From mboxrd@z Thu Jan  1 00:00:00 1970
From: "H. Peter Anvin" <hpa@zytor.com>
Subject: KVM crash on unusual PM->RM transition
Date: Mon, 13 Apr 2009 16:42:25 -0700
Message-ID: <49E3CDE1.8010001@zytor.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
To: kvm@vger.kernel.org
Return-path: <kvm-owner@vger.kernel.org>
Received: from terminus.zytor.com ([198.137.202.10]:51134 "EHLO
	terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752387AbZDMXm0 (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 13 Apr 2009 19:42:26 -0400
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

The current test branch of Syslinux does PM->RM transition via a stub 
which can be located in high memory.  This is correct and valid (x86 
CPUs rely on this to boot): after clearing CR0.PE, CS.base retains its 
previous value until CS is reloaded by a far JMP (which in this case is 
the very next instruction).

Unfortunately, at least on a stock Fedora 10 system, KVM doesn't agree:

: anacreon 67 ; qemu-kvm -boot d -cdrom image.iso

unhandled vm exit: 0x80000021 vcpu_id 0
rax 0000000000000012 rbx 0000000007ade342 rcx 0000000000000000 rdx 
0000000007ade388
rsi 0000000000000000 rdi 0000000000800000 rsp 0000000007ade448 rbp 
0000000000007b94
r8  0000000000000000 r9  0000000000000000 r10 0000000000000000 r11 
0000000000000000
r12 0000000000000000 r13 0000000000000000 r14 0000000000000000 r15 
0000000000000000
rip 0000000000000008 rflags 00023006
cs de36 (07ade36e/0000ffff p 1 dpl 3 db 0 s 1 type 3 l 0 g 0 avl 0)
ds 0000 (00000000/0000ffff p 1 dpl 3 db 0 s 1 type 3 l 0 g 0 avl 0)
es 0000 (00000000/0000ffff p 1 dpl 3 db 0 s 1 type 3 l 0 g 0 avl 0)
ss 0000 (00000000/0000ffff p 1 dpl 3 db 0 s 1 type 3 l 0 g 0 avl 0)
fs 0000 (00000000/0000ffff p 1 dpl 3 db 0 s 1 type 3 l 0 g 0 avl 0)
gs 0000 (00000000/0000ffff p 1 dpl 3 db 0 s 1 type 3 l 0 g 0 avl 0)
tr 0030 (fffbd000/00002088 p 1 dpl 0 db 0 s 0 type b l 0 g 0 avl 0)
ldt 0000 (00000000/ffffffff p 0 dpl 0 db 0 s 0 type 0 l 0 g 0 avl 0)
gdt 7ade388/3f
idt 0/ffff
cr0 12 cr2 0 cr3 0 cr4 0 cr8 0 efer 0
Abort

Kernel 2.6.27.21-170.2.56.fc10.x86_64, kvm-74-10.fc10.x86_64.

	-hpa