Hi Alex,
On 5/1/22 19:03, Alex Bennée wrote:
Hi,
I'm having a hell of a time trying to create a new SoC+Board model from
scratch. The problem comes down to trying to expose some properties to
the underlying CPU from my board model. So I have:
static const TypeInfo pipico_machine_types[] = {
{
.name = TYPE_PIPICO_MACHINE,
.parent = TYPE_MACHINE,
.instance_size = sizeof(PiPicoMachineState),
.class_size = sizeof(PiPicoMachineClass),
.class_init = pipico_machine_class_init,
}
};
and the class init sets:
MachineClass *mc = MACHINE_CLASS(oc);
...
mc->desc = g_strdup_printf("Raspberry Pi Pico");
mc->init = pipico_machine_init;
...
and finally when I init the machine I do the following:
static void pipico_machine_init(MachineState *machine)
{
PiPicoMachineState *s = PIPICO_MACHINE(machine);
...
MemoryRegion *system_memory = get_system_memory();
...
/* initialize external Flash device */
memory_region_init_rom(&s->flash, NULL,
"pico.flash0", 256 * KiB, &error_fatal);
memory_region_add_subregion(system_memory, 0, &s->flash);
/* Setup the SOC */
object_initialize_child(OBJECT(machine), "soc", &s->soc, TYPE_RP2040);
/* link properties from machine the SoC needs */
object_property_set_link(OBJECT(&s->soc), "memory",
OBJECT(system_memory), &error_fatal);
sysbus_realize(SYS_BUS_DEVICE(&s->soc), &error_fatal);
The initialisation of the SoC is simple because I can't do much until
things are realised:
static void rp2040_init(Object *obj)
{
RP2040State *s = RP2040(obj);
int n;
fprintf(stderr, "%s: %p\n", __func__, obj);
for (n = 0; n < RP2040_NCPUS; n++) {
object_initialize_child(obj, "cpu[*]", &s->armv7m[n], TYPE_ARMV7M);
qdev_prop_set_string(DEVICE(&s->armv7m[n]), "cpu-type",
ARM_CPU_TYPE_NAME("cortex-m0"));
Here for each core you need to initialize a MemoryRegion container, ...
}
}
However when I get to realize the SoC itself:
static void rp2040_realize(DeviceState *dev, Error **errp)
{
RP2040State *s = RP2040(dev);
Object *obj = OBJECT(dev);
int n;
if (!s->board_memory) {
error_setg(errp, "%s: memory property was not set", __func__);
return;
}
/* initialize internal 16 KB internal ROM */
memory_region_init_rom(&s->rom, obj, "rp2040.rom0", 16 * KiB, errp);
memory_region_add_subregion(s->board_memory, 0, &s->rom);
/* SRAM (Main 256k bank + two 4k banks)*/
memory_region_init_ram(&s->sram03, obj, "rp2040.sram03", 256 * KiB, errp);
memory_region_add_subregion(s->board_memory, RP2040_SRAM_BASE, &s->sram03);
memory_region_init_ram(&s->sram4, obj, "rp2040.sram4", 4 * KiB, errp);
memory_region_add_subregion(s->board_memory, RP2040_SRAM4_BASE, &s->sram4);
memory_region_init_ram(&s->sram5, obj, "rp2040.sram5", 4 * KiB, errp);
memory_region_add_subregion(s->board_memory, RP2040_SRAM5_BASE, &s->sram5);
...
for (n = 0; n < RP2040_NCPUS; n++) {
/* DeviceState *cpudev = DEVICE(&s->armv7m[i]); */
Object *cpuobj = OBJECT(&s->armv7m[n]);
then you add the board_memory in the per-CPU container as subregion, ...
object_property_set_link(cpuobj, "memory",
OBJECT(&s->board_memory), errp);
and finally each CPU links its container as its memory bus.
And this passing of the link down to the CPU I segfault:
rp2040_init: 0x555556d08710
Thread 1 "qemu-system-arm" received signal SIGSEGV, Segmentation fault.
object_get_canonical_path_component (obj=0x555556d0ea28) at
../../qom/object.c:1999
1999 g_hash_table_iter_init(&iter, obj->parent->properties);
(gdb) bt
#0 object_get_canonical_path_component (obj=0x555556d0ea28) at
../../qom/object.c:1999
#1 0x0000555555fb27ea in object_get_canonical_path (obj=0x555556d0ea28) at
../../qom/object.c:2025
#2 0x0000555555fb1250 in object_property_set_link (obj=0x555556d087a0,
name=0x5555563190a2 "memory", value=0x555556d0ea28, errp=0x7fffffffe0f0) at
../../qom/object.c:1445
#3 0x0000555555cf3c23 in rp2040_realize (dev=0x555556d08710,
errp=0x7fffffffe0f0) at ../../hw/arm/rp2040.c:85
#4 0x0000555555fa9323 in device_set_realized (obj=0x555556d08710,
value=true, errp=0x7fffffffe200) at ../../hw/core/qdev.c:532
#5 0x0000555555fb300d in property_set_bool (obj=0x555556d08710, v=0x555556dced10,
name=0x5555563822b9 "realized", opaque=0x555556a3a6d0, errp=0x7fffffffe200) at
../../qom/object.c:2268
#6 0x0000555555fb1054 in object_property_set (obj=0x555556d08710, name=0x5555563822b9
"realized", v=0x555556dced10, errp=0x7fffffffe200) at ../../qom/object.c:1403
#7 0x0000555555fb53ff in object_property_set_qobject (obj=0x555556d08710,
name=0x5555563822b9 "realized", value=0x555556e79bc0, errp=0x555556918de0
<error_fatal>) at ../../qom/qom-qobject.c:28
#8 0x0000555555fb13b9 in object_property_set_bool (obj=0x555556d08710, name=0x5555563822b9
"realized", value=true, errp=0x555556918de0 <error_fatal>) at
../../qom/object.c:1472
#9 0x0000555555fa8beb in qdev_realize (dev=0x555556d08710, bus=0x555556d0f240,
errp=0x555556918de0 <error_fatal>) at ../../hw/core/qdev.c:334
#10 0x00005555559f0e28 in sysbus_realize (dev=0x555556d08710, errp=0x555556918de0
<error_fatal>) at ../../hw/core/sysbus.c:256
#11 0x0000555555cf3f0e in pipico_machine_init (machine=0x555556d08600) at
../../hw/arm/raspi_pico.c:74
#12 0x00005555559ed71b in machine_run_board_init (machine=0x555556d08600) at
../../hw/core/machine.c:1184
#13 0x0000555555e67f2c in qemu_init_board () at ../../softmmu/vl.c:2655
#14 0x0000555555e6814a in qmp_x_exit_preconfig (errp=0x555556918de0
<error_fatal>) at ../../softmmu/vl.c:2743
#15 0x0000555555e6a811 in qemu_init (argc=3, argv=0x7fffffffe6b8,
envp=0x7fffffffe6d8) at ../../softmmu/vl.c:3778
#16 0x0000555555884ebd in main (argc=3, argv=0x7fffffffe6b8,
envp=0x7fffffffe6d8) at ../../softmmu/main.c:49
So have I discovered a bug in QOM handling or misunderstood the way
properties are meant to be shared from the main machine to the
underlying CPU?
Follow-up questions, does only creating the main memory aliases as part
of the SoC make sense? My rational is most of the memory is part of the
SoC not the board. I assume later RP2040 based boards may have different
flash configs or even external memory.
The current (messy) state of my tree can be seen at:
https://gitlab.com/stsquad/qemu/-/commits/arm/picopi-rfc
