Re: [Xen-devel] gross qemu behavior

[Fabio Fantoni <fabio.fantoni@xxxxxxx>]

Il 28/03/2014 08:48, Jan Beulich ha scritto:
> Hi,
>
> so while doing all that EPT work I naturally also happened to look more
> closely at the EPT table dumps, spotting an odd range of 16 pages
> outside any supposedly populated address range. This range only
> exists when guest memory doesn't extend past (by default) 0xf0000000
> (the start of MMIO, i.e. normally the frame buffer). After spending quite
> a bit of time I finally figured that this must be a left over of the Cirrus
> VGA ROM, and I would have thought that this
>
> --- a/hw/pci/pci.c
> +++ b/hw/pci/pci.c
> @@ -1976,6 +1976,9 @@ static int pci_add_option_rom(PCIDevice
>       }
>   
>       pci_register_bar(pdev, PCI_ROM_SLOT, 0, &pdev->rom);
> +    memory_region_add_subregion_overlap(pdev->bus->address_space_mem,
> +                                        pdev->rom.ram_addr, &pdev->rom, 1);
> +    memory_region_del_subregion(pdev->bus->address_space_mem, &pdev->rom);
>   
>       return 0;
>   }
>
> should fix it. It does appear to work as far generic qemu is concerned,
> but once looking at the Xen backend I had to conclude that this just
> can't work: For one, xen_add_to_physmap() and
> xen_remove_from_physmap() are _documented_ (in a comment) to
> only be capable of a single region (VRAM). And the latter - even worse -
> is implemented with a call to xc_domain_add_to_physmap(), completely
> contrary to its name.
>
> Instrumenting xen_region_{add,del}(), I can see that all regions get
> properly reported to the Xen backend, just that it doesn't handle them
> (this is with above patch in place):
>
> xra(fee00000,100000)
> xra(fec00000,1000)
> xra(fed00000,400)
> xra(80000000,10000)
> xrd(80000000,10000)
> xra(f0000000,800000)
> xra(f1000000,400000)
> xra(f2000000,1000000)
> xra(f3010000,4000)
> xra(f3014000,1000)
> xra(f3015000,3000)
> xra(f3018000,1000)
> xra(f3000000,10000)
> xrd(f3000000,10000)
> xrd(f0000000,800000)
> xra(f0000000,800000)
> mapping vram to f0000000 - f0800000
>
> Having wasted enough time getting to this point, I'd like to ask you
> to advise a proper fix for this. We definitely shouldn't be leaving
> stuff sitting at arbitrary positions in the physical address space of
> the guest. And the fact that the range gets removed (from Xen's
> perspective, but not from qemu's) when RAM extends beyond
> 0xf0000000 (due to it being replaced with what is actually
> intended to be there) makes me wonder what would happen if the
> ROM got enabled by the guest.
Thanks for your work.
I do not know enough about these things to help you solve it unfortunately.
It seems to me, however, to understand that this problem may be the 
actual cause (or at least one) that also blocks the correct allocation 
of all qxl memory regionsand perhaps even setting up more ram for stdvga 
that although no errors appear apparently not working.
Can you tell me if it is correct or am I wrong?
If it is correct please put me in cc of the future mails and/or patches 
and I will test them with qxl and any other features that they affect.
Thanks for any reply and sorry for my bad english.

> Jan
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxx
> http://lists.xen.org/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel