On Mon, Jun 22, 2020 at 3:55 AM Markus Armbruster <arm...@redhat.com> wrote:
>
> The Error ** argument must be NULL, &error_abort, &error_fatal, or a
> pointer to a variable containing NULL. Passing an argument of the
> latter kind twice without clearing it in between is wrong: if the
> first call sets an error, it no longer points to NULL for the second
> call.
>
> sifive_u_soc_realize() is wrong that way: it passes &err to
> sysbus_realize() three times before checking it. Harmless, because
> the first two can't actually fail (I think).
>
> Fix by checking for failure right away.
>
> Cc: Palmer Dabbelt <pal...@dabbelt.com>
> Cc: Alistair Francis <alistair.fran...@wdc.com>
> Cc: Sagar Karandikar <sag...@eecs.berkeley.edu>
> Cc: Bastian Koppelmann <kbast...@mail.uni-paderborn.de>
> Cc: Bin Meng <bmeng...@gmail.com>
> Cc: qemu-ri...@nongnu.org
> Signed-off-by: Markus Armbruster <arm...@redhat.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Alistair
> ---
> hw/riscv/sifive_u.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
> index ea197ab64f..3857b92d9a 100644
> --- a/hw/riscv/sifive_u.c
> +++ b/hw/riscv/sifive_u.c
> @@ -587,11 +587,15 @@ static void sifive_u_soc_realize(DeviceState *dev,
> Error **errp)
> memmap[SIFIVE_U_CLINT].size, ms->smp.cpus,
> SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE, false);
>
> - sysbus_realize(SYS_BUS_DEVICE(&s->prci), &err);
> + if (!sysbus_realize(SYS_BUS_DEVICE(&s->prci), errp)) {
> + return;
> + }
> sysbus_mmio_map(SYS_BUS_DEVICE(&s->prci), 0, memmap[SIFIVE_U_PRCI].base);
>
> qdev_prop_set_uint32(DEVICE(&s->otp), "serial", s->serial);
> - sysbus_realize(SYS_BUS_DEVICE(&s->otp), &err);
> + if (!sysbus_realize(SYS_BUS_DEVICE(&s->otp), errp)) {
> + return;
> + }
> sysbus_mmio_map(SYS_BUS_DEVICE(&s->otp), 0, memmap[SIFIVE_U_OTP].base);
>
> for (i = 0; i < SIFIVE_U_PLIC_NUM_SOURCES; i++) {
> --
> 2.26.2
>
>
