Bug 723755

Summary: win2003 i386 guest BSOD when created with e1000 nic
Product: Red Hat Enterprise Linux 5 Reporter: Pengzhen Cao <pcao>
Component: kernel-xenAssignee: Paolo Bonzini <pbonzini>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: high Docs Contact:
Priority: urgent    
Version: 5.8CC: cww, dhoward, drjones, jzheng, leiwang, lersek, pbonzini, xen-maint
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Prior to this update, Xen did not implement certain ALU opcodes. As a result, when a driver used the missing opcodes on memory-mapped I/O areas, it caused the guest to crash. This update adds all the missing opcodes. In particular, this fixes a BSOD crash from the Windows e1000 driver.
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-02-21 03:50:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 514490, 728518    
Attachments:
Description Flags
win2003 32bit BSOD with e1000nic
none
xm-dmesg
none
xm log
none
qemu-dm
none
prototype patch
none
patch none

Description Pengzhen Cao 2011-07-21 03:11:03 UTC
Description of problem:
windows i386 32bit guest will crash if it is created with e1000 ioemu nic

Version-Release number of selected component (if applicable):
kernel-xen-2.6.18-274.el5,  2.6.18-268, 2.6.18-238...

How reproducible:
100%

Steps to Reproduce:
1. Install a x86_64 xen host.
2. create a windows 2003 32bit guest with e1000 nic
3. If it is not BSOD, go to device-manager in windows, uninstall the e1000 nic, then rescan and it will try to install driver for e1000
  
Actual results:
Guest will BSOD. And there is error msg in "xm dmesg"
(XEN) 33, This opcode isn't handled yet!
(XEN) handle_mmio: failed to decode instruction
(XEN) mmio opcode: gpa 0xf4003828, len 2: 33 01


Expected results:
Guest running fine and nic function well

Additional info:
1. This issue can be reproduced with or without the xenpv-win driver
2. I tried multiple kernel-xen pkgs, from 2.6.18-238 to 268 and 274, all same issue. But with older kernel 2.6.18-194, guest DomU will crash and give some different error message.

Comment 1 Pengzhen Cao 2011-07-21 03:12:15 UTC
Created attachment 514110 [details]
win2003 32bit BSOD with e1000nic

Comment 2 Pengzhen Cao 2011-07-21 03:14:06 UTC
Created attachment 514111 [details]
xm-dmesg

Comment 3 Pengzhen Cao 2011-07-21 03:14:30 UTC
Created attachment 514112 [details]
xm log

Comment 4 Pengzhen Cao 2011-07-21 03:14:50 UTC
Created attachment 514113 [details]
qemu-dm

Comment 5 Andrew Jones 2011-07-21 07:10:38 UTC
I think Igor already fixed this, but I'll let him confirm and close as a dup of his emulator fixes bug.

Comment 6 Igor Mammedov 2011-07-21 09:16:02 UTC
Please retest with http://scratch.englab.brq.redhat.com/imammedo/xen-imul-shaf.gz

Comment 7 Pengzhen Cao 2011-07-22 03:05:41 UTC
(In reply to comment #6)
> Please retest with
> http://scratch.englab.brq.redhat.com/imammedo/xen-imul-shaf.gz

I have tried with this, still no luck, BSOD as normal xen.gz.

Comment 8 Laszlo Ersek 2011-07-29 14:23:18 UTC
Possibly related to bug 653271.

Comment 9 Paolo Bonzini 2011-07-29 15:01:54 UTC
0xC000001D is an "Illegal instruction", perhaps an assertion failure.

Comment 10 Paolo Bonzini 2011-07-29 16:45:13 UTC
xor r32, m32 is not handled by xen.  Easily fixed, will see next week if there's something else.

Comment 11 Paolo Bonzini 2011-07-29 16:50:36 UTC
Created attachment 515910 [details]
prototype patch

Comment 12 Paolo Bonzini 2011-07-29 17:28:21 UTC
Patch fixes the bug.

Comment 13 Paolo Bonzini 2011-08-01 11:02:28 UTC
Created attachment 516113 [details]
patch

Comment 14 RHEL Program Management 2011-08-04 04:10:03 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 17 Jarod Wilson 2011-08-23 14:06:09 UTC
Patch(es) available in kernel-2.6.18-282.el5
You can download this test kernel (or newer) from http://people.redhat.com/jwilson/el5
Detailed testing feedback is always welcomed.

Comment 19 Martin Prpič 2011-10-27 09:26:59 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Prior to this update, Xen did not implement certain ALU opcodes. As a result, when a driver used the missing opcodes on memory-mapped I/O areas, it caused the guest to crash. This update adds all the missing opcodes. In particular, this fixes a BSOD crash from the Windows e1000 driver.

Comment 20 Jinxin Zheng 2011-12-08 08:46:14 UTC
Reproduced with -274 kernel.  Booting Windows 2003 i386 guest with e1000 nic goes directly into crash, 

$ xm dmesg
...
(XEN) 33, This opcode isn't handled yet!
(XEN) handle_mmio: failed to decode instruction
(XEN) mmio opcode: gpa 0xf4003828, len 2: 33 01

With -300 kernel, the guest does not crash, either at booting or reinstalling the e1000 driver.

Comment 21 errata-xmlrpc 2012-02-21 03:50:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0150.html