diff options
| author | Richard Henderson <richard.henderson@linaro.org> | 2024-06-22 09:56:49 -0700 |
|---|---|---|
| committer | Richard Henderson <richard.henderson@linaro.org> | 2024-06-22 09:56:49 -0700 |
| commit | c9ba79baca7c673098361e3a687f72d458e0d18a (patch) | |
| tree | a0b3bd58553a2ab6d9df2cc2be026ddf20e8ea5b | |
| parent | ffeddb979400b1580ad28acbee09b6f971c3912d (diff) | |
| parent | 3b36cead6ecc0e40edb8b2f3e253baa01ebc1e9a (diff) | |
| download | qemu-c9ba79baca7c673098361e3a687f72d458e0d18a.zip qemu-c9ba79baca7c673098361e3a687f72d458e0d18a.tar.gz qemu-c9ba79baca7c673098361e3a687f72d458e0d18a.tar.bz2 | |
Merge tag 'pull-target-arm-20240622' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* hw/net/can/xlnx-versal-canfd: Fix sorting of the tx queue
* hw/arm/xilinx_zynq: Fix IRQ/FIQ routing
* hw/intc/arm_gic: Fix deactivation of SPI lines
* hw/timer/a9gtimer: Handle QTest mode in a9_gtimer_get_current_cpu
* hw/misc: Set valid access size for Exynos4210 RNG
* hw/arm/sbsa-ref: switch to 1GHz timer frequency
* hw/arm/sbsa-ref: Enable CPU cluster on ARM sbsa machine
* hw/arm/virt: allow creation of a second NonSecure UART
* hw/arm/virt: Avoid unexpected warning from Linux guest on host with Fujitsu CPUs
* scripts/coverity-scan/COMPONENTS.md: update component regexes
* hw/usb/hcd-dwc2: Handle invalid address access in read and write functions
* hw/usb/hcd-ohci: Fix ohci_service_td: accept zero-length TDs where CBP=BE+1
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmZ2vigZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3mRzD/9+Upo0E9GoNE8FaZYk+xw9
# tB7V0C5RxZCW74ggjsoRSs2Mq45X+jzjT5cmlo3bCyj9z146eyOovcqroJHlggy7
# W3nqE7Yg6tUz6MEbrDq54BVNGmBdwY4kpYr5MvXrhtb9A+/QjaW8MqlmT5NCvUb+
# KZ+i4PTAF5dALCZblnqL5+9RYfwMOeR8R03ZbV2H0OCvO16N1rWsgoRzReVbpmy2
# LEXGber13O7HnSRiMjvxTn92yZBO+tgmLB5w6V4aaYKEhj3B0wTO+GVEUMz0Rmzw
# LunrZhtQql9MOrdJIvgPrrFRmGHamnNu3IV0750xrRPQ1mJlVevaaCpl1IlaVeXG
# /PnY8HWaDJgwlPMDZVga38KSVQavdC8/Uvdw816a0rBzbclAAUZSNf8cuNeJ7qmk
# 2CQp/C8vuarWH0Ut0Qav8uuepd5jDt5TT3crBPhxMRwxsNTsSgjXxe7s3jdVWe2C
# +z1sC/KnSmmFUwyu14GA4WsUdz05m4Mmixz4unXemMeexibUA3n4RSTiUYzTNcb4
# NmhEY4WbhuDtnSqqeSFyKtS5WCIG9A8YmcEzHWNsbaZAIEdS5QlxCSocbzG2mO6G
# zD/kWMn0nmYWejYgaT3LcL5BvkwmePV6u3jQNmVL8aQgG+OPZh7tvCR2gSMPWpml
# Y2pVvKZ+Tcx3GqZOUqKsrA==
# =oPnm
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 22 Jun 2024 05:06:00 AM PDT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg: aka "Peter Maydell <peter@archaic.org.uk>" [unknown]
* tag 'pull-target-arm-20240622' of https://git.linaro.org/people/pmaydell/qemu-arm:
hw/arm/sbsa-ref: Enable CPU cluster on ARM sbsa machine
hw/usb/hcd-ohci: Fix ohci_service_td: accept zero-length TDs where CBP=BE+1
hw/misc: Set valid access size for Exynos4210 RNG
hw/arm/virt: Avoid unexpected warning from Linux guest on host with Fujitsu CPUs
hw/arm/virt: allow creation of a second NonSecure UART
hw/arm/virt: Rename VIRT_UART and VIRT_SECURE_UART to VIRT_UART[01]
hw/arm/virt: Add serial aliases in DTB
hw/usb/hcd-dwc2: Handle invalid address access in read and write functions
hw/timer/a9gtimer: Handle QTest mode in a9_gtimer_get_current_cpu
scripts/coverity-scan/COMPONENTS.md: Include libqmp in testlibs
scripts/coverity-scan/COMPONENTS.md: Fix monitor component
scripts/coverity-scan/COMPONENTS.md: Add crypto headers in host/include to the crypto component
scripts/coverity-scan/COMPONENTS.md: Fix 'char' component
scripts/coverity-scan/COMPONENTS.md: Update paths to match gitlab CI
hw/arm/xilinx_zynq: Fix IRQ/FIQ routing
hw/intc/arm_gic: Fix deactivation of SPI lines
hw/arm/sbsa-ref: switch to 1GHz timer frequency
hw/net/can/xlnx-versal-canfd: Fix sorting of the tx queue
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
| -rw-r--r-- | docs/system/arm/sbsa.rst | 4 | ||||
| -rw-r--r-- | docs/system/arm/virt.rst | 6 | ||||
| -rw-r--r-- | hw/arm/sbsa-ref.c | 23 | ||||
| -rw-r--r-- | hw/arm/virt-acpi-build.c | 22 | ||||
| -rw-r--r-- | hw/arm/virt.c | 63 | ||||
| -rw-r--r-- | hw/arm/xilinx_zynq.c | 5 | ||||
| -rw-r--r-- | hw/intc/gic_internal.h | 8 | ||||
| -rw-r--r-- | hw/misc/exynos4210_rng.c | 2 | ||||
| -rw-r--r-- | hw/net/can/xlnx-versal-canfd.c | 5 | ||||
| -rw-r--r-- | hw/timer/a9gtimer.c | 5 | ||||
| -rw-r--r-- | hw/usb/hcd-dwc2.c | 9 | ||||
| -rw-r--r-- | hw/usb/hcd-ohci.c | 4 | ||||
| -rw-r--r-- | hw/usb/trace-events | 1 | ||||
| -rw-r--r-- | include/hw/arm/virt.h | 5 | ||||
| -rw-r--r-- | scripts/coverity-scan/COMPONENTS.md | 107 |
15 files changed, 179 insertions, 90 deletions
diff --git a/docs/system/arm/sbsa.rst b/docs/system/arm/sbsa.rst index 2bf22a1..2bf3fc8 100644 --- a/docs/system/arm/sbsa.rst +++ b/docs/system/arm/sbsa.rst @@ -62,6 +62,7 @@ The devicetree reports: - platform version - GIC addresses - NUMA node id for CPUs and memory + - CPU topology information Platform version '''''''''''''''' @@ -88,3 +89,6 @@ Platform version changes: 0.3 The USB controller is an XHCI device, not EHCI. + +0.4 + CPU topology information is present in devicetree. diff --git a/docs/system/arm/virt.rst b/docs/system/arm/virt.rst index 26fcba0..e67e7f0 100644 --- a/docs/system/arm/virt.rst +++ b/docs/system/arm/virt.rst @@ -26,7 +26,7 @@ The virt board supports: - PCI/PCIe devices - Flash memory -- One PL011 UART +- Either one or two PL011 UARTs for the NonSecure World - An RTC - The fw_cfg device that allows a guest to obtain data from QEMU - A PL061 GPIO controller @@ -48,6 +48,10 @@ The virt board supports: - A secure flash memory - 16MB of secure RAM +The second NonSecure UART only exists if a backend is configured +explicitly (e.g. with a second -serial command line option) and +TrustZone emulation is not enabled. + Supported guest CPU types: - ``cortex-a7`` (32-bit) diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c index e884692..ae37a92 100644 --- a/hw/arm/sbsa-ref.c +++ b/hw/arm/sbsa-ref.c @@ -62,16 +62,12 @@ /* * Generic timer frequency in Hz (which drives both the CPU generic timers - * and the SBSA watchdog-timer). Older versions of the TF-A firmware - * typically used with sbsa-ref (including the binaries in our Avocado test - * Aarch64SbsarefMachine.test_sbsaref_alpine_linux_max_pauth_impdef - * assume it is this value. + * and the SBSA watchdog-timer). Older (<2.11) versions of the TF-A firmware + * assumed 62.5MHz here. * - * TODO: this value is not architecturally correct for an Armv8.6 or - * better CPU, so we should move to 1GHz once the TF-A fix above has - * made it into a release and into our Avocado test. + * Starting with Armv8.6 CPU 1GHz timer frequency is mandated. */ -#define SBSA_GTIMER_HZ 62500000 +#define SBSA_GTIMER_HZ 1000000000 enum { SBSA_FLASH, @@ -223,7 +219,7 @@ static void create_fdt(SBSAMachineState *sms) * fw compatibility. */ qemu_fdt_setprop_cell(fdt, "/", "machine-version-major", 0); - qemu_fdt_setprop_cell(fdt, "/", "machine-version-minor", 3); + qemu_fdt_setprop_cell(fdt, "/", "machine-version-minor", 4); if (ms->numa_state->have_numa_distance) { int size = nb_numa_nodes * nb_numa_nodes * 3 * sizeof(uint32_t); @@ -280,6 +276,14 @@ static void create_fdt(SBSAMachineState *sms) g_free(nodename); } + /* Add CPU topology description through fdt node topology. */ + qemu_fdt_add_subnode(sms->fdt, "/cpus/topology"); + + qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "sockets", ms->smp.sockets); + qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "clusters", ms->smp.clusters); + qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "cores", ms->smp.cores); + qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "threads", ms->smp.threads); + sbsa_fdt_add_gic_node(sms); } @@ -902,6 +906,7 @@ static void sbsa_ref_class_init(ObjectClass *oc, void *data) mc->default_ram_size = 1 * GiB; mc->default_ram_id = "sbsa-ref.ram"; mc->default_cpus = 4; + mc->smp_props.clusters_supported = true; mc->possible_cpu_arch_ids = sbsa_ref_possible_cpu_arch_ids; mc->cpu_index_to_instance_props = sbsa_ref_cpu_index_to_props; mc->get_default_cpu_node_id = sbsa_ref_get_default_cpu_node_id; diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c index c3ccfef..b2366f2 100644 --- a/hw/arm/virt-acpi-build.c +++ b/hw/arm/virt-acpi-build.c @@ -79,11 +79,11 @@ static void acpi_dsdt_add_cpus(Aml *scope, VirtMachineState *vms) } static void acpi_dsdt_add_uart(Aml *scope, const MemMapEntry *uart_memmap, - uint32_t uart_irq) + uint32_t uart_irq, int uartidx) { - Aml *dev = aml_device("COM0"); + Aml *dev = aml_device("COM%d", uartidx); aml_append(dev, aml_name_decl("_HID", aml_string("ARMH0011"))); - aml_append(dev, aml_name_decl("_UID", aml_int(0))); + aml_append(dev, aml_name_decl("_UID", aml_int(uartidx))); Aml *crs = aml_resource_template(); aml_append(crs, aml_memory32_fixed(uart_memmap->base, @@ -440,10 +440,10 @@ spcr_setup(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms) .base_addr.width = 32, .base_addr.offset = 0, .base_addr.size = 3, - .base_addr.addr = vms->memmap[VIRT_UART].base, + .base_addr.addr = vms->memmap[VIRT_UART0].base, .interrupt_type = (1 << 3),/* Bit[3] ARMH GIC interrupt*/ .pc_interrupt = 0, /* IRQ */ - .interrupt = (vms->irqmap[VIRT_UART] + ARM_SPI_BASE), + .interrupt = (vms->irqmap[VIRT_UART0] + ARM_SPI_BASE), .baud_rate = 3, /* 9600 */ .parity = 0, /* No Parity */ .stop_bits = 1, /* 1 Stop bit */ @@ -631,11 +631,11 @@ build_dbg2(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms) /* BaseAddressRegister[] */ build_append_gas(table_data, AML_AS_SYSTEM_MEMORY, 32, 0, 3, - vms->memmap[VIRT_UART].base); + vms->memmap[VIRT_UART0].base); /* AddressSize[] */ build_append_int_noprefix(table_data, - vms->memmap[VIRT_UART].size, 4); + vms->memmap[VIRT_UART0].size, 4); /* NamespaceString[] */ g_array_append_vals(table_data, name, namespace_length); @@ -816,8 +816,12 @@ build_dsdt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms) */ scope = aml_scope("\\_SB"); acpi_dsdt_add_cpus(scope, vms); - acpi_dsdt_add_uart(scope, &memmap[VIRT_UART], - (irqmap[VIRT_UART] + ARM_SPI_BASE)); + acpi_dsdt_add_uart(scope, &memmap[VIRT_UART0], + (irqmap[VIRT_UART0] + ARM_SPI_BASE), 0); + if (vms->second_ns_uart_present) { + acpi_dsdt_add_uart(scope, &memmap[VIRT_UART1], + (irqmap[VIRT_UART1] + ARM_SPI_BASE), 1); + } if (vmc->acpi_expose_flash) { acpi_dsdt_add_flash(scope, &memmap[VIRT_FLASH]); } diff --git a/hw/arm/virt.c b/hw/arm/virt.c index c7a1f75..0784ee7 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -165,11 +165,11 @@ static const MemMapEntry base_memmap[] = { [VIRT_GIC_ITS] = { 0x08080000, 0x00020000 }, /* This redistributor space allows up to 2*64kB*123 CPUs */ [VIRT_GIC_REDIST] = { 0x080A0000, 0x00F60000 }, - [VIRT_UART] = { 0x09000000, 0x00001000 }, + [VIRT_UART0] = { 0x09000000, 0x00001000 }, [VIRT_RTC] = { 0x09010000, 0x00001000 }, [VIRT_FW_CFG] = { 0x09020000, 0x00000018 }, [VIRT_GPIO] = { 0x09030000, 0x00001000 }, - [VIRT_SECURE_UART] = { 0x09040000, 0x00001000 }, + [VIRT_UART1] = { 0x09040000, 0x00001000 }, [VIRT_SMMU] = { 0x09050000, 0x00020000 }, [VIRT_PCDIMM_ACPI] = { 0x09070000, MEMORY_HOTPLUG_IO_LEN }, [VIRT_ACPI_GED] = { 0x09080000, ACPI_GED_EVT_SEL_LEN }, @@ -212,11 +212,11 @@ static MemMapEntry extended_memmap[] = { }; static const int a15irqmap[] = { - [VIRT_UART] = 1, + [VIRT_UART0] = 1, [VIRT_RTC] = 2, [VIRT_PCIE] = 3, /* ... to 6 */ [VIRT_GPIO] = 7, - [VIRT_SECURE_UART] = 8, + [VIRT_UART1] = 8, [VIRT_ACPI_GED] = 9, [VIRT_MMIO] = 16, /* ...to 16 + NUM_VIRTIO_TRANSPORTS - 1 */ [VIRT_GIC_V2M] = 48, /* ...to 48 + NUM_GICV2M_SPIS - 1 */ @@ -271,6 +271,17 @@ static void create_fdt(VirtMachineState *vms) qemu_fdt_setprop_cell(fdt, "/", "#size-cells", 0x2); qemu_fdt_setprop_string(fdt, "/", "model", "linux,dummy-virt"); + /* + * For QEMU, all DMA is coherent. Advertising this in the root node + * has two benefits: + * + * - It avoids potential bugs where we forget to mark a DMA + * capable device as being dma-coherent + * - It avoids spurious warnings from the Linux kernel about + * devices which can't do DMA at all + */ + qemu_fdt_setprop(fdt, "/", "dma-coherent", NULL, 0); + /* /chosen must exist for load_dtb to fill in necessary properties later */ qemu_fdt_add_subnode(fdt, "/chosen"); if (vms->dtb_randomness) { @@ -284,6 +295,8 @@ static void create_fdt(VirtMachineState *vms) } } + qemu_fdt_add_subnode(fdt, "/aliases"); + /* Clock node, for the benefit of the UART. The kernel device tree * binding documentation claims the PL011 node clock properties are * optional but in practice if you omit them the kernel refuses to @@ -904,7 +917,7 @@ static void create_gic(VirtMachineState *vms, MemoryRegion *mem) } static void create_uart(const VirtMachineState *vms, int uart, - MemoryRegion *mem, Chardev *chr) + MemoryRegion *mem, Chardev *chr, bool secure) { char *nodename; hwaddr base = vms->memmap[uart].base; @@ -937,9 +950,13 @@ static void create_uart(const VirtMachineState *vms, int uart, qemu_fdt_setprop(ms->fdt, nodename, "clock-names", clocknames, sizeof(clocknames)); - if (uart == VIRT_UART) { + if (uart == VIRT_UART0) { qemu_fdt_setprop_string(ms->fdt, "/chosen", "stdout-path", nodename); + qemu_fdt_setprop_string(ms->fdt, "/aliases", "serial0", nodename); } else { + qemu_fdt_setprop_string(ms->fdt, "/aliases", "serial1", nodename); + } + if (secure) { /* Mark as not usable by the normal world */ qemu_fdt_setprop_string(ms->fdt, nodename, "status", "disabled"); qemu_fdt_setprop_string(ms->fdt, nodename, "secure-status", "okay"); @@ -2313,11 +2330,41 @@ static void machvirt_init(MachineState *machine) fdt_add_pmu_nodes(vms); - create_uart(vms, VIRT_UART, sysmem, serial_hd(0)); + /* + * The first UART always exists. If the security extensions are + * enabled, the second UART also always exists. Otherwise, it only exists + * if a backend is configured explicitly via '-serial <backend>'. + * This avoids potentially breaking existing user setups that expect + * only one NonSecure UART to be present (for instance, older EDK2 + * binaries). + * + * The nodes end up in the DTB in reverse order of creation, so we must + * create UART0 last to ensure it appears as the first node in the DTB, + * for compatibility with guest software that just iterates through the + * DTB to find the first UART, as older versions of EDK2 do. + * DTB readers that follow the spec, as Linux does, should honour the + * aliases node information and /chosen/stdout-path regardless of + * the order that nodes appear in the DTB. + * + * For similar back-compatibility reasons, if UART1 is the secure UART + * we create it second (and so it appears first in the DTB), because + * that's what QEMU has always done. + */ + if (!vms->secure) { + Chardev *serial1 = serial_hd(1); + + if (serial1) { + vms->second_ns_uart_present = true; + create_uart(vms, VIRT_UART1, sysmem, serial1, false); + } + } + create_uart(vms, VIRT_UART0, sysmem, serial_hd(0), false); + if (vms->secure) { + create_uart(vms, VIRT_UART1, secure_sysmem, serial_hd(1), true); + } if (vms->secure) { create_secure_ram(vms, secure_sysmem, secure_tag_sysmem); - create_uart(vms, VIRT_SECURE_UART, secure_sysmem, serial_hd(1)); } if (tag_sysmem) { diff --git a/hw/arm/xilinx_zynq.c b/hw/arm/xilinx_zynq.c index 7f7a3d2..c79661b 100644 --- a/hw/arm/xilinx_zynq.c +++ b/hw/arm/xilinx_zynq.c @@ -252,10 +252,11 @@ static void zynq_init(MachineState *machine) zynq_binfo.gic_cpu_if_addr = MPCORE_PERIPHBASE + 0x100; sysbus_create_varargs("l2x0", MPCORE_PERIPHBASE + 0x2000, NULL); for (n = 0; n < smp_cpus; n++) { + /* See "hw/intc/arm_gic.h" for the IRQ line association */ DeviceState *cpudev = DEVICE(zynq_machine->cpu[n]); - sysbus_connect_irq(busdev, (2 * n) + 0, + sysbus_connect_irq(busdev, n, qdev_get_gpio_in(cpudev, ARM_CPU_IRQ)); - sysbus_connect_irq(busdev, (2 * n) + 1, + sysbus_connect_irq(busdev, smp_cpus + n, qdev_get_gpio_in(cpudev, ARM_CPU_FIQ)); } diff --git a/hw/intc/gic_internal.h b/hw/intc/gic_internal.h index 8d29b40..8ddbf55 100644 --- a/hw/intc/gic_internal.h +++ b/hw/intc/gic_internal.h @@ -280,6 +280,8 @@ static inline void gic_set_active(GICState *s, int irq, int cpu) static inline void gic_clear_active(GICState *s, int irq, int cpu) { + unsigned int cm; + if (gic_is_vcpu(cpu)) { uint32_t *entry = gic_get_lr_entry(s, irq, cpu); GICH_LR_CLEAR_ACTIVE(*entry); @@ -301,11 +303,13 @@ static inline void gic_clear_active(GICState *s, int irq, int cpu) * the GIC is secure. */ if (!s->security_extn || GIC_DIST_TEST_GROUP(phys_irq, 1 << rcpu)) { - GIC_DIST_CLEAR_ACTIVE(phys_irq, 1 << rcpu); + cm = phys_irq < GIC_INTERNAL ? 1 << rcpu : ALL_CPU_MASK; + GIC_DIST_CLEAR_ACTIVE(phys_irq, cm); } } } else { - GIC_DIST_CLEAR_ACTIVE(irq, 1 << cpu); + cm = irq < GIC_INTERNAL ? 1 << cpu : ALL_CPU_MASK; + GIC_DIST_CLEAR_ACTIVE(irq, cm); } } diff --git a/hw/misc/exynos4210_rng.c b/hw/misc/exynos4210_rng.c index 0756bd3..674d8ee 100644 --- a/hw/misc/exynos4210_rng.c +++ b/hw/misc/exynos4210_rng.c @@ -217,6 +217,8 @@ static const MemoryRegionOps exynos4210_rng_ops = { .read = exynos4210_rng_read, .write = exynos4210_rng_write, .endianness = DEVICE_NATIVE_ENDIAN, + .valid.min_access_size = 4, + .valid.max_access_size = 4, }; static void exynos4210_rng_reset(DeviceState *dev) diff --git a/hw/net/can/xlnx-versal-canfd.c b/hw/net/can/xlnx-versal-canfd.c index 47a14cf..5f083c2 100644 --- a/hw/net/can/xlnx-versal-canfd.c +++ b/hw/net/can/xlnx-versal-canfd.c @@ -1312,7 +1312,10 @@ static gint g_cmp_ids(gconstpointer data1, gconstpointer data2) tx_ready_reg_info *tx_reg_1 = (tx_ready_reg_info *) data1; tx_ready_reg_info *tx_reg_2 = (tx_ready_reg_info *) data2; - return tx_reg_1->can_id - tx_reg_2->can_id; + if (tx_reg_1->can_id == tx_reg_2->can_id) { + return (tx_reg_1->reg_num < tx_reg_2->reg_num) ? -1 : 1; + } + return (tx_reg_1->can_id < tx_reg_2->can_id) ? -1 : 1; } static void free_list(GSList *list) diff --git a/hw/timer/a9gtimer.c b/hw/timer/a9gtimer.c index a2ac5bd..64d80cd 100644 --- a/hw/timer/a9gtimer.c +++ b/hw/timer/a9gtimer.c @@ -32,6 +32,7 @@ #include "qemu/log.h" #include "qemu/module.h" #include "hw/core/cpu.h" +#include "sysemu/qtest.h" #ifndef A9_GTIMER_ERR_DEBUG #define A9_GTIMER_ERR_DEBUG 0 @@ -48,6 +49,10 @@ static inline int a9_gtimer_get_current_cpu(A9GTimerState *s) { + if (qtest_enabled()) { + return 0; + } + if (current_cpu->cpu_index >= s->num_cpu) { hw_error("a9gtimer: num-cpu %d but this cpu is %d!\n", s->num_cpu, current_cpu->cpu_index); diff --git a/hw/usb/hcd-dwc2.c b/hw/usb/hcd-dwc2.c index 8cac9c0..b4f0652 100644 --- a/hw/usb/hcd-dwc2.c +++ b/hw/usb/hcd-dwc2.c @@ -1128,7 +1128,10 @@ static uint64_t dwc2_hsotg_read(void *ptr, hwaddr addr, unsigned size) val = dwc2_pcgreg_read(ptr, addr, (addr - HSOTG_REG(0xe00)) >> 2, size); break; default: - g_assert_not_reached(); + qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", + __func__, addr); + val = 0; + break; } return val; @@ -1160,7 +1163,9 @@ static void dwc2_hsotg_write(void *ptr, hwaddr addr, uint64_t val, dwc2_pcgreg_write(ptr, addr, (addr - HSOTG_REG(0xe00)) >> 2, val, size); break; default: - g_assert_not_reached(); + qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n", + __func__, addr); + break; } } diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c index acd6016..71b5491 100644 --- a/hw/usb/hcd-ohci.c +++ b/hw/usb/hcd-ohci.c @@ -941,8 +941,8 @@ static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed) if ((td.cbp & 0xfffff000) != (td.be & 0xfffff000)) { len = (td.be & 0xfff) + 0x1001 - (td.cbp & 0xfff); } else { - if (td.cbp > td.be) { - trace_usb_ohci_iso_td_bad_cc_overrun(td.cbp, td.be); + if (td.cbp - 1 > td.be) { /* rely on td.cbp != 0 */ + trace_usb_ohci_td_bad_buf(td.cbp, td.be); ohci_die(ohci); return 1; } diff --git a/hw/usb/trace-events b/hw/usb/trace-events index 4673271..dd04f14 100644 --- a/hw/usb/trace-events +++ b/hw/usb/trace-events @@ -29,6 +29,7 @@ usb_ohci_iso_td_data_underrun(int ret) "DataUnderrun %d" usb_ohci_iso_td_nak(int ret) "got NAK/STALL %d" usb_ohci_iso_td_bad_response(int ret) "Bad device response %d" usb_ohci_td_bad_pid(const char *s, uint32_t edf, uint32_t tdf) "Bad pid %s: ed.flags 0x%x td.flags 0x%x" +usb_ohci_td_bad_buf(uint32_t cbp, uint32_t be) "Bad cbp = 0x%x > be = 0x%x" usb_ohci_port_attach(int index) "port #%d" usb_ohci_port_detach(int index) "port #%d" usb_ohci_port_wakeup(int index) "port #%d" diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h index bb486d3..ab961bb 100644 --- a/include/hw/arm/virt.h +++ b/include/hw/arm/virt.h @@ -59,7 +59,7 @@ enum { VIRT_GIC_ITS, VIRT_GIC_REDIST, VIRT_SMMU, - VIRT_UART, + VIRT_UART0, VIRT_MMIO, VIRT_RTC, VIRT_FW_CFG, @@ -69,7 +69,7 @@ enum { VIRT_PCIE_ECAM, VIRT_PLATFORM_BUS, VIRT_GPIO, - VIRT_SECURE_UART, + VIRT_UART1, VIRT_SECURE_MEM, VIRT_SECURE_GPIO, VIRT_PCDIMM_ACPI, @@ -151,6 +151,7 @@ struct VirtMachineState { bool ras; bool mte; bool dtb_randomness; + bool second_ns_uart_present; OnOffAuto acpi; VirtGICType gic_version; VirtIOMMUType iommu; diff --git a/scripts/coverity-scan/COMPONENTS.md b/scripts/coverity-scan/COMPONENTS.md index 1537e49..858190b 100644 --- a/scripts/coverity-scan/COMPONENTS.md +++ b/scripts/coverity-scan/COMPONENTS.md @@ -1,157 +1,160 @@ This is the list of currently configured Coverity components: alpha - ~ (/qemu)?((/include)?/hw/alpha/.*|/target/alpha/.*) + ~ .*/qemu((/include)?/hw/alpha/.*|/target/alpha/.*) arm - ~ (/qemu)?((/include)?/hw/arm/.*|(/include)?/hw/.*/(arm|allwinner-a10|bcm28|digic|exynos|imx|omap|stellaris|pxa2xx|versatile|zynq|cadence).*|/hw/net/xgmac.c|/hw/ssi/xilinx_spips.c|/target/arm/.*) + ~ .*/qemu((/include)?/hw/arm/.*|(/include)?/hw/.*/(arm|allwinner-a10|bcm28|digic|exynos|imx|omap|stellaris|pxa2xx|versatile|zynq|cadence).*|/hw/net/xgmac.c|/hw/ssi/xilinx_spips.c|/target/arm/.*) avr - ~ (/qemu)?((/include)?/hw/avr/.*|/target/avr/.*) + ~ .*/qemu((/include)?/hw/avr/.*|/target/avr/.*) cris - ~ (/qemu)?((/include)?/hw/cris/.*|/target/cris/.*) + ~ .*/qemu((/include)?/hw/cris/.*|/target/cris/.*) hexagon-gen (component should be ignored in analysis) - ~ (/qemu)?(/target/hexagon/.*generated.*) + ~ .*/qemu(/target/hexagon/.*generated.*) hexagon - ~ (/qemu)?(/target/hexagon/.*) + ~ .*/qemu(/target/hexagon/.*) hppa - ~ (/qemu)?((/include)?/hw/hppa/.*|/target/hppa/.*) + ~ .*/qemu((/include)?/hw/hppa/.*|/target/hppa/.*) i386 - ~ (/qemu)?((/include)?/hw/i386/.*|/target/i386/.*|/hw/intc/[^/]*apic[^/]*\.c) + ~ .*/qemu((/include)?/hw/i386/.*|/target/i386/.*|/hw/intc/[^/]*apic[^/]*\.c) loongarch - ~ (/qemu)?((/include)?/hw/(loongarch/.*|.*/loongarch.*)|/target/loongarch/.*) + ~ .*/qemu((/include)?/hw/(loongarch/.*|.*/loongarch.*)|/target/loongarch/.*) m68k - ~ (/qemu)?((/include)?/hw/m68k/.*|/target/m68k/.*|(/include)?/hw(/.*)?/mcf.*|(/include)?/hw/nubus/.*) + ~ .*/qemu((/include)?/hw/m68k/.*|/target/m68k/.*|(/include)?/hw(/.*)?/mcf.*|(/include)?/hw/nubus/.*) microblaze - ~ (/qemu)?((/include)?/hw/microblaze/.*|/target/microblaze/.*) + ~ .*/qemu((/include)?/hw/microblaze/.*|/target/microblaze/.*) mips - ~ (/qemu)?((/include)?/hw/mips/.*|/target/mips/.*) + ~ .*/qemu((/include)?/hw/mips/.*|/target/mips/.*) openrisc - ~ (/qemu)?((/include)?/hw/openrisc/.*|/target/openrisc/.*) + ~ .*/qemu((/include)?/hw/openrisc/.*|/target/openrisc/.*) ppc - ~ (/qemu)?((/include)?/hw/ppc/.*|/target/ppc/.*|/hw/pci-host/(uninorth.*|dec.*|prep.*|ppc.*)|/hw/misc/macio/.*|(/include)?/hw/.*/(xics|openpic|spapr).*) + ~ .*/qemu((/include)?/hw/ppc/.*|/target/ppc/.*|/hw/pci-host/(uninorth.*|dec.*|prep.*|ppc.*)|/hw/misc/macio/.*|(/include)?/hw/.*/(xics|openpic|spapr).*) riscv - ~ (/qemu)?((/include)?/hw/riscv/.*|/target/riscv/.*|/hw/.*/(riscv_|ibex_|sifive_).*) + ~ .*/qemu((/include)?/hw/riscv/.*|/target/riscv/.*|/hw/.*/(riscv_|ibex_|sifive_).*) rx - ~ (/qemu)?((/include)?/hw/rx/.*|/target/rx/.*) + ~ .*/qemu((/include)?/hw/rx/.*|/target/rx/.*) s390 - ~ (/qemu)?((/include)?/hw/s390x/.*|/target/s390x/.*|/hw/.*/s390_.*) + ~ .*/qemu((/include)?/hw/s390x/.*|/target/s390x/.*|/hw/.*/s390_.*) sh4 - ~ (/qemu)?((/include)?/hw/sh4/.*|/target/sh4/.*) + ~ .*/qemu((/include)?/hw/sh4/.*|/target/sh4/.*) sparc - ~ (/qemu)?((/include)?/hw/sparc(64)?.*|/target/sparc/.*|/hw/.*/grlib.*|/hw/display/cg3.c) + ~ .*/qemu((/include)?/hw/sparc(64)?.*|/target/sparc/.*|/hw/.*/grlib.*|/hw/display/cg3.c) tricore - ~ (/qemu)?((/include)?/hw/tricore/.*|/target/tricore/.*) + ~ .*/qemu((/include)?/hw/tricore/.*|/target/tricore/.*) xtensa - ~ (/qemu)?((/include)?/hw/xtensa/.*|/target/xtensa/.*) + ~ .*/qemu((/include)?/hw/xtensa/.*|/target/xtensa/.*) 9pfs - ~ (/qemu)?(/hw/9pfs/.*|/fsdev/.*) + ~ .*/qemu(/hw/9pfs/.*|/fsdev/.*) audio - ~ (/qemu)?((/include)?/(audio|hw/audio)/.*) + ~ .*/qemu((/include)?/(audio|hw/audio)/.*) block - ~ (/qemu)?(/block.*|(/include?)/(block|storage-daemon)/.*|(/include)?/hw/(block|ide|nvme)/.*|/qemu-(img|io).*|/util/(aio|async|thread-pool).*) + ~ .*/qemu(/block.*|(/include?)/(block|storage-daemon)/.*|(/include)?/hw/(block|ide|nvme)/.*|/qemu-(img|io).*|/util/(aio|async|thread-pool).*) char - ~ (/qemu)?(/qemu-char\.c|/include/sysemu/char\.h|(/include)?/hw/char/.*) + ~ .*/qemu((/include)?/hw/char/.*) + +chardev + ~ .*/qemu((/include)?/chardev/.*) crypto - ~ (/qemu)?((/include)?/crypto/.*|/hw/.*/.*crypto.*|(/include/sysemu|/backends)/cryptodev.*) + ~ .*/qemu((/include)?/crypto/.*|/hw/.*/.*crypto.*|(/include/sysemu|/backends)/cryptodev.*|/host/include/.*/host/crypto/.*) disas - ~ (/qemu)?((/include)?/disas.*) + ~ .*/qemu((/include)?/disas.*) fpu - ~ (/qemu)?((/include)?(/fpu|/libdecnumber)/.*) + ~ .*/qemu((/include)?(/fpu|/libdecnumber)/.*) io - ~ (/qemu)?((/include)?/io/.*) + ~ .*/qemu((/include)?/io/.*) ipmi - ~ (/qemu)?((/include)?/hw/ipmi/.*) + ~ .*/qemu((/include)?/hw/ipmi/.*) migration - ~ (/qemu)?((/include)?/migration/.*) + ~ .*/qemu((/include)?/migration/.*) monitor - ~ (/qemu)?(/qapi.*|/qobject/.*|/monitor\..*|/[hq]mp\..*) + ~ .*/qemu((/include)?/(qapi|qobject|monitor)/.*|/job-qmp.c) nbd - ~ (/qemu)?(/nbd/.*|/include/block/nbd.*|/qemu-nbd\.c) + ~ .*/qemu(/nbd/.*|/include/block/nbd.*|/qemu-nbd\.c) net - ~ (/qemu)?((/include)?(/hw)?/(net|rdma)/.*) + ~ .*/qemu((/include)?(/hw)?/(net|rdma)/.*) pci - ~ (/qemu)?(/include)?/hw/(cxl/|pci).* + ~ .*/qemu(/include)?/hw/(cxl/|pci).* qemu-ga - ~ (/qemu)?(/qga/.*) + ~ .*/qemu(/qga/.*) scsi - ~ (/qemu)?(/scsi/.*|/hw/scsi/.*|/include/hw/scsi/.*) + ~ .*/qemu(/scsi/.*|/hw/scsi/.*|/include/hw/scsi/.*) trace - ~ (/qemu)?(/.*trace.*\.[ch]) + ~ .*/qemu(/.*trace.*\.[ch]) ui - ~ (/qemu)?((/include)?(/ui|/hw/display|/hw/input)/.*) + ~ .*/qemu((/include)?(/ui|/hw/display|/hw/input)/.*) usb - ~ (/qemu)?(/hw/usb/.*|/include/hw/usb/.*) + ~ .*/qemu(/hw/usb/.*|/include/hw/usb/.*) user - ~ (/qemu)?(/linux-user/.*|/bsd-user/.*|/user-exec\.c|/thunk\.c|/include/user/.*) + ~ .*/qemu(/linux-user/.*|/bsd-user/.*|/user-exec\.c|/thunk\.c|/include/user/.*) util - ~ (/qemu)?(/util/.*|/include/qemu/.*) + ~ .*/qemu(/util/.*|/include/qemu/.*) vfio - ~ (/qemu)?(/include)?/hw/vfio/.* + ~ .*/qemu(/include)?/hw/vfio/.* virtio - ~ (/qemu)?(/include)?/hw/virtio/.* + ~ .*/qemu(/include)?/hw/virtio/.* xen - ~ (/qemu)?(.*/xen.*) + ~ .*/qemu(.*/xen.*) hvf - ~ (/qemu)?(.*/hvf.*) + ~ .*/qemu(.*/hvf.*) kvm - ~ (/qemu)?(.*/kvm.*) + ~ .*/qemu(.*/kvm.*) tcg - ~ (/qemu)?(/accel/tcg|/replay|/tcg)/.* + ~ .*/qemu(/accel/tcg|/replay|/tcg)/.* sysemu - ~ (/qemu)?(/system/.*|/accel/.*) + ~ .*/qemu(/system/.*|/accel/.*) (headers) - ~ (/qemu)?(/include/.*) + ~ .*/qemu(/include/.*) testlibs - ~ (/qemu)?(/tests/qtest(/libqos/.*|/libqtest.*)) + ~ .*/qemu(/tests/qtest(/libqos/.*|/libqtest.*|/libqmp.*)) tests - ~ (/qemu)?(/tests/.*) + ~ .*/qemu(/tests/.*) |