On 3/28/22 06:57, Xiaojuan Yang wrote:
+uint64_t helper_iocsr_read(CPULoongArchState *env, target_ulong r_addr,
+ uint32_t size)
+{
+ int cpuid = env_cpu(env)->cpu_index;
+ CPUState *cs = qemu_get_cpu(cpuid);
+ env = cs->env_ptr;
+ uint64_t ret;
+
+ /*
+ * Adjust the per core address such as 0x10xx(IPI)/0x18xx(EXTIOI)
+ */
+ if (((r_addr & 0xff00) == 0x1000) || ((r_addr & 0xff00) == 0x1800)) {
+ r_addr = r_addr + ((target_ulong)(cpuid & 0x3) << 8);
+ }
+
+ switch (size) {
+ case 1:
+ ret = address_space_ldub(&env->address_space_iocsr, r_addr,
+ MEMTXATTRS_UNSPECIFIED, NULL);
+ break;
+ case 2:
+ ret = address_space_lduw(&env->address_space_iocsr, r_addr,
+ MEMTXATTRS_UNSPECIFIED, NULL);
+ break;
+ case 4:
+ ret = address_space_ldl(&env->address_space_iocsr, r_addr,
+ MEMTXATTRS_UNSPECIFIED, NULL);
+ break;
+ case 8:
+ ret = address_space_ldq(&env->address_space_iocsr, r_addr,
+ MEMTXATTRS_UNSPECIFIED, NULL);
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
You should have seen an uninitialized use of 'ret' here.
The default case should be g_assert_not_reached().
And the same in helper_iocsr_write.
r~
