parameter (MY_PTR_REG)
+    mov     edx, [esp + 08h]            ; edx = second parameter
+%endif
+
+    ; switch on size
+%ifdef RT_ARCH_AMD64
+    cmp     al, 8
+    je short .do_qword                  ; 8 bytes variant
+%endif
+    cmp     al, 4
+    je short .do_dword                  ; 4 bytes variant
+    cmp     al, 2
+    je short .do_word                   ; 2 byte variant
+    cmp     al, 1
+    je short .do_byte                   ; 1 bytes variant
+    int3
+
+    ; workers
+%ifdef RT_ARCH_AMD64
+.do_qword:
+    lock or [MY_PTR_REG], rdx           ; do 8 bytes OR
+    jmp short .done
+%endif
+
+.do_dword:
+    lock or [MY_PTR_REG], edx           ; do 4 bytes OR
+    jmp short .done
+
+.do_word:
+    lock or [MY_PTR_REG], dx            ; do 2 bytes OR
+    jmp short .done
+
+.do_byte:
+    lock or [MY_PTR_REG], dl            ; do 1 byte OR
+
+    ; collect flags and return.
+.done:
+    pushf
+%ifdef RT_ARCH_AMD64
+    pop    rax
+ %ifdef RT_OS_WINDOWS
+    mov    [r9], eax
+ %else  ; !RT_OS_WINDOWS
+    mov    [rcx], eax
+ %endif ; !RT_OS_WINDOWS
+%else   ; !RT_ARCH_AMD64
+    mov     eax, [esp + 10h + 4]
+    pop     dword [eax]
+%endif
+    mov     eax, VINF_SUCCESS     
+    retn
+
+%ifdef IN_GC
+; #PF resume point. 
+GLOBALNAME EMEmulateLockOr_Error
+    mov     eax, VERR_ACCESS_DENIED
+    ret
+%endif
+
+ENDPROC     EMEmulateLockOr
+
+;;
 ; Emulate XOR instruction, CDECL calling conv.
 ; EMDECL(uint32_t) EMEmulateXor(uint32_t *pu32Param1, uint32_t u32Param2, size_t cb);
@@ -651 +734 @@
 
 ;;
+; Emulate LOCK BTR instruction.
+; EMDECL(int) EMEmulateLockBtr(RTGCPTR GCPtrParam1, RTGCUINTREG Param2, uint32_t *pf);
+;
+; @returns VINF_SUCCESS on success, VERR_ACCESS_DENIED on \#PF (GC only).
+; @param    [esp + 04h]  gcc:rdi  msc:rcx   Param 1 - First parameter - pointer to data item (the real stuff).
+; @param    [esp + 08h]  gcc:rsi  msc:rdx   Param 2 - Second parameter- the immediate / register value. (really an 8 byte value)
+; @param    [esp + 0ch]  gcc:rdx  msc:r8    Param 3 - Where to store the eflags on success.
+;
+align 16
+BEGINPROC   EMEmulateLockBtr
+%ifdef RT_ARCH_AMD64
+ %ifdef RT_OS_WINDOWS
+    mov     rax, r8                     ; rax = third parameter
+ %else  ; !RT_OS_WINDOWS
+    mov     rcx, rdi                    ; rcx = first parameter
+    mov     rax, rdx                    ; rax = third parameter
+    mov     rdx, rsi                    ; rdx = second parameter
+ %endif ; !RT_OS_WINDOWS
+%else   ; !RT_ARCH_AMD64
+    mov     ecx, [esp + 04h]            ; ecx = first parameter
+    mov     edx, [esp + 08h]            ; edx = second parameter
+    mov     eax, [esp + 0ch]            ; eax = third parameter
+%endif
+
+    lock btr [MY_PTR_REG], edx
+
+    ; collect flags and return.
+    pushf
+    pop     xDX
+    mov     [xAX], edx
+    mov     eax, VINF_SUCCESS
+    retn
+
+%ifdef IN_GC
+; #PF resume point. 
+GLOBALNAME EMEmulateLockBtr_Error
+    mov     eax, VERR_ACCESS_DENIED
+    ret
+%endif
+
+ENDPROC     EMEmulateLockBtr
+
+;;
 ; Emulate BTC instruction, CDECL calling conv.
 ; EMDECL(uint32_t) EMEmulateBtc(uint32_t *pu32Param1, uint32_t u32Param2);

trunk/src/VBox/VMM/VMMGC/MMRamGC.cpp

@@ -37 +37 @@
 *   Internal Functions                                                         *
 *******************************************************************************/
-static DECLCALLBACK(int) mmgcramTrap0eHandler(PVM pVM, PCPUMCTXCORE pRegFrame);
+static DECLCALLBACK(int) mmGCRamTrap0eHandler(PVM pVM, PCPUMCTXCORE pRegFrame);
 
 DECLASM(void) MMGCRamReadNoTrapHandler_EndProc(void);
 DECLASM(void) MMGCRamWriteNoTrapHandler_EndProc(void);
+DECLASM(void) EMGCEmulateLockCmpXchg_EndProc(void);
+DECLASM(void) EMGCEmulateLockCmpXchg_Error(void);
 DECLASM(void) EMGCEmulateCmpXchg_EndProc(void);
-DECLASM(void) EMGCEmulateLockCmpXchg_EndProc(void);
 DECLASM(void) EMGCEmulateCmpXchg_Error(void);
-DECLASM(void) EMGCEmulateLockCmpXchg_Error(void);
+DECLASM(void) EMEmulateLockOr_EndProc(void);
+DECLASM(void) EMEmulateLockOr_Error(void);
+DECLASM(void) EMEmulateLockBtr_EndProc(void);
+DECLASM(void) EMEmulateLockBtr_Error(void);
 DECLASM(void) MMGCRamRead_Error(void);
 DECLASM(void) MMGCRamWrite_Error(void);
@@ -59 +63 @@
 MMGCDECL(void) MMGCRamRegisterTrapHandler(PVM pVM)
 {
-    TRPMGCSetTempHandler(pVM, 0xe, mmgcramTrap0eHandler);
+    TRPMGCSetTempHandler(pVM, 0xe, mmGCRamTrap0eHandler);
 }
 
@@ -133 +137 @@
  * @internal
  */
-DECLCALLBACK(int) mmgcramTrap0eHandler(PVM pVM, PCPUMCTXCORE pRegFrame)
-{
-    /*
-     * Check where the trap was occurred.
+DECLCALLBACK(int) mmGCRamTrap0eHandler(PVM pVM, PCPUMCTXCORE pRegFrame)
+{
+    /*
+     * Page fault inside MMGCRamRead()? Resume at *_Error.
      */
     if (    (uintptr_t)&MMGCRamReadNoTrapHandler < (uintptr_t)pRegFrame->eip
         &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&MMGCRamReadNoTrapHandler_EndProc)
     {
-        /*
-         * Page fault inside MMGCRamRead() func.
-         */
-        RTGCUINT uErrorCode = TRPMGetErrorCode(pVM);
-
-        /* Must be read violation. */
-        if (uErrorCode & X86_TRAP_PF_RW)
-            return VERR_INTERNAL_ERROR;
-
-        /* Return execution to func at error label. */
+        /* Must be a read violation. */
+        AssertReturn(!(TRPMGetErrorCode(pVM) & X86_TRAP_PF_RW), VERR_INTERNAL_ERROR); 
         pRegFrame->eip = (uintptr_t)&MMGCRamRead_Error;
         return VINF_SUCCESS;
     }
-    else if (    (uintptr_t)&MMGCRamWriteNoTrapHandler < (uintptr_t)pRegFrame->eip
-             &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&MMGCRamWriteNoTrapHandler_EndProc)
-    {
-        /*
-         * Page fault inside MMGCRamWrite() func.
-         */
-        RTGCUINT uErrorCode = TRPMGetErrorCode(pVM);
-
-        /* Must be write violation. */
-        if (!(uErrorCode & X86_TRAP_PF_RW))
-            return VERR_INTERNAL_ERROR;
-
-        /* Return execution to func at error label. */
+
+    /*
+     * Page fault inside MMGCRamWrite()? Resume at _Error.
+     */
+    if (    (uintptr_t)&MMGCRamWriteNoTrapHandler < (uintptr_t)pRegFrame->eip
+        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&MMGCRamWriteNoTrapHandler_EndProc)
+    {
+        /* Must be a write violation. */
+        AssertReturn(TRPMGetErrorCode(pVM) & X86_TRAP_PF_RW, VERR_INTERNAL_ERROR); 
         pRegFrame->eip = (uintptr_t)&MMGCRamWrite_Error;
         return VINF_SUCCESS;
     }
-    else if (    (uintptr_t)&EMGCEmulateLockCmpXchg < (uintptr_t)pRegFrame->eip
-             &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateLockCmpXchg_EndProc)
-    {
-        /*
-         * Page fault inside EMGCEmulateLockCmpXchg() func.
-         */
-
-        /* Return execution to func at error label. */
+
+    /*
+     * Page fault inside EMGCEmulateLockCmpXchg()? Resume at _Error.
+     */
+    if (    (uintptr_t)&EMGCEmulateLockCmpXchg < (uintptr_t)pRegFrame->eip
+        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateLockCmpXchg_EndProc)
+    {
         pRegFrame->eip = (uintptr_t)&EMGCEmulateLockCmpXchg_Error;
         return VINF_SUCCESS;
     }
-    else if (    (uintptr_t)&EMGCEmulateCmpXchg < (uintptr_t)pRegFrame->eip
-             &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateCmpXchg_EndProc)
-    {
-        /*
-         * Page fault inside EMGCEmulateCmpXchg() func.
-         */
-
-        /* Return execution to func at error label. */
+
+    /*
+     * Page fault inside EMGCEmulateCmpXchg()? Resume at _Error.
+     */
+    if (    (uintptr_t)&EMGCEmulateCmpXchg < (uintptr_t)pRegFrame->eip
+        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMGCEmulateCmpXchg_EndProc)
+    {
         pRegFrame->eip = (uintptr_t)&EMGCEmulateCmpXchg_Error;
         return VINF_SUCCESS;
     }
 
-    /* #PF is not handled - kill the Hypervisor. */
+    /*
+     * Page fault inside EMEmulateLockOr()? Resume at *_Error.
+     */
+    if (    (uintptr_t)&EMEmulateLockOr < (uintptr_t)pRegFrame->eip
+        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMEmulateLockOr_EndProc)
+    {
+        pRegFrame->eip = (uintptr_t)&EMEmulateLockOr_Error;
+        return VINF_SUCCESS;
+    }
+
+    /*
+     * Page fault inside EMEmulateLockBtr()? Resume at *_Error.
+     */
+    if (    (uintptr_t)&EMEmulateLockBtr < (uintptr_t)pRegFrame->eip
+        &&  (uintptr_t)pRegFrame->eip < (uintptr_t)&EMEmulateLockBtr_EndProc)
+    {
+        pRegFrame->eip = (uintptr_t)&EMEmulateLockBtr_Error;
+        return VINF_SUCCESS;
+    }
+
+    /* 
+     * #PF is not handled - cause guru meditation. 
+     */
     return VERR_INTERNAL_ERROR;
 }