Re: [PATCH 1/2] target/riscv: disable *stimecmp interrupts without *envcfg.STCE

Tue, 24 Jun 2025 06:49:32 -0700 

2025-06-23T18:39:02-03:00, Daniel Henrique Barboza <dbarb...@ventanamicro.com>:
> Hi Radim,
>
> It seems like this patch is breaking 'make check-functional':

That is a nice command to know of, thanks!

> 12/12 qemu:func-quick+func-riscv64 / func-riscv64-riscv_opensbi   TIMEOUT     
>     90.06s   killed by signal 15 SIGTERM
>
> Checking the logs I verified that the problem can be reproduced by running the
> 'spike' machine as follows:
>
> $ ./build/qemu-system-riscv64 -M spike   --nographic
> Segmentation fault (core dumped)
>
> The expected result is to boot opensbi. The problem can't be reproduced with
> the 'virt' board, so something that you did here impacted 'spike' in 
> particular
> for some reason.

Uff, mtimer is NULL on spike:

  0x0000555555c46618 in riscv_timer_write_timecmp 
(env=env@entry=0x555556888270, timer=0x5555568a61e0, timecmp=0, 
delta=delta@entry=0, timer_irq=timer_irq@entry=32) at 
../target/riscv/time_helper.c:49
  49       uint32_t timebase_freq = mtimer->timebase_freq;
  (gdb) bt
  #0  0x0000555555c46618 in riscv_timer_write_timecmp 
(env=env@entry=0x555556888270, timer=0x5555568a61e0, timecmp=0, 
delta=delta@entry=0, timer_irq=timer_irq@entry=32) at 
../target/riscv/time_helper.c:49
  #1  0x0000555555c6eb9e in write_menvcfg (env=0x555556888270, csrno=<optimized 
out>, val=<optimized out>, ra=140736012591329) at ../target/riscv/csr.c:3214
  #2  0x0000555555c6a181 in riscv_csrrw_do64 (env=env@entry=0x555556888270, 
csrno=<optimized out>, ret_value=ret_value@entry=0x0, new_value=<optimized 
out>, write_mask=<optimized out>, ra=140736012591329) at 
../target/riscv/csr.c:5579
  [...]
  (gdb) p mtimer
  $1 = (RISCVAclintMTimerState *) 0x0
  (gdb) p timer
  $2 = (QEMUTimer *) 0x5555568a61e0
  (gdb) p *timer
  $3 = {expire_time = -1, timer_list = 0x55555666b840, cb = 0x555555c465d0 
<riscv_stimer_cb>, opaque = 0x5555568856b0, next = 0x0, attributes = 0, scale = 
1}

I'll try to figure out is going on, but `make check-functional` passes
with this hack:

diff --git a/target/riscv/time_helper.c b/target/riscv/time_helper.c
index 81a6a6394502..a2092206cb20 100644
--- a/target/riscv/time_helper.c
+++ b/target/riscv/time_helper.c
@@ -44,10 +44,8 @@ void riscv_timer_write_timecmp(CPURISCVState *env, QEMUTimer 
*timer,
                                uint64_t timecmp, uint64_t delta,
                                uint32_t timer_irq)
 {
-    uint64_t diff, ns_diff, next;
+    uint64_t diff, ns_diff, next, timebase_freq, rtc_r;
     RISCVAclintMTimerState *mtimer = env->rdtime_fn_arg;
-    uint32_t timebase_freq = mtimer->timebase_freq;
-    uint64_t rtc_r = env->rdtime_fn(env->rdtime_fn_arg) + delta;
 
     /*
      * *envcfg.STCE disables *stimecmp interrupts, but still allows higher
@@ -59,6 +57,13 @@ void riscv_timer_write_timecmp(CPURISCVState *env, QEMUTimer 
*timer,
         return;
     }
 
+    if (!mtimer) {
+        return;
+    }
+
+    timebase_freq = mtimer->timebase_freq;
+    rtc_r = env->rdtime_fn(env->rdtime_fn_arg) + delta;
+
     if (timecmp <= rtc_r) {
         /*
          * If we're setting an stimecmp value in the "past",

Reply via email to