From mboxrd@z Thu Jan  1 00:00:00 1970
From: Dan Gora <dan.gora@gmail.com>
Subject: Re: Re: PCI BAR register space written with garbage in
	HVM guest.
Date: Wed, 17 Mar 2010 00:31:41 -0300
Message-ID: <4779de451003162031r6fce99bbv60cc069a432f47ae@mail.gmail.com>
References: <4779de451003151809n6cec813dp32d77fee34b1bda2@mail.gmail.com>
	<4779de451003161714x45dbca6dh80a9eed56e4fb0c2@mail.gmail.com>
	<20100317024611.GB2217@phenom.dumpdata.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <20100317024611.GB2217@phenom.dumpdata.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

On Tue, Mar 16, 2010 at 11:46 PM, Konrad Rzeszutek Wilk
<konrad.wilk@oracle.com> wrote:
> There is a snippet of QEMU that has that (hw/pass-through.c),
> function pt_pci_write_config:
>
> .. snip ..
> =A0 =A0 =A0ret =3D pci_write_block(pci_dev, address, (uint8_t *)&val, len=
);
>
> =A0 =A0 =A0 =A0if (!ret)
> =A0 =A0 =A0 =A0 =A0 =A0PT_LOG("Error: pci_write_block failed. return valu=
e[%d].\n",
> ret);
> =A0 =A0}
>
> =A0 =A0if (pm_state !=3D NULL && pm_state->flags & PT_FLAG_TRANSITING)
> =A0 =A0 =A0 =A0/* set QEMUTimer */
> =A0 =A0 =A0 =A0qemu_mod_timer(pm_state->pm_timer,
> =A0 =A0 =A0 =A0 =A0 =A0(qemu_get_clock(rt_clock) + pm_state->pm_delay));

I turned on all the debugging in there and I see messages, but none
when the bad writes occur, which made me think that they were not
coming from there...

>> <snip>
>>
>> 5904 =A021:35:48 [ =A0 =A07f05d53f987b] read(16, "o\0\0\0", 4) =3D 4
>> 5904 =A021:35:48 [ =A0 =A07f05d53f97fb] write(16, "o\0\0\0", 4) =3D 4
>> 5904 =A021:35:48 [ =A0 =A07f05d53f97fb] write(6,
>> "\377\377\377\377\377\377\0\26>2\325d\10\0E\0\2@\0\354\0\0@\21w\302\0\0\=
0\0\377\377"...,
>> 590) =3D 256
>
> I would turn on all of those debug options and see if anything is
> happening.

done.. nothing :(  At least not during the error.

> Actually I would instrument all of the 'pci_write_block' calls.

I'll try that tomorrow...

> Can you attach debug to it? Or maybe run 'objdump' on the qemu-dm and
> see if the address correspond to some code in it?

Yes I can debug it, but really the only thing that I have to hang my
hat on is write().  So I figure that it must be coming from pciutils
since it's messing with /sys/bus/pci, but I don't really know much
about pciutils so wasn't sure what to grep around for.

I'll try and trace the pci_write_block calls and put gdb on it
tomorrow and see if anything pops up.

thanks,
dan