motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-04 00:03:54 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

hw/intc: Add NULL pointer check on LoongArch ipi device

Browse source 
When ipi mailbox is used, cpu_index is decoded from iocsr register.
cpu maybe does not exist. This patch adds NULL pointer check on
ipi device.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Song Gao <gaosong@loongson.cn>
Message-Id: <20230512100421.1867848-4-gaosong@loongson.cn>
This commit is contained in:
Song Gao 2023-04-06 15:11:31 +08:00
parent 646c39b220
commit 7ef0eb35a4
No known key found for this signature in database
GPG key ID: 40A2FFF239263EDF
2 changed files with 30 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

40
hw/intc/loongarch_ipi.c
View file

@ -77,31 +77,42 @@ static void send_ipi_data(CPULoongArchState *env, uint64_t val, hwaddr addr)
static void ipi_send(uint64_t val) static void ipi_send(uint64_t val)
{ {
int cpuid, data; uint32_t cpuid;
uint8_t vector;
CPULoongArchState *env; CPULoongArchState *env;
CPUState *cs; CPUState *cs;
LoongArchCPU *cpu; LoongArchCPU *cpu;
cpuid = (val >> 16) & 0x3ff; cpuid = extract32(val, 16, 10);
if (cpuid >= LOONGARCH_MAX_CPUS) {
trace_loongarch_ipi_unsupported_cpuid("IOCSR_IPI_SEND", cpuid);
return;
}
/* IPI status vector */ /* IPI status vector */
data = 1 << (val & 0x1f); vector = extract8(val, 0, 5);
cs = qemu_get_cpu(cpuid); cs = qemu_get_cpu(cpuid);
cpu = LOONGARCH_CPU(cs); cpu = LOONGARCH_CPU(cs);
env = &cpu->env; env = &cpu->env;
address_space_stl(&env->address_space_iocsr, 0x1008, address_space_stl(&env->address_space_iocsr, 0x1008,
data, MEMTXATTRS_UNSPECIFIED, NULL); BIT(vector), MEMTXATTRS_UNSPECIFIED, NULL);
} }
static void mail_send(uint64_t val) static void mail_send(uint64_t val)
{ {
int cpuid; uint32_t cpuid;
hwaddr addr; hwaddr addr;
CPULoongArchState *env; CPULoongArchState *env;
CPUState *cs; CPUState *cs;
LoongArchCPU *cpu; LoongArchCPU *cpu;
cpuid = (val >> 16) & 0x3ff; cpuid = extract32(val, 16, 10);
if (cpuid >= LOONGARCH_MAX_CPUS) {
trace_loongarch_ipi_unsupported_cpuid("IOCSR_MAIL_SEND", cpuid);
return;
}
addr = 0x1020 + (val & 0x1c); addr = 0x1020 + (val & 0x1c);
cs = qemu_get_cpu(cpuid); cs = qemu_get_cpu(cpuid);
cpu = LOONGARCH_CPU(cs); cpu = LOONGARCH_CPU(cs);
@ -111,14 +122,21 @@ static void mail_send(uint64_t val)
static void any_send(uint64_t val) static void any_send(uint64_t val)
{ {
int cpuid; uint32_t cpuid;
hwaddr addr; hwaddr addr;
CPULoongArchState *env; CPULoongArchState *env;
CPUState *cs;
LoongArchCPU *cpu;
cpuid = extract32(val, 16, 10);
if (cpuid >= LOONGARCH_MAX_CPUS) {
trace_loongarch_ipi_unsupported_cpuid("IOCSR_ANY_SEND", cpuid);
return;
}
cpuid = (val >> 16) & 0x3ff;
addr = val & 0xffff; addr = val & 0xffff;
CPUState *cs = qemu_get_cpu(cpuid); cs = qemu_get_cpu(cpuid);
LoongArchCPU *cpu = LOONGARCH_CPU(cs); cpu = LOONGARCH_CPU(cs);
env = &cpu->env; env = &cpu->env;
send_ipi_data(env, val, addr); send_ipi_data(env, val, addr);
} }

1
hw/intc/trace-events
View file

@ -292,6 +292,7 @@ sh_intc_set(int id, int enable) "setting interrupt group %d to %d"
# loongarch_ipi.c # loongarch_ipi.c
loongarch_ipi_read(unsigned size, uint64_t addr, uint64_t val) "size: %u addr: 0x%"PRIx64 "val: 0x%"PRIx64 loongarch_ipi_read(unsigned size, uint64_t addr, uint64_t val) "size: %u addr: 0x%"PRIx64 "val: 0x%"PRIx64
loongarch_ipi_write(unsigned size, uint64_t addr, uint64_t val) "size: %u addr: 0x%"PRIx64 "val: 0x%"PRIx64 loongarch_ipi_write(unsigned size, uint64_t addr, uint64_t val) "size: %u addr: 0x%"PRIx64 "val: 0x%"PRIx64
loongarch_ipi_unsupported_cpuid(const char *s, uint32_t cpuid) "%s unsupported cpuid 0x%" PRIx32
# loongarch_pch_pic.c # loongarch_pch_pic.c
loongarch_pch_pic_irq_handler(int irq, int level) "irq %d level %d" loongarch_pch_pic_irq_handler(int irq, int level) "irq %d level %d"