* [Qemu-devel] [PATCH for-2.9] hw/misc/imx6_src: Don't crash trying to reset missing CPUs
@ 2017-03-03 11:59 Peter Maydell
2017-03-14 11:53 ` [Qemu-devel] [Qemu-arm] " Peter Maydell
2017-03-14 16:12 ` [Qemu-devel] " Alex Bennée
0 siblings, 2 replies; 4+ messages in thread
From: Peter Maydell @ 2017-03-03 11:59 UTC (permalink / raw)
To: qemu-arm, qemu-devel
Cc: patches, Alex Bennée, Peter Chubb, Jean-Christophe DUBOIS
Commit 4881658a4b introduced a call to arm_get_cpu_by_id(),
and Coverity noticed that we weren't checking that it didn't
return NULL (CID 1371652).
Normally this won't happen (because all 4 CPUs are expected
to exist), but it's possible the user requested fewer CPUs
on the command line. Handle this possibility by silently
doing nothing, which is the same behaviour as before commit
4881658a4b and also how we handle the other CPU operations
(since we ignore the INVALID_PARAM returns from arm_set_cpu_on()
and friends).
There is a slight behavioural difference to the pre-4881658a4b
situation: the "reset this core" bit will remain set rather
than not being permitted to be set. The imx6 datasheet is
unclear about the behaviour in this odd corner case, so we
opt for the simpler code rather than complicated logic to
maintain identical behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
I couldn't actually get this to crash even with -smp 1 with
my test image, but we should fix it anyhow.
hw/misc/imx6_src.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/hw/misc/imx6_src.c b/hw/misc/imx6_src.c
index edbb756..cfb0871 100644
--- a/hw/misc/imx6_src.c
+++ b/hw/misc/imx6_src.c
@@ -143,13 +143,17 @@ static void imx6_defer_clear_reset_bit(int cpuid,
unsigned long reset_shift)
{
struct SRCSCRResetInfo *ri;
+ CPUState *cpu = arm_get_cpu_by_id(cpuid);
+
+ if (!cpu) {
+ return;
+ }
ri = g_malloc(sizeof(struct SRCSCRResetInfo));
ri->s = s;
ri->reset_bit = reset_shift;
- async_run_on_cpu(arm_get_cpu_by_id(cpuid), imx6_clear_reset_bit,
- RUN_ON_CPU_HOST_PTR(ri));
+ async_run_on_cpu(cpu, imx6_clear_reset_bit, RUN_ON_CPU_HOST_PTR(ri));
}
--
2.7.4
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [Qemu-arm] [PATCH for-2.9] hw/misc/imx6_src: Don't crash trying to reset missing CPUs
2017-03-03 11:59 [Qemu-devel] [PATCH for-2.9] hw/misc/imx6_src: Don't crash trying to reset missing CPUs Peter Maydell
@ 2017-03-14 11:53 ` Peter Maydell
2017-03-14 16:12 ` [Qemu-devel] " Alex Bennée
1 sibling, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2017-03-14 11:53 UTC (permalink / raw)
To: qemu-arm, QEMU Developers, Alex Bennée
Cc: Peter Chubb, Jean-Christophe DUBOIS, patches
Ping for review...
thanks
-- PMM
On 3 March 2017 at 12:59, Peter Maydell <peter.maydell@linaro.org> wrote:
> Commit 4881658a4b introduced a call to arm_get_cpu_by_id(),
> and Coverity noticed that we weren't checking that it didn't
> return NULL (CID 1371652).
>
> Normally this won't happen (because all 4 CPUs are expected
> to exist), but it's possible the user requested fewer CPUs
> on the command line. Handle this possibility by silently
> doing nothing, which is the same behaviour as before commit
> 4881658a4b and also how we handle the other CPU operations
> (since we ignore the INVALID_PARAM returns from arm_set_cpu_on()
> and friends).
>
> There is a slight behavioural difference to the pre-4881658a4b
> situation: the "reset this core" bit will remain set rather
> than not being permitted to be set. The imx6 datasheet is
> unclear about the behaviour in this odd corner case, so we
> opt for the simpler code rather than complicated logic to
> maintain identical behaviour.
>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> I couldn't actually get this to crash even with -smp 1 with
> my test image, but we should fix it anyhow.
>
> hw/misc/imx6_src.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/hw/misc/imx6_src.c b/hw/misc/imx6_src.c
> index edbb756..cfb0871 100644
> --- a/hw/misc/imx6_src.c
> +++ b/hw/misc/imx6_src.c
> @@ -143,13 +143,17 @@ static void imx6_defer_clear_reset_bit(int cpuid,
> unsigned long reset_shift)
> {
> struct SRCSCRResetInfo *ri;
> + CPUState *cpu = arm_get_cpu_by_id(cpuid);
> +
> + if (!cpu) {
> + return;
> + }
>
> ri = g_malloc(sizeof(struct SRCSCRResetInfo));
> ri->s = s;
> ri->reset_bit = reset_shift;
>
> - async_run_on_cpu(arm_get_cpu_by_id(cpuid), imx6_clear_reset_bit,
> - RUN_ON_CPU_HOST_PTR(ri));
> + async_run_on_cpu(cpu, imx6_clear_reset_bit, RUN_ON_CPU_HOST_PTR(ri));
> }
>
>
> --
> 2.7.4
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH for-2.9] hw/misc/imx6_src: Don't crash trying to reset missing CPUs
2017-03-03 11:59 [Qemu-devel] [PATCH for-2.9] hw/misc/imx6_src: Don't crash trying to reset missing CPUs Peter Maydell
2017-03-14 11:53 ` [Qemu-devel] [Qemu-arm] " Peter Maydell
@ 2017-03-14 16:12 ` Alex Bennée
2017-03-14 16:52 ` Peter Maydell
1 sibling, 1 reply; 4+ messages in thread
From: Alex Bennée @ 2017-03-14 16:12 UTC (permalink / raw)
To: Peter Maydell
Cc: qemu-arm, qemu-devel, patches, Peter Chubb, Jean-Christophe DUBOIS
Peter Maydell <peter.maydell@linaro.org> writes:
> Commit 4881658a4b introduced a call to arm_get_cpu_by_id(),
> and Coverity noticed that we weren't checking that it didn't
> return NULL (CID 1371652).
>
> Normally this won't happen (because all 4 CPUs are expected
> to exist), but it's possible the user requested fewer CPUs
> on the command line. Handle this possibility by silently
> doing nothing, which is the same behaviour as before commit
> 4881658a4b and also how we handle the other CPU operations
> (since we ignore the INVALID_PARAM returns from arm_set_cpu_on()
> and friends).
>
> There is a slight behavioural difference to the pre-4881658a4b
> situation: the "reset this core" bit will remain set rather
> than not being permitted to be set. The imx6 datasheet is
> unclear about the behaviour in this odd corner case, so we
> opt for the simpler code rather than complicated logic to
> maintain identical behaviour.
>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> I couldn't actually get this to crash even with -smp 1 with
> my test image, but we should fix it anyhow.
>
> hw/misc/imx6_src.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/hw/misc/imx6_src.c b/hw/misc/imx6_src.c
> index edbb756..cfb0871 100644
> --- a/hw/misc/imx6_src.c
> +++ b/hw/misc/imx6_src.c
> @@ -143,13 +143,17 @@ static void imx6_defer_clear_reset_bit(int cpuid,
> unsigned long reset_shift)
> {
> struct SRCSCRResetInfo *ri;
> + CPUState *cpu = arm_get_cpu_by_id(cpuid);
> +
> + if (!cpu) {
> + return;
> + }
>
> ri = g_malloc(sizeof(struct SRCSCRResetInfo));
> ri->s = s;
> ri->reset_bit = reset_shift;
>
> - async_run_on_cpu(arm_get_cpu_by_id(cpuid), imx6_clear_reset_bit,
> - RUN_ON_CPU_HOST_PTR(ri));
> + async_run_on_cpu(cpu, imx6_clear_reset_bit, RUN_ON_CPU_HOST_PTR(ri));
> }
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
--
Alex Bennée
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH for-2.9] hw/misc/imx6_src: Don't crash trying to reset missing CPUs
2017-03-14 16:12 ` [Qemu-devel] " Alex Bennée
@ 2017-03-14 16:52 ` Peter Maydell
0 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2017-03-14 16:52 UTC (permalink / raw)
To: Alex Bennée
Cc: qemu-arm, QEMU Developers, patches, Peter Chubb, Jean-Christophe DUBOIS
On 14 March 2017 at 17:12, Alex Bennée <alex.bennee@linaro.org> wrote:
>
> Peter Maydell <peter.maydell@linaro.org> writes:
>
>> Commit 4881658a4b introduced a call to arm_get_cpu_by_id(),
>> and Coverity noticed that we weren't checking that it didn't
>> return NULL (CID 1371652).
>>
>> Normally this won't happen (because all 4 CPUs are expected
>> to exist), but it's possible the user requested fewer CPUs
>> on the command line. Handle this possibility by silently
>> doing nothing, which is the same behaviour as before commit
>> 4881658a4b and also how we handle the other CPU operations
>> (since we ignore the INVALID_PARAM returns from arm_set_cpu_on()
>> and friends).
>>
>> There is a slight behavioural difference to the pre-4881658a4b
>> situation: the "reset this core" bit will remain set rather
>> than not being permitted to be set. The imx6 datasheet is
>> unclear about the behaviour in this odd corner case, so we
>> opt for the simpler code rather than complicated logic to
>> maintain identical behaviour.
>>
>> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
>> ---
>> I couldn't actually get this to crash even with -smp 1 with
>> my test image, but we should fix it anyhow.
>>
>> hw/misc/imx6_src.c | 8 ++++++--
>> 1 file changed, 6 insertions(+), 2 deletions(-)
>>
>> diff --git a/hw/misc/imx6_src.c b/hw/misc/imx6_src.c
>> index edbb756..cfb0871 100644
>> --- a/hw/misc/imx6_src.c
>> +++ b/hw/misc/imx6_src.c
>> @@ -143,13 +143,17 @@ static void imx6_defer_clear_reset_bit(int cpuid,
>> unsigned long reset_shift)
>> {
>> struct SRCSCRResetInfo *ri;
>> + CPUState *cpu = arm_get_cpu_by_id(cpuid);
>> +
>> + if (!cpu) {
>> + return;
>> + }
>>
>> ri = g_malloc(sizeof(struct SRCSCRResetInfo));
>> ri->s = s;
>> ri->reset_bit = reset_shift;
>>
>> - async_run_on_cpu(arm_get_cpu_by_id(cpuid), imx6_clear_reset_bit,
>> - RUN_ON_CPU_HOST_PTR(ri));
>> + async_run_on_cpu(cpu, imx6_clear_reset_bit, RUN_ON_CPU_HOST_PTR(ri));
>> }
>
> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Thanks; applied to master.
-- PMM
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-03-14 16:53 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-03 11:59 [Qemu-devel] [PATCH for-2.9] hw/misc/imx6_src: Don't crash trying to reset missing CPUs Peter Maydell
2017-03-14 11:53 ` [Qemu-devel] [Qemu-arm] " Peter Maydell
2017-03-14 16:12 ` [Qemu-devel] " Alex Bennée
2017-03-14 16:52 ` Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.