[PULL,34/56] hw/intc/grlib_irqmp: add ncpus property

Message ID	20240215175752.82828-35-philmd@linaro.org
State	Accepted
Commit	6bf147854395f39fe45abebe40529bf7f023aeb9
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <philmd@linaro.org> To: qemu-devel@nongnu.org Cc: qemu-ppc@nongnu.org, qemu-arm@nongnu.org, qemu-block@nongnu.org, =?utf-8?q?Cl=C3=A9ment_Chigot?= <chigot@adacore.com>, Frederic Konrad <konrad.frederic@yahoo.fr>, =?utf-8?q?Philippe_Mathieu-Daud?= =?utf-8?q?=C3=A9?= <philmd@linaro.org>, Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>, Artyom Tarasenko <atar4qemu@gmail.com> Subject: [PULL 34/56] hw/intc/grlib_irqmp: add ncpus property Date: Thu, 15 Feb 2024 18:57:28 +0100 Message-ID: <20240215175752.82828-35-philmd@linaro.org> In-Reply-To: <20240215175752.82828-1-philmd@linaro.org> References: <20240215175752.82828-1-philmd@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2a00:1450:4864:20::22a; envelope-from=philmd@linaro.org; helo=mail-lj1-x22a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org
Series	[PULL,01/56] hw/block/tc58128: Don't emit deprecation warning under qtest \| expand [PULL,01/56] hw/block/tc58128: Don't emit deprecation warning under qtest [PULL,02/56] hw/mips: remove unnecessary "select PTIMER" [PULL,03/56] target/mips: Use qemu_irq typedef for CPUMIPSState::irq member [PULL,04/56] target/mips: Remove helpers accessing SAAR registers [PULL,05/56] hw/misc/mips: Reduce itc_reconfigure() scope [PULL,06/56] target/mips: Remove MIPSITUState::itu field [PULL,07/56] target/mips: Remove CPUMIPSState::saarp field [PULL,08/56] hw/misc/mips_itu: Remove MIPSITUState::cpu0 field [PULL,09/56] hw/misc/mips_itu: Remove MIPSITUState::saar field [PULL,10/56] target/mips: Remove unused mips_def_t::SAARP field [PULL,11/56] target/mips: Remove CPUMIPSState::CP0_SAAR[2] field [PULL,12/56] target/mips: Remove helpers accessing SAARI register [PULL,13/56] target/mips: Remove CPUMIPSState::CP0_SAARI field [PULL,14/56] target/mips: Remove the unused DisasContext::saar field [PULL,15/56] hw/isa: clean up Kconfig selections for ISA_SUPERIO [PULL,16/56] hw/mips/Kconfig: Remove ISA dependencies from MIPSsim board [PULL,17/56] hw/isa: fix ISA_SUPERIO dependencies [PULL,18/56] hw/isa: specify instance_size in isa_superio_type_info [PULL,19/56] hw/isa: extract FDC37M81X to a separate file [PULL,20/56] hw/rx/rx62n: Reduce inclusion of 'qemu/units.h' [PULL,21/56] hw/rx/rx62n: Only call qdev_get_gpio_in() when necessary [PULL,22/56] hw/i386/q35: Realize LPC PCI function before accessing it [PULL,23/56] hw/ppc/prep: Realize ISA bridge before accessing it [PULL,24/56] hw/misc/macio: Realize IDE controller before accessing it [PULL,25/56] hw/sh4/r2d: Realize IDE controller before accessing it [PULL,26/56] hw/dma: Pass parent object to i8257_dma_init() [PULL,27/56] hw/sparc/sun4m: Realize DMA controller before accessing it [PULL,28/56] hw/sparc64/cpu: Initialize GPIO before realizing CPU devices [PULL,29/56] target/sparc: Provide hint about CPUSPARCState::irq_manager member [PULL,30/56] hw/sparc/leon3: Remove duplicate code [PULL,31/56] hw/sparc/leon3: Remove unused 'env' argument of write_bootloader() [PULL,32/56] hw/sparc/leon3: Have write_bootloader() take a void pointer argument [PULL,33/56] hw/sparc/grlib: split out the headers for each peripherals [PULL,34/56] hw/intc/grlib_irqmp: add ncpus property [PULL,35/56] hw/intc/grlib_irqmp: implements the multiprocessor status register [PULL,36/56] hw/intc/grlib_irqmp: implements multicore irq [PULL,37/56] target/sparc: implement asr17 feature for smp [PULL,38/56] hw/sparc/leon3: remove SP initialization [PULL,39/56] hw/sparc/leon3: implement multiprocessor [PULL,40/56] hw/sparc/leon3: check cpu_id in the tiny bootloader [PULL,41/56] hw/sparc/leon3: Pass DeviceState opaque argument to leon3_set_pil_in() [PULL,42/56] hw/sparc/leon3: Pass DeviceState opaque argument to leon3_start_cpu() [PULL,43/56] hw/sparc/leon3: Initialize GPIO before realizing CPU devices [PULL,44/56] MAINTAINERS: replace Fabien by myself as Leon3 maintainer [PULL,45/56] MAINTAINERS: Add myself as reviewer for TCG Plugins [PULL,46/56] hw/i386/q35: Simplify pc_q35_init() since PCI is always enabled [PULL,47/56] hw/i386/q35: Use DEVICE() cast macro with PCIDevice object [PULL,48/56] hw/ide/ahci: Expose AHCIPCIState structure [PULL,49/56] hw/ide/ahci: Rename AHCI PCI function as 'pdev' [PULL,50/56] hw/ide/ahci: Inline ahci_get_num_ports() [PULL,51/56] hw/ide/ahci: Pass AHCI context to ahci_ide_create_devs() [PULL,52/56] hw/ide/ahci: Convert AHCIState::ports to unsigned [PULL,53/56] hw/ide/ahci: Do not pass 'ports' argument to ahci_realize() [PULL,54/56] hw/ide/ahci: Remove SysbusAHCIState::num_ports field [PULL,55/56] hw/ide/ahci: Move SysBus definitions to 'ahci-sysbus.h' [PULL,56/56] hw/ide/ich9: Use AHCIPCIState typedef

Message ID

20240215175752.82828-35-philmd@linaro.org

State

Accepted

Commit

6bf147854395f39fe45abebe40529bf7f023aeb9

Headers

Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
From: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <philmd@linaro.org>
To: qemu-devel@nongnu.org
Cc: qemu-ppc@nongnu.org, qemu-arm@nongnu.org, qemu-block@nongnu.org,
	=?utf-8?q?Cl=C3=A9ment_Chigot?= <chigot@adacore.com>,
 Frederic Konrad <konrad.frederic@yahoo.fr>, =?utf-8?q?Philippe_Mathieu-Daud?=
	=?utf-8?q?=C3=A9?= <philmd@linaro.org>,
 Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>,
 Artyom Tarasenko <atar4qemu@gmail.com>
Subject: [PULL 34/56] hw/intc/grlib_irqmp: add ncpus property
Date: Thu, 15 Feb 2024 18:57:28 +0100
Message-ID: <20240215175752.82828-35-philmd@linaro.org>
In-Reply-To: <20240215175752.82828-1-philmd@linaro.org>
References: <20240215175752.82828-1-philmd@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2a00:1450:4864:20::22a;
 envelope-from=philmd@linaro.org; helo=mail-lj1-x22a.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

Series

[PULL,01/56] hw/block/tc58128: Don't emit deprecation warning under qtest | expand

Commit Message

Philippe Mathieu-Daudé Feb. 15, 2024, 5:57 p.m. UTC

From: Clément Chigot <chigot@adacore.com>

This adds a "ncpus" property to the "grlib-irqmp" device to be used
later, this required a little refactoring of how we initialize the
device (ie: use realize instead of init).

Co-developed-by: Frederic Konrad <konrad.frederic@yahoo.fr>
Signed-off-by: Clément Chigot <chigot@adacore.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20240131085047.18458-3-chigot@adacore.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
 hw/intc/grlib_irqmp.c | 30 +++++++++++++++++++++---------
 hw/sparc/leon3.c      |  2 +-
 2 files changed, 22 insertions(+), 10 deletions(-)

Comments

Peter Maydell March 8, 2024, 1:27 p.m. UTC | #1

On Thu, 15 Feb 2024 at 18:04, Philippe Mathieu-Daudé <philmd@linaro.org> wrote:
>
> From: Clément Chigot <chigot@adacore.com>
>
> This adds a "ncpus" property to the "grlib-irqmp" device to be used
> later, this required a little refactoring of how we initialize the
> device (ie: use realize instead of init).
>
> Co-developed-by: Frederic Konrad <konrad.frederic@yahoo.fr>
> Signed-off-by: Clément Chigot <chigot@adacore.com>
> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> Message-ID: <20240131085047.18458-3-chigot@adacore.com>
> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Hi; Coverity points out a bug in this commit (CID 1534914):


> -static void grlib_irqmp_init(Object *obj)
> +static void grlib_irqmp_realize(DeviceState *dev, Error **errp)
>  {
> -    IRQMP *irqmp = GRLIB_IRQMP(obj);
> -    SysBusDevice *dev = SYS_BUS_DEVICE(obj);
> +    IRQMP *irqmp = GRLIB_IRQMP(dev);
>
> -    qdev_init_gpio_in(DEVICE(obj), grlib_irqmp_set_irq, MAX_PILS);
> -    qdev_init_gpio_out_named(DEVICE(obj), &irqmp->irq, "grlib-irq", 1);
> -    memory_region_init_io(&irqmp->iomem, obj, &grlib_irqmp_ops, irqmp,
> +    if ((!irqmp->ncpus) || (irqmp->ncpus > IRQMP_MAX_CPU)) {
> +        error_setg(errp, "Invalid ncpus properties: "
> +                   "%u, must be 0 < ncpus =< %u.", irqmp->ncpus,
> +                   IRQMP_MAX_CPU);
> +    }

We detect the out-of-range 'ncpus' value, but forget the "return"
statement, so execution will continue onward regardless, and
overrun the irqmp->irq[] array when we call qdev_init_gpio_out_named().

> +
> +    qdev_init_gpio_in(dev, grlib_irqmp_set_irq, MAX_PILS);
> +    qdev_init_gpio_out_named(dev, &irqmp->irq, "grlib-irq", 1);
> +    memory_region_init_io(&irqmp->iomem, OBJECT(dev), &grlib_irqmp_ops, irqmp,
>                            "irqmp", IRQMP_REG_SIZE);
>
>      irqmp->state = g_malloc0(sizeof *irqmp->state);
>
> -    sysbus_init_mmio(dev, &irqmp->iomem);
> +    sysbus_init_mmio(SYS_BUS_DEVICE(dev), &irqmp->iomem);
>  }

thanks
-- PMM

Clément Chigot March 8, 2024, 3:01 p.m. UTC | #2

On Fri, Mar 8, 2024 at 2:27 PM Peter Maydell <peter.maydell@linaro.org> wrote:
>
> On Thu, 15 Feb 2024 at 18:04, Philippe Mathieu-Daudé <philmd@linaro.org> wrote:
> >
> > From: Clément Chigot <chigot@adacore.com>
> >
> > This adds a "ncpus" property to the "grlib-irqmp" device to be used
> > later, this required a little refactoring of how we initialize the
> > device (ie: use realize instead of init).
> >
> > Co-developed-by: Frederic Konrad <konrad.frederic@yahoo.fr>
> > Signed-off-by: Clément Chigot <chigot@adacore.com>
> > Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> > Message-ID: <20240131085047.18458-3-chigot@adacore.com>
> > Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
>
> Hi; Coverity points out a bug in this commit (CID 1534914):
>
>
> > -static void grlib_irqmp_init(Object *obj)
> > +static void grlib_irqmp_realize(DeviceState *dev, Error **errp)
> >  {
> > -    IRQMP *irqmp = GRLIB_IRQMP(obj);
> > -    SysBusDevice *dev = SYS_BUS_DEVICE(obj);
> > +    IRQMP *irqmp = GRLIB_IRQMP(dev);
> >
> > -    qdev_init_gpio_in(DEVICE(obj), grlib_irqmp_set_irq, MAX_PILS);
> > -    qdev_init_gpio_out_named(DEVICE(obj), &irqmp->irq, "grlib-irq", 1);
> > -    memory_region_init_io(&irqmp->iomem, obj, &grlib_irqmp_ops, irqmp,
> > +    if ((!irqmp->ncpus) || (irqmp->ncpus > IRQMP_MAX_CPU)) {
> > +        error_setg(errp, "Invalid ncpus properties: "
> > +                   "%u, must be 0 < ncpus =< %u.", irqmp->ncpus,
> > +                   IRQMP_MAX_CPU);
> > +    }
>
> We detect the out-of-range 'ncpus' value, but forget the "return"
> statement, so execution will continue onward regardless, and
> overrun the irqmp->irq[] array when we call qdev_init_gpio_out_named().

Indeed, I'll send a patch.
Thanks for pointing that out.

Clément

> > +
> > +    qdev_init_gpio_in(dev, grlib_irqmp_set_irq, MAX_PILS);
> > +    qdev_init_gpio_out_named(dev, &irqmp->irq, "grlib-irq", 1);
> > +    memory_region_init_io(&irqmp->iomem, OBJECT(dev), &grlib_irqmp_ops, irqmp,
> >                            "irqmp", IRQMP_REG_SIZE);
> >
> >      irqmp->state = g_malloc0(sizeof *irqmp->state);
> >
> > -    sysbus_init_mmio(dev, &irqmp->iomem);
> > +    sysbus_init_mmio(SYS_BUS_DEVICE(dev), &irqmp->iomem);
> >  }
>
> thanks
> -- PMM

diff --git a/hw/intc/grlib_irqmp.c b/hw/intc/grlib_irqmp.c
index 11eef62457..744cd64c58 100644
--- a/hw/intc/grlib_irqmp.c
+++ b/hw/intc/grlib_irqmp.c
@@ -1,7 +1,7 @@ 
 /*
  * QEMU GRLIB IRQMP Emulator
  *
- * (Multiprocessor and extended interrupt not supported)
+ * (Extended interrupt not supported)
  *
  * SPDX-License-Identifier: MIT
  *
@@ -63,6 +63,7 @@  struct IRQMP {
 
     MemoryRegion iomem;
 
+    unsigned int ncpus;
     IRQMPState *state;
     qemu_irq irq;
 };
@@ -326,33 +327,44 @@  static void grlib_irqmp_reset(DeviceState *d)
     irqmp->state->parent = irqmp;
 }
 
-static void grlib_irqmp_init(Object *obj)
+static void grlib_irqmp_realize(DeviceState *dev, Error **errp)
 {
-    IRQMP *irqmp = GRLIB_IRQMP(obj);
-    SysBusDevice *dev = SYS_BUS_DEVICE(obj);
+    IRQMP *irqmp = GRLIB_IRQMP(dev);
 
-    qdev_init_gpio_in(DEVICE(obj), grlib_irqmp_set_irq, MAX_PILS);
-    qdev_init_gpio_out_named(DEVICE(obj), &irqmp->irq, "grlib-irq", 1);
-    memory_region_init_io(&irqmp->iomem, obj, &grlib_irqmp_ops, irqmp,
+    if ((!irqmp->ncpus) || (irqmp->ncpus > IRQMP_MAX_CPU)) {
+        error_setg(errp, "Invalid ncpus properties: "
+                   "%u, must be 0 < ncpus =< %u.", irqmp->ncpus,
+                   IRQMP_MAX_CPU);
+    }
+
+    qdev_init_gpio_in(dev, grlib_irqmp_set_irq, MAX_PILS);
+    qdev_init_gpio_out_named(dev, &irqmp->irq, "grlib-irq", 1);
+    memory_region_init_io(&irqmp->iomem, OBJECT(dev), &grlib_irqmp_ops, irqmp,
                           "irqmp", IRQMP_REG_SIZE);
 
     irqmp->state = g_malloc0(sizeof *irqmp->state);
 
-    sysbus_init_mmio(dev, &irqmp->iomem);
+    sysbus_init_mmio(SYS_BUS_DEVICE(dev), &irqmp->iomem);
 }
 
+static Property grlib_irqmp_properties[] = {
+    DEFINE_PROP_UINT32("ncpus", IRQMP, ncpus, 1),
+    DEFINE_PROP_END_OF_LIST(),
+};
+
 static void grlib_irqmp_class_init(ObjectClass *klass, void *data)
 {
     DeviceClass *dc = DEVICE_CLASS(klass);
 
+    dc->realize = grlib_irqmp_realize;
     dc->reset = grlib_irqmp_reset;
+    device_class_set_props(dc, grlib_irqmp_properties);
 }
 
 static const TypeInfo grlib_irqmp_info = {
     .name          = TYPE_GRLIB_IRQMP,
     .parent        = TYPE_SYS_BUS_DEVICE,
     .instance_size = sizeof(IRQMP),
-    .instance_init = grlib_irqmp_init,
     .class_init    = grlib_irqmp_class_init,
 };
 
diff --git a/hw/sparc/leon3.c b/hw/sparc/leon3.c
index e80b9410d4..bc6a85be9c 100644
--- a/hw/sparc/leon3.c
+++ b/hw/sparc/leon3.c
@@ -264,11 +264,11 @@  static void leon3_generic_hw_init(MachineState *machine)
 
     /* Allocate IRQ manager */
     irqmpdev = qdev_new(TYPE_GRLIB_IRQMP);
+    sysbus_realize_and_unref(SYS_BUS_DEVICE(irqmpdev), &error_fatal);
     qdev_init_gpio_in_named_with_opaque(DEVICE(cpu), leon3_set_pil_in,
                                         env, "pil", 1);
     qdev_connect_gpio_out_named(irqmpdev, "grlib-irq", 0,
                                 qdev_get_gpio_in_named(DEVICE(cpu), "pil", 0));
-    sysbus_realize_and_unref(SYS_BUS_DEVICE(irqmpdev), &error_fatal);
     sysbus_mmio_map(SYS_BUS_DEVICE(irqmpdev), 0, LEON3_IRQMP_OFFSET);
     env->irq_manager = irqmpdev;
     env->qemu_irq_ack = leon3_irq_manager;

[PULL,34/56] hw/intc/grlib_irqmp: add ncpus property

Commit Message

Comments

Patch