On 5/14/25 11:03, Steven Lee wrote:
Clang's sanitizer reports a runtime error when booting with
'-net nic -net user', due to a null pointer being passed
to memory_region_find(), which subsequently triggers a crash in
flatview_lookup().
Root cause:
- Missing NIC configuration in the CA35 initialization.
Fix:
- Reduce ca35 ram size from 2GiB to 1GiB to align with ast2700a1-evb,
where the ram-container is defined as 1GiB in its class.
- Add nic configuration in ast2700fc's ca35 init function.
Signed-off-by: Steven Lee <steven_...@aspeedtech.com>
---
hw/arm/aspeed_ast27x0-fc.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/hw/arm/aspeed_ast27x0-fc.c b/hw/arm/aspeed_ast27x0-fc.c
index 125a3ade40..ff64605663 100644
--- a/hw/arm/aspeed_ast27x0-fc.c
+++ b/hw/arm/aspeed_ast27x0-fc.c
@@ -48,7 +48,7 @@ struct Ast2700FCState {
bool mmio_exec;
};
-#define AST2700FC_BMC_RAM_SIZE (2 * GiB)
+#define AST2700FC_BMC_RAM_SIZE (1 * GiB)
#define AST2700FC_CM4_DRAM_SIZE (32 * MiB)
#define AST2700FC_HW_STRAP1 0x000000C0
@@ -59,6 +59,7 @@ struct Ast2700FCState {
static void ast2700fc_ca35_init(MachineState *machine)
{
Ast2700FCState *s = AST2700A1FC(machine);
+ AspeedMachineClass *amc = ASPEED_MACHINE_GET_CLASS(machine);
AspeedSoCState *soc;
AspeedSoCClass *sc;
@@ -86,6 +87,14 @@ static void ast2700fc_ca35_init(MachineState *machine)
AST2700FC_BMC_RAM_SIZE, &error_abort)) {
return;
}
+
+ for (int i = 0; i < sc->macs_num; i++) {
+ if ((amc->macs_mask & (1 << i)) &&
+ !qemu_configure_nic_device(DEVICE(&soc->ftgmac100[i]),
+ true, NULL)) {
+ break;
+ }
+ }
if (!object_property_set_int(OBJECT(&s->ca35), "hw-strap1",
AST2700FC_HW_STRAP1, &error_abort)) {
return;
@@ -171,6 +180,7 @@ static void ast2700fc_init(MachineState *machine)
static void ast2700fc_class_init(ObjectClass *oc, const void *data)
{
MachineClass *mc = MACHINE_CLASS(oc);
+ AspeedMachineClass *amc = ASPEED_MACHINE_CLASS(oc);
mc->alias = "ast2700fc";
mc->desc = "ast2700 full core support";
@@ -178,12 +188,13 @@ static void ast2700fc_class_init(ObjectClass *oc, const
void *data)
mc->no_floppy = 1;
mc->no_cdrom = 1;
mc->min_cpus = mc->max_cpus = mc->default_cpus = 6;
+ amc->macs_mask = ASPEED_MAC0_ON | ASPEED_MAC1_ON | ASPEED_MAC2_ON;
}
static const TypeInfo ast2700fc_types[] = {
{
.name = MACHINE_TYPE_NAME("ast2700fc"),
- .parent = TYPE_MACHINE,
+ .parent = TYPE_ASPEED_MACHINE,
.class_init = ast2700fc_class_init,
.instance_size = sizeof(Ast2700FCState),
},
The "ast2700fc" machine cannot inherit from TYPE_ASPEED_MACHINE.
These are two different type of machines.
An "ast2700fc" machine state is described by :
struct Ast2700FCState {
MachineState parent_obj;
MemoryRegion ca35_memory;
MemoryRegion ca35_dram;
MemoryRegion ssp_memory;
MemoryRegion tsp_memory;
Clock *ssp_sysclk;
Clock *tsp_sysclk;
Aspeed27x0SoCState ca35;
Aspeed27x0SSPSoCState ssp;
Aspeed27x0TSPSoCState tsp;
bool mmio_exec;
};
and a TYPE_ASPEED_MACHINE machine state is described by :
struct AspeedMachineState {
/* Private */
MachineState parent_obj;
/* Public */
AspeedSoCState *soc;
MemoryRegion boot_rom;
bool mmio_exec;
uint32_t uart_chosen;
char *fmc_model;
char *spi_model;
uint32_t hw_strap1;
};
These are not compatible.
You will need to redefine the attributes (state and class) you need
in the "ast2700fc" machine.
Thanks,
C.
