Cannot boot a Windows ISO image from cdrom using HAXM accelerator in QEMU

[testworksau]

Running the following command:

qemu-system-x86_64 -accel hax -cdrom Windows2016.iso -m 4095M

Yields the following error message in the virtual machine:

CDBOOT: Couldn't find BOOTMGR

QEMU reports:

HAX is working and emulator runs in fast virt mode.

Running the same command with -accel tcg works as expected.

Qemu version: QEMU emulator version 2.11.0

Intel HAXM version: v6.2.1

Environment: Intel Core i7-7820HQ Virtualization in BIOS enabled Windows 10 64-bit Hyper-V disabled

[shaiku]

I have the same issue and also am not able to boot an XP guest with haxm acceleration.

[raphaelning]

This is an interesting use case. Enabling Windows to run on HAXM is not trivial, and this ISO boot failure is probably only the first of many obstacles in the way. The focus of our small team is on Linux guests, so #15 takes priority over this issue. But we welcome community contribution toward Windows guest support.

[delfer]

I think it can have the same root cause with https://github.com/intel/haxm/issues/15 because nothing can boot from cdrom neither syslinux, nor grub, nor ntldr.

[HaHoYou]

ISO loading from cdrom has been fixed by latest HAXM, newer than 7.1.0. You can try to build if you are in a hurry. With this version, Booting from DVD/CD is good, but there is another error for your case, just FYI:

[nevilad]

Is the guest 32 or 64-bit windows 10? I'm unable to run win10 x86 version with Qemu 2.12.50 with -accel tcg, I see the loading image (blue window), seems like windows hangs.

[AlexAltea]

@nevilad Have you tried passing a sufficiently large guest memory size? E.g. try passing -m 1G. This should make Windows 10 work with TCG, i.e. -accel tcg. Unfortunately, HAXM still doesn't support Windows 10 images.

[nevilad]

Yes the problem was in memory size, using a higher value helped. I have analyzed running Windows 10 under qemu+hax, and found this.

1) Running Windows 10 x86 fails with unhandled vmexit type 9, which stands for TSS switch. At boot, APIC (advanced programmable interrupt controller) starts in compatibility mode and the processor in real mode. In this mode the processor reserves interrupt vectors from 0 to 6. APIC is mapped by early boot code to generate it's interrupts starting with vector 8. In protected mode, there are 32 processor reserved interrupt vectors, and APIC should be remapped to generate it's interrupts starting vector 32. In windows 7 this occurs, but in windows 10 I don't see the remap process in the logs (write to ports 0x20 and 0x21). After switching to protected mode, the first APIC-generated timer interrupt, which has vector 8, is handled as a double fault. It's IDT descriptor is a task-gate descriptor, meaning that before executing the handler, the processor must switch tasks. This generates a vmexit and the VM stops. The double fault handler should show a bluescreen. So there are 2 errors - absense of APIC remapping and absense of support of windows bluescreens. I implemented the code for handling task switches, but am unable to test it, since after switching another timer event occurs and it crashes. I've tried to run it in TCG mode with qemu 2.12 x32 and 3.1 x64, and it hangs. Have somebody started it in TCG mode? I don't see these errors in qemu issues. I started it at a windows 10 host. There is another strange thing - I expected that the loader in real mode prepares all needed data, switches to protected mode and continues. But there are a lot of entrys to\exits from protected mode, so maybe this is the problem.

2) Running Windows 10 x64 fails with a triple fault. The last executed instruction is a breakpoint instruction (CC opcode), it is running with IRQL HIGH_LEVEL, which is used to Machine checks and catastrophic errors. Seems that windows failed to do some checks and stopped in such a way. I was not able yet to find out what are these checks. Short before the fault, windows begins to write\read CR8. I implemented handling of CR8 read\writes but it didn't help. Qemu in TCG mode runs without errors. The questions are:

• was this really a concious decision to halt by the OS?
• when so, why wasn't it a bluescreen, or there are errors in it's support too?
• why is the error code triple fault, which means "delivery of double fault encountered an exception"?

[nevilad]

VM exits when an interrupt is signaled by the hardware. HAXM does not redirect it to the OS handler. Is this OK?

I've tried to run windows10 x64 in TCG mode with qemu 2.12 x32 and 3.1 x64, and it hangs. Have somebody started it in TCG mode?

[nevilad]

I was able to run it in TCG mode with changing the processor to core2Duo or Nehalem.