On Wed, Sep 24, 2025 at 7:19 PM Djordje Todorovic
<Djordje.Todorovic@htecgroup.com> wrote:
>
> This is needed for riscv based CPUs by MIPS since those may have
> sparse hart-ID layouts. ACLINT and APLIC still assume a dense
> range, and if a hart is missing, this causes NULL derefs.
>
> Signed-off-by: Chao-ying Fu <cfu@mips.com>
> Signed-off-by: Djordje Todorovic <djordje.todorovic@htecgroup.com>
> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Alistair
> ---
> hw/intc/riscv_aclint.c | 18 ++++++++++++++++--
> hw/intc/riscv_aplic.c | 13 ++++++++++---
> 2 files changed, 26 insertions(+), 5 deletions(-)
>
> diff --git a/hw/intc/riscv_aclint.c b/hw/intc/riscv_aclint.c
> index 4623cfa029..e3e019e605 100644
> --- a/hw/intc/riscv_aclint.c
> +++ b/hw/intc/riscv_aclint.c
> @@ -297,7 +297,12 @@ static void riscv_aclint_mtimer_realize(DeviceState *dev, Error **errp)
> s->timecmp = g_new0(uint64_t, s->num_harts);
> /* Claim timer interrupt bits */
> for (i = 0; i < s->num_harts; i++) {
> - RISCVCPU *cpu = RISCV_CPU(cpu_by_arch_id(s->hartid_base + i));
> + CPUState *cpu_by_hartid = cpu_by_arch_id(s->hartid_base + i);
> + if (cpu_by_hartid == NULL) {
> + /* Valid for sparse hart layouts - skip this hart ID */
> + continue;
> + }
> + RISCVCPU *cpu = RISCV_CPU(cpu_by_hartid);
> if (riscv_cpu_claim_interrupts(cpu, MIP_MTIP) < 0) {
> error_report("MTIP already claimed");
> exit(1);
> @@ -486,7 +491,12 @@ static void riscv_aclint_swi_realize(DeviceState *dev, Error **errp)
>
> /* Claim software interrupt bits */
> for (i = 0; i < swi->num_harts; i++) {
> - RISCVCPU *cpu = RISCV_CPU(qemu_get_cpu(swi->hartid_base + i));
> + CPUState *cpu_by_hartid = cpu_by_arch_id(swi->hartid_base + i);
> + if (cpu_by_hartid == NULL) {
> + /* Valid for sparse hart layouts - skip this hart ID */
> + continue;
> + }
> + RISCVCPU *cpu = RISCV_CPU(cpu_by_hartid);
> /* We don't claim mip.SSIP because it is writable by software */
> if (riscv_cpu_claim_interrupts(cpu, swi->sswi ? 0 : MIP_MSIP) < 0) {
> error_report("MSIP already claimed");
> @@ -550,6 +560,10 @@ DeviceState *riscv_aclint_swi_create(hwaddr addr, uint32_t hartid_base,
>
> for (i = 0; i < num_harts; i++) {
> CPUState *cpu = cpu_by_arch_id(hartid_base + i);
> + if (cpu == NULL) {
> + /* Valid for sparse hart layouts - skip this hart ID */
> + continue;
> + }
> RISCVCPU *rvcpu = RISCV_CPU(cpu);
>
> qdev_connect_gpio_out(dev, i,
> diff --git a/hw/intc/riscv_aplic.c b/hw/intc/riscv_aplic.c
> index a1d9fa5085..77cec8ece9 100644
> --- a/hw/intc/riscv_aplic.c
> +++ b/hw/intc/riscv_aplic.c
> @@ -903,9 +903,12 @@ static void riscv_aplic_realize(DeviceState *dev, Error **errp)
> if (!aplic->msimode) {
> /* Claim the CPU interrupt to be triggered by this APLIC */
> for (i = 0; i < aplic->num_harts; i++) {
> - RISCVCPU *cpu;
> -
> - cpu = RISCV_CPU(cpu_by_arch_id(aplic->hartid_base + i));
> + CPUState *temp = cpu_by_arch_id(aplic->hartid_base + i);
> + if (temp == NULL) {
> + /* Valid for sparse hart layouts - skip this hart ID */
> + continue;
> + }
> + RISCVCPU *cpu = RISCV_CPU(temp);
> if (riscv_cpu_claim_interrupts(cpu,
> (aplic->mmode) ? MIP_MEIP : MIP_SEIP) < 0) {
> error_report("%s already claimed",
> @@ -1088,6 +1091,10 @@ DeviceState *riscv_aplic_create(hwaddr addr, hwaddr size,
> if (!msimode) {
> for (i = 0; i < num_harts; i++) {
> CPUState *cpu = cpu_by_arch_id(hartid_base + i);
> + if (cpu == NULL) {
> + /* Valid for sparse hart layouts - skip this hart ID */
> + continue;
> + }
>
> qdev_connect_gpio_out_named(dev, NULL, i,
> qdev_get_gpio_in(DEVICE(cpu),
> --
> 2.34.1
>