From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=38486 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1OBwtB-0003AV-GA for qemu-devel@nongnu.org; Tue, 11 May 2010 17:21:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1OBwt9-0005ZF-Fz for qemu-devel@nongnu.org; Tue, 11 May 2010 17:21:17 -0400 Received: from mx1.redhat.com ([209.132.183.28]:27851) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1OBwt9-0005Z8-4B for qemu-devel@nongnu.org; Tue, 11 May 2010 17:21:15 -0400 Message-ID: <4BE9CA44.3080601@redhat.com> Date: Wed, 12 May 2010 00:21:08 +0300 From: Avi Kivity MIME-Version: 1.0 Subject: Re: [Qemu-devel] qemu-kvm problem with DOS/4GW extender and EMM386.EXE References: <1273611384.4840.29.camel@localhost> In-Reply-To: <1273611384.4840.29.camel@localhost> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Andy Walls Cc: qemu-devel@nongnu.org, kvm-devel On 05/11/2010 11:56 PM, Andy Walls wrote: > Running an MS-DOS 6.22 image with qemu-kvm on a RedHat Linux OS, I > noticed the guest OS becomes hung and my dmesg gets spammed with > > set_cr0: #GP, set PG flag with a clear PE flag > > That message appears to be the linux kernel's kvm emulator griping abou= t > Paging Enable bit being enabled while the Protection Enable bit is set > for real mode. (The Intel manual says this should be a protection > fault). > > The program that causes this has the DOS/4GW DOS extender runtime > compiled into it. > > I found that when I don't load the EMM386.EXE memory manager, the > problem doesn't occur. > > Here's a kvmtrace segment of when things are not working: > > =20 Please post kvm issues to kvm@vger. > 0 (+ 0) CR_READ vcpu =3D 0x00000000 pid =3D 0x0000199= 7 [ CR# =3D 0, value =3D 0x00000000 80000011 ] > 28471049900815 (+ 4000) VMENTRY vcpu =3D 0x00000000 pid = =3D 0x00001997 > 28471049903815 (+ 3000) VMEXIT vcpu =3D 0x00000000 pid = =3D 0x00001997 [ exitcode =3D 0x00000010, rip =3D 0x00000000 00002a73 ] > 0 (+ 0) LMSW vcpu =3D 0x00000000 pid =3D 0x0000199= 7 [ value =3D 0x80000010 ] > 28471049933815 (+ 30000) VMENTRY vcpu =3D 0x00000000 pid = =3D 0x00001997 > 28471049936815 (+ 3000) VMEXIT vcpu =3D 0x00000000 pid = =3D 0x00001997 [ exitcode =3D 0x0000007b, rip =3D 0x00000000 00001fd6 ] > > > > > To me it appears EMM386.EXE enables paging, and the DOS/4GW DOS extende= r > tries to manipulate the PE bit in CR0 with LMSW but doesn't succeed. > > These programs appear to work fine in VMWare and on real hardware. > > > Any ideas on how to make EMM386.EXE and the DOS/$GW extender work in > qemu-kvm? > =20 Looks like a bug in the implementation of LMSW. The manual says: > If the PE flag of the source operand (bit 0) is set to 1, the=20 > instruction causes the > processor to switch to protected mode. While in protected mode, the=20 > LMSW instruc- > tion cannot be used to clear the PE flag and force a switch back to=20 > real-address mode. But kvm doesn't implement that. Instead, it follows the operation sectio= n: > Operation > CR0[0:3] =E2=86=90 SRC[0:3]; --=20 Do not meddle in the internals of kernels, for they are subtle and quick = to panic.