On Fri, Feb 06, 2026 at 02:48:14PM +0000, Shameer Kolothum wrote:
> +static void tegra241_cmdqv_map_vintf_page0(Tegra241CMDQV *cmdqv)
> +{
> + char *name;
> +
> + if (cmdqv->vintf_page0_mapped) {
> + return;
> + }
> +
> + name = g_strdup_printf("%s vintf-page0",
> + memory_region_name(&cmdqv->mmio_cmdqv));
> + memory_region_init_ram_device_ptr(&cmdqv->mmio_vintf_page0,
> +
> memory_region_owner(&cmdqv->mmio_cmdqv),
> + name, VINTF_REG_PAGE_SIZE,
> + cmdqv->vintf_page0);
> + memory_region_add_subregion_overlap(&cmdqv->mmio_cmdqv, 0x30000,
> + &cmdqv->mmio_vintf_page0, 1);
I wonder if you see this:
[ 0.853123] arm-smmu-v3 arm-smmu-v3.0.auto: allocated 524288 entries for
vcmdq0
[ 0.854739] arm-smmu-v3 arm-smmu-v3.0.auto: allocated 524288 entries for
vcmdq1
iommufd_backend_alloc_vdev iommufd=142 dev_id=1 viommu_id=4 virt_id=0x200
vdev_id=8 (0)
iommufd_cdev_attach_ioas_hwpt [iommufd=142] Successfully attached device
0009:01:00.0 (143) to id=6
smmuv3_accel_install_ste vSID=0x200 ste type=bypass hwpt_id=0x6
iommufd_viommu_alloc_eventq iommufd=142 viommu_id=4 type=1 veventq_id=9
veventq_fd=153 (0)
iommufd_backend_alloc_hw_queue iommufd=142 viommu_id=4 queue_type=1 index=0
addr=0xe2000000 size=0x800000 queue_id=10 (0)
vfio_listener_region_add_ram region_add [ram] 0xc0b0000 - 0xc0bffff
[0xfffff7f00000]
iommufd_backend_map_dma iommufd=142 ioas=2 iova=0xc0b0000 size=0x10000
addr=0xfffff7f00000 readonly=0 (-1)
qemu-system-aarch64: warning: IOMMU_IOAS_MAP failed: Bad address, PCI BAR?
[Switching to Thread 0xffffdd7aee80 (LWP 52426)]
Thread 38 "qemu-system-aar" hit Breakpoint 2, vfio_container_region_add
(bcontainer=0xaaaaaf1220a0, section=0xffffdd7ade00, cpr_remap=false) at
../hw/vfio/listener.c:620
620 error_setg(&err, "vfio_container_dma_map(%p, 0x%"HWADDR_PRIx", "
(gdb) bt
#0 vfio_container_region_add (bcontainer=0xaaaaaf1220a0,
section=0xffffdd7ade00, cpr_remap=false) at ../hw/vfio/listener.c:620
#1 0x0000aaaaab8a9290 in vfio_listener_region_add (listener=0xaaaaaf1220d0,
section=0xffffdd7ade00) at ../hw/vfio/listener.c:492
#2 0x0000aaaaab3035f8 in address_space_update_topology_pass
(as=0xaaaaaefa6de0, old_view=0xffffec5171b0, new_view=0xffffc8001410,
adding=true) at ../system/memory.c:1030
#3 0x0000aaaaab303974 in address_space_set_flatview (as=0xaaaaaefa6de0) at
../system/memory.c:1106
#4 0x0000aaaaab303bd4 in memory_region_transaction_commit () at
../system/memory.c:1158
#5 0x0000aaaaab3084e0 in memory_region_update_container_subregions
(subregion=0xaaaaaefa7b00) at ../system/memory.c:2653
#6 0x0000aaaaab3085a0 in memory_region_add_subregion_common
(mr=0xaaaaaefa79e0, offset=196608, subregion=0xaaaaaefa7b00) at
../system/memory.c:2668
#7 0x0000aaaaab308644 in memory_region_add_subregion_overlap
(mr=0xaaaaaefa79e0, offset=196608, subregion=0xaaaaaefa7b00, priority=1) at
../system/memory.c:2685
#8 0x0000aaaaab570f68 in tegra241_cmdqv_map_vintf_page0 (cmdqv=0xaaaaaefa79c0)
at ../hw/arm/tegra241-cmdqv.c:275
#9 0x0000aaaaab571188 in tegra241_cmdqv_setup_vcmdq (cmdqv=0xaaaaaefa79c0,
index=0, errp=0xffffdd7ae0e8) at ../hw/arm/tegra241-cmdqv.c:317
#10 0x0000aaaaab571550 in tegra241_cmdqv_write_vcmdq (cmdqv=0xaaaaaefa79c0,
offset0=131072, index=0, value=3791650835, size=4, errp=0xffffdd7ae0e8) at
../hw/arm/tegra241-cmdqv.c:378
#11 0x0000aaaaab571a60 in tegra241_cmdqv_write (opaque=0xaaaaaefa79c0,
offset=131072, value=3791650835, size=4) at ../hw/arm/tegra241-cmdqv.c:484
Nicolin
