Bug 60830

Summary: L2 rhel6u4(32bit) guest reboot continuously
Product: Virtualization Reporter: Zhou, Chao (chao.zhou)
Component: kvmAssignee: virtualization_kvm
Status: VERIFIED CODE_FIX    
Severity: normal    
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 3.11.0-rc1 Subsystem:
Regression: No Bisected commit-id:

Description Zhou, Chao 2013-09-02 06:12:39 UTC 
Environment:
------------
Host OS (ia32/ia32e/IA64):ia32e
Guest OS (ia32/ia32e/IA64):ia32e
Guest OS Type (Linux/Windows):Linux
kvm.git Commit:cc2df20c7c4ce594c3e17e9cc260c330646012c8
qemu.git Commit:f7ad538e1ea130c8b6f3abb06ad6c856242c799e
Host Kernel Version:3.11.0-rc1
Hardware:Romley_EP

Bug detailed description:
--------------------------

when create L1 guest with "-cpu host" , then create a 32bit rhel6u4 guest as L2 guest, the L2 guest reboot continuously.

This commit introduced this bug:

commit afa61f752ba62549e4143d9f9378a8d1d710d6eb
Author: Nadav Har'El <nyh@il.ibm.com>
Date:   Wed Aug 7 14:59:22 2013 +0200
    Advertise the support of EPT to the L1 guest, through the appropriate MSR.
    This is the last patch of the basic Nested EPT feature, so as to allow
    bisection through this patch series: The guest will not see EPT support until this last patch, and will not attempt to use the half-applied feature.

note:

1. create a 32bit RHEL6u3 as L2 guest, the guest reboot continuously.
2. when creat a 64bit rhel6u4 guest as L2 guest, the L2 guest works fine
3. this should be a kernel bug:

kvm      +  qemu     = result

cc2df20c + f7ad538e  = bad

205befd9 + f7ad538e  = good

Reproduce steps:
----------------

1. create L1 guest:

qemu-system-x86_64 -enable-kvm -m 8G -smp 4 -net nic,macaddr=00:12:41:51:14:16 -net tap,script=/etc/kvm/qemu-ifup ia32e_nested-kvm.img -cpu host

2. create L2 guest

qemu-system-x86_64 -enable-kvm -m 1024 -smp 2 -net none ia32p_rhel6u4.img

Current result:
----------------

32bit rhel6u4 as L2 guest reboot continuously

Expected result:
----------------

32bit rhel6u4 as L2 guest works fine

Basic root-causing log:
----------------------
Comment 1 Zhou, Chao 2013-11-07 06:33:09 UTC 
this commit fix the bug:
commit cd2633c59b6f511effb53e10fa2c1e20b1cec1e7
Author: Jan Kiszka <jan.kiszka@siemens.com>
Date:   Wed Oct 23 17:42:15 2013 +0100

    nVMX: Fix pick-up of uninjected NMIs

    __vmx_complete_interrupts stored uninjected NMIs in arch.nmi_injected,
    not arch.nmi_pending. So we actually need to check the former field in
    vmcs12_save_pending_event. This fixes the eventinj unit test when run
    in nested KVM.

    Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>