On 01/09/15 04:36, Richard Laager wrote:
I've recently upgraded a host from Ubuntu Precise (qemu-kvm-1.0) to Ubuntu Trusty (qemu 2.0.0). I have a Windows 2008 32-bit OS running on a 64-bit VM that runs a 16-bit line of business application. (While I realize that "upgrade the application" is the right answer, I can't.) The Windows VM boots, but the business application crashes on startup. Changing the VM to be a 32-bit VM doesn't help.
After several hours of compiling and testing intermediate qemu versions, I accidentally stumbled into the real issue. Trusty has switched from vgabios to seabios. I have confirmed that switching the vgabios*.bin images back to the vgabios package (rather than seabios) fixes the 16-bit application in the guest.
Per a suggestion on the Ubuntu bug I filed, I built an updated seabios package using the source from git (specifically, revision 60e0e55f212dadd043ab9e39bee05a48013ddd8f). It has the same problem.
I then set CONFIG_DEBUG_LEVEL=8 and booted with "-chardev stdio,id=seabios -device isa-debugcon,iobase=0x402,chardev=seabios" per: http://www.seabios.org/pipermail/seabios/2011-May/001718.html
The debug log is attached. For more details, including a couple of screenshots of the NTVDM crash dialog, see: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1404396
Very roughly, it's windows' 16-bit emulator. It parses real mode code and emulates the instructions. The SeaVGBABIOS binary apparently contains at least one instruction that, albeit valid, confuses NTVDM and causes it to crash.
This has happened several times before. Not just with NTVDM but also x86emu -- search this list for "x86emu". x86emu is free software with a similar role, and one version or another of the X server uses it to "execute" 16-bit VBE code.
The original vgabios was written in assembly, which (probably) made its maintenance hell, but it provided full control over the instructions in the final binary (so issues like this had never been encountered or quickly fixed). SeaVGBABIOS is (mostly) written in C and sometimes gcc generates "sophisticated" stuff that confuse old emulators. Then usually Kevin tracks it down and does some magic to make it go away (check out "scripts/vgafixup.py").
What's the next step in debugging this?
The offending instruction should be found.
The NTVDM crash info is not directly useful because that pinpoints (?) a location in the NTVDM code (for which you don't have the source). The problematic SeaVGABIOS instruction counts as data for NTVDM.
You could try to bisect SeaVGABIOS, and/or build it with an older gcc.
(I probably made several errors in the above; corrections more than welcome...)