From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1HZc67-0005hm-JB
	for qemu-devel@nongnu.org; Thu, 05 Apr 2007 20:14:35 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1HZc65-0005ha-2V
	for qemu-devel@nongnu.org; Thu, 05 Apr 2007 20:14:34 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1HZc64-0005hX-Tm
	for qemu-devel@nongnu.org; Thu, 05 Apr 2007 20:14:32 -0400
Received: from wr-out-0506.google.com ([64.233.184.226])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <balrogg@gmail.com>) id 1HZc2e-00049T-0P
	for qemu-devel@nongnu.org; Thu, 05 Apr 2007 20:11:00 -0400
Received: by wr-out-0506.google.com with SMTP id 36so530327wra
	for <qemu-devel@nongnu.org>; Thu, 05 Apr 2007 17:10:59 -0700 (PDT)
Message-ID: <fb249edb0704051710t6a94af0fp4de4c50e15413c36@mail.gmail.com>
Date: Fri, 6 Apr 2007 02:10:56 +0200
From: "andrzej zaborowski" <balrog@zabor.org>
Sender: balrogg@gmail.com
Subject: Re: [Qemu-devel] Re: -vmwarevga issues
In-Reply-To: <20070405204033.GA25205@saturn.kn-bremen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <20070405201322.GA23971@saturn.kn-bremen.de>
	<20070405204033.GA25205@saturn.kn-bremen.de>
Reply-To: balrogg@gmail.com, qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Juergen Lock <qemu-l@jelal.kn-bremen.de>, qemu-devel@nongnu.org

Hi, thanks for the report.
I tested with Xorg 7.1.1 only and on Linux only - I will try to find
out what's happening on 7.1.0.

On 05/04/07, Juergen Lock <qemu-l@jelal.kn-bremen.de> wrote:
> On Thu, Apr 05, 2007 at 10:13:22PM +0200, I wrote:
> >...
>
> > 2. And with
> >       http://ftp.us.freesbie.org/pub/FreeSBIE/2.0.1-RELEASE/FreeSBIE-2.0.1-RELEASE.iso
> > (see
> >       http://www.freesbie.org/
> > , based on FreeBSD 6.2 and using xorg 6.9.0) it worked (after editing
> > `Driver "vmware"' into xorg.conf because its xorg autoconfiguration
> > didnt know that card), but caused both the ne2kpci (ed0) and es1370
> > (pcm0) cards not to be detected: (from bootverbose dmesg:)
> >       ed0: <RealTek 8029> port 0xfffffb00-0xfffffbff irq 11 at device 3.0 on pci0
> >       device_attach: ed0 attach returned 2
> >       pcm0: <AudioPCI ES1370> port 0xfffffc00-0xfffffcff irq 9 at device 4.0 on pci0
> >       pcm0: unable to map register space
> > (both are detected and work when using the default cirrus vga.)

Ouch. Probably I should have better figured out how the IO address is
chosen instead of copying the address that the original VMware PCI
card uses.

>
> Hmm I just found qemu that I had left running hang (monitor, on stdio,
> not responding), attaching gdb found it here:
>
> Script started on Thu Apr  5 22:29:42 2007
> % gdb work/qemu-snapshot-2007-04-05_05/i386-softmmu/qemu 24677
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "i386-marcel-freebsd"...
> Attaching to program: /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/i386-softmmu/qemu, process 24677
> Reading symbols from /lib/libm.so.4...done.
> Loaded symbols for /lib/libm.so.4
> Reading symbols from /lib/libz.so.3...done.
> Loaded symbols for /lib/libz.so.3
> Reading symbols from /usr/local/lib/libSDL.so.11...done.
> Loaded symbols for /usr/local/lib/libSDL.so.11
> Reading symbols from /lib/libutil.so.5...done.
> Loaded symbols for /lib/libutil.so.5
> Reading symbols from /usr/lib/libpthread.so.2...done.
>
> warning: Unable to get location for thread creation breakpoint: generic error
> [New LWP 100167]
> Loaded symbols for /usr/lib/libpthread.so.2
> Reading symbols from /lib/libc.so.6...done.
> Loaded symbols for /lib/libc.so.6
> Reading symbols from /usr/local/lib/libiconv.so.3...done.
> Loaded symbols for /usr/local/lib/libiconv.so.3
> Reading symbols from /usr/X11R6/lib/libX11.so.6...done.
> Loaded symbols for /usr/X11R6/lib/libX11.so.6
> Reading symbols from /usr/X11R6/lib/libXext.so.6...done.
> Loaded symbols for /usr/X11R6/lib/libXext.so.6
> Reading symbols from /usr/X11R6/lib/libXrandr.so.2...done.
> Loaded symbols for /usr/X11R6/lib/libXrandr.so.2
> Reading symbols from /usr/X11R6/lib/libXrender.so.1...done.
> Loaded symbols for /usr/X11R6/lib/libXrender.so.1
> Reading symbols from /usr/local/lib/libvga.so.1...done.
> Loaded symbols for /usr/local/lib/libvga.so.1
> Reading symbols from /usr/lib/libvgl.so.4...done.
> Loaded symbols for /usr/lib/libvgl.so.4
> Reading symbols from /usr/local/lib/libaa.so.1...done.
> Loaded symbols for /usr/local/lib/libaa.so.1
> Reading symbols from /usr/lib/libusbhid.so.2...done.
> Loaded symbols for /usr/lib/libusbhid.so.2
> Reading symbols from /lib/libncurses.so.6...done.
> Loaded symbols for /lib/libncurses.so.6
> Reading symbols from /usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2...done.
> Loaded symbols for /usr/X11R6/lib/X11/locale/lib/common/xlcDef.so.2
> Reading symbols from /usr/X11R6/lib/X11/locale/lib/common/ximcp.so.2...done.
> Loaded symbols for /usr/X11R6/lib/X11/locale/lib/common/ximcp.so.2
> Reading symbols from /usr/X11R6/lib/libXcursor.so.1...done.
> Loaded symbols for /usr/X11R6/lib/libXcursor.so.1
> Reading symbols from /usr/X11R6/lib/libXfixes.so.3...done.
> Loaded symbols for /usr/X11R6/lib/libXfixes.so.3
> Reading symbols from /libexec/ld-elf.so.1...done.
> Loaded symbols for /libexec/ld-elf.so.1
> [Switching to LWP 100167]
> 0x282bf776 in memmove () from /lib/libc.so.6
> (gdb) bt
> #0  0x282bf776 in memmove () from /lib/libc.so.6
> #1  0x080afc3e in vmsvga_fifo_run (s=0x9ba71d4)
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/hw/vmware_vga.c:373
> #2  0x080b029c in vmsvga_update_display (opaque=0x9ba71d4)
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/hw/vmware_vga.c:862
> #3  0x08057f54 in vga_hw_update ()
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/console.c:149
> #4  0x080b1e30 in sdl_refresh (ds=0x8130760)
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/sdl.c:344
> #5  0x08050a61 in gui_update (opaque=0x0)
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/vl.c:6146
> #6  0x0804bf05 in qemu_run_timers (ptimer_head=0x81307cc, current_time=Unhandled dwarf expression opcode 0x93
> )
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/vl.c:882
> #7  0x0805150d in main_loop_wait (timeout=0)
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/vl.c:6400
> #8  0x0805161d in main_loop ()
> ---Type <return> to continue, or q <return> to quit---
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/vl.c:6473
> #9  0x0805300d in main (argc=16, argv=0xbfbfe818)
>     at /ad4/usr/ports/emulators/qemu-devel/work/qemu-snapshot-2007-04-05_05/vl.c:7817
> (gdb) q
> The program is running.  Quit anyway (and detach it)? (y or n) y

Probably the guest driver is passing coordinates that we don't expect
- we don't check that they are in range. Disabling the
#define HW_RECT_ACCEL
#define HW_FILL_ACCEL
near the top of hw/vmware_vga.c should make it safe before it's
properly fixed. I will be offline for the whole week from now :(

Thanks,
Andrzej