Index: /trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp =================================================================== --- /trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp (revision 65250) +++ /trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp (revision 65251) @@ -3404,5 +3404,5 @@ * before using them. * - * @remarks Can cause longjumps!!! + * @remarks No-long-jump zone!!! */ DECLINLINE(int) hmR0VmxLoadGuestApicState(PVMCPU pVCpu, PCPUMCTX pMixedCtx) @@ -8373,7 +8373,4 @@ HMVMX_ASSERT_PREEMPT_SAFE(); - VMMRZCallRing3Disable(pVCpu); - Assert(VMMR0IsLogFlushDisabled(pVCpu)); - LogFlowFunc(("pVM=%p pVCpu=%p\n", pVM, pVCpu)); @@ -8442,6 +8439,4 @@ HMCPU_CF_CLEAR(pVCpu, HM_CHANGED_GUEST_CR2); - VMMRZCallRing3Enable(pVCpu); - STAM_PROFILE_ADV_STOP(&pVCpu->hm.s.StatLoadGuestState, x); return rc; @@ -8524,4 +8519,6 @@ { HMVMX_ASSERT_PREEMPT_SAFE(); + Assert(!VMMRZCallRing3IsEnabled(pVCpu)); + Assert(VMMR0IsLogFlushDisabled(pVCpu)); Log5(("LoadFlags=%#RX32\n", HMCPU_CF_VALUE(pVCpu))); @@ -8530,4 +8527,8 @@ #endif + /* + * RIP is what changes the most often and hence if it's the only bit needing to be + * updated, we shall handle it early for performance reasons. + */ VBOXSTRICTRC rcStrict = VINF_SUCCESS; if (HMCPU_CF_IS_SET_ONLY(pVCpu, HM_CHANGED_GUEST_RIP)) @@ -8626,12 +8627,9 @@ && PDMHasApic(pVM)) { - uint64_t u64MsrApicBase = APICGetBaseMsrNoCheck(pVCpu); + uint64_t const u64MsrApicBase = APICGetBaseMsrNoCheck(pVCpu); Assert(u64MsrApicBase); Assert(pVM->hm.s.vmx.HCPhysApicAccess); - /* We only care about the APIC base MSR address and not the other bits. */ - RTGCPHYS GCPhysApicBase; - GCPhysApicBase = u64MsrApicBase; - GCPhysApicBase &= PAGE_BASE_GC_MASK; + RTGCPHYS const GCPhysApicBase = u64MsrApicBase & PAGE_BASE_GC_MASK; /* Unalias any existing mapping. */ @@ -8640,5 +8638,5 @@ /* Map the HC APIC-access page in place of the MMIO page, also updates the shadow page tables if necessary. */ - LogRel(("HM: VCPU%u: Mapped HC APIC-access page GCPhysApicBase=%#RGp\n", pVCpu->idCpu, GCPhysApicBase)); + LogRel(("hmR0VmxPreRunGuest: VCPU%u: Mapped HC APIC-access page at %#RGp\n", pVCpu->idCpu, GCPhysApicBase)); rc = IOMMMIOMapMMIOHCPage(pVM, pVCpu, GCPhysApicBase, pVM->hm.s.vmx.HCPhysApicAccess, X86_PTE_RW | X86_PTE_P); AssertRCReturn(rc, rc); @@ -8668,9 +8666,20 @@ /* - * Load the guest state bits, we can handle longjmps/getting preempted here. + * No longjmps to ring-3 from this point on!!! + * Asserts() will still longjmp to ring-3 (but won't return), which is intentional, better than a kernel panic. + * This also disables flushing of the R0-logger instance (if any). + */ + VMMRZCallRing3Disable(pVCpu); + + /* + * Load the guest state bits. + * + * We cannot perform longjmps while loading the guest state because we do not preserve the + * host/guest state (although the VMCS will be preserved) across longjmps which can cause + * CPU migration. * * If we are injecting events to a real-on-v86 mode guest, we will have to update * RIP and some segment registers, i.e. hmR0VmxInjectPendingEvent()->hmR0VmxInjectEventVmcs(). - * Hence, this needs to be done -after- injection of events. + * Hence, loading of the guest state needs to be done -after- injection of events. */ rcStrict = hmR0VmxLoadGuestStateOptimal(pVM, pVCpu, pMixedCtx); @@ -8678,12 +8687,8 @@ { /* likely */ } else + { + VMMRZCallRing3Enable(pVCpu); return rcStrict; - - /* - * No longjmps to ring-3 from this point on!!! - * Asserts() will still longjmp to ring-3 (but won't return), which is intentional, better than a kernel panic. - * This also disables flushing of the R0-logger instance (if any). - */ - VMMRZCallRing3Disable(pVCpu); + } /*