[PATCH 0/2] hw/riscv: Make CPU config error handling generous

Tsukasa OI posted 2 patches 1 year, 10 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/cover.1652435235.git.research._5Ftrasio@irq.a4lg.com
Maintainers: Alistair Francis <Alistair.Francis@wdc.com>, Palmer Dabbelt <palmer@dabbelt.com>, Bin Meng <bin.meng@windriver.com>
There is a newer version of this series
hw/riscv/opentitan.c | 2 +-
hw/riscv/sifive_e.c  | 2 +-
hw/riscv/sifive_u.c  | 4 ++--
hw/riscv/spike.c     | 2 +-
hw/riscv/virt.c      | 2 +-
5 files changed, 6 insertions(+), 6 deletions(-)
[PATCH 0/2] hw/riscv: Make CPU config error handling generous
Posted by Tsukasa OI 1 year, 10 months ago
Hello,

This patchset involves error handling on RISC-V CPU configuration error.

For instance:

    -cpu rv64,f=on,zfinx=on

This is an example of invalid CPU configuration because "F" and "Zfinx"
cannot coexist.  Detecting such error is a good thing.

The bad thing is, it aborts when such invalid configuration is detected.
I'm making changes to QEMU on Ubuntu 22.04 LTS but once I got a pop-up
window asking whether to send a crash report.  Even if not, it generates
core dumps.  That's not what I wanted.

    Example of error message before this patchset:
    Unexpected error in riscv_cpu_realize() at ../../../../src/qemu/target/riscv/cpu.c:718:
    qemu-system-riscv64: 'Zfinx' cannot be supported together with 'F', 'D', 'Zfh', 'Zfhmin'
    Aborted (core dumped)
    $ (returns to shell but may show error report window on some OS)

Such extreme error handling should be only used on serious runtime errors,
not for minor user-configuration mistakes (that can be easily and *safely*
detectable).

    Example of error message after this patchset:
    qemu-system-riscv64: 'Zfinx' cannot be supported together with 'F', 'D', 'Zfh', 'Zfhmin'
    $ (returns to shell with error status [$?] of 1)

This patchset resolves this problem on following machines, changing error
handling structure from `error_abort' (aborts and generates core dumps
[depends on OS] on error) to `error_fatal' (shows error message and quits
with error status 1 on error):

-   spike (QEMU default)
-   virt
-   sifive_e
-   sifive_u
-   opentitan (RV32 only)

`error_abort' on CPU realization exists on following machines:

-   shakti_c (RV64 only)
-   microchip-icicle-kit (RV64 only)

...but since CPU realization on those machine currently never fails
(because they require fixed CPU), I didn't touch those (may be a TODO).




Tsukasa OI (2):
  target/riscv: Make CPU config error handling generous (virt/spike)
  target/riscv: Make CPU config error handling generous
    (sifive_e/u/opentitan)

 hw/riscv/opentitan.c | 2 +-
 hw/riscv/sifive_e.c  | 2 +-
 hw/riscv/sifive_u.c  | 4 ++--
 hw/riscv/spike.c     | 2 +-
 hw/riscv/virt.c      | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)


base-commit: 178bacb66d98d9ee7a702b9f2a4dfcd88b72a9ab
-- 
2.34.1
[PATCH v2 0/2] hw/riscv: Make CPU config error handling generous
Posted by Tsukasa OI 1 year, 10 months ago
c.f.
<https://lists.gnu.org/archive/html/qemu-riscv/2022-05/msg00229.html>

This patchset is functionally equivalent to v1 but fixes commit titles.




Tsukasa OI (2):
  hw/riscv: Make CPU config error handling generous (virt/spike)
  hw/riscv: Make CPU config error handling generous
    (sifive_e/u/opentitan)

 hw/riscv/opentitan.c | 2 +-
 hw/riscv/sifive_e.c  | 2 +-
 hw/riscv/sifive_u.c  | 4 ++--
 hw/riscv/spike.c     | 2 +-
 hw/riscv/virt.c      | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)


base-commit: 178bacb66d98d9ee7a702b9f2a4dfcd88b72a9ab
-- 
2.34.1
Re: [PATCH v2 0/2] hw/riscv: Make CPU config error handling generous
Posted by Alistair Francis 1 year, 10 months ago
On Sat, May 14, 2022 at 4:29 PM Tsukasa OI <research_trasio@irq.a4lg.com> wrote:
>
> c.f.
> <https://lists.gnu.org/archive/html/qemu-riscv/2022-05/msg00229.html>
>
> This patchset is functionally equivalent to v1 but fixes commit titles.
>
>
>
>
> Tsukasa OI (2):
>   hw/riscv: Make CPU config error handling generous (virt/spike)
>   hw/riscv: Make CPU config error handling generous
>     (sifive_e/u/opentitan)
>
>  hw/riscv/opentitan.c | 2 +-
>  hw/riscv/sifive_e.c  | 2 +-
>  hw/riscv/sifive_u.c  | 4 ++--
>  hw/riscv/spike.c     | 2 +-
>  hw/riscv/virt.c      | 2 +-
>  5 files changed, 6 insertions(+), 6 deletions(-)

Thanks!

Applied to riscv-to-apply.next

Alistair

>
>
> base-commit: 178bacb66d98d9ee7a702b9f2a4dfcd88b72a9ab
> --
> 2.34.1
>
[PATCH v2 1/2] hw/riscv: Make CPU config error handling generous (virt/spike)
Posted by Tsukasa OI 1 year, 10 months ago
If specified CPU configuration is not valid, not just it prints error
message, it aborts and generates core dumps (depends on the operating
system).  This kind of error handling should be used only when a serious
runtime error occurs.

This commit makes error handling on CPU configuration more generous on
virt/spike machines.  It now just prints error message and quits (without
coredumps and aborts).

Signed-off-by: Tsukasa OI <research_trasio@irq.a4lg.com>
---
 hw/riscv/spike.c | 2 +-
 hw/riscv/virt.c  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c
index 068ba3493e..e41b6aa9f0 100644
--- a/hw/riscv/spike.c
+++ b/hw/riscv/spike.c
@@ -230,7 +230,7 @@ static void spike_board_init(MachineState *machine)
                                 base_hartid, &error_abort);
         object_property_set_int(OBJECT(&s->soc[i]), "num-harts",
                                 hart_count, &error_abort);
-        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_abort);
+        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_fatal);
 
         /* Core Local Interruptor (timer and IPI) for each socket */
         riscv_aclint_swi_create(
diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
index 3326f4db96..244d6408b5 100644
--- a/hw/riscv/virt.c
+++ b/hw/riscv/virt.c
@@ -1351,7 +1351,7 @@ static void virt_machine_init(MachineState *machine)
                                 base_hartid, &error_abort);
         object_property_set_int(OBJECT(&s->soc[i]), "num-harts",
                                 hart_count, &error_abort);
-        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_abort);
+        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_fatal);
 
         if (!kvm_enabled()) {
             if (s->have_aclint) {
-- 
2.34.1
Re: [PATCH v2 1/2] hw/riscv: Make CPU config error handling generous (virt/spike)
Posted by Alistair Francis 1 year, 10 months ago
On Sat, May 14, 2022 at 4:29 PM Tsukasa OI <research_trasio@irq.a4lg.com> wrote:
>
> If specified CPU configuration is not valid, not just it prints error
> message, it aborts and generates core dumps (depends on the operating
> system).  This kind of error handling should be used only when a serious
> runtime error occurs.
>
> This commit makes error handling on CPU configuration more generous on
> virt/spike machines.  It now just prints error message and quits (without
> coredumps and aborts).
>
> Signed-off-by: Tsukasa OI <research_trasio@irq.a4lg.com>

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>

Alistair

> ---
>  hw/riscv/spike.c | 2 +-
>  hw/riscv/virt.c  | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c
> index 068ba3493e..e41b6aa9f0 100644
> --- a/hw/riscv/spike.c
> +++ b/hw/riscv/spike.c
> @@ -230,7 +230,7 @@ static void spike_board_init(MachineState *machine)
>                                  base_hartid, &error_abort);
>          object_property_set_int(OBJECT(&s->soc[i]), "num-harts",
>                                  hart_count, &error_abort);
> -        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_abort);
> +        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_fatal);
>
>          /* Core Local Interruptor (timer and IPI) for each socket */
>          riscv_aclint_swi_create(
> diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
> index 3326f4db96..244d6408b5 100644
> --- a/hw/riscv/virt.c
> +++ b/hw/riscv/virt.c
> @@ -1351,7 +1351,7 @@ static void virt_machine_init(MachineState *machine)
>                                  base_hartid, &error_abort);
>          object_property_set_int(OBJECT(&s->soc[i]), "num-harts",
>                                  hart_count, &error_abort);
> -        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_abort);
> +        sysbus_realize(SYS_BUS_DEVICE(&s->soc[i]), &error_fatal);
>
>          if (!kvm_enabled()) {
>              if (s->have_aclint) {
> --
> 2.34.1
>
[PATCH v2 2/2] hw/riscv: Make CPU config error handling generous (sifive_e/u/opentitan)
Posted by Tsukasa OI 1 year, 10 months ago
If specified CPU configuration is not valid, not just it prints error
message, it aborts and generates core dumps (depends on the operating
system).  This kind of error handling should be used only when a serious
runtime error occurs.

This commit makes error handling on CPU configuration more generous on
sifive_e/u and opentitan machines.  It now just prints error message and
quits (without coredumps and aborts).

This is separate from spike/virt because it involves different type
(TYPE_RISCV_HART_ARRAY) on sifive_e/u and opentitan machines.

Signed-off-by: Tsukasa OI <research_trasio@irq.a4lg.com>
---
 hw/riscv/opentitan.c | 2 +-
 hw/riscv/sifive_e.c  | 2 +-
 hw/riscv/sifive_u.c  | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/riscv/opentitan.c b/hw/riscv/opentitan.c
index 2d401dcb23..4495a2c039 100644
--- a/hw/riscv/opentitan.c
+++ b/hw/riscv/opentitan.c
@@ -142,7 +142,7 @@ static void lowrisc_ibex_soc_realize(DeviceState *dev_soc, Error **errp)
     object_property_set_int(OBJECT(&s->cpus), "num-harts", ms->smp.cpus,
                             &error_abort);
     object_property_set_int(OBJECT(&s->cpus), "resetvec", 0x8080, &error_abort);
-    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_abort);
+    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_fatal);
 
     /* Boot ROM */
     memory_region_init_rom(&s->rom, OBJECT(dev_soc), "riscv.lowrisc.ibex.rom",
diff --git a/hw/riscv/sifive_e.c b/hw/riscv/sifive_e.c
index dcb87b6cfd..d65d2fd869 100644
--- a/hw/riscv/sifive_e.c
+++ b/hw/riscv/sifive_e.c
@@ -195,7 +195,7 @@ static void sifive_e_soc_realize(DeviceState *dev, Error **errp)
 
     object_property_set_str(OBJECT(&s->cpus), "cpu-type", ms->cpu_type,
                             &error_abort);
-    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_abort);
+    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_fatal);
 
     /* Mask ROM */
     memory_region_init_rom(&s->mask_rom, OBJECT(dev), "riscv.sifive.e.mrom",
diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
index cc8c7637cb..a2495b5ae7 100644
--- a/hw/riscv/sifive_u.c
+++ b/hw/riscv/sifive_u.c
@@ -830,8 +830,8 @@ static void sifive_u_soc_realize(DeviceState *dev, Error **errp)
     qdev_prop_set_string(DEVICE(&s->u_cpus), "cpu-type", s->cpu_type);
     qdev_prop_set_uint64(DEVICE(&s->u_cpus), "resetvec", 0x1004);
 
-    sysbus_realize(SYS_BUS_DEVICE(&s->e_cpus), &error_abort);
-    sysbus_realize(SYS_BUS_DEVICE(&s->u_cpus), &error_abort);
+    sysbus_realize(SYS_BUS_DEVICE(&s->e_cpus), &error_fatal);
+    sysbus_realize(SYS_BUS_DEVICE(&s->u_cpus), &error_fatal);
     /*
      * The cluster must be realized after the RISC-V hart array container,
      * as the container's CPU object is only created on realize, and the
-- 
2.34.1
Re: [PATCH v2 2/2] hw/riscv: Make CPU config error handling generous (sifive_e/u/opentitan)
Posted by Alistair Francis 1 year, 10 months ago
On Sat, May 14, 2022 at 4:30 PM Tsukasa OI <research_trasio@irq.a4lg.com> wrote:
>
> If specified CPU configuration is not valid, not just it prints error
> message, it aborts and generates core dumps (depends on the operating
> system).  This kind of error handling should be used only when a serious
> runtime error occurs.
>
> This commit makes error handling on CPU configuration more generous on
> sifive_e/u and opentitan machines.  It now just prints error message and
> quits (without coredumps and aborts).
>
> This is separate from spike/virt because it involves different type
> (TYPE_RISCV_HART_ARRAY) on sifive_e/u and opentitan machines.
>
> Signed-off-by: Tsukasa OI <research_trasio@irq.a4lg.com>

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>

Alistair

> ---
>  hw/riscv/opentitan.c | 2 +-
>  hw/riscv/sifive_e.c  | 2 +-
>  hw/riscv/sifive_u.c  | 4 ++--
>  3 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/hw/riscv/opentitan.c b/hw/riscv/opentitan.c
> index 2d401dcb23..4495a2c039 100644
> --- a/hw/riscv/opentitan.c
> +++ b/hw/riscv/opentitan.c
> @@ -142,7 +142,7 @@ static void lowrisc_ibex_soc_realize(DeviceState *dev_soc, Error **errp)
>      object_property_set_int(OBJECT(&s->cpus), "num-harts", ms->smp.cpus,
>                              &error_abort);
>      object_property_set_int(OBJECT(&s->cpus), "resetvec", 0x8080, &error_abort);
> -    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_abort);
> +    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_fatal);
>
>      /* Boot ROM */
>      memory_region_init_rom(&s->rom, OBJECT(dev_soc), "riscv.lowrisc.ibex.rom",
> diff --git a/hw/riscv/sifive_e.c b/hw/riscv/sifive_e.c
> index dcb87b6cfd..d65d2fd869 100644
> --- a/hw/riscv/sifive_e.c
> +++ b/hw/riscv/sifive_e.c
> @@ -195,7 +195,7 @@ static void sifive_e_soc_realize(DeviceState *dev, Error **errp)
>
>      object_property_set_str(OBJECT(&s->cpus), "cpu-type", ms->cpu_type,
>                              &error_abort);
> -    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_abort);
> +    sysbus_realize(SYS_BUS_DEVICE(&s->cpus), &error_fatal);
>
>      /* Mask ROM */
>      memory_region_init_rom(&s->mask_rom, OBJECT(dev), "riscv.sifive.e.mrom",
> diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
> index cc8c7637cb..a2495b5ae7 100644
> --- a/hw/riscv/sifive_u.c
> +++ b/hw/riscv/sifive_u.c
> @@ -830,8 +830,8 @@ static void sifive_u_soc_realize(DeviceState *dev, Error **errp)
>      qdev_prop_set_string(DEVICE(&s->u_cpus), "cpu-type", s->cpu_type);
>      qdev_prop_set_uint64(DEVICE(&s->u_cpus), "resetvec", 0x1004);
>
> -    sysbus_realize(SYS_BUS_DEVICE(&s->e_cpus), &error_abort);
> -    sysbus_realize(SYS_BUS_DEVICE(&s->u_cpus), &error_abort);
> +    sysbus_realize(SYS_BUS_DEVICE(&s->e_cpus), &error_fatal);
> +    sysbus_realize(SYS_BUS_DEVICE(&s->u_cpus), &error_fatal);
>      /*
>       * The cluster must be realized after the RISC-V hart array container,
>       * as the container's CPU object is only created on realize, and the
> --
> 2.34.1
>