[Qemu-devel] Why devfn will be -1

[Qemu-devel] Why devfn will be -1

[Le Tan]

Hi Jan,
I use pci_setup_iommu() to setup a PCIIOMMUFunc for the q35 pci bus.
In the iommu_fn, I print out the devfn parameter and find out that it
sometimes will be -1. So what does it mean?
The detail code is here:

In mch_init() function, I write like this:
PCIBus *pci_bus = PCI_BUS(qdev_get_parent_bus(DEVICE(mch)));
pci_setup_iommu(pci_bus, q35_host_dma_iommu, mch->iommu);

And in q35_host_dma_iommu(PCIBus *bus, void *opaque, int devfn), I
print out the devfn parameter, sometimes it will be -1.

Thanks very much!

Regards,
Le

Re: [Qemu-devel] Why devfn will be -1

[Jan Kiszka]

[-- Attachment #1: Type: text/plain, Size: 838 bytes --]

Hi Le,

On 2014-07-01 04:34, Le Tan wrote:
> Hi Jan,
> I use pci_setup_iommu() to setup a PCIIOMMUFunc for the q35 pci bus.
> In the iommu_fn, I print out the devfn parameter and find out that it
> sometimes will be -1. So what does it mean?
> The detail code is here:
> 
> In mch_init() function, I write like this:
> PCIBus *pci_bus = PCI_BUS(qdev_get_parent_bus(DEVICE(mch)));
> pci_setup_iommu(pci_bus, q35_host_dma_iommu, mch->iommu);
> 
> And in q35_host_dma_iommu(PCIBus *bus, void *opaque, int devfn), I
> print out the devfn parameter, sometimes it will be -1.

Hmm, I have no idea about the reason and would suggest to set a
conditional breakpoint on this function, then print the backtrace to see
where this comes from and analyze the device structure from where that
-1 was most probably taken.

Jan



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]

Re: [Qemu-devel] Why devfn will be -1

[Le Tan]

Hi Jan,

2014-07-01 15:34 GMT+08:00 Jan Kiszka <jan.kiszka@web.de>:
> Hi Le,
>
> On 2014-07-01 04:34, Le Tan wrote:
>> Hi Jan,
>> I use pci_setup_iommu() to setup a PCIIOMMUFunc for the q35 pci bus.
>> In the iommu_fn, I print out the devfn parameter and find out that it
>> sometimes will be -1. So what does it mean?
>> The detail code is here:
>>
>> In mch_init() function, I write like this:
>> PCIBus *pci_bus = PCI_BUS(qdev_get_parent_bus(DEVICE(mch)));
>> pci_setup_iommu(pci_bus, q35_host_dma_iommu, mch->iommu);
>>
>> And in q35_host_dma_iommu(PCIBus *bus, void *opaque, int devfn), I
>> print out the devfn parameter, sometimes it will be -1.
>
> Hmm, I have no idea about the reason and would suggest to set a
> conditional breakpoint on this function, then print the backtrace to see
> where this comes from and analyze the device structure from where that
> -1 was most probably taken.

I have set a breakpoint here and cases whose devfn is -1 are different
from each run. ICH9 LPC, cirrus-vga and e1000, these three devices'
initialization will route to this problem. Sometimes the
initialization of ICH9 LPC will be normal. The backtrace are given
below. I trace to the function do_pci_register_device() and see that
the dev->devfn is initialized after the
pci_device_iommu_address_space() is called. So I think this is so
strange. Is the devfn parameter to the q35_host_dma_iommu() not
reliable and usable?
Thanks very much!

#0  q35_host_dma_iommu (bus=0x55555629d280, opaque=0x5555566a4df0, devfn=-1)
    at /home/tamlok/qemu-git/hw/pci-host/q35.c:351
#1  0x00005555558524ef in pci_device_iommu_address_space
(dev=0x5555566a7e20) at /home/tamlok/qemu-git/hw/pci/pci.c:2284
#2  0x000055555584e5b4 in do_pci_register_device
(pci_dev=0x5555566a7e20, bus=0x55555629d280,
    name=0x55555624a250 "ICH9 LPC", devfn=248) at
/home/tamlok/qemu-git/hw/pci/pci.c:830
#3  0x0000555555850bac in pci_qdev_init (qdev=0x5555566a7e20) at
/home/tamlok/qemu-git/hw/pci/pci.c:1759
#4  0x00005555557c9359 in device_realize (dev=0x5555566a7e20,
errp=0x7fffffffdd50)
    at /home/tamlok/qemu-git/hw/core/qdev.c:182
#5  0x00005555557cb15c in device_set_realized (obj=0x5555566a7e20,
value=true, errp=0x7fffffffded0)
    at /home/tamlok/qemu-git/hw/core/qdev.c:809
#6  0x00005555558d3234 in property_set_bool (obj=0x5555566a7e20,
v=0x55555668bec0, opaque=0x55555662b360,
    name=0x5555559c2a86 "realized", errp=0x7fffffffded0) at
/home/tamlok/qemu-git/qom/object.c:1421
#7  0x00005555558d1a68 in object_property_set (obj=0x5555566a7e20,
v=0x55555668bec0, name=0x5555559c2a86 "realized",
    errp=0x7fffffffded0) at /home/tamlok/qemu-git/qom/object.c:819
#8  0x00005555558d3a26 in object_property_set_qobject
(obj=0x5555566a7e20, value=0x5555566acfd0,
    name=0x5555559c2a86 "realized", errp=0x7fffffffded0) at
/home/tamlok/qemu-git/qom/qom-qobject.c:24
#9  0x00005555558d1d65 in object_property_set_bool
(obj=0x5555566a7e20, value=true, name=0x5555559c2a86 "realized",
    errp=0x7fffffffded0) at /home/tamlok/qemu-git/qom/object.c:883
#10 0x00005555557c9295 in qdev_init (dev=0x5555566a7e20) at
/home/tamlok/qemu-git/hw/core/qdev.c:167
#11 0x00005555557c98a3 in qdev_init_nofail (dev=0x5555566a7e20) at
/home/tamlok/qemu-git/hw/core/qdev.c:290
#12 0x0000555555850d6f in pci_create_simple_multifunction
(bus=0x55555629d280, devfn=248, multifunction=true,
    name=0x5555559a3783 "ICH9 LPC") at /home/tamlok/qemu-git/hw/pci/pci.c:1800
#13 0x00005555556943ce in pc_q35_init (machine=0x555556281c00) at
/home/tamlok/qemu-git/hw/i386/pc_q35.c:176
#14 0x000055555573c72f in main (argc=19, argv=0x7fffffffe4d8,
envp=0x7fffffffe578) at /home/tamlok/qemu-git/vl.c:4441

#0  q35_host_dma_iommu (bus=0x55555629d280, opaque=0x5555566a4df0, devfn=-1)
    at /home/tamlok/qemu-git/hw/pci-host/q35.c:351
#1  0x00005555558524ef in pci_device_iommu_address_space
(dev=0x5555566ef530) at /home/tamlok/qemu-git/hw/pci/pci.c:2284
#2  0x000055555584e5b4 in do_pci_register_device
(pci_dev=0x5555566ef530, bus=0x55555629d280,
    name=0x5555562551a0 "cirrus-vga", devfn=8) at
/home/tamlok/qemu-git/hw/pci/pci.c:830
#3  0x0000555555850bac in pci_qdev_init (qdev=0x5555566ef530) at
/home/tamlok/qemu-git/hw/pci/pci.c:1759
#4  0x00005555557c9359 in device_realize (dev=0x5555566ef530,
errp=0x7fffffffdca0)
    at /home/tamlok/qemu-git/hw/core/qdev.c:182
#5  0x00005555557cb15c in device_set_realized (obj=0x5555566ef530,
value=true, errp=0x7fffffffde20)
    at /home/tamlok/qemu-git/hw/core/qdev.c:809
#6  0x00005555558d3234 in property_set_bool (obj=0x5555566ef530,
v=0x55555666e300, opaque=0x555556856f90,
    name=0x5555559c2a86 "realized", errp=0x7fffffffde20) at
/home/tamlok/qemu-git/qom/object.c:1421
#7  0x00005555558d1a68 in object_property_set (obj=0x5555566ef530,
v=0x55555666e300, name=0x5555559c2a86 "realized",
    errp=0x7fffffffde20) at /home/tamlok/qemu-git/qom/object.c:819
#8  0x00005555558d3a26 in object_property_set_qobject
(obj=0x5555566ef530, value=0x555556877740,
    name=0x5555559c2a86 "realized", errp=0x7fffffffde20) at
/home/tamlok/qemu-git/qom/qom-qobject.c:24
#9  0x00005555558d1d65 in object_property_set_bool
(obj=0x5555566ef530, value=true, name=0x5555559c2a86 "realized",
    errp=0x7fffffffde20) at /home/tamlok/qemu-git/qom/object.c:883
#10 0x00005555557c9295 in qdev_init (dev=0x5555566ef530) at
/home/tamlok/qemu-git/hw/core/qdev.c:167
#11 0x00005555557c98a3 in qdev_init_nofail (dev=0x5555566ef530) at
/home/tamlok/qemu-git/hw/core/qdev.c:290
#12 0x0000555555850d6f in pci_create_simple_multifunction
(bus=0x55555629d280, devfn=-1, multifunction=false,
    name=0x5555559d5264 "cirrus-vga") at /home/tamlok/qemu-git/hw/pci/pci.c:1800
#13 0x0000555555850e19 in pci_create_simple (bus=0x55555629d280,
devfn=-1, name=0x5555559d5264 "cirrus-vga")
    at /home/tamlok/qemu-git/hw/pci/pci.c:1811
#14 0x0000555555850746 in pci_vga_init (bus=0x55555629d280) at
/home/tamlok/qemu-git/hw/pci/pci.c:1649
#15 0x00005555556925b5 in pc_vga_init (isa_bus=0x5555566ad390,
pci_bus=0x55555629d280)
    at /home/tamlok/qemu-git/hw/i386/pc.c:1262
#16 0x00005555556946ab in pc_q35_init (machine=0x555556281c00) at
/home/tamlok/qemu-git/hw/i386/pc_q35.c:238
#17 0x000055555573c72f in main (argc=19, argv=0x7fffffffe4d8,
envp=0x7fffffffe578) at /home/tamlok/qemu-git/vl.c:4441

#0  q35_host_dma_iommu (bus=0x55555629d280, opaque=0x5555566a4df0, devfn=-1)
    at /home/tamlok/qemu-git/hw/pci-host/q35.c:351
#1  0x00005555558524ef in pci_device_iommu_address_space
(dev=0x555556a10bb0) at /home/tamlok/qemu-git/hw/pci/pci.c:2284
#2  0x000055555584e5b4 in do_pci_register_device
(pci_dev=0x555556a10bb0, bus=0x55555629d280,
    name=0x55555625bf70 "e1000", devfn=16) at
/home/tamlok/qemu-git/hw/pci/pci.c:830
#3  0x0000555555850bac in pci_qdev_init (qdev=0x555556a10bb0) at
/home/tamlok/qemu-git/hw/pci/pci.c:1759
#4  0x00005555557c9359 in device_realize (dev=0x555556a10bb0,
errp=0x7fffffffde30)
    at /home/tamlok/qemu-git/hw/core/qdev.c:182
#5  0x00005555557cb15c in device_set_realized (obj=0x555556a10bb0,
value=true, errp=0x7fffffffdfb8)
    at /home/tamlok/qemu-git/hw/core/qdev.c:809
#6  0x00005555558d3234 in property_set_bool (obj=0x555556a10bb0,
v=0x55555666e300, opaque=0x555556732270,
    name=0x5555559abd39 "realized", errp=0x7fffffffdfb8) at
/home/tamlok/qemu-git/qom/object.c:1421
#7  0x00005555558d1a68 in object_property_set (obj=0x555556a10bb0,
v=0x55555666e300, name=0x5555559abd39 "realized",
    errp=0x7fffffffdfb8) at /home/tamlok/qemu-git/qom/object.c:819
#8  0x00005555558d3a26 in object_property_set_qobject
(obj=0x555556a10bb0, value=0x555556773150,
    name=0x5555559abd39 "realized", errp=0x7fffffffdfb8) at
/home/tamlok/qemu-git/qom/qom-qobject.c:24
#9  0x00005555558d1d65 in object_property_set_bool
(obj=0x555556a10bb0, value=true, name=0x5555559abd39 "realized",
    errp=0x7fffffffdfb8) at /home/tamlok/qemu-git/qom/object.c:883
#10 0x000055555571d334 in qdev_device_add (opts=0x555556280420) at
/home/tamlok/qemu-git/qdev-monitor.c:560
#11 0x000055555573733e in device_init_func (opts=0x555556280420,
opaque=0x0) at /home/tamlok/qemu-git/vl.c:2414
#12 0x000055555598d077 in qemu_opts_foreach (list=0x555555d83a80,
func=0x555555737313 <device_init_func>, opaque=0x0,
    abort_on_failure=1) at /home/tamlok/qemu-git/util/qemu-option.c:1052
#13 0x000055555573c790 in main (argc=19, argv=0x7fffffffe4d8,
envp=0x7fffffffe578) at /home/tamlok/qemu-git/vl.c:4456

Le

> Jan
>
>

Re: [Qemu-devel] Why devfn will be -1

[Le Tan]

2014-07-01 20:52 GMT+08:00 Le Tan <tamlokveer@gmail.com>:
> Hi Jan,
>
> 2014-07-01 15:34 GMT+08:00 Jan Kiszka <jan.kiszka@web.de>:
>> Hi Le,
>>
>> On 2014-07-01 04:34, Le Tan wrote:
>>> Hi Jan,
>>> I use pci_setup_iommu() to setup a PCIIOMMUFunc for the q35 pci bus.
>>> In the iommu_fn, I print out the devfn parameter and find out that it
>>> sometimes will be -1. So what does it mean?
>>> The detail code is here:
>>>
>>> In mch_init() function, I write like this:
>>> PCIBus *pci_bus = PCI_BUS(qdev_get_parent_bus(DEVICE(mch)));
>>> pci_setup_iommu(pci_bus, q35_host_dma_iommu, mch->iommu);
>>>
>>> And in q35_host_dma_iommu(PCIBus *bus, void *opaque, int devfn), I
>>> print out the devfn parameter, sometimes it will be -1.
>>
>> Hmm, I have no idea about the reason and would suggest to set a
>> conditional breakpoint on this function, then print the backtrace to see
>> where this comes from and analyze the device structure from where that
>> -1 was most probably taken.

I think maybe this is a bug? In the function do_pci_register_device(),
maybe these two sentence should be reorder?
dma_as = pci_device_iommu_address_space(pci_dev);
pci_dev->devfn = devfn;

> I have set a breakpoint here and cases whose devfn is -1 are different
> from each run. ICH9 LPC, cirrus-vga and e1000, these three devices'
> initialization will route to this problem. Sometimes the
> initialization of ICH9 LPC will be normal. The backtrace are given
> below. I trace to the function do_pci_register_device() and see that
> the dev->devfn is initialized after the
> pci_device_iommu_address_space() is called. So I think this is so
> strange. Is the devfn parameter to the q35_host_dma_iommu() not
> reliable and usable?
> Thanks very much!
>
> #0  q35_host_dma_iommu (bus=0x55555629d280, opaque=0x5555566a4df0, devfn=-1)
>     at /home/tamlok/qemu-git/hw/pci-host/q35.c:351
> #1  0x00005555558524ef in pci_device_iommu_address_space
> (dev=0x5555566a7e20) at /home/tamlok/qemu-git/hw/pci/pci.c:2284
> #2  0x000055555584e5b4 in do_pci_register_device
> (pci_dev=0x5555566a7e20, bus=0x55555629d280,
>     name=0x55555624a250 "ICH9 LPC", devfn=248) at
> /home/tamlok/qemu-git/hw/pci/pci.c:830
> #3  0x0000555555850bac in pci_qdev_init (qdev=0x5555566a7e20) at
> /home/tamlok/qemu-git/hw/pci/pci.c:1759
> #4  0x00005555557c9359 in device_realize (dev=0x5555566a7e20,
> errp=0x7fffffffdd50)
>     at /home/tamlok/qemu-git/hw/core/qdev.c:182
> #5  0x00005555557cb15c in device_set_realized (obj=0x5555566a7e20,
> value=true, errp=0x7fffffffded0)
>     at /home/tamlok/qemu-git/hw/core/qdev.c:809
> #6  0x00005555558d3234 in property_set_bool (obj=0x5555566a7e20,
> v=0x55555668bec0, opaque=0x55555662b360,
>     name=0x5555559c2a86 "realized", errp=0x7fffffffded0) at
> /home/tamlok/qemu-git/qom/object.c:1421
> #7  0x00005555558d1a68 in object_property_set (obj=0x5555566a7e20,
> v=0x55555668bec0, name=0x5555559c2a86 "realized",
>     errp=0x7fffffffded0) at /home/tamlok/qemu-git/qom/object.c:819
> #8  0x00005555558d3a26 in object_property_set_qobject
> (obj=0x5555566a7e20, value=0x5555566acfd0,
>     name=0x5555559c2a86 "realized", errp=0x7fffffffded0) at
> /home/tamlok/qemu-git/qom/qom-qobject.c:24
> #9  0x00005555558d1d65 in object_property_set_bool
> (obj=0x5555566a7e20, value=true, name=0x5555559c2a86 "realized",
>     errp=0x7fffffffded0) at /home/tamlok/qemu-git/qom/object.c:883
> #10 0x00005555557c9295 in qdev_init (dev=0x5555566a7e20) at
> /home/tamlok/qemu-git/hw/core/qdev.c:167
> #11 0x00005555557c98a3 in qdev_init_nofail (dev=0x5555566a7e20) at
> /home/tamlok/qemu-git/hw/core/qdev.c:290
> #12 0x0000555555850d6f in pci_create_simple_multifunction
> (bus=0x55555629d280, devfn=248, multifunction=true,
>     name=0x5555559a3783 "ICH9 LPC") at /home/tamlok/qemu-git/hw/pci/pci.c:1800
> #13 0x00005555556943ce in pc_q35_init (machine=0x555556281c00) at
> /home/tamlok/qemu-git/hw/i386/pc_q35.c:176
> #14 0x000055555573c72f in main (argc=19, argv=0x7fffffffe4d8,
> envp=0x7fffffffe578) at /home/tamlok/qemu-git/vl.c:4441
>
> #0  q35_host_dma_iommu (bus=0x55555629d280, opaque=0x5555566a4df0, devfn=-1)
>     at /home/tamlok/qemu-git/hw/pci-host/q35.c:351
> #1  0x00005555558524ef in pci_device_iommu_address_space
> (dev=0x5555566ef530) at /home/tamlok/qemu-git/hw/pci/pci.c:2284
> #2  0x000055555584e5b4 in do_pci_register_device
> (pci_dev=0x5555566ef530, bus=0x55555629d280,
>     name=0x5555562551a0 "cirrus-vga", devfn=8) at
> /home/tamlok/qemu-git/hw/pci/pci.c:830
> #3  0x0000555555850bac in pci_qdev_init (qdev=0x5555566ef530) at
> /home/tamlok/qemu-git/hw/pci/pci.c:1759
> #4  0x00005555557c9359 in device_realize (dev=0x5555566ef530,
> errp=0x7fffffffdca0)
>     at /home/tamlok/qemu-git/hw/core/qdev.c:182
> #5  0x00005555557cb15c in device_set_realized (obj=0x5555566ef530,
> value=true, errp=0x7fffffffde20)
>     at /home/tamlok/qemu-git/hw/core/qdev.c:809
> #6  0x00005555558d3234 in property_set_bool (obj=0x5555566ef530,
> v=0x55555666e300, opaque=0x555556856f90,
>     name=0x5555559c2a86 "realized", errp=0x7fffffffde20) at
> /home/tamlok/qemu-git/qom/object.c:1421
> #7  0x00005555558d1a68 in object_property_set (obj=0x5555566ef530,
> v=0x55555666e300, name=0x5555559c2a86 "realized",
>     errp=0x7fffffffde20) at /home/tamlok/qemu-git/qom/object.c:819
> #8  0x00005555558d3a26 in object_property_set_qobject
> (obj=0x5555566ef530, value=0x555556877740,
>     name=0x5555559c2a86 "realized", errp=0x7fffffffde20) at
> /home/tamlok/qemu-git/qom/qom-qobject.c:24
> #9  0x00005555558d1d65 in object_property_set_bool
> (obj=0x5555566ef530, value=true, name=0x5555559c2a86 "realized",
>     errp=0x7fffffffde20) at /home/tamlok/qemu-git/qom/object.c:883
> #10 0x00005555557c9295 in qdev_init (dev=0x5555566ef530) at
> /home/tamlok/qemu-git/hw/core/qdev.c:167
> #11 0x00005555557c98a3 in qdev_init_nofail (dev=0x5555566ef530) at
> /home/tamlok/qemu-git/hw/core/qdev.c:290
> #12 0x0000555555850d6f in pci_create_simple_multifunction
> (bus=0x55555629d280, devfn=-1, multifunction=false,
>     name=0x5555559d5264 "cirrus-vga") at /home/tamlok/qemu-git/hw/pci/pci.c:1800
> #13 0x0000555555850e19 in pci_create_simple (bus=0x55555629d280,
> devfn=-1, name=0x5555559d5264 "cirrus-vga")
>     at /home/tamlok/qemu-git/hw/pci/pci.c:1811
> #14 0x0000555555850746 in pci_vga_init (bus=0x55555629d280) at
> /home/tamlok/qemu-git/hw/pci/pci.c:1649
> #15 0x00005555556925b5 in pc_vga_init (isa_bus=0x5555566ad390,
> pci_bus=0x55555629d280)
>     at /home/tamlok/qemu-git/hw/i386/pc.c:1262
> #16 0x00005555556946ab in pc_q35_init (machine=0x555556281c00) at
> /home/tamlok/qemu-git/hw/i386/pc_q35.c:238
> #17 0x000055555573c72f in main (argc=19, argv=0x7fffffffe4d8,
> envp=0x7fffffffe578) at /home/tamlok/qemu-git/vl.c:4441
>
> #0  q35_host_dma_iommu (bus=0x55555629d280, opaque=0x5555566a4df0, devfn=-1)
>     at /home/tamlok/qemu-git/hw/pci-host/q35.c:351
> #1  0x00005555558524ef in pci_device_iommu_address_space
> (dev=0x555556a10bb0) at /home/tamlok/qemu-git/hw/pci/pci.c:2284
> #2  0x000055555584e5b4 in do_pci_register_device
> (pci_dev=0x555556a10bb0, bus=0x55555629d280,
>     name=0x55555625bf70 "e1000", devfn=16) at
> /home/tamlok/qemu-git/hw/pci/pci.c:830
> #3  0x0000555555850bac in pci_qdev_init (qdev=0x555556a10bb0) at
> /home/tamlok/qemu-git/hw/pci/pci.c:1759
> #4  0x00005555557c9359 in device_realize (dev=0x555556a10bb0,
> errp=0x7fffffffde30)
>     at /home/tamlok/qemu-git/hw/core/qdev.c:182
> #5  0x00005555557cb15c in device_set_realized (obj=0x555556a10bb0,
> value=true, errp=0x7fffffffdfb8)
>     at /home/tamlok/qemu-git/hw/core/qdev.c:809
> #6  0x00005555558d3234 in property_set_bool (obj=0x555556a10bb0,
> v=0x55555666e300, opaque=0x555556732270,
>     name=0x5555559abd39 "realized", errp=0x7fffffffdfb8) at
> /home/tamlok/qemu-git/qom/object.c:1421
> #7  0x00005555558d1a68 in object_property_set (obj=0x555556a10bb0,
> v=0x55555666e300, name=0x5555559abd39 "realized",
>     errp=0x7fffffffdfb8) at /home/tamlok/qemu-git/qom/object.c:819
> #8  0x00005555558d3a26 in object_property_set_qobject
> (obj=0x555556a10bb0, value=0x555556773150,
>     name=0x5555559abd39 "realized", errp=0x7fffffffdfb8) at
> /home/tamlok/qemu-git/qom/qom-qobject.c:24
> #9  0x00005555558d1d65 in object_property_set_bool
> (obj=0x555556a10bb0, value=true, name=0x5555559abd39 "realized",
>     errp=0x7fffffffdfb8) at /home/tamlok/qemu-git/qom/object.c:883
> #10 0x000055555571d334 in qdev_device_add (opts=0x555556280420) at
> /home/tamlok/qemu-git/qdev-monitor.c:560
> #11 0x000055555573733e in device_init_func (opts=0x555556280420,
> opaque=0x0) at /home/tamlok/qemu-git/vl.c:2414
> #12 0x000055555598d077 in qemu_opts_foreach (list=0x555555d83a80,
> func=0x555555737313 <device_init_func>, opaque=0x0,
>     abort_on_failure=1) at /home/tamlok/qemu-git/util/qemu-option.c:1052
> #13 0x000055555573c790 in main (argc=19, argv=0x7fffffffe4d8,
> envp=0x7fffffffe578) at /home/tamlok/qemu-git/vl.c:4456
>
> Le
>
>> Jan
>>
>>

Re: [Qemu-devel] Why devfn will be -1

[Jan Kiszka]

[-- Attachment #1: Type: text/plain, Size: 1341 bytes --]

On 2014-07-01 14:55, Le Tan wrote:
> 2014-07-01 20:52 GMT+08:00 Le Tan <tamlokveer@gmail.com>:
>> Hi Jan,
>>
>> 2014-07-01 15:34 GMT+08:00 Jan Kiszka <jan.kiszka@web.de>:
>>> Hi Le,
>>>
>>> On 2014-07-01 04:34, Le Tan wrote:
>>>> Hi Jan,
>>>> I use pci_setup_iommu() to setup a PCIIOMMUFunc for the q35 pci bus.
>>>> In the iommu_fn, I print out the devfn parameter and find out that it
>>>> sometimes will be -1. So what does it mean?
>>>> The detail code is here:
>>>>
>>>> In mch_init() function, I write like this:
>>>> PCIBus *pci_bus = PCI_BUS(qdev_get_parent_bus(DEVICE(mch)));
>>>> pci_setup_iommu(pci_bus, q35_host_dma_iommu, mch->iommu);
>>>>
>>>> And in q35_host_dma_iommu(PCIBus *bus, void *opaque, int devfn), I
>>>> print out the devfn parameter, sometimes it will be -1.
>>>
>>> Hmm, I have no idea about the reason and would suggest to set a
>>> conditional breakpoint on this function, then print the backtrace to see
>>> where this comes from and analyze the device structure from where that
>>> -1 was most probably taken.
> 
> I think maybe this is a bug? In the function do_pci_register_device(),
> maybe these two sentence should be reorder?
> dma_as = pci_device_iommu_address_space(pci_dev);
> pci_dev->devfn = devfn;

Looks like. Give it a try, then possibly send a patch :)

Jan


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]

Re: [Qemu-devel] Why devfn will be -1

[Le Tan]

2014-07-01 20:56 GMT+08:00 Jan Kiszka <jan.kiszka@web.de>:
> On 2014-07-01 14:55, Le Tan wrote:
>> 2014-07-01 20:52 GMT+08:00 Le Tan <tamlokveer@gmail.com>:
>>> Hi Jan,
>>>
>>> 2014-07-01 15:34 GMT+08:00 Jan Kiszka <jan.kiszka@web.de>:
>>>> Hi Le,
>>>>
>>>> On 2014-07-01 04:34, Le Tan wrote:
>>>>> Hi Jan,
>>>>> I use pci_setup_iommu() to setup a PCIIOMMUFunc for the q35 pci bus.
>>>>> In the iommu_fn, I print out the devfn parameter and find out that it
>>>>> sometimes will be -1. So what does it mean?
>>>>> The detail code is here:
>>>>>
>>>>> In mch_init() function, I write like this:
>>>>> PCIBus *pci_bus = PCI_BUS(qdev_get_parent_bus(DEVICE(mch)));
>>>>> pci_setup_iommu(pci_bus, q35_host_dma_iommu, mch->iommu);
>>>>>
>>>>> And in q35_host_dma_iommu(PCIBus *bus, void *opaque, int devfn), I
>>>>> print out the devfn parameter, sometimes it will be -1.
>>>>
>>>> Hmm, I have no idea about the reason and would suggest to set a
>>>> conditional breakpoint on this function, then print the backtrace to see
>>>> where this comes from and analyze the device structure from where that
>>>> -1 was most probably taken.
>>
>> I think maybe this is a bug? In the function do_pci_register_device(),
>> maybe these two sentence should be reorder?
>> dma_as = pci_device_iommu_address_space(pci_dev);
>> pci_dev->devfn = devfn;
>
> Looks like. Give it a try, then possibly send a patch :)
I reorder these two sentences and get the print log like this:
vtd bus 0 slot 31 func 0 devfn 248
vtd bus 0 slot 31 func 2 devfn 250
vtd bus 0 slot 31 func 3 devfn 251
vtd bus 0 slot 1 func 0 devfn 8
vtd bus 0 slot 2 func 0 devfn 16

The "info pci" output is here:
(qemu) info pci
  Bus  0, device   0, function 0:
    Host bridge: PCI device 8086:29c0
      id ""
  Bus  0, device   1, function 0:
    VGA controller: PCI device 1013:00b8
      BAR0: 32 bit prefetchable memory at 0xfc000000 [0xfdffffff].
      BAR1: 32 bit memory at 0xfebf0000 [0xfebf0fff].
      BAR6: 32 bit memory at 0xffffffffffffffff [0x0000fffe].
      id ""
  Bus  0, device   2, function 0:
    Ethernet controller: PCI device 8086:100e
      IRQ 11.
      BAR0: 32 bit memory at 0xfebc0000 [0xfebdffff].
      BAR1: I/O at 0xc000 [0xc03f].
      BAR6: 32 bit memory at 0xffffffffffffffff [0x0003fffe].
      id ""
  Bus  0, device  31, function 0:
    ISA bridge: PCI device 8086:2918
      id ""
  Bus  0, device  31, function 2:
    SATA controller: PCI device 8086:2922
      IRQ 10.
      BAR4: I/O at 0xc080 [0xc09f].
      BAR5: 32 bit memory at 0xfebf1000 [0xfebf1fff].
      id ""
  Bus  0, device  31, function 3:
    SMBus: PCI device 8086:2930
      IRQ 10.
      BAR4: I/O at 0x0700 [0x073f].
      id ""

So maybe it is all right now? And I will go on the vtd emulation.:)
Thanks very much!

> Jan
>

Re: [Qemu-devel] Why devfn will be -1

[Jan Kiszka]

[-- Attachment #1: Type: text/plain, Size: 3081 bytes --]

On 2014-07-01 15:02, Le Tan wrote:
> 2014-07-01 20:56 GMT+08:00 Jan Kiszka <jan.kiszka@web.de>:
>> On 2014-07-01 14:55, Le Tan wrote:
>>> 2014-07-01 20:52 GMT+08:00 Le Tan <tamlokveer@gmail.com>:
>>>> Hi Jan,
>>>>
>>>> 2014-07-01 15:34 GMT+08:00 Jan Kiszka <jan.kiszka@web.de>:
>>>>> Hi Le,
>>>>>
>>>>> On 2014-07-01 04:34, Le Tan wrote:
>>>>>> Hi Jan,
>>>>>> I use pci_setup_iommu() to setup a PCIIOMMUFunc for the q35 pci bus.
>>>>>> In the iommu_fn, I print out the devfn parameter and find out that it
>>>>>> sometimes will be -1. So what does it mean?
>>>>>> The detail code is here:
>>>>>>
>>>>>> In mch_init() function, I write like this:
>>>>>> PCIBus *pci_bus = PCI_BUS(qdev_get_parent_bus(DEVICE(mch)));
>>>>>> pci_setup_iommu(pci_bus, q35_host_dma_iommu, mch->iommu);
>>>>>>
>>>>>> And in q35_host_dma_iommu(PCIBus *bus, void *opaque, int devfn), I
>>>>>> print out the devfn parameter, sometimes it will be -1.
>>>>>
>>>>> Hmm, I have no idea about the reason and would suggest to set a
>>>>> conditional breakpoint on this function, then print the backtrace to see
>>>>> where this comes from and analyze the device structure from where that
>>>>> -1 was most probably taken.
>>>
>>> I think maybe this is a bug? In the function do_pci_register_device(),
>>> maybe these two sentence should be reorder?
>>> dma_as = pci_device_iommu_address_space(pci_dev);
>>> pci_dev->devfn = devfn;
>>
>> Looks like. Give it a try, then possibly send a patch :)
> I reorder these two sentences and get the print log like this:
> vtd bus 0 slot 31 func 0 devfn 248
> vtd bus 0 slot 31 func 2 devfn 250
> vtd bus 0 slot 31 func 3 devfn 251
> vtd bus 0 slot 1 func 0 devfn 8
> vtd bus 0 slot 2 func 0 devfn 16
> 
> The "info pci" output is here:
> (qemu) info pci
>   Bus  0, device   0, function 0:
>     Host bridge: PCI device 8086:29c0
>       id ""
>   Bus  0, device   1, function 0:
>     VGA controller: PCI device 1013:00b8
>       BAR0: 32 bit prefetchable memory at 0xfc000000 [0xfdffffff].
>       BAR1: 32 bit memory at 0xfebf0000 [0xfebf0fff].
>       BAR6: 32 bit memory at 0xffffffffffffffff [0x0000fffe].
>       id ""
>   Bus  0, device   2, function 0:
>     Ethernet controller: PCI device 8086:100e
>       IRQ 11.
>       BAR0: 32 bit memory at 0xfebc0000 [0xfebdffff].
>       BAR1: I/O at 0xc000 [0xc03f].
>       BAR6: 32 bit memory at 0xffffffffffffffff [0x0003fffe].
>       id ""
>   Bus  0, device  31, function 0:
>     ISA bridge: PCI device 8086:2918
>       id ""
>   Bus  0, device  31, function 2:
>     SATA controller: PCI device 8086:2922
>       IRQ 10.
>       BAR4: I/O at 0xc080 [0xc09f].
>       BAR5: 32 bit memory at 0xfebf1000 [0xfebf1fff].
>       id ""
>   Bus  0, device  31, function 3:
>     SMBus: PCI device 8086:2930
>       IRQ 10.
>       BAR4: I/O at 0x0700 [0x073f].
>       id ""
> 
> So maybe it is all right now? And I will go on the vtd emulation.:)
> Thanks very much!

Looks better :). Don't forget to send the patch against pci.c!

Jan



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]