| 1 | target-arm queue for 3.0: | 1 | v2: dropped a couple of cadence_gem changes to ID regs that |
|---|---|---|---|
| 2 | caused new clang sanitizer warnings. | ||
| 2 | 3 | ||
| 3 | Thomas' fixes for instrospection issues with a handful of | ||
| 4 | devices (including one microblaze one that I include in this | ||
| 5 | pullreq for convenience's sake), plus my bugfix for a | ||
| 6 | corner case of small MPU region support. | ||
| 7 | |||
| 8 | thanks | ||
| 9 | -- PMM | 4 | -- PMM |
| 10 | 5 | ||
| 11 | The following changes since commit 55b1f14cefcb19ce6d5e28c4c83404230888aa7e: | 6 | The following changes since commit dddb37495b844270088e68e3bf30b764d48d863f: |
| 12 | 7 | ||
| 13 | Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-3.0-pull-request' into staging (2018-07-23 14:03:14 +0100) | 8 | Merge remote-tracking branch 'remotes/awilliam/tags/vfio-updates-20181015.0' into staging (2018-10-15 18:44:04 +0100) |
| 14 | 9 | ||
| 15 | are available in the Git repository at: | 10 | are available in the Git repository at: |
| 16 | 11 | ||
| 17 | git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180723 | 12 | https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20181016-1 |
| 18 | 13 | ||
| 19 | for you to fetch changes up to 1ddc9b98c3cb89fe23a55ba924000fd645253e87: | 14 | for you to fetch changes up to 2ef297af07196c29446556537861f8e7dfeeae7b: |
| 20 | 15 | ||
| 21 | hw/intc/exynos4210_gic: Turn instance_init into realize function (2018-07-23 15:21:27 +0100) | 16 | coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls (2018-10-16 17:14:55 +0100) |
| 22 | 17 | ||
| 23 | ---------------------------------------------------------------- | 18 | ---------------------------------------------------------------- |
| 24 | target-arm queue: | 19 | target-arm queue: |
| 25 | * spitz, exynos: fix bugs when introspecting some devices | 20 | * hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART |
| 26 | * hw/microblaze/xlnx-zynqmp-pmu: Fix introspection problem in 'xlnx, zynqmp-pmu-soc' | 21 | * target/arm: Fix aarch64_sve_change_el wrt EL0 |
| 27 | * target/arm: Correctly handle overlapping small MPU regions | 22 | * target/arm: Define fields of ISAR registers |
| 28 | * hw/sd/bcm2835_sdhost: Fix PIO mode writes | 23 | * target/arm: Align cortex-r5 id_isar0 |
| 24 | * target/arm: Fix cortex-a7 id_isar0 | ||
| 25 | * net/cadence_gem: Fix various bugs, add support for new | ||
| 26 | features that will be used by the Xilinx Versal board | ||
| 27 | * target-arm: powerctl: Enable HVC when starting CPUs to EL2 | ||
| 28 | * target/arm: Add the Cortex-A72 | ||
| 29 | * target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO | ||
| 30 | * target/arm: Mask PMOVSR writes based on supported counters | ||
| 31 | * target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write | ||
| 32 | * coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls | ||
| 29 | 33 | ||
| 30 | ---------------------------------------------------------------- | 34 | ---------------------------------------------------------------- |
| 31 | Guenter Roeck (1): | 35 | Aaron Lindsay (2): |
| 32 | hw/sd/bcm2835_sdhost: Fix PIO mode writes | 36 | target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO |
| 37 | target/arm: Mask PMOVSR writes based on supported counters | ||
| 33 | 38 | ||
| 34 | Peter Maydell (1): | 39 | Edgar E. Iglesias (8): |
| 35 | target/arm: Correctly handle overlapping small MPU regions | 40 | net: cadence_gem: Disable TSU feature bit |
| 41 | net: cadence_gem: Use uint32_t for 32bit descriptor words | ||
| 42 | net: cadence_gem: Add macro with max number of descriptor words | ||
| 43 | net: cadence_gem: Add support for extended descriptors | ||
| 44 | net: cadence_gem: Add support for selecting the DMA MemoryRegion | ||
| 45 | net: cadence_gem: Implement support for 64bit descriptor addresses | ||
| 46 | target-arm: powerctl: Enable HVC when starting CPUs to EL2 | ||
| 47 | target/arm: Add the Cortex-A72 | ||
| 36 | 48 | ||
| 37 | Thomas Huth (3): | 49 | Jerome Forissier (1): |
| 38 | hw/microblaze/xlnx-zynqmp-pmu: Fix introspection problem in 'xlnx, zynqmp-pmu-soc' | 50 | hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART |
| 39 | hw/arm/spitz: Move problematic nand_init() code to realize function | ||
| 40 | hw/intc/exynos4210_gic: Turn instance_init into realize function | ||
| 41 | 51 | ||
| 42 | hw/arm/spitz.c | 15 ++++++++++---- | 52 | Peter Maydell (2): |
| 43 | hw/intc/exynos4210_gic.c | 6 +++--- | 53 | target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write |
| 44 | hw/microblaze/xlnx-zynqmp-pmu.c | 10 ++++----- | 54 | coccinelle: new inplace-byteswaps.cocci to remove inplace-byteswapping calls |
| 45 | hw/sd/bcm2835_sdhost.c | 20 ++++++++++++++---- | ||
| 46 | target/arm/helper.c | 46 +++++++++++++++++++++++++++++++++++++++++ | ||
| 47 | 5 files changed, 80 insertions(+), 17 deletions(-) | ||
| 48 | 55 | ||
| 56 | Richard Henderson (4): | ||
| 57 | target/arm: Fix aarch64_sve_change_el wrt EL0 | ||
| 58 | target/arm: Define fields of ISAR registers | ||
| 59 | target/arm: Align cortex-r5 id_isar0 | ||
| 60 | target/arm: Fix cortex-a7 id_isar0 | ||
| 61 | |||
| 62 | include/hw/net/cadence_gem.h | 7 +- | ||
| 63 | target/arm/cpu.h | 95 ++++++++++++++- | ||
| 64 | hw/arm/virt.c | 4 + | ||
| 65 | hw/net/cadence_gem.c | 185 ++++++++++++++++++++--------- | ||
| 66 | target/arm/arm-powerctl.c | 10 ++ | ||
| 67 | target/arm/cpu.c | 7 +- | ||
| 68 | target/arm/cpu64.c | 66 +++++++++- | ||
| 69 | target/arm/helper.c | 27 +++-- | ||
| 70 | target/arm/op_helper.c | 6 +- | ||
| 71 | scripts/coccinelle/inplace-byteswaps.cocci | 65 ++++++++++ | ||
| 72 | 10 files changed, 402 insertions(+), 70 deletions(-) | ||
| 73 | create mode 100644 scripts/coccinelle/inplace-byteswaps.cocci | ||
| 74 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | From: Thomas Huth <thuth@redhat.com> | ||
| 2 | 1 | ||
| 3 | Valgrind complains: | ||
| 4 | |||
| 5 | echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ | ||
| 6 | "'arguments':{'typename':'xlnx,zynqmp-pmu-soc'}}" \ | ||
| 7 | "{'execute': 'human-monitor-command', " \ | ||
| 8 | "'arguments': {'command-line': 'info qtree'}}" | \ | ||
| 9 | valgrind -q microblazeel-softmmu/qemu-system-microblazeel -M none,accel=qtest -qmp stdio | ||
| 10 | [...] | ||
| 11 | ==13605== Invalid read of size 8 | ||
| 12 | ==13605== at 0x2AC69A: qdev_print (qdev-monitor.c:686) | ||
| 13 | ==13605== by 0x2AC69A: qbus_print (qdev-monitor.c:719) | ||
| 14 | ==13605== by 0x2591E8: handle_hmp_command (monitor.c:3446) | ||
| 15 | |||
| 16 | Use the new object_initialize_child() and sysbus_init_child_obj() to | ||
| 17 | fix the issue. | ||
| 18 | |||
| 19 | Signed-off-by: Thomas Huth <thuth@redhat.com> | ||
| 20 | Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> | ||
| 21 | Message-id: 1531839343-13828-1-git-send-email-thuth@redhat.com | ||
| 22 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 23 | --- | ||
| 24 | hw/microblaze/xlnx-zynqmp-pmu.c | 10 ++++------ | ||
| 25 | 1 file changed, 4 insertions(+), 6 deletions(-) | ||
| 26 | |||
| 27 | diff --git a/hw/microblaze/xlnx-zynqmp-pmu.c b/hw/microblaze/xlnx-zynqmp-pmu.c | ||
| 28 | index XXXXXXX..XXXXXXX 100644 | ||
| 29 | --- a/hw/microblaze/xlnx-zynqmp-pmu.c | ||
| 30 | +++ b/hw/microblaze/xlnx-zynqmp-pmu.c | ||
| 31 | @@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_pmu_soc_init(Object *obj) | ||
| 32 | { | ||
| 33 | XlnxZynqMPPMUSoCState *s = XLNX_ZYNQMP_PMU_SOC(obj); | ||
| 34 | |||
| 35 | - object_initialize(&s->cpu, sizeof(s->cpu), | ||
| 36 | - TYPE_MICROBLAZE_CPU); | ||
| 37 | - object_property_add_child(obj, "pmu-cpu", OBJECT(&s->cpu), | ||
| 38 | - &error_abort); | ||
| 39 | + object_initialize_child(obj, "pmu-cpu", &s->cpu, sizeof(s->cpu), | ||
| 40 | + TYPE_MICROBLAZE_CPU, &error_abort, NULL); | ||
| 41 | |||
| 42 | - object_initialize(&s->intc, sizeof(s->intc), TYPE_XLNX_PMU_IO_INTC); | ||
| 43 | - qdev_set_parent_bus(DEVICE(&s->intc), sysbus_get_default()); | ||
| 44 | + sysbus_init_child_obj(obj, "intc", &s->intc, sizeof(s->intc), | ||
| 45 | + TYPE_XLNX_PMU_IO_INTC); | ||
| 46 | } | ||
| 47 | |||
| 48 | static void xlnx_zynqmp_pmu_soc_realize(DeviceState *dev, Error **errp) | ||
| 49 | -- | ||
| 50 | 2.17.1 | ||
| 51 | |||
| 52 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | From: Guenter Roeck <linux@roeck-us.net> | ||
| 2 | 1 | ||
| 3 | Writes in PIO mode have two requirements: | ||
| 4 | |||
| 5 | - A data interrupt must be generated after a write command has been | ||
| 6 | issued to indicate that the chip is ready to receive data. | ||
| 7 | - A block interrupt must be generated after each block to indicate | ||
| 8 | that the chip is ready to receive the next data block. | ||
| 9 | |||
| 10 | Rearrange the code to make this happen. Tested on raspi3 (in PIO mode) | ||
| 11 | and raspi2 (in DMA mode). | ||
| 12 | |||
| 13 | Signed-off-by: Guenter Roeck <linux@roeck-us.net> | ||
| 14 | Message-id: 1531779837-20557-1-git-send-email-linux@roeck-us.net | ||
| 15 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 16 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 17 | --- | ||
| 18 | hw/sd/bcm2835_sdhost.c | 20 ++++++++++++++++---- | ||
| 19 | 1 file changed, 16 insertions(+), 4 deletions(-) | ||
| 20 | |||
| 21 | diff --git a/hw/sd/bcm2835_sdhost.c b/hw/sd/bcm2835_sdhost.c | ||
| 22 | index XXXXXXX..XXXXXXX 100644 | ||
| 23 | --- a/hw/sd/bcm2835_sdhost.c | ||
| 24 | +++ b/hw/sd/bcm2835_sdhost.c | ||
| 25 | @@ -XXX,XX +XXX,XX @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s) | ||
| 26 | uint32_t value = 0; | ||
| 27 | int n; | ||
| 28 | int is_read; | ||
| 29 | + int is_write; | ||
| 30 | |||
| 31 | is_read = (s->cmd & SDCMD_READ_CMD) != 0; | ||
| 32 | - if (s->datacnt != 0 && (!is_read || sdbus_data_ready(&s->sdbus))) { | ||
| 33 | + is_write = (s->cmd & SDCMD_WRITE_CMD) != 0; | ||
| 34 | + if (s->datacnt != 0 && (is_write || sdbus_data_ready(&s->sdbus))) { | ||
| 35 | if (is_read) { | ||
| 36 | n = 0; | ||
| 37 | while (s->datacnt && s->fifo_len < BCM2835_SDHOST_FIFO_LEN) { | ||
| 38 | @@ -XXX,XX +XXX,XX @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s) | ||
| 39 | if (n != 0) { | ||
| 40 | bcm2835_sdhost_fifo_push(s, value); | ||
| 41 | s->status |= SDHSTS_DATA_FLAG; | ||
| 42 | + if (s->config & SDHCFG_DATA_IRPT_EN) { | ||
| 43 | + s->status |= SDHSTS_SDIO_IRPT; | ||
| 44 | + } | ||
| 45 | } | ||
| 46 | - } else { /* write */ | ||
| 47 | + } else if (is_write) { /* write */ | ||
| 48 | n = 0; | ||
| 49 | while (s->datacnt > 0 && (s->fifo_len > 0 || n > 0)) { | ||
| 50 | if (n == 0) { | ||
| 51 | @@ -XXX,XX +XXX,XX @@ static void bcm2835_sdhost_fifo_run(BCM2835SDHostState *s) | ||
| 52 | s->edm &= ~SDEDM_FSM_MASK; | ||
| 53 | s->edm |= SDEDM_FSM_DATAMODE; | ||
| 54 | trace_bcm2835_sdhost_edm_change("datacnt 0", s->edm); | ||
| 55 | - | ||
| 56 | - if ((s->cmd & SDCMD_WRITE_CMD) && | ||
| 57 | + } | ||
| 58 | + if (is_write) { | ||
| 59 | + /* set block interrupt at end of each block transfer */ | ||
| 60 | + if (s->hbct && s->datacnt % s->hbct == 0 && | ||
| 61 | (s->config & SDHCFG_BLOCK_IRPT_EN)) { | ||
| 62 | s->status |= SDHSTS_BLOCK_IRPT; | ||
| 63 | } | ||
| 64 | + /* set data interrupt after each transfer */ | ||
| 65 | + s->status |= SDHSTS_DATA_FLAG; | ||
| 66 | + if (s->config & SDHCFG_DATA_IRPT_EN) { | ||
| 67 | + s->status |= SDHSTS_SDIO_IRPT; | ||
| 68 | + } | ||
| 69 | } | ||
| 70 | } | ||
| 71 | |||
| 72 | -- | ||
| 73 | 2.17.1 | ||
| 74 | |||
| 75 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | To correctly handle small (less than TARGET_PAGE_SIZE) MPU regions, | ||
| 2 | we must correctly handle the case where the address being looked | ||
| 3 | up hits in an MPU region that is not small but the address is | ||
| 4 | in the same page as a small region. For instance if MPU region | ||
| 5 | 1 covers an entire page from 0x2000 to 0x2400 and MPU region | ||
| 6 | 2 is small and covers only 0x2200 to 0x2280, then for an access | ||
| 7 | to 0x2000 we must not return a result covering the full page | ||
| 8 | even though we hit the page-sized region 1. Otherwise we will | ||
| 9 | then cache that result in the TLB and accesses that should | ||
| 10 | hit region 2 will incorrectly find the region 1 information. | ||
| 11 | 1 | ||
| 12 | Check for the case where we miss an MPU region but it is still | ||
| 13 | within the same page, and in that case narrow the size we will | ||
| 14 | pass to tlb_set_page_with_attrs() for whatever the final | ||
| 15 | outcome is of the MPU lookup. | ||
| 16 | |||
| 17 | Reported-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com> | ||
| 18 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 19 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 20 | Message-id: 20180716133302.25989-1-peter.maydell@linaro.org | ||
| 21 | --- | ||
| 22 | target/arm/helper.c | 46 +++++++++++++++++++++++++++++++++++++++++++++ | ||
| 23 | 1 file changed, 46 insertions(+) | ||
| 24 | |||
| 25 | diff --git a/target/arm/helper.c b/target/arm/helper.c | ||
| 26 | index XXXXXXX..XXXXXXX 100644 | ||
| 27 | --- a/target/arm/helper.c | ||
| 28 | +++ b/target/arm/helper.c | ||
| 29 | @@ -XXX,XX +XXX,XX @@ | ||
| 30 | #include "exec/semihost.h" | ||
| 31 | #include "sysemu/kvm.h" | ||
| 32 | #include "fpu/softfloat.h" | ||
| 33 | +#include "qemu/range.h" | ||
| 34 | |||
| 35 | #define ARM_CPU_FREQ 1000000000 /* FIXME: 1 GHz, should be configurable */ | ||
| 36 | |||
| 37 | @@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address, | ||
| 38 | } | ||
| 39 | |||
| 40 | if (address < base || address > base + rmask) { | ||
| 41 | + /* | ||
| 42 | + * Address not in this region. We must check whether the | ||
| 43 | + * region covers addresses in the same page as our address. | ||
| 44 | + * In that case we must not report a size that covers the | ||
| 45 | + * whole page for a subsequent hit against a different MPU | ||
| 46 | + * region or the background region, because it would result in | ||
| 47 | + * incorrect TLB hits for subsequent accesses to addresses that | ||
| 48 | + * are in this MPU region. | ||
| 49 | + */ | ||
| 50 | + if (ranges_overlap(base, rmask, | ||
| 51 | + address & TARGET_PAGE_MASK, | ||
| 52 | + TARGET_PAGE_SIZE)) { | ||
| 53 | + *page_size = 1; | ||
| 54 | + } | ||
| 55 | continue; | ||
| 56 | } | ||
| 57 | |||
| 58 | @@ -XXX,XX +XXX,XX @@ static void v8m_security_lookup(CPUARMState *env, uint32_t address, | ||
| 59 | sattrs->srvalid = true; | ||
| 60 | sattrs->sregion = r; | ||
| 61 | } | ||
| 62 | + } else { | ||
| 63 | + /* | ||
| 64 | + * Address not in this region. We must check whether the | ||
| 65 | + * region covers addresses in the same page as our address. | ||
| 66 | + * In that case we must not report a size that covers the | ||
| 67 | + * whole page for a subsequent hit against a different MPU | ||
| 68 | + * region or the background region, because it would result | ||
| 69 | + * in incorrect TLB hits for subsequent accesses to | ||
| 70 | + * addresses that are in this MPU region. | ||
| 71 | + */ | ||
| 72 | + if (limit >= base && | ||
| 73 | + ranges_overlap(base, limit - base + 1, | ||
| 74 | + addr_page_base, | ||
| 75 | + TARGET_PAGE_SIZE)) { | ||
| 76 | + sattrs->subpage = true; | ||
| 77 | + } | ||
| 78 | } | ||
| 79 | } | ||
| 80 | } | ||
| 81 | @@ -XXX,XX +XXX,XX @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address, | ||
| 82 | } | ||
| 83 | |||
| 84 | if (address < base || address > limit) { | ||
| 85 | + /* | ||
| 86 | + * Address not in this region. We must check whether the | ||
| 87 | + * region covers addresses in the same page as our address. | ||
| 88 | + * In that case we must not report a size that covers the | ||
| 89 | + * whole page for a subsequent hit against a different MPU | ||
| 90 | + * region or the background region, because it would result in | ||
| 91 | + * incorrect TLB hits for subsequent accesses to addresses that | ||
| 92 | + * are in this MPU region. | ||
| 93 | + */ | ||
| 94 | + if (limit >= base && | ||
| 95 | + ranges_overlap(base, limit - base + 1, | ||
| 96 | + addr_page_base, | ||
| 97 | + TARGET_PAGE_SIZE)) { | ||
| 98 | + *is_subpage = true; | ||
| 99 | + } | ||
| 100 | continue; | ||
| 101 | } | ||
| 102 | |||
| 103 | -- | ||
| 104 | 2.17.1 | ||
| 105 | |||
| 106 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | From: Thomas Huth <thuth@redhat.com> | ||
| 2 | 1 | ||
| 3 | nand_init() does not only create the NAND device, it also realizes | ||
| 4 | the device with qdev_init_nofail() already. So we must not call | ||
| 5 | nand_init() from an instance_init function like sl_nand_init(), | ||
| 6 | otherwise we get superfluous NAND devices in the QOM tree after | ||
| 7 | introspecting the 'sl-nand' device. So move the nand_init() to the | ||
| 8 | realize function of 'sl-nand' instead. | ||
| 9 | |||
| 10 | Signed-off-by: Thomas Huth <thuth@redhat.com> | ||
| 11 | Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> | ||
| 12 | Message-id: 1532006134-7701-1-git-send-email-thuth@redhat.com | ||
| 13 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 14 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 15 | --- | ||
| 16 | hw/arm/spitz.c | 15 +++++++++++---- | ||
| 17 | 1 file changed, 11 insertions(+), 4 deletions(-) | ||
| 18 | |||
| 19 | diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c | ||
| 20 | index XXXXXXX..XXXXXXX 100644 | ||
| 21 | --- a/hw/arm/spitz.c | ||
| 22 | +++ b/hw/arm/spitz.c | ||
| 23 | @@ -XXX,XX +XXX,XX @@ static void sl_nand_init(Object *obj) | ||
| 24 | { | ||
| 25 | SLNANDState *s = SL_NAND(obj); | ||
| 26 | SysBusDevice *dev = SYS_BUS_DEVICE(obj); | ||
| 27 | - DriveInfo *nand; | ||
| 28 | |||
| 29 | s->ctl = 0; | ||
| 30 | + | ||
| 31 | + memory_region_init_io(&s->iomem, obj, &sl_ops, s, "sl", 0x40); | ||
| 32 | + sysbus_init_mmio(dev, &s->iomem); | ||
| 33 | +} | ||
| 34 | + | ||
| 35 | +static void sl_nand_realize(DeviceState *dev, Error **errp) | ||
| 36 | +{ | ||
| 37 | + SLNANDState *s = SL_NAND(dev); | ||
| 38 | + DriveInfo *nand; | ||
| 39 | + | ||
| 40 | /* FIXME use a qdev drive property instead of drive_get() */ | ||
| 41 | nand = drive_get(IF_MTD, 0, 0); | ||
| 42 | s->nand = nand_init(nand ? blk_by_legacy_dinfo(nand) : NULL, | ||
| 43 | s->manf_id, s->chip_id); | ||
| 44 | - | ||
| 45 | - memory_region_init_io(&s->iomem, obj, &sl_ops, s, "sl", 0x40); | ||
| 46 | - sysbus_init_mmio(dev, &s->iomem); | ||
| 47 | } | ||
| 48 | |||
| 49 | /* Spitz Keyboard */ | ||
| 50 | @@ -XXX,XX +XXX,XX @@ static void sl_nand_class_init(ObjectClass *klass, void *data) | ||
| 51 | |||
| 52 | dc->vmsd = &vmstate_sl_nand_info; | ||
| 53 | dc->props = sl_nand_properties; | ||
| 54 | + dc->realize = sl_nand_realize; | ||
| 55 | /* Reason: init() method uses drive_get() */ | ||
| 56 | dc->user_creatable = false; | ||
| 57 | } | ||
| 58 | -- | ||
| 59 | 2.17.1 | ||
| 60 | |||
| 61 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | From: Thomas Huth <thuth@redhat.com> | ||
| 2 | 1 | ||
| 3 | The instance_init function of the "exynos4210.gic" device creates a | ||
| 4 | new "arm_gic" device and immediately realizes it with qdev_init_nofail(). | ||
| 5 | This will leave a lot of object in the QOM tree during introspection of | ||
| 6 | the "exynos4210.gic" device, e.g. reproducible by starting QEMU like this: | ||
| 7 | |||
| 8 | qemu-system-aarch64 -M none -nodefaults -nographic -monitor stdio | ||
| 9 | |||
| 10 | And then by running "info qom-tree" at the HMP monitor, followed by | ||
| 11 | "device_add exynos4210.gic,help" and finally checking "info qom-tree" | ||
| 12 | again. | ||
| 13 | |||
| 14 | Also note that qdev_init_nofail() can exit QEMU in case of errors - and | ||
| 15 | this must never happen during an instance_init function, otherwise QEMU | ||
| 16 | could terminate unexpectedly during introspection of a device. | ||
| 17 | |||
| 18 | Since most of the code that follows the qdev_init_nofail() depends on | ||
| 19 | the realized "gicbusdev", the easiest solution to the problem is to | ||
| 20 | turn the whole instance_init function into a realize function instead. | ||
| 21 | |||
| 22 | Signed-off-by: Thomas Huth <thuth@redhat.com> | ||
| 23 | Message-id: 1532337784-334-1-git-send-email-thuth@redhat.com | ||
| 24 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 25 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 26 | --- | ||
| 27 | hw/intc/exynos4210_gic.c | 6 +++--- | ||
| 28 | 1 file changed, 3 insertions(+), 3 deletions(-) | ||
| 29 | |||
| 30 | diff --git a/hw/intc/exynos4210_gic.c b/hw/intc/exynos4210_gic.c | ||
| 31 | index XXXXXXX..XXXXXXX 100644 | ||
| 32 | --- a/hw/intc/exynos4210_gic.c | ||
| 33 | +++ b/hw/intc/exynos4210_gic.c | ||
| 34 | @@ -XXX,XX +XXX,XX @@ static void exynos4210_gic_set_irq(void *opaque, int irq, int level) | ||
| 35 | qemu_set_irq(qdev_get_gpio_in(s->gic, irq), level); | ||
| 36 | } | ||
| 37 | |||
| 38 | -static void exynos4210_gic_init(Object *obj) | ||
| 39 | +static void exynos4210_gic_realize(DeviceState *dev, Error **errp) | ||
| 40 | { | ||
| 41 | - DeviceState *dev = DEVICE(obj); | ||
| 42 | + Object *obj = OBJECT(dev); | ||
| 43 | Exynos4210GicState *s = EXYNOS4210_GIC(obj); | ||
| 44 | SysBusDevice *sbd = SYS_BUS_DEVICE(obj); | ||
| 45 | const char cpu_prefix[] = "exynos4210-gic-alias_cpu"; | ||
| 46 | @@ -XXX,XX +XXX,XX @@ static void exynos4210_gic_class_init(ObjectClass *klass, void *data) | ||
| 47 | DeviceClass *dc = DEVICE_CLASS(klass); | ||
| 48 | |||
| 49 | dc->props = exynos4210_gic_properties; | ||
| 50 | + dc->realize = exynos4210_gic_realize; | ||
| 51 | } | ||
| 52 | |||
| 53 | static const TypeInfo exynos4210_gic_info = { | ||
| 54 | .name = TYPE_EXYNOS4210_GIC, | ||
| 55 | .parent = TYPE_SYS_BUS_DEVICE, | ||
| 56 | .instance_size = sizeof(Exynos4210GicState), | ||
| 57 | - .instance_init = exynos4210_gic_init, | ||
| 58 | .class_init = exynos4210_gic_class_init, | ||
| 59 | }; | ||
| 60 | |||
| 61 | -- | ||
| 62 | 2.17.1 | ||
| 63 | |||
| 64 | diff view generated by jsdifflib |