From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:43067)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Alexey.Korolev@endace.com>) id 1Tg45r-0004Em-Gv
	for qemu-devel@nongnu.org; Tue, 04 Dec 2012 20:48:16 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Alexey.Korolev@endace.com>) id 1Tg45m-0005sS-JU
	for qemu-devel@nongnu.org; Tue, 04 Dec 2012 20:48:11 -0500
Received: from usrksweb02.endace.com ([174.143.168.194]:59618)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Alexey.Korolev@endace.com>) id 1Tg45m-0005s1-De
	for qemu-devel@nongnu.org; Tue, 04 Dec 2012 20:48:06 -0500
Message-ID: <50BEA7C0.5020602@endace.com>
Date: Wed, 5 Dec 2012 14:47:44 +1300
From: Alexey Korolev <alexey.korolev@endace.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [BUG] QEMU crashes when 64bit BAR is present
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>, Avi Kivity <avi@redhat.com>, "Michael S. Tsirkin" <mst@redhat.com>

Hi all,
I had qemu 1.2.0 crash when using ivshmem driver with 64bit PCI support enabled. The qemu process is terminated at a very early stage of
Linux boot up. Here is the qemu command line:

LC_ALL=C PATH=/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin HOME=/home/user
USER=user LOGNAME=user QEMU_AUDIO_DRV=none /usr/bin/qemu -M pc-0.11 -enable-kvm -m 4096 -smp 1,sockets=1,cores=1,threads=1 -name Cent5 -uuid
59342423-be7a-0f83-b9ac-35a42e521d99 -nodefconfig -nodefaults -chardev
socket,id=charmonitor,path=/var/lib/libvirt/qemu/Cent5.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=readline -rtc base=utc
-boot order=cd,menu=on -drive file=/home/akorolev/Cent54.img,if=none,id=drive-ide0-0-0,format=raw -device
ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -drive if=none,media=cdrom,id=drive-ide0-1-0,readonly=on,format=raw -device
ide-drive,bus=ide.1,unit=0,drive=drive-ide0-1-0,id=ide0-1-0 -chardev file,id=charserial0,path=/home/akorolev/Cent5.5.log -device
isa-serial,chardev=charserial0,id=serial0 -usb -vnc 127.0.0.1:0 -k en-us -vga cirrus -device
ivshmem,size=128M,pci64=1,shm,bus=pci.0,multifunction=on,addr=0x5.0x0 -device
virtio-balloon-pci,id=balloon0,bus=pci.0,multifunction=on,addr=0x4.0x0

And qemu error output is:
qemu: /home/akorolev/qemu-kvm/exec.c:2255: register_subpage: Assertion `existing->mr->subpage || existing->mr == &io_mem_unassigned' failed.

Guest OS is Centos 5.5 and log is pretty boring, as qemu crashes before Linux can report an issue.

Note: The only tweak I've made to qemu is changing PCI bar flag to PCI_ADDRESS_MEM_TYPE_64 in ivshmem driver

I guess the issue is related to this: http://lists.gnu.org/archive/html/qemu-devel/2012-01/msg03189.html
At that time /it was found out that ivshmem bar is split by/ /the hpet region/

Could you please have a look at this?
I'm willing to provide additional info if you need it.

Thanks
Alexey