From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:38724)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1WYb0o-0008Vx-6i
	for qemu-devel@nongnu.org; Fri, 11 Apr 2014 08:56:58 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mjt@tls.msk.ru>) id 1WYb0k-0006y0-6P
	for qemu-devel@nongnu.org; Fri, 11 Apr 2014 08:56:54 -0400
Message-ID: <5347E4D0.4000407@msgid.tls.msk.ru>
Date: Fri, 11 Apr 2014 16:49:20 +0400
From: Michael Tokarev <mjt@tls.msk.ru>
MIME-Version: 1.0
References: <5347D9EE.5030109@msgid.tls.msk.ru>
In-Reply-To: <5347D9EE.5030109@msgid.tls.msk.ru>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] commit a87f39543a92 'memory: fix limiting of
 translation at a page boundary' breaks virtio-scsi for windows 64
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel <qemu-devel@nongnu.org>
Cc: Peter Maydell <peter.maydell@linaro.org>, Chris Boot <bootc@bootc.net>, Stefano Stabellini <Stefano.Stabellini@eu.citrix.com>, Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>, qemu-stable <qemu-stable@nongnu.org>, Paolo Bonzini <pbonzini@redhat.com>

11.04.2014 16:02, Michael Tokarev =D0=BF=D0=B8=D1=88=D0=B5=D1=82:
> Chris Boot updated his qemu from 1.7.0 to 1.7.1, and noticed that windo=
ws guests
> which was using virtio-scsi does not work anymore.  Windows BSODs at
> boot with the following error:
>=20
>=20
>   STOP: c0000221 Unknown Hard Error
>    \StstenRiit\System32\ntdll.dll
>=20
>   Collecting data for crash dump ...
>   ...
>=20
> After reboot it offers to fix the error(s), apparently making the hdd i=
mage
> unusable even with older, previously working, versions.  I can confirm =
this
> on my machine too, using windows 7 64bit (32bit win7 boots very very sl=
ow
> on virtio-scsi, probably windows 32bit driver is broken).  Using window=
s
> drivers from virtio-win-0.1-74.iso.
>=20
>=20
> Bisecting between 1.7.0 and 1.7.1 was easy, and this is the first bad c=
ommit:
>=20
> commit 819ddf7d1fbcb74ecab885dc35fea741c6316b17
> Author: Paolo Bonzini <pbonzini@redhat.com>
> Date:   Fri Feb 7 15:47:46 2014 +0100
>=20
>     memory: fix limiting of translation at a page boundary
>=20
>     Commit 360e607 (address_space_translate: do not cross page boundari=
es,
>     2014-01-30) broke MMIO accesses in cases where the section is short=
er
>     than the full register width.  This can happen for example with the
>     Bochs DISPI registers, which are 16 bits wide but have only a 1-byt=
e
>     long MemoryRegion (if you write to the "second byte" of the registe=
r
>     your access is discarded; it doesn't write only to half of the regi=
ster).
>=20
>     Restrict the action of commit 360e607 to direct RAM accesses.  This
>     is enough for Xen, since MMIO will not go through the mapcache.
>=20
>     Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>     Cc: qemu-stable@nongnu.org
>     Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>     Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>     Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
>     (cherry picked from commit a87f39543a9259f671c5413723311180ee2ad2a8=
)
>     Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
>=20
> Reverting this commit from 1.7.1 fixes the issue.

Now, when bisecting between 1.7.0 and current git master, things become m=
ore
interesting.  This is the first bad commit:

commit 360e607b88a23d378f6efaa769c76d26f538234d
Author: Stefano Stabellini <Stefano.Stabellini@eu.citrix.com>
Date:   Thu Jan 30 12:46:05 2014 +0000

    address_space_translate: do not cross page boundaries

    The following commit:

    commit 149f54b53b7666a3facd45e86eece60ce7d3b114
    Author: Paolo Bonzini <pbonzini@redhat.com>
    Date:   Fri May 24 12:59:37 2013 +0200

        memory: add address_space_translate

    breaks Xen support in QEMU, in particular the Xen mapcache. The effec=
t
    is that one Windows XP installation out of ten would end up with BSOD=
.

    The reason is that after this commit l in address_space_rw can span a
    page boundary, however qemu_get_ram_ptr still calls xen_map_cache ask=
ing
    to map a single page (if block->offset =3D=3D 0).

    Fix the issue by reverting to the previous behaviour: do not return a
    length from address_space_translate_internal that can span a page
    boundary.

    Also in address_space_translate do not ignore the length returned by
    address_space_translate_internal.

    This patch should be backported to QEMU 1.6.x.

    Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
    Signed-off-by: Anthony Perard <anthony.perard@citrix.com>
    Tested-by: Paolo Bonzini <pbonzini@redhat.com>
    Acked-by: Paolo Bonzini <pbonzini@redhat.com>
    Cc: qemu-stable@nongnu.org

This commit breaks only virtio-scsi boot for win7 64bit, not ide or virti=
o-blk,
and breaks it in quite a reliable way - always reproducible.

But reverting this commit, even together with the previously mentioned co=
mmit
does not help current 2.0-tobe.

Maybe virtio-scsi driver on windows does something fishy?  Note again tha=
t
32bit version of this driver does not work correctly (it is extremly slow=
).

Thanks,

/mjt