From patchwork Tue Jul 30 09:40:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747137 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0BEB0C3DA7F for ; Tue, 30 Jul 2024 09:40:54 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLK-0003ZR-BE; Tue, 30 Jul 2024 05:40:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLH-0003SX-DF for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:27 -0400 Received: from mail-wr1-x430.google.com ([2a00:1450:4864:20::430]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLF-0000Wv-JZ for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:27 -0400 Received: by mail-wr1-x430.google.com with SMTP id ffacd0b85a97d-3687fb526b9so1972703f8f.0 for ; Tue, 30 Jul 2024 02:40:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332423; x=1722937223; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=B5RN4DpWdHMmOm58ODLLg2Ecn4bzdDrCkkEJlS4i1B8=; b=qxeZjrZsVJoU76K4CaH4t0OnjVm2j1b4chcBtQF5FzIjDM81FEo35UVH6st6FOVx9H xpBoOtkvY2fU1tdiM7XBjpC64wVu8xab2J8XL9oljSIZqnRgJ20FOzDzvD9R/t2VnG86 WJbkYnfrs1kO+S06Khecw3eFZmWmbX40iAQglrmUZAPcEoNb1UuMMTFOMB/rhTg/8T2T ln5O6LJwq0CsrJjQp6t3TYaKiD8rwNKyS8ky/Ku0mgn8E9OKWWGl9XJ+FbdDPe0aSRH/ wJftKdIFEznwPnwT31d7F0Cc4p4t+RvoTpw5GarodbEqfKLBCiBGxRW7Lvjbz1aj7YGi Ak1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332423; x=1722937223; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=B5RN4DpWdHMmOm58ODLLg2Ecn4bzdDrCkkEJlS4i1B8=; b=C8/g2XlgzfJcgANdv5p0agsPvTn4RWDnCo7Yo3V0zEMKi8/LWDPlWXY0L0aiA9xAoL 0iRwcSzMNV2Hzq/1XN09bwF0PiR541k7AAuXaAonVHE6peUpKlndEENCbhXRncibVvp6 f6XEl8HYQ93aQpXUzXzhL5rM11mTrBxm3P4vUlsxihZrbxqu/KrscPahhBc9u//WxvpR rEKj6JXTwFikDR+olR9vwnbRP/N2uGrx9GrjAiaMZXz5QUT8RdQGCPySGF/m0wIkJj/q /i9kcicBAV3poIjSizvGXAHaAgwPllwVqe9AvtjT8Sv2Lze7Nisc6aGjdTFYY4JK8O6F 8c5g== X-Gm-Message-State: AOJu0YwSM7wRd6uWdddnqwz/K/gj1RfiU9H+grJ31QOR+PUQuUD3vHOc w4sK+n36TQV2SdNUp3XaO8Gw9HGUaikP75KZ1EgTOnGOb8l47CNmCnbroISmxt2E1XWC86n8SNX v X-Google-Smtp-Source: AGHT+IEir56mfxnFhQi9ENEt2QckaifU7OkniU19hBlCkrVvND2JYw6JeRaGxumqRCmRHxsyrEOVZA== X-Received: by 2002:adf:e60f:0:b0:368:3731:1614 with SMTP id ffacd0b85a97d-36b5cf243f2mr6704492f8f.32.1722332423335; Tue, 30 Jul 2024 02:40:23 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:23 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 01/21] hw/char/bcm2835_aux: Fix assert when receive FIFO fills up Date: Tue, 30 Jul 2024 10:40:00 +0100 Message-Id: <20240730094020.2758637-2-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::430; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x430.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Frederik van Hövell When a bare-metal application on the raspi3 board reads the AUX_MU_STAT_REG MMIO register while the device's buffer is at full receive FIFO capacity (i.e. `s->read_count == BCM2835_AUX_RX_FIFO_LEN`) the assertion `assert(s->read_count < BCM2835_AUX_RX_FIFO_LEN)` fails. Reported-by: Cryptjar Suggested-by: Cryptjar Resolves: https://gitlab.com/qemu-project/qemu/-/issues/459 Signed-off-by: Frederik van Hövell Reviewed-by: Philippe Mathieu-Daudé [PMM: commit message tweaks] Signed-off-by: Peter Maydell --- hw/char/bcm2835_aux.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/char/bcm2835_aux.c b/hw/char/bcm2835_aux.c index 83990e20f76..fca2f27a553 100644 --- a/hw/char/bcm2835_aux.c +++ b/hw/char/bcm2835_aux.c @@ -138,7 +138,7 @@ static uint64_t bcm2835_aux_read(void *opaque, hwaddr offset, unsigned size) res = 0x30e; /* space in the output buffer, empty tx fifo, idle tx/rx */ if (s->read_count > 0) { res |= 0x1; /* data in input buffer */ - assert(s->read_count < BCM2835_AUX_RX_FIFO_LEN); + assert(s->read_count <= BCM2835_AUX_RX_FIFO_LEN); res |= ((uint32_t)s->read_count) << 16; /* rx fifo fill level */ } return res; From patchwork Tue Jul 30 09:40:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747136 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 09BF0C3DA61 for ; Tue, 30 Jul 2024 09:40:54 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLM-0003hK-4t; Tue, 30 Jul 2024 05:40:32 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLI-0003UO-SJ for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:28 -0400 Received: from mail-lj1-x235.google.com ([2a00:1450:4864:20::235]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLF-0000X1-K8 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:28 -0400 Received: by mail-lj1-x235.google.com with SMTP id 38308e7fff4ca-2ef2cce8be8so56889371fa.1 for ; Tue, 30 Jul 2024 02:40:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332424; x=1722937224; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=2hTb07T/lHUckLF9pRQZzZ733VhUGgQBsCLUx7kwgYc=; b=iqS8Xpws2CoA+TwvDX8+LigcHyYvEFkNraE3ZayKDHJT5r8Dklzx2cRQLfEr5vNjaq p02m8CBFrbyup1G5TDUiGZQs9Gtu+YE3OWB4j8y/Ywvc3jwMmRbEtWRQugQGKYf1HUpQ SrlBFUPYZfsMfN31dffih9Vey24CGoRLLS+ScrK6UTj9HpaDsWyO5O+2M5Wr/jDWxqWP UIgLCdwbuX5x/gopL/X2ZCYspnb1ScX9WSEmPaQHi90EJJDasEsM/7JxOJHrweM8gkqZ 7jX1/CrHfehu295kL+PDBvgVCjpogQepTEu/t6XaMtEcCbSHnqfbHvbf1BrvfBafX/ba k/2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332424; x=1722937224; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2hTb07T/lHUckLF9pRQZzZ733VhUGgQBsCLUx7kwgYc=; b=uZyPmJTZUM3RHQP/wf7bl2i3ec8j1d2yEWQmFV/a5QIBzRl5fSZVACWAvCj+CLGEEW hsYvdIOGVVwhDFuNF6CA95td9M2SgN3M5WcXnFLmtXuISW5BYq1krwMqG2CwNGy5HzX2 Z3W5aWoBokRul+nsF/2n1E0SskSoeei1utWP1opJrPKL7TbMPUJ/Nx3mvxGVyi0ED6jw qCxgYFqYpcm2c/OdCO5JWj9SXCVgHHun6vLZcN5WHdp0KsK28g02e04UWYeiDvqTLEOI vOAjGTV+GfXn8bZqPgllspIrr4sd1+EJ24sJEu5OfHo1oXrBQWsthqOtJfquceafnPdm cUdQ== X-Gm-Message-State: AOJu0YyJBk4RLtdJQU8LNUzM30OobzmqGMKsOSXBIUXaGQgILMPvr6x8 DH+4c1zmZpOMJ37xCmPWlm8wmEQZiZo7/GJwoZQ2T7eU8ez0PwGctz3AKDn8sn/7Ns7K5B1J04t S X-Google-Smtp-Source: AGHT+IH0l9SaoMYKqRC50b7VqcyLkdhJssvyjTnNLoEqGCVEhpzPbh4mrdx1ZAXJj4P7g4PhTGH99g== X-Received: by 2002:a2e:87d5:0:b0:2ef:1c0a:9b97 with SMTP id 38308e7fff4ca-2f12ebcaea9mr74174751fa.3.1722332423812; Tue, 30 Jul 2024 02:40:23 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:23 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 02/21] hw/arm/smmuv3: Assert input to oas2bits() is valid Date: Tue, 30 Jul 2024 10:40:01 +0100 Message-Id: <20240730094020.2758637-3-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::235; envelope-from=peter.maydell@linaro.org; helo=mail-lj1-x235.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Mostafa Saleh Coverity has spotted a possible problem with the OAS handling (CID 1558464), where the error return of oas2bits() -1 is not checked, which can cause an overflow in oas value. oas2bits() is only called with valid inputs, harden the function to assert that. Reported-By: Peter Maydell Signed-off-by: Mostafa Saleh Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Eric Auger Message-id: 20240722103531.2377348-1-smostafa@google.com Link: https://lore.kernel.org/qemu-devel/CAFEAcA-H=n-3mHC+eL6YjfL1m+x+b+Fk3mkgZbN74WNxifFVow@mail.gmail.com/ Signed-off-by: Mostafa Saleh Signed-off-by: Peter Maydell --- hw/arm/smmuv3-internal.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h index 0ebf2eebcff..b6b7399347f 100644 --- a/hw/arm/smmuv3-internal.h +++ b/hw/arm/smmuv3-internal.h @@ -599,7 +599,8 @@ static inline int oas2bits(int oas_field) case 5: return 48; } - return -1; + + g_assert_not_reached(); } /* CD fields */ From patchwork Tue Jul 30 09:40:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747138 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 38BEBC3DA49 for ; Tue, 30 Jul 2024 09:40:55 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLK-0003cR-UD; Tue, 30 Jul 2024 05:40:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLI-0003U6-Nb for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:28 -0400 Received: from mail-wm1-x32b.google.com ([2a00:1450:4864:20::32b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLG-0000X5-8w for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:28 -0400 Received: by mail-wm1-x32b.google.com with SMTP id 5b1f17b1804b1-427b1d4da32so15413315e9.0 for ; Tue, 30 Jul 2024 02:40:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332424; x=1722937224; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=bZsLhHkGD+2RM38lDnVh/UCvs0hJqBanVDQ8iZwwBuE=; b=lUqaleGYBlOLbVUXNtr0PANnSb0ma7SSFyVldsT4IsRp+qloAYQ8uhDC7DdhcbWABA CXxnjLvBDMRtOTU9XhbnazikaOS3PCrRVdZ4ujyy5vjioaC/XP+wVcFb71zlR3RyH9ok KUVBqmYQgsPEToH086QPgLm0+XjzfKBCYJh7BjL5M9ywDB1GDLWccbv0O41wyK3iQ5P0 7c8RTJXr3GpDm/oS62RCu89FLnYX4Yqu6wwb+FtDnuyHlZwQqfRYRuxLB9cnmmpieVqX 0FK5OPdoQCFW6w0rCQf6c7z+J5wylo5ng08e2871S4Fff4IijjGiKfZyFWUhEEKSZk1p FJ6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332424; x=1722937224; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bZsLhHkGD+2RM38lDnVh/UCvs0hJqBanVDQ8iZwwBuE=; b=gxkj3ke44yg+dyEMI6X+D4phzZq3lckat8/1kseue+4/KgE14ZjpJ2qKoQSjqUxJor GFDfXEnyHMC+v9png4VgW4NEZSuz4d4Fg7vlV89lLpGhnivtIh5ujadtWZgaUpzfVGNg 1QO1fFExdD94XB8Lu7oethCu+NhO3zchSouw7qRPA9yay42diDwJU/M3pFycYUfbIODF P3o5NRgLGj1qteZUTf29yufR7Rgu4qrOnhapGwLfJzYaynAM+ea4cYhIxPJmvUvGE8zQ EbBXdV7eH1L+/aPT/hi4MHbgwv2QRYFKHQTctbbXlRE00iHvNMBLXxGmti3tbWQ4TlNp 21/Q== X-Gm-Message-State: AOJu0YxrwyqebdnChMxuUktCdWF7TmNxrQnebDTtUnPQgxytRho/odtA 26U91mg5lzTm0thXW7glEEobV3Vo+UmqNJAoAzcPcN/SYTDg8WWep4E6xr/X8qSIOMyoYA281yQ b X-Google-Smtp-Source: AGHT+IEXImobQRJfoA+d3bbD7Ajoq2QvOWuY4gsQmi9ruKV7s0Zk4qs/0fPNNNDp385SskhrEEewWQ== X-Received: by 2002:a5d:6e04:0:b0:366:e308:f9a1 with SMTP id ffacd0b85a97d-36b8c8e9b57mr1001217f8f.23.1722332424295; Tue, 30 Jul 2024 02:40:24 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:24 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 03/21] target/arm/kvm: Set PMU for host only when available Date: Tue, 30 Jul 2024 10:40:02 +0100 Message-Id: <20240730094020.2758637-4-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32b; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Akihiko Odaki target/arm/kvm.c checked PMU availability but unconditionally set the PMU feature flag for the host CPU model, which is confusing. Set the feature flag only when available. Signed-off-by: Akihiko Odaki Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- target/arm/kvm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/arm/kvm.c b/target/arm/kvm.c index 70f79eda33c..b20a35052f4 100644 --- a/target/arm/kvm.c +++ b/target/arm/kvm.c @@ -280,6 +280,7 @@ static bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) if (kvm_arm_pmu_supported()) { init.features[0] |= 1 << KVM_ARM_VCPU_PMU_V3; pmu_supported = true; + features |= 1ULL << ARM_FEATURE_PMU; } if (!kvm_arm_create_scratch_host_vcpu(cpus_to_try, fdarray, &init)) { @@ -448,7 +449,6 @@ static bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) features |= 1ULL << ARM_FEATURE_V8; features |= 1ULL << ARM_FEATURE_NEON; features |= 1ULL << ARM_FEATURE_AARCH64; - features |= 1ULL << ARM_FEATURE_PMU; features |= 1ULL << ARM_FEATURE_GENERIC_TIMER; ahcf->features = features; From patchwork Tue Jul 30 09:40:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747154 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8F313C3DA61 for ; Tue, 30 Jul 2024 09:42:50 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLK-0003aj-Kb; Tue, 30 Jul 2024 05:40:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLI-0003UC-Qh for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:28 -0400 Received: from mail-wr1-x435.google.com ([2a00:1450:4864:20::435]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLG-0000X7-96 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:28 -0400 Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-36865a516f1so2835618f8f.0 for ; Tue, 30 Jul 2024 02:40:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332425; x=1722937225; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NzA4PjXCRONbQTo8BkDcv1kJWdZctM8YQjAGl+nA/2Y=; b=IWxayZdS+y1XSMSMDx/cotFWvinCo1CDJCqP00GukJsrCA5Y70FO8NDArwbha4hV+0 T1C1lDz8t5WTtkG1soHWYOCnmRgs6V3D4zvXZqdfAo1Pq7h2Mlr8mswAm0Fo5kExx0We oUlbUyaMxVgTd7lg+mUbJl4DFbN20xsFeAP7qNS8pOy1NVMXXRJbbgNLOdEfz6nFmXTc JmfGODsVcNctjtikDVjRM45uhovzHKJAd+Pjsnpc0P7OfRxNxn/stdmZZgLnz8EAn+3J wydHug7sKOkzSrgi3Nt6HyGrfNZycFhQ1TLqc6TC2cSv0EkrMnpdrmP0yJYzUC7jjAQx /Ydw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332425; x=1722937225; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NzA4PjXCRONbQTo8BkDcv1kJWdZctM8YQjAGl+nA/2Y=; b=dxajZdRcstUVr/hmTLfYQOXa8ZSIRefcLCXAxP5Z33AILLS/juJ91vQwU376uB7ASV hgdIONX6TJUeQrbzoTij2xdgU8RmruzOCbV7Spx01WLSUOqdSuLlQHCKijShxxIUY6eA ufOui6iPGImbN3AOU7dTOA1/Awz7ROVZ4GE/Nymi77I10O+inhjmmlUh1aL5KfFN5XzH tQv1kZ4fZREgEW7RgkUzxUDe45QjAoELgV8fBdPi4eRvHusPHl1skbn4uY06ALbtaHEF DGm2e1uOdDblUExL3LgBtuIOgUlbwfzPMNbqGmHPtts9Ra/bABc8xT+UBRbph11GSpL+ Kl9g== X-Gm-Message-State: AOJu0YyhO4E/VhmxcZoF+BXSEGb3bFz4K+olwM4/GK6IkH65AenzhUSD HmfNabb2TY+JALecXoYgEDoKURzvm/ktWR8rMzUzjkjO93w0GQc9mhVDKDgga+o4ZbKZ/+yWGrF I X-Google-Smtp-Source: AGHT+IGMnsxlzihbxHfqSbR/RWqX9GZgXtfCmClfS1Nlc5yt8jEP7DIg2PPeJeU15ZO+q+QM2IGCqg== X-Received: by 2002:adf:f582:0:b0:368:3f5b:2ae7 with SMTP id ffacd0b85a97d-36b5d079e31mr7514750f8f.24.1722332424739; Tue, 30 Jul 2024 02:40:24 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:24 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 04/21] target/arm/kvm: Do not silently remove PMU Date: Tue, 30 Jul 2024 10:40:03 +0100 Message-Id: <20240730094020.2758637-5-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::435; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x435.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Akihiko Odaki kvm_arch_init_vcpu() used to remove PMU when it is not available even if the CPU model needs one. It is semantically incorrect, and may continue execution on a misbehaving host that advertises a CPU model while lacking its PMU. Keep the PMU when the CPU model needs one, and let kvm_arm_vcpu_init() fail if the KVM implementation mismatches with our expectation. Signed-off-by: Akihiko Odaki Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- target/arm/kvm.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/target/arm/kvm.c b/target/arm/kvm.c index b20a35052f4..849e2e21b30 100644 --- a/target/arm/kvm.c +++ b/target/arm/kvm.c @@ -1888,13 +1888,8 @@ int kvm_arch_init_vcpu(CPUState *cs) if (!arm_feature(env, ARM_FEATURE_AARCH64)) { cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_EL1_32BIT; } - if (!kvm_check_extension(cs->kvm_state, KVM_CAP_ARM_PMU_V3)) { - cpu->has_pmu = false; - } if (cpu->has_pmu) { cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_PMU_V3; - } else { - env->features &= ~(1ULL << ARM_FEATURE_PMU); } if (cpu_isar_feature(aa64_sve, cpu)) { assert(kvm_arm_sve_supported()); From patchwork Tue Jul 30 09:40:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747156 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2CF8CC3DA61 for ; Tue, 30 Jul 2024 09:42:58 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLO-0003pQ-BH; Tue, 30 Jul 2024 05:40:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLK-0003bA-La for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:30 -0400 Received: from mail-wr1-x42e.google.com ([2a00:1450:4864:20::42e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLH-0000XD-Gg for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:30 -0400 Received: by mail-wr1-x42e.google.com with SMTP id ffacd0b85a97d-3686b554cfcso2036208f8f.1 for ; Tue, 30 Jul 2024 02:40:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332425; x=1722937225; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=jEc2SgYhHaxOGH0nqAsbg0clklAWKN/eCzhci1Lx38Q=; b=Rcua7EJ70PdjzzKLO9Ua2mzEwn5ThlwOx70bhXAk5LD4zKpg1ePpvWOdkqPaLwZCND MxSaIQi4nnQH6AO75fUB+U6mLJyH/V7KxE4H1yTyrH748PEHJYSI3lEF84Lob5Ld58Kb jLiI08UcA8H7C+uc7xV1j2hK9AE1f/8qzRNvGz4ykSVfNB3/kOZ+WBQwkn0kuJUZs31U JtHGg/7JXjg4KAydOIdD3wUQAelc9gPjzfRW+srv1jnOwNZ2T5j3n3BgQa/i6Lnq5DGE cmRomjLWfI+hB1ur/aXOG9BBvgNT/qqCm8ng+A3Uvq5WvDmvxVDaikFekgsIeoG7ICLb Xe1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332425; x=1722937225; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jEc2SgYhHaxOGH0nqAsbg0clklAWKN/eCzhci1Lx38Q=; b=C4WghR5wififK4cRMjqNKvHxalCCTNLXM3WJR/mqhRH65BKd/HWUL0XZanE12XSF3k MWE46phyOIvfvkiflmTybqZC/UpMnwwV+sIFyxp40nQYXPUeWDmatN6BxZ3EE4mT0cVV NOo8kdUPxX3230uA/eVy0OHyUO62oxCQo1bD78j+TjUyVlzll31H9rldZke1HUwpi7IO z7OQsyqxaV3iFn97ppuz0asx4nJu1UFz1RfoMePNvzjuITll/+IcakOoxOI+LnKXlGFl g7F1r3PisIeXSpOemVkPb3ptAPMooueucGeZP8pbmoSbjq9ZKS81clG4z27Ywe9D1/m5 Pccg== X-Gm-Message-State: AOJu0YxXAejt7PlFTn5OoIbP2ElgnvybankeitDAd6VdZe+/sfWZGJ3b d2UBeiSKjSnV2cjxVFdSi/psIQdTZ0EBwgBFLN1z5sIXXa5Vgy5Er7DsTdfRwgYzIf+aeRd5D8H 2 X-Google-Smtp-Source: AGHT+IGi0NTZkOHjElG33KuLW14FVfn5PnbZn7nYVM97IRDSJC2xbgtrNi77n9XMIxcHQKtYXjgBZA== X-Received: by 2002:adf:ef48:0:b0:368:7e10:6995 with SMTP id ffacd0b85a97d-36b5ceef468mr6548012f8f.17.1722332425190; Tue, 30 Jul 2024 02:40:25 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:24 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 05/21] hvf: arm: Raise an exception for sysreg by default Date: Tue, 30 Jul 2024 10:40:04 +0100 Message-Id: <20240730094020.2758637-6-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42e; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Akihiko Odaki Any sysreg access results in an exception unless defined otherwise so we should raise an exception by default. Signed-off-by: Akihiko Odaki Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- target/arm/hvf/hvf.c | 174 +++++++++++++++++++++---------------------- 1 file changed, 85 insertions(+), 89 deletions(-) diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c index eb090e67a2f..1a749534fb0 100644 --- a/target/arm/hvf/hvf.c +++ b/target/arm/hvf/hvf.c @@ -1199,57 +1199,56 @@ static bool hvf_sysreg_read_cp(CPUState *cpu, uint32_t reg, uint64_t *val) return false; } -static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt) +static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint64_t *val) { ARMCPU *arm_cpu = ARM_CPU(cpu); CPUARMState *env = &arm_cpu->env; - uint64_t val = 0; switch (reg) { case SYSREG_CNTPCT_EL0: - val = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / + *val = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / gt_cntfrq_period_ns(arm_cpu); - break; + return 0; case SYSREG_PMCR_EL0: - val = env->cp15.c9_pmcr; - break; + *val = env->cp15.c9_pmcr; + return 0; case SYSREG_PMCCNTR_EL0: pmu_op_start(env); - val = env->cp15.c15_ccnt; + *val = env->cp15.c15_ccnt; pmu_op_finish(env); - break; + return 0; case SYSREG_PMCNTENCLR_EL0: - val = env->cp15.c9_pmcnten; - break; + *val = env->cp15.c9_pmcnten; + return 0; case SYSREG_PMOVSCLR_EL0: - val = env->cp15.c9_pmovsr; - break; + *val = env->cp15.c9_pmovsr; + return 0; case SYSREG_PMSELR_EL0: - val = env->cp15.c9_pmselr; - break; + *val = env->cp15.c9_pmselr; + return 0; case SYSREG_PMINTENCLR_EL1: - val = env->cp15.c9_pminten; - break; + *val = env->cp15.c9_pminten; + return 0; case SYSREG_PMCCFILTR_EL0: - val = env->cp15.pmccfiltr_el0; - break; + *val = env->cp15.pmccfiltr_el0; + return 0; case SYSREG_PMCNTENSET_EL0: - val = env->cp15.c9_pmcnten; - break; + *val = env->cp15.c9_pmcnten; + return 0; case SYSREG_PMUSERENR_EL0: - val = env->cp15.c9_pmuserenr; - break; + *val = env->cp15.c9_pmuserenr; + return 0; case SYSREG_PMCEID0_EL0: case SYSREG_PMCEID1_EL0: /* We can't really count anything yet, declare all events invalid */ - val = 0; - break; + *val = 0; + return 0; case SYSREG_OSLSR_EL1: - val = env->cp15.oslsr_el1; - break; + *val = env->cp15.oslsr_el1; + return 0; case SYSREG_OSDLR_EL1: /* Dummy register */ - break; + return 0; case SYSREG_ICC_AP0R0_EL1: case SYSREG_ICC_AP0R1_EL1: case SYSREG_ICC_AP0R2_EL1: @@ -1276,9 +1275,8 @@ static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt) case SYSREG_ICC_SRE_EL1: case SYSREG_ICC_CTLR_EL1: /* Call the TCG sysreg handler. This is only safe for GICv3 regs. */ - if (!hvf_sysreg_read_cp(cpu, reg, &val)) { - hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); - return 1; + if (hvf_sysreg_read_cp(cpu, reg, &val)) { + return 0; } break; case SYSREG_DBGBVR0_EL1: @@ -1297,8 +1295,8 @@ static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt) case SYSREG_DBGBVR13_EL1: case SYSREG_DBGBVR14_EL1: case SYSREG_DBGBVR15_EL1: - val = env->cp15.dbgbvr[SYSREG_CRM(reg)]; - break; + *val = env->cp15.dbgbvr[SYSREG_CRM(reg)]; + return 0; case SYSREG_DBGBCR0_EL1: case SYSREG_DBGBCR1_EL1: case SYSREG_DBGBCR2_EL1: @@ -1315,8 +1313,8 @@ static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt) case SYSREG_DBGBCR13_EL1: case SYSREG_DBGBCR14_EL1: case SYSREG_DBGBCR15_EL1: - val = env->cp15.dbgbcr[SYSREG_CRM(reg)]; - break; + *val = env->cp15.dbgbcr[SYSREG_CRM(reg)]; + return 0; case SYSREG_DBGWVR0_EL1: case SYSREG_DBGWVR1_EL1: case SYSREG_DBGWVR2_EL1: @@ -1333,8 +1331,8 @@ static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt) case SYSREG_DBGWVR13_EL1: case SYSREG_DBGWVR14_EL1: case SYSREG_DBGWVR15_EL1: - val = env->cp15.dbgwvr[SYSREG_CRM(reg)]; - break; + *val = env->cp15.dbgwvr[SYSREG_CRM(reg)]; + return 0; case SYSREG_DBGWCR0_EL1: case SYSREG_DBGWCR1_EL1: case SYSREG_DBGWCR2_EL1: @@ -1351,35 +1349,25 @@ static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt) case SYSREG_DBGWCR13_EL1: case SYSREG_DBGWCR14_EL1: case SYSREG_DBGWCR15_EL1: - val = env->cp15.dbgwcr[SYSREG_CRM(reg)]; - break; + *val = env->cp15.dbgwcr[SYSREG_CRM(reg)]; + return 0; default: if (is_id_sysreg(reg)) { /* ID system registers read as RES0 */ - val = 0; - break; + *val = 0; + return 0; } - cpu_synchronize_state(cpu); - trace_hvf_unhandled_sysreg_read(env->pc, reg, - SYSREG_OP0(reg), - SYSREG_OP1(reg), - SYSREG_CRN(reg), - SYSREG_CRM(reg), - SYSREG_OP2(reg)); - hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); - return 1; } - trace_hvf_sysreg_read(reg, - SYSREG_OP0(reg), - SYSREG_OP1(reg), - SYSREG_CRN(reg), - SYSREG_CRM(reg), - SYSREG_OP2(reg), - val); - hvf_set_reg(cpu, rt, val); - - return 0; + cpu_synchronize_state(cpu); + trace_hvf_unhandled_sysreg_read(env->pc, reg, + SYSREG_OP0(reg), + SYSREG_OP1(reg), + SYSREG_CRN(reg), + SYSREG_CRM(reg), + SYSREG_OP2(reg)); + hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); + return 1; } static void pmu_update_irq(CPUARMState *env) @@ -1503,7 +1491,7 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) pmu_op_start(env); env->cp15.c15_ccnt = val; pmu_op_finish(env); - break; + return 0; case SYSREG_PMCR_EL0: pmu_op_start(env); @@ -1523,45 +1511,45 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) env->cp15.c9_pmcr |= (val & PMCR_WRITABLE_MASK); pmu_op_finish(env); - break; + return 0; case SYSREG_PMUSERENR_EL0: env->cp15.c9_pmuserenr = val & 0xf; - break; + return 0; case SYSREG_PMCNTENSET_EL0: env->cp15.c9_pmcnten |= (val & pmu_counter_mask(env)); - break; + return 0; case SYSREG_PMCNTENCLR_EL0: env->cp15.c9_pmcnten &= ~(val & pmu_counter_mask(env)); - break; + return 0; case SYSREG_PMINTENCLR_EL1: pmu_op_start(env); env->cp15.c9_pminten |= val; pmu_op_finish(env); - break; + return 0; case SYSREG_PMOVSCLR_EL0: pmu_op_start(env); env->cp15.c9_pmovsr &= ~val; pmu_op_finish(env); - break; + return 0; case SYSREG_PMSWINC_EL0: pmu_op_start(env); pmswinc_write(env, val); pmu_op_finish(env); - break; + return 0; case SYSREG_PMSELR_EL0: env->cp15.c9_pmselr = val & 0x1f; - break; + return 0; case SYSREG_PMCCFILTR_EL0: pmu_op_start(env); env->cp15.pmccfiltr_el0 = val & PMCCFILTR_EL0; pmu_op_finish(env); - break; + return 0; case SYSREG_OSLAR_EL1: env->cp15.oslsr_el1 = val & 1; - break; + return 0; case SYSREG_OSDLR_EL1: /* Dummy register */ - break; + return 0; case SYSREG_ICC_AP0R0_EL1: case SYSREG_ICC_AP0R1_EL1: case SYSREG_ICC_AP0R2_EL1: @@ -1591,10 +1579,10 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) if (!hvf_sysreg_write_cp(cpu, reg, val)) { hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); } - break; + return 0; case SYSREG_MDSCR_EL1: env->cp15.mdscr_el1 = val; - break; + return 0; case SYSREG_DBGBVR0_EL1: case SYSREG_DBGBVR1_EL1: case SYSREG_DBGBVR2_EL1: @@ -1612,7 +1600,7 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) case SYSREG_DBGBVR14_EL1: case SYSREG_DBGBVR15_EL1: env->cp15.dbgbvr[SYSREG_CRM(reg)] = val; - break; + return 0; case SYSREG_DBGBCR0_EL1: case SYSREG_DBGBCR1_EL1: case SYSREG_DBGBCR2_EL1: @@ -1630,7 +1618,7 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) case SYSREG_DBGBCR14_EL1: case SYSREG_DBGBCR15_EL1: env->cp15.dbgbcr[SYSREG_CRM(reg)] = val; - break; + return 0; case SYSREG_DBGWVR0_EL1: case SYSREG_DBGWVR1_EL1: case SYSREG_DBGWVR2_EL1: @@ -1648,7 +1636,7 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) case SYSREG_DBGWVR14_EL1: case SYSREG_DBGWVR15_EL1: env->cp15.dbgwvr[SYSREG_CRM(reg)] = val; - break; + return 0; case SYSREG_DBGWCR0_EL1: case SYSREG_DBGWCR1_EL1: case SYSREG_DBGWCR2_EL1: @@ -1666,20 +1654,18 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) case SYSREG_DBGWCR14_EL1: case SYSREG_DBGWCR15_EL1: env->cp15.dbgwcr[SYSREG_CRM(reg)] = val; - break; - default: - cpu_synchronize_state(cpu); - trace_hvf_unhandled_sysreg_write(env->pc, reg, - SYSREG_OP0(reg), - SYSREG_OP1(reg), - SYSREG_CRN(reg), - SYSREG_CRM(reg), - SYSREG_OP2(reg)); - hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); - return 1; + return 0; } - return 0; + cpu_synchronize_state(cpu); + trace_hvf_unhandled_sysreg_write(env->pc, reg, + SYSREG_OP0(reg), + SYSREG_OP1(reg), + SYSREG_CRN(reg), + SYSREG_CRM(reg), + SYSREG_OP2(reg)); + hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); + return 1; } static int hvf_inject_interrupts(CPUState *cpu) @@ -1944,7 +1930,17 @@ int hvf_vcpu_exec(CPUState *cpu) int sysreg_ret = 0; if (isread) { - sysreg_ret = hvf_sysreg_read(cpu, reg, rt); + sysreg_ret = hvf_sysreg_read(cpu, reg, &val); + if (!sysreg_ret) { + trace_hvf_sysreg_read(reg, + SYSREG_OP0(reg), + SYSREG_OP1(reg), + SYSREG_CRN(reg), + SYSREG_CRM(reg), + SYSREG_OP2(reg), + val); + hvf_set_reg(cpu, rt, val); + } } else { val = hvf_get_reg(cpu, rt); sysreg_ret = hvf_sysreg_write(cpu, reg, val); From patchwork Tue Jul 30 09:40:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747152 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 91992C3DA49 for ; Tue, 30 Jul 2024 09:42:31 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLN-0003lR-9F; Tue, 30 Jul 2024 05:40:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLK-0003ZA-75 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:30 -0400 Received: from mail-wr1-x42c.google.com ([2a00:1450:4864:20::42c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLH-0000XJ-25 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:29 -0400 Received: by mail-wr1-x42c.google.com with SMTP id ffacd0b85a97d-36844375001so1777184f8f.0 for ; Tue, 30 Jul 2024 02:40:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332425; x=1722937225; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=4T6pYopAN2oL2qteh+hB6Dilhk+gKXLQ4w62WyPdv7M=; b=sXe+lhNlOh0naJtgSUBry+o5EKssAHlpixEi9g3PI4nW1bZ1NbEawvG8kIzol7tlkq MFpAWwiBzZog412x1RFJ9pEkMVL2nc4w4T2CUqPQuboRRDljwmgE8a7RlpDNG2PGLGGk gPmRAe8C89EHFz0j3IfvNfCrhQGLGXCK/p4J3db8XVS0HuziR687+R6D04tOaJf5Fi0l gIOjR0wfESOh0b+7K+IbPgenc6gVLLnbdR36A+IL+S7wLyhX4qH7WwLpCfiRfAWIpzln oeNjhRpNuB2Y5ReK0uu4pakZIm8Cf0Vu54+E24n7KyDZDpXbSLs0jP8E7zhPauF3f8xm N6ew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332425; x=1722937225; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4T6pYopAN2oL2qteh+hB6Dilhk+gKXLQ4w62WyPdv7M=; b=xRHzgWTJ9ITcwiTBIMPzULFn57REIogBW8tU57vXXE3wPRS01vF0iZwA9kEvCDRyCQ fyyD/Oul9Ye9SJRIS/9fyrWW0NjQyFDVI8wfqFAx0BUpWGTtxAdlov+I5vqr4KVqrpbP VrBRm0Tnn4HCR7ReGyypwNeAGWV4i0GXejV36QWOE1mvKJuHpvvANaaArwOslcdS2Idp MvjoRXThDitjx2UX+NQP6S7aVAjSHsvQXZUFyOiWEzKhPVEKjeQH9VV2xaw+022y88yT iR1bIaECSYRi2sCSlOD6bMSG1saCTP7Nw4xiULBhfKkK1fnbMpls+XITPwTAtF93ONJE nLYg== X-Gm-Message-State: AOJu0Yz6ICqGhTxS+ijViFrXLLc3p3H8mpUogDJsY3i/bPmK+zswDlU2 yORI/90YIv0WB/15KUQK4tHB+TdojNg92E7TouyU0b+uZBgPMYpk8QXotwtO68b7v38HnNkrrOR e X-Google-Smtp-Source: AGHT+IGlsIBIILbHNvdg//vCxiB6b1koyFZ3anQCLh69NoOTrQuaXrF+ZRfHiG439oh7XVxA2iVs2A== X-Received: by 2002:a05:6000:1249:b0:367:f054:7aba with SMTP id ffacd0b85a97d-36b5d0bc571mr6269721f8f.41.1722332425648; Tue, 30 Jul 2024 02:40:25 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:25 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 06/21] hvf: arm: Properly disable PMU Date: Tue, 30 Jul 2024 10:40:05 +0100 Message-Id: <20240730094020.2758637-7-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42c; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Akihiko Odaki Setting pmu property used to have no effect for hvf so fix it. Signed-off-by: Akihiko Odaki Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- target/arm/hvf/hvf.c | 186 +++++++++++++++++++++++-------------------- 1 file changed, 98 insertions(+), 88 deletions(-) diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c index 1a749534fb0..adcdfae0b17 100644 --- a/target/arm/hvf/hvf.c +++ b/target/arm/hvf/hvf.c @@ -1204,45 +1204,50 @@ static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint64_t *val) ARMCPU *arm_cpu = ARM_CPU(cpu); CPUARMState *env = &arm_cpu->env; + if (arm_feature(env, ARM_FEATURE_PMU)) { + switch (reg) { + case SYSREG_PMCR_EL0: + *val = env->cp15.c9_pmcr; + return 0; + case SYSREG_PMCCNTR_EL0: + pmu_op_start(env); + *val = env->cp15.c15_ccnt; + pmu_op_finish(env); + return 0; + case SYSREG_PMCNTENCLR_EL0: + *val = env->cp15.c9_pmcnten; + return 0; + case SYSREG_PMOVSCLR_EL0: + *val = env->cp15.c9_pmovsr; + return 0; + case SYSREG_PMSELR_EL0: + *val = env->cp15.c9_pmselr; + return 0; + case SYSREG_PMINTENCLR_EL1: + *val = env->cp15.c9_pminten; + return 0; + case SYSREG_PMCCFILTR_EL0: + *val = env->cp15.pmccfiltr_el0; + return 0; + case SYSREG_PMCNTENSET_EL0: + *val = env->cp15.c9_pmcnten; + return 0; + case SYSREG_PMUSERENR_EL0: + *val = env->cp15.c9_pmuserenr; + return 0; + case SYSREG_PMCEID0_EL0: + case SYSREG_PMCEID1_EL0: + /* We can't really count anything yet, declare all events invalid */ + *val = 0; + return 0; + } + } + switch (reg) { case SYSREG_CNTPCT_EL0: *val = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / gt_cntfrq_period_ns(arm_cpu); return 0; - case SYSREG_PMCR_EL0: - *val = env->cp15.c9_pmcr; - return 0; - case SYSREG_PMCCNTR_EL0: - pmu_op_start(env); - *val = env->cp15.c15_ccnt; - pmu_op_finish(env); - return 0; - case SYSREG_PMCNTENCLR_EL0: - *val = env->cp15.c9_pmcnten; - return 0; - case SYSREG_PMOVSCLR_EL0: - *val = env->cp15.c9_pmovsr; - return 0; - case SYSREG_PMSELR_EL0: - *val = env->cp15.c9_pmselr; - return 0; - case SYSREG_PMINTENCLR_EL1: - *val = env->cp15.c9_pminten; - return 0; - case SYSREG_PMCCFILTR_EL0: - *val = env->cp15.pmccfiltr_el0; - return 0; - case SYSREG_PMCNTENSET_EL0: - *val = env->cp15.c9_pmcnten; - return 0; - case SYSREG_PMUSERENR_EL0: - *val = env->cp15.c9_pmuserenr; - return 0; - case SYSREG_PMCEID0_EL0: - case SYSREG_PMCEID1_EL0: - /* We can't really count anything yet, declare all events invalid */ - *val = 0; - return 0; case SYSREG_OSLSR_EL1: *val = env->cp15.oslsr_el1; return 0; @@ -1486,64 +1491,69 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) SYSREG_OP2(reg), val); - switch (reg) { - case SYSREG_PMCCNTR_EL0: - pmu_op_start(env); - env->cp15.c15_ccnt = val; - pmu_op_finish(env); - return 0; - case SYSREG_PMCR_EL0: - pmu_op_start(env); + if (arm_feature(env, ARM_FEATURE_PMU)) { + switch (reg) { + case SYSREG_PMCCNTR_EL0: + pmu_op_start(env); + env->cp15.c15_ccnt = val; + pmu_op_finish(env); + return 0; + case SYSREG_PMCR_EL0: + pmu_op_start(env); - if (val & PMCRC) { - /* The counter has been reset */ - env->cp15.c15_ccnt = 0; - } - - if (val & PMCRP) { - unsigned int i; - for (i = 0; i < pmu_num_counters(env); i++) { - env->cp15.c14_pmevcntr[i] = 0; + if (val & PMCRC) { + /* The counter has been reset */ + env->cp15.c15_ccnt = 0; } + + if (val & PMCRP) { + unsigned int i; + for (i = 0; i < pmu_num_counters(env); i++) { + env->cp15.c14_pmevcntr[i] = 0; + } + } + + env->cp15.c9_pmcr &= ~PMCR_WRITABLE_MASK; + env->cp15.c9_pmcr |= (val & PMCR_WRITABLE_MASK); + + pmu_op_finish(env); + return 0; + case SYSREG_PMUSERENR_EL0: + env->cp15.c9_pmuserenr = val & 0xf; + return 0; + case SYSREG_PMCNTENSET_EL0: + env->cp15.c9_pmcnten |= (val & pmu_counter_mask(env)); + return 0; + case SYSREG_PMCNTENCLR_EL0: + env->cp15.c9_pmcnten &= ~(val & pmu_counter_mask(env)); + return 0; + case SYSREG_PMINTENCLR_EL1: + pmu_op_start(env); + env->cp15.c9_pminten |= val; + pmu_op_finish(env); + return 0; + case SYSREG_PMOVSCLR_EL0: + pmu_op_start(env); + env->cp15.c9_pmovsr &= ~val; + pmu_op_finish(env); + return 0; + case SYSREG_PMSWINC_EL0: + pmu_op_start(env); + pmswinc_write(env, val); + pmu_op_finish(env); + return 0; + case SYSREG_PMSELR_EL0: + env->cp15.c9_pmselr = val & 0x1f; + return 0; + case SYSREG_PMCCFILTR_EL0: + pmu_op_start(env); + env->cp15.pmccfiltr_el0 = val & PMCCFILTR_EL0; + pmu_op_finish(env); + return 0; } + } - env->cp15.c9_pmcr &= ~PMCR_WRITABLE_MASK; - env->cp15.c9_pmcr |= (val & PMCR_WRITABLE_MASK); - - pmu_op_finish(env); - return 0; - case SYSREG_PMUSERENR_EL0: - env->cp15.c9_pmuserenr = val & 0xf; - return 0; - case SYSREG_PMCNTENSET_EL0: - env->cp15.c9_pmcnten |= (val & pmu_counter_mask(env)); - return 0; - case SYSREG_PMCNTENCLR_EL0: - env->cp15.c9_pmcnten &= ~(val & pmu_counter_mask(env)); - return 0; - case SYSREG_PMINTENCLR_EL1: - pmu_op_start(env); - env->cp15.c9_pminten |= val; - pmu_op_finish(env); - return 0; - case SYSREG_PMOVSCLR_EL0: - pmu_op_start(env); - env->cp15.c9_pmovsr &= ~val; - pmu_op_finish(env); - return 0; - case SYSREG_PMSWINC_EL0: - pmu_op_start(env); - pmswinc_write(env, val); - pmu_op_finish(env); - return 0; - case SYSREG_PMSELR_EL0: - env->cp15.c9_pmselr = val & 0x1f; - return 0; - case SYSREG_PMCCFILTR_EL0: - pmu_op_start(env); - env->cp15.pmccfiltr_el0 = val & PMCCFILTR_EL0; - pmu_op_finish(env); - return 0; + switch (reg) { case SYSREG_OSLAR_EL1: env->cp15.oslsr_el1 = val & 1; return 0; From patchwork Tue Jul 30 09:40:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747155 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 39A9BC3DA7F for ; Tue, 30 Jul 2024 09:42:52 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLN-0003lZ-A5; Tue, 30 Jul 2024 05:40:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLL-0003dq-8a for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:31 -0400 Received: from mail-wr1-x42d.google.com ([2a00:1450:4864:20::42d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLI-0000YY-HA for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:30 -0400 Received: by mail-wr1-x42d.google.com with SMTP id ffacd0b85a97d-3687f91af40so2217187f8f.0 for ; Tue, 30 Jul 2024 02:40:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332427; x=1722937227; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=jnq1VIda5vt4YzdNGFFqZt+A/PPj1CEI6DvJT2Yvga0=; b=MNys9gH9FeJdiAPthkLKpsm/+OuU9+kQgFJsPDGRo3bPi4Avf57S4CVJx87e4KiU2a 4V7Iep1zNquD/y6umhxlsqI2/9y2SBA7ZPLfEZWoi3JuYt3+zMLOr24biJp1XwkYCobK /0QTtJj6MR7nBZFXz/OLq4fmQI96kiicktvLupQ/h0Gs7zEVTUOXDZUtepiWSP3pXToM 2JL5zmASlUK/p995oavsSULUQVYx2OMHomQYPF5qXjkLIuUMzjBJPe3PuP9PUUWUJmHp 0w75ATpnLJOdAtzr2mtRdt/lwr8K9HTPbVmSd9UFd9F0bhm2ccV8kuYBpRi3I9PuOm70 WF0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332427; x=1722937227; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jnq1VIda5vt4YzdNGFFqZt+A/PPj1CEI6DvJT2Yvga0=; b=Eq7iF6bGMBTr7VqCgxCMCg7jWio/R0ecu6ooDooviPposcShrnlqN+oWxKdkacJtyJ 9f96hMhZ3IA/5ePr/L+v67Ip+hYvJwlo5d0v7bg2tHHQcBVPNXdr64tmN5lG0EVGt9R/ ykE1SjFUmV2ikUVLsWZyd+ufu390zzqRmdZ2IAfe9tS3/wsRu+nrKZp5N9YD98K5l+l1 /+3/HGKq+hYO3dgzPP4MAvd/sPHlKIh9NoShnNemaQNtwEp432Inje5JIOeAtHZmAmuC 44y5S0zz6Ij6KRlXfwuNFbFrysX0tfk+aNwA/L2Xyi9E/Zb4qtIbXowgmCkHTSovTWLs vrQQ== X-Gm-Message-State: AOJu0Yy+aP0NJgvVmc2V7o5KhMUzhCRkvoM/Y9KO9jghUXW3CUvZvO5+ Tpa5RToK6PuK4nf6IjUDMOktXuHG4sreoVaXa3G3oQqfVsGSGzBQp43a3O+KjUWqdpm3EX1QL+I 2 X-Google-Smtp-Source: AGHT+IEbatzJoLEHwPWAJMfqLoVakWUxs9c2O1RZ7HyfrkbJPjkeaZxK99v2Q4qXbMru5ZACUlpsVQ== X-Received: by 2002:a05:6000:196b:b0:368:4ee0:3c65 with SMTP id ffacd0b85a97d-36b5cf1e6bamr6509864f8f.37.1722332426866; Tue, 30 Jul 2024 02:40:26 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:25 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 07/21] hvf: arm: Do not advance PC when raising an exception Date: Tue, 30 Jul 2024 10:40:06 +0100 Message-Id: <20240730094020.2758637-8-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42d; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Akihiko Odaki This is identical with commit 30a1690f2402 ("hvf: arm: Do not advance PC when raising an exception") but for writes instead of reads. Fixes: a2260983c655 ("hvf: arm: Add support for GICv3") Signed-off-by: Akihiko Odaki Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- target/arm/hvf/hvf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c index adcdfae0b17..c1496ad5be9 100644 --- a/target/arm/hvf/hvf.c +++ b/target/arm/hvf/hvf.c @@ -1586,10 +1586,10 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) case SYSREG_ICC_SGI1R_EL1: case SYSREG_ICC_SRE_EL1: /* Call the TCG sysreg handler. This is only safe for GICv3 regs. */ - if (!hvf_sysreg_write_cp(cpu, reg, val)) { - hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); + if (hvf_sysreg_write_cp(cpu, reg, val)) { + return 0; } - return 0; + break; case SYSREG_MDSCR_EL1: env->cp15.mdscr_el1 = val; return 0; From patchwork Tue Jul 30 09:40:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747157 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9C53AC3DA61 for ; Tue, 30 Jul 2024 09:43:05 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLO-0003ov-6Y; Tue, 30 Jul 2024 05:40:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLL-0003fA-Ja for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:31 -0400 Received: from mail-wr1-x429.google.com ([2a00:1450:4864:20::429]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLJ-0000Yn-10 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:31 -0400 Received: by mail-wr1-x429.google.com with SMTP id ffacd0b85a97d-3683329f787so2166111f8f.1 for ; Tue, 30 Jul 2024 02:40:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332427; x=1722937227; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=7nLQOxJ+g65mj2LydJL4MXaPvrQeqRnkG/NPnjTzCQk=; b=CfJfkwZBaaNfG4sJKDA3PGogxziJ5aIB/0LWpr7s5cZ07mW/LB233ObODMErIN78e9 lHjcvsfqsyTDo/YA2rTLESqkzvzXl0j2ExLh4vhRReog0oWset/3vbvNt9ETYAvLCl9+ 2LAb40P6dMF8xq1SvghYbJ/gLoVFAXrGAcWiY/6bVmsTyk0p9vBUPl6LFdcivCdeKRrB LIepGnjPtGmBx5vAzvd5Ei5UyhhDxn7OYZUbjTGYdfdQKowJRyw+2eusGmyOcWT4zvgL wkCo/for70UO0FjgnZL1Srwvydtf1t+mccU7FlYmUwhFByGSR9ER/4F5Ms/eJCyl+1xZ K/wA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332427; x=1722937227; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7nLQOxJ+g65mj2LydJL4MXaPvrQeqRnkG/NPnjTzCQk=; b=ZzV4o64FTzMz8YqCsxNccYWJuVXhH3968MuVRxOjyFFJGME6pG9ZYDeYifCLYTCdVI gE5fkVQliYlVduloU+5311xHIX094+BekJ9uPxEgkpFonkgpUIITCm8mcpEKqaetFCVB vDq/PG1+YPUzebjg6gjqzjYPjVrgtu1BO+4PD+GOyf6OV2PcJpmaHj4o9CgJTJYLa3fL deAtOM+dplGG0X4L+xbA6koI9IvwL+eoLTobHN4R5FNyMm7MmDiHB3rYNeiRiJreVPXo 1ph0Tfe5xcu+BlHvVFcDuZ0M/BEcF7nw1ibpwUuysVWdivdzt/br2m05nLogCwJt3OvP IWzQ== X-Gm-Message-State: AOJu0YxjY+2LSxusN5XY9hxckZksF/UtPyCiG1bYDIBhfRT883nY0rxa Eyhdxtb5dziVFYgC7OcfAlfHxKKtboV9dtUm2pZPNKeIcWpTFiA3qtC4Dj3ducJiYaVxEnKRzUQ T X-Google-Smtp-Source: AGHT+IGxMLYeLCuVpLBPe55yX44FLU983h0Knm4RknNmR9YbBL4W8EZtX1pcHgQr6gWpMn3dRpcUrg== X-Received: by 2002:a05:6000:1542:b0:368:4e4f:cec5 with SMTP id ffacd0b85a97d-36b5cf25338mr9134188f8f.35.1722332427406; Tue, 30 Jul 2024 02:40:27 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:27 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 08/21] hw/misc/bcm2835_property: Fix handling of FRAMEBUFFER_SET_PALETTE Date: Tue, 30 Jul 2024 10:40:07 +0100 Message-Id: <20240730094020.2758637-9-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::429; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x429.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org The documentation of the "Set palette" mailbox property at https://github.com/raspberrypi/firmware/wiki/Mailbox-property-interface#set-palette says it has the form: Length: 24..1032 Value: u32: offset: first palette index to set (0-255) u32: length: number of palette entries to set (1-256) u32...: RGBA palette values (offset to offset+length-1) We get this wrong in a couple of ways: * we aren't checking the offset and length are in range, so the guest can make us spin for a long time by providing a large length * the bounds check on our loop is wrong: we should iterate through 'length' palette entries, not 'length - offset' entries Fix the loop to implement the bounds checks and get the loop condition right. In the process, make the variables local to this switch case, rather than function-global, so it's clearer what type they are when reading the code. Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-id: 20240723131029.1159908-2-peter.maydell@linaro.org --- hw/misc/bcm2835_property.c | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/hw/misc/bcm2835_property.c b/hw/misc/bcm2835_property.c index 63de3db6215..e28fdca9846 100644 --- a/hw/misc/bcm2835_property.c +++ b/hw/misc/bcm2835_property.c @@ -31,7 +31,6 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) size_t resplen; uint32_t tmp; int n; - uint32_t offset, length, color; uint32_t start_num, number, otp_row; /* @@ -274,19 +273,25 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) resplen = 16; break; case RPI_FWREQ_FRAMEBUFFER_SET_PALETTE: - offset = ldl_le_phys(&s->dma_as, value + 12); - length = ldl_le_phys(&s->dma_as, value + 16); - n = 0; - while (n < length - offset) { - color = ldl_le_phys(&s->dma_as, value + 20 + (n << 2)); - stl_le_phys(&s->dma_as, - s->fbdev->vcram_base + ((offset + n) << 2), color); - n++; + { + uint32_t offset = ldl_le_phys(&s->dma_as, value + 12); + uint32_t length = ldl_le_phys(&s->dma_as, value + 16); + int resp; + + if (offset > 255 || length < 1 || length > 256) { + resp = 1; /* invalid request */ + } else { + for (uint32_t e = 0; e < length; e++) { + uint32_t color = ldl_le_phys(&s->dma_as, value + 20 + (e << 2)); + stl_le_phys(&s->dma_as, + s->fbdev->vcram_base + ((offset + e) << 2), color); + } + resp = 0; } - stl_le_phys(&s->dma_as, value + 12, 0); + stl_le_phys(&s->dma_as, value + 12, resp); resplen = 4; break; - + } case RPI_FWREQ_FRAMEBUFFER_GET_NUM_DISPLAYS: stl_le_phys(&s->dma_as, value + 12, 1); resplen = 4; From patchwork Tue Jul 30 09:40:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747158 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id F05A6C3DA61 for ; Tue, 30 Jul 2024 09:43:09 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLO-0003oz-66; Tue, 30 Jul 2024 05:40:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLL-0003fW-Mf for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:31 -0400 Received: from mail-wm1-x32f.google.com ([2a00:1450:4864:20::32f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLJ-0000Z2-Aj for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:31 -0400 Received: by mail-wm1-x32f.google.com with SMTP id 5b1f17b1804b1-427b1d4da32so15413695e9.0 for ; Tue, 30 Jul 2024 02:40:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332428; x=1722937228; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=6/3KP82EfN4i2J5+6pe3rVQ72AJnXOfkdmQBvmdb3yU=; b=R2Zve7nP4fw3rYQjKqgcHxi9Fmgu3AzYtnWU1G+ImKs1LvLe6My0Jl6PBQVlHHH1oR o1+FKBIfOpA8jDhU0YvNY4PgseTwEKeTL5kQE1tCf1/DSNBXB3+U2a576HHy1g+fhExZ RKvBufPd7xBofARuH92M6Y+WfriYv1s5EgFHmy8U72PNPNIubHUMXpltSHXzBeNrnZQn 1TU+an9dqygOdaP84Xyqv/c6oXCkPI2GFHvZ2tLCtfIH8dmcrYJJGsAS7Iz821dl+TD3 5sMfLWMooc0qkZRIhE85Ol7hQ7TpADcehq9xml+MgqnbyG5sU9uqy/EMRZgTDXoi+rNQ GCnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332428; x=1722937228; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6/3KP82EfN4i2J5+6pe3rVQ72AJnXOfkdmQBvmdb3yU=; b=A2C7VL+Z+HaEuL3/2Lhe6ZCJHqKgsrCihKM3GUeuZs74lN/QXkvPCIKq+L0ak/IiVr VDp3rHKq3R1RhrPXj1OIZ0Ut/wae4QJ2gTyBBSaDsuLhzoE5SsRam7Omy5rAR4+ufiqA m+aAHaFwOGJNEYrDxSje6zMltMrKsJhoM3Z26m7OFOq1EEWpAthcBFkOQMXId563e58o aKEcziOHpiWIcN1lyRYq6B3glzZdiYv9uqPLaq7f4b/jE11LP0WStVlbwdRNULXhw/eC 4gd/xhFuHQX7a3u+ojYHiWu9Si1pnUlKX4BAXP0EphWoQyOCJ3wQGo55UIejpezsLaH9 lLiA== X-Gm-Message-State: AOJu0YxXwDTBKOE8SrNJyi7QtY3RrtjCQSqhai2ZjcS3pKyd59N5j6BR S2DgaJhS6hgHZFoT21zRVVfwKzrhSUkiNPOcFVY0XECVzqxH2IMZcj8YptN+BweZq2dWYYg9aAB d X-Google-Smtp-Source: AGHT+IGYVooqxJ+G45vtZ1YU2jFN7xRAVkA1EhPZyw1n5kkPYosg2ArjqAevuKqaZvL9jRIkc0vSWw== X-Received: by 2002:adf:f8ca:0:b0:367:8e52:3bb9 with SMTP id ffacd0b85a97d-36b8c8e9a69mr873598f8f.22.1722332427858; Tue, 30 Jul 2024 02:40:27 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:27 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 09/21] hw/misc/bcm2835_property: Avoid overflow in OTP access properties Date: Tue, 30 Jul 2024 10:40:08 +0100 Message-Id: <20240730094020.2758637-10-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32f; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Coverity points out that in our handling of the property RPI_FWREQ_SET_CUSTOMER_OTP we have a potential overflow. This happens because we read start_num and number from the guest as unsigned 32 bit integers, but then the variable 'n' we use as a loop counter as we iterate from start_num to start_num + number is only an "int". That means that if the guest passes us a very large start_num we will interpret it as negative. This will result in an assertion failure inside bcm2835_otp_set_row(), which checks that we didn't pass it an invalid row number. A similar issue applies to all the properties for accessing OTP rows where we are iterating through with a start and length read from the guest. Use uint32_t for the loop counter to avoid this problem. Because in all cases 'n' is only used as a loop counter, we can do this as part of the for(), restricting its scope to exactly where we need it. Resolves: Coverity CID 1549401 Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-id: 20240723131029.1159908-3-peter.maydell@linaro.org --- hw/misc/bcm2835_property.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/hw/misc/bcm2835_property.c b/hw/misc/bcm2835_property.c index e28fdca9846..7eb623b4e90 100644 --- a/hw/misc/bcm2835_property.c +++ b/hw/misc/bcm2835_property.c @@ -30,7 +30,6 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) uint32_t tot_len; size_t resplen; uint32_t tmp; - int n; uint32_t start_num, number, otp_row; /* @@ -337,7 +336,7 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) resplen = 8 + 4 * number; - for (n = start_num; n < start_num + number && + for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_CUSTOMER_OTP_LEN; n++) { otp_row = bcm2835_otp_get_row(s->otp, BCM2835_OTP_CUSTOMER_OTP + n); @@ -366,7 +365,7 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) break; } - for (n = start_num; n < start_num + number && + for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_CUSTOMER_OTP_LEN; n++) { otp_row = ldl_le_phys(&s->dma_as, value + 20 + ((n - start_num) << 2)); @@ -383,7 +382,7 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) resplen = 8 + 4 * number; - for (n = start_num; n < start_num + number && + for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_PRIVATE_KEY_LEN; n++) { otp_row = bcm2835_otp_get_row(s->otp, BCM2835_OTP_PRIVATE_KEY + n); @@ -403,7 +402,7 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) break; } - for (n = start_num; n < start_num + number && + for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_PRIVATE_KEY_LEN; n++) { otp_row = ldl_le_phys(&s->dma_as, value + 20 + ((n - start_num) << 2)); From patchwork Tue Jul 30 09:40:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747139 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A6A86C3DA49 for ; Tue, 30 Jul 2024 09:41:17 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLQ-00041F-UL; Tue, 30 Jul 2024 05:40:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLM-0003ir-J9 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:32 -0400 Received: from mail-wr1-x42a.google.com ([2a00:1450:4864:20::42a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLJ-0000Zy-Nw for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:32 -0400 Received: by mail-wr1-x42a.google.com with SMTP id ffacd0b85a97d-368f92df172so2007720f8f.2 for ; Tue, 30 Jul 2024 02:40:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332428; x=1722937228; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/hhRBmwKOtfoX+xYIxvn6dWC79cReHXO4z3495yS0JM=; b=EZuOFjvRBaVYBn8G09d182+hHM21mb6HaEt/uHK9WAmBkQYr5SW4eRlPQZhrCkEfzR 9fnUnySlEmnEMA/A1hycpX8KQs+8OCImRLAdheiBpVC9hg5Er1Lge4YIq9cB6SUgdQDE qzb+q/Cb+TKhZGA1BYU+xvAoMI9kA8bwqyNoE/N3/QA5W3eAH5Ii2exYavCqjGMMD2QS phYTgibzjaaziFkikcsLodH2Ti1VzEghAAxxfg3rwF2Wh/8P8mCanDbPVD3bmf7sraG+ OrAwLS90OqS4M8yqZgkjZpzAF7DcjnKchcCJjiEHWuM34W8KpBuP8G/yUGM0G2q32JcX 5q7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332428; x=1722937228; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/hhRBmwKOtfoX+xYIxvn6dWC79cReHXO4z3495yS0JM=; b=PXw2hnFpEAsAKGciipKvkXJlu8TfuV0ERZEmI+ivg0bcXbMtfLeDTUnFnNu9Wfn1RY e7TSVVZYZWe3SNeV+K8NnOAfwNUAe75cE2plV468J9rtaQOPne1Ryk+NSe2oiXf0A193 i0jLYId8SZ7L7b1yZrC3AAOfvcyZel2VTx0iyLQHxr8xJXxdJ07Pwo18loHWBCh6NxAv k+pvUznnOgFvcMVNxoGTuepxNNIuEoIy2huMnak0J7lrq2iHzJ51cSPkXklL/yl6u6E9 wY91fVOhaxuhxeXov1f6lxLZS1CbaANm4H2PqcpFmqPrQ9FFukOYV1pSO33TlsrBkkB0 sJkQ== X-Gm-Message-State: AOJu0Yyln5B3K9RffKsPEsUkk50DUQatRGZFmHEAF/dhF+YIKYw2ImSy 5LADotvJCqycEQ05qhP8WmGDbbI0lALTaBLoZY+pK/6IxstTB88w9R7Xu98LFabvY4Yx/S7Nmga O X-Google-Smtp-Source: AGHT+IGC63MczyuoWEyxNNnA35HFzIz+yNf4rD5fzGMFhgGbXlSABqwuM5K7XQ676GPchlJLC1A6/w== X-Received: by 2002:a5d:4390:0:b0:367:909b:8281 with SMTP id ffacd0b85a97d-36b5d0ddcd5mr6482178f8f.59.1722332428293; Tue, 30 Jul 2024 02:40:28 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:28 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 10/21] hw/misc/bcm2835_property: Restrict scope of start_num, number, otp_row Date: Tue, 30 Jul 2024 10:40:09 +0100 Message-Id: <20240730094020.2758637-11-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42a; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In the long function bcm2835_property_mbox_push(), the variables start_num, number and otp_row are used only in the four cases which access OTP data, and their uses don't overlap with each other. Make these variables have scope restricted to the cases where they're used, so it's easier to read each individual case without having to cross-refer up to the variable declaration at the top of the function and check whether the variable is also used later in the loop. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-id: 20240723131029.1159908-4-peter.maydell@linaro.org --- hw/misc/bcm2835_property.c | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/hw/misc/bcm2835_property.c b/hw/misc/bcm2835_property.c index 7eb623b4e90..443d42a1824 100644 --- a/hw/misc/bcm2835_property.c +++ b/hw/misc/bcm2835_property.c @@ -30,7 +30,6 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) uint32_t tot_len; size_t resplen; uint32_t tmp; - uint32_t start_num, number, otp_row; /* * Copy the current state of the framebuffer config; we will update @@ -331,22 +330,25 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) /* Customer OTP */ case RPI_FWREQ_GET_CUSTOMER_OTP: - start_num = ldl_le_phys(&s->dma_as, value + 12); - number = ldl_le_phys(&s->dma_as, value + 16); + { + uint32_t start_num = ldl_le_phys(&s->dma_as, value + 12); + uint32_t number = ldl_le_phys(&s->dma_as, value + 16); resplen = 8 + 4 * number; for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_CUSTOMER_OTP_LEN; n++) { - otp_row = bcm2835_otp_get_row(s->otp, + uint32_t otp_row = bcm2835_otp_get_row(s->otp, BCM2835_OTP_CUSTOMER_OTP + n); stl_le_phys(&s->dma_as, value + 20 + ((n - start_num) << 2), otp_row); } break; + } case RPI_FWREQ_SET_CUSTOMER_OTP: - start_num = ldl_le_phys(&s->dma_as, value + 12); - number = ldl_le_phys(&s->dma_as, value + 16); + { + uint32_t start_num = ldl_le_phys(&s->dma_as, value + 12); + uint32_t number = ldl_le_phys(&s->dma_as, value + 16); resplen = 4; @@ -367,32 +369,35 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_CUSTOMER_OTP_LEN; n++) { - otp_row = ldl_le_phys(&s->dma_as, + uint32_t otp_row = ldl_le_phys(&s->dma_as, value + 20 + ((n - start_num) << 2)); bcm2835_otp_set_row(s->otp, BCM2835_OTP_CUSTOMER_OTP + n, otp_row); } break; + } /* Device-specific private key */ - case RPI_FWREQ_GET_PRIVATE_KEY: - start_num = ldl_le_phys(&s->dma_as, value + 12); - number = ldl_le_phys(&s->dma_as, value + 16); + { + uint32_t start_num = ldl_le_phys(&s->dma_as, value + 12); + uint32_t number = ldl_le_phys(&s->dma_as, value + 16); resplen = 8 + 4 * number; for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_PRIVATE_KEY_LEN; n++) { - otp_row = bcm2835_otp_get_row(s->otp, + uint32_t otp_row = bcm2835_otp_get_row(s->otp, BCM2835_OTP_PRIVATE_KEY + n); stl_le_phys(&s->dma_as, value + 20 + ((n - start_num) << 2), otp_row); } break; + } case RPI_FWREQ_SET_PRIVATE_KEY: - start_num = ldl_le_phys(&s->dma_as, value + 12); - number = ldl_le_phys(&s->dma_as, value + 16); + { + uint32_t start_num = ldl_le_phys(&s->dma_as, value + 12); + uint32_t number = ldl_le_phys(&s->dma_as, value + 16); resplen = 4; @@ -404,12 +409,13 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) for (uint32_t n = start_num; n < start_num + number && n < BCM2835_OTP_PRIVATE_KEY_LEN; n++) { - otp_row = ldl_le_phys(&s->dma_as, + uint32_t otp_row = ldl_le_phys(&s->dma_as, value + 20 + ((n - start_num) << 2)); bcm2835_otp_set_row(s->otp, BCM2835_OTP_PRIVATE_KEY + n, otp_row); } break; + } default: qemu_log_mask(LOG_UNIMP, "bcm2835_property: unhandled tag 0x%08x\n", tag); From patchwork Tue Jul 30 09:40:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747164 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7FCE7C3DA49 for ; Tue, 30 Jul 2024 09:44:34 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLR-00041p-3V; Tue, 30 Jul 2024 05:40:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLM-0003jL-NZ for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:32 -0400 Received: from mail-wm1-x32d.google.com ([2a00:1450:4864:20::32d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLK-0000aW-EY for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:32 -0400 Received: by mail-wm1-x32d.google.com with SMTP id 5b1f17b1804b1-4281d812d3eso19863145e9.3 for ; Tue, 30 Jul 2024 02:40:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332429; x=1722937229; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=720J6Fnn90LCfDNzvb5BOYvjsNm2pz0pQOgxMBS+Hs0=; b=jjASWuXjK6MJvGeTE7ennWdmCRDst+YkyOvgKIGip+pLtW4cm1GvfYsJuZVo4qUqZx G4gAfPtn4BpxhSvnNRrCnCKpb1aB58d0NFAlZdQDhyj5ORp25GzmktYu9BAHahT9H1JV GUecfskkf34nRdrCtFV/6P0HTCKDhs9MbcY7JVFxKbbrxyun2jmP81bxCIZjtgMknupb fo4VLZ0VpF9ygSojVjMlZx07sdwv8qgaxGELuLJERj+Xt8df+WU7lk70SeJsmpV4H9ys 6v5k+WD+sURzX1k16hXwNizuTE9yBILZ+qyXHtU1oNer4kzN1d0WTqtZosoUOicBj91Q nK9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332429; x=1722937229; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=720J6Fnn90LCfDNzvb5BOYvjsNm2pz0pQOgxMBS+Hs0=; b=BUq4QS/Fzy1G61Eulu+UZ/geZatWvn7uwu71usD1NaQN8STDZ/SBWsdUP74Of+hVPf zL48ivAdZaQRPyczKLJx/s6VRUgDDXJd342fPI5IHOa1YO1F72QYWYevlz+f3cdUMez0 EqMpsOfJNjGFlLtn2NwU7qthr0xpf96lHmgtCdtnwFct0oyHOhd5HoTd3mrD2tPbl0KV hAPhZe38lGrn0/Q/HNlKS9EOsak2RMuDWCGB6l0OOtRdhWx9wuyORK3CUtt4ZRg3leBY 3Q77ArLQFLhwRuOdcn1MoTyINAM9TjeUWuWrmn0QbRVrw5ghoI2wYtUf2WdesVf7Dqtx Jinw== X-Gm-Message-State: AOJu0Yxmiwy6L1uMAUdKeK5BXphatzjZz3ztmSX/OcvvT71KZ+tNUUzk 2hAvwaILr10XYT+WuQYbGtKQ8+ouVVK2xWwlXfd6VIdmdEkUnfFiuFfev9aw0fDHeNhyy5hT2zI E X-Google-Smtp-Source: AGHT+IHdh7qmWnQffjQPs4VGVXveUUmmJmzvdKUq+eCiUa2DWeKPR681d/BlFu6hZNpzC4Su7Fic7g== X-Received: by 2002:adf:f00c:0:b0:368:7943:8b1f with SMTP id ffacd0b85a97d-36b5d0d0f9dmr8965034f8f.43.1722332428734; Tue, 30 Jul 2024 02:40:28 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:28 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 11/21] hw/misc/bcm2835_property: Reduce scope of variables in mbox push function Date: Tue, 30 Jul 2024 10:40:10 +0100 Message-Id: <20240730094020.2758637-12-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32d; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In bcm2835_property_mbox_push(), some variables are defined at function scope but used only in a smaller scope of the function: * tag, bufsize, resplen are used only in the body of the while() loop * tmp is used only for RPI_FWREQ_SET_POWER_STATE (and is badly named) Declare these variables in the scope where they're needed, so the code is easier to read. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-id: 20240723131029.1159908-5-peter.maydell@linaro.org --- hw/misc/bcm2835_property.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/hw/misc/bcm2835_property.c b/hw/misc/bcm2835_property.c index 443d42a1824..8ca3128f29b 100644 --- a/hw/misc/bcm2835_property.c +++ b/hw/misc/bcm2835_property.c @@ -25,11 +25,7 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) { - uint32_t tag; - uint32_t bufsize; uint32_t tot_len; - size_t resplen; - uint32_t tmp; /* * Copy the current state of the framebuffer config; we will update @@ -48,10 +44,10 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) /* @(addr + 4) : Buffer response code */ value = s->addr + 8; while (value + 8 <= s->addr + tot_len) { - tag = ldl_le_phys(&s->dma_as, value); - bufsize = ldl_le_phys(&s->dma_as, value + 4); + uint32_t tag = ldl_le_phys(&s->dma_as, value); + uint32_t bufsize = ldl_le_phys(&s->dma_as, value + 4); /* @(value + 8) : Request/response indicator */ - resplen = 0; + size_t resplen = 0; switch (tag) { case RPI_FWREQ_PROPERTY_END: break; @@ -95,13 +91,16 @@ static void bcm2835_property_mbox_push(BCM2835PropertyState *s, uint32_t value) resplen = 8; break; case RPI_FWREQ_SET_POWER_STATE: - /* Assume that whatever device they asked for exists, - * and we'll just claim we set it to the desired state + { + /* + * Assume that whatever device they asked for exists, + * and we'll just claim we set it to the desired state. */ - tmp = ldl_le_phys(&s->dma_as, value + 16); - stl_le_phys(&s->dma_as, value + 16, (tmp & 1)); + uint32_t state = ldl_le_phys(&s->dma_as, value + 16); + stl_le_phys(&s->dma_as, value + 16, (state & 1)); resplen = 8; break; + } /* Clocks */ From patchwork Tue Jul 30 09:40:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747148 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6D876C3DA61 for ; Tue, 30 Jul 2024 09:41:53 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLU-0004FZ-MJ; Tue, 30 Jul 2024 05:40:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLN-0003mM-Ey for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:33 -0400 Received: from mail-wr1-x42c.google.com ([2a00:1450:4864:20::42c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLK-0000bj-Qw for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:32 -0400 Received: by mail-wr1-x42c.google.com with SMTP id ffacd0b85a97d-368440b073bso1744461f8f.0 for ; Tue, 30 Jul 2024 02:40:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332429; x=1722937229; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=0K0Gkugc0azQ0l2zlcwkWWXyTIwjww7OgMp4rP3ZvNg=; b=OUuLXmM9FiiuO4OUft8H42nhh2XZjDWxB1bbQF6PJ2L1hHMIf4a8WTxeIcq7UnFH+p cBeyleunjm4C6BnrFHAsAMu4noE7LZ7f1LhFsIWwQdtoV+lddf2bdvjDa6onFqIYTq/R EvhMQvUKcRFnfzswzBva9GZF2DBdJ+vzZ5uSNYm1Juv6FvVJyKimclbvS0mx6XovWzKb 1pu1pq7xiuJHrsdOQ5iwCsr73C+H9muF95T/D7yZqTeOetIB1UL+UlGsJbInTtsk1Lxv PdrUKg9D6JWogegVIci7/+oOVNzl3gC6L35LKCLOsuYxcpg/Tg/AOYTkK2UoaAd1gK4i FljQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332429; x=1722937229; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0K0Gkugc0azQ0l2zlcwkWWXyTIwjww7OgMp4rP3ZvNg=; b=SiE6ysOJAbQpR7yJx+NbormcUSUNSv1ibUxWGYXKZSPk54TwB1gizWN9rHs5K8Es9k xqyMDiW5mKRa4A+rKM9kiYvnGXdBKxFqRxBk/on3wZ8KtzoK6UJa1UMC8p1H/OYelWcg j7N+Lx87nMUA0rafXyqCu2MJEOsmFH4bwqpSlQiN7qUWf3K3R+ThWCWPSKWVTRLC7sDM 75cwHTbaNaBk8Mo8BEeIGFb0oYpi2QI8S8Xs1TfllFmcZdB8+UNbZW17x4vicgjwoswB fwPnLZSuehuZh9lBTeJz1x8+ypcNpROL5CV/yYPCNSCfaHVBp/6SrQCiSHYp+XC6xlDL Yfqw== X-Gm-Message-State: AOJu0Yx0Wdn9rIHM8fyFCVRLtthMRgdZ9BxyX0qzn6K/C+/SAEeUNMqR MYeVPbLSp2QN+LxBRAT3KRl2L1l8sHonH7G+MQZUGcQvJXccRGV3sLelptToNKFddjsWy94RtO0 5 X-Google-Smtp-Source: AGHT+IHmLNtRRGDEKY1q73mgMEXL5NV4tyUnE/fhG+tFR+pWp0akK3bsmluDIAl+/K6m44o/wPe6DQ== X-Received: by 2002:adf:fd8d:0:b0:362:ad01:5435 with SMTP id ffacd0b85a97d-36b8c8ed70dmr923232f8f.29.1722332429238; Tue, 30 Jul 2024 02:40:29 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:28 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 12/21] target/arm: Don't assert for 128-bit tile accesses when SVL is 128 Date: Tue, 30 Jul 2024 10:40:11 +0100 Message-Id: <20240730094020.2758637-13-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42c; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org For an instruction which accesses a 128-bit element tile when the SVL is also 128 (for example MOV z0.Q, p0/M, ZA0H.Q[w0,0]), we will assert in get_tile_rowcol(): qemu-system-aarch64: ../../tcg/tcg-op.c:926: tcg_gen_deposit_z_i32: Assertion `len > 0' failed. This happens because we calculate len = ctz32(streaming_vec_reg_size(s)) - esz;$ but if the SVL and the element size are the same len is 0, and the deposit operation asserts. In this case the ZA storage contains exactly one 128 bit element ZA tile, and the horizontal or vertical slice is just that tile. This means that regardless of the index value in the Ws register, we always access that tile. (In pseudocode terms, we calculate (index + offset) MOD 1, which is 0.) Special case the len == 0 case to avoid hitting the assertion in tcg_gen_deposit_z_i32(). Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20240722172957.1041231-2-peter.maydell@linaro.org --- target/arm/tcg/translate-sme.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/target/arm/tcg/translate-sme.c b/target/arm/tcg/translate-sme.c index 185a8a917b0..a50a419af27 100644 --- a/target/arm/tcg/translate-sme.c +++ b/target/arm/tcg/translate-sme.c @@ -49,7 +49,15 @@ static TCGv_ptr get_tile_rowcol(DisasContext *s, int esz, int rs, /* Prepare a power-of-two modulo via extraction of @len bits. */ len = ctz32(streaming_vec_reg_size(s)) - esz; - if (vertical) { + if (!len) { + /* + * SVL is 128 and the element size is 128. There is exactly + * one 128x128 tile in the ZA storage, and so we calculate + * (Rs + imm) MOD 1, which is always 0. We need to special case + * this because TCG doesn't allow deposit ops with len 0. + */ + tcg_gen_movi_i32(tmp, 0); + } else if (vertical) { /* * Compute the byte offset of the index within the tile: * (index % (svl / size)) * size From patchwork Tue Jul 30 09:40:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747149 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2A33DC3DA7F for ; Tue, 30 Jul 2024 09:42:18 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLP-0003tG-Bh; Tue, 30 Jul 2024 05:40:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLN-0003mI-Ec for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:33 -0400 Received: from mail-wr1-x42d.google.com ([2a00:1450:4864:20::42d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLL-0000cK-53 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:32 -0400 Received: by mail-wr1-x42d.google.com with SMTP id ffacd0b85a97d-3684bea9728so2289766f8f.3 for ; Tue, 30 Jul 2024 02:40:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332429; x=1722937229; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=0t3dw23LYO7KaJ6voFBl2V9URgkrKmEjm+VodO24yXE=; b=G1DZrjxEx0hR/Re43a/s3hVE/4zF4zqBb9mujMooXCK2GqfBhjx2wKQBb8fRpcxr3m SNidaAUX3gzplGfLYtKp7rPqlFJlhF4qCQxyrxt+c5ASNQ6lKO3K0IlzUHXVql1zWsQG wBicXxx0X3Ssb8JJsDZpat9+LiVJryk/gefu1L0Eh1LYIuZxqJNszyNP6+5YgcrIliYj b+IfvUjOSyUX+Eqn3WHIyvaGtj2wIuO0gr/RVVF3n3A7fjXVZ37qp9tU9vCqclecN9U7 vdPnXDCjp4ji6QAcK9avj9OZ5eAj2XJLS+3925RAdOrG07HiXHp6PWGZJAmmrvmDkBaC /f2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332429; x=1722937229; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0t3dw23LYO7KaJ6voFBl2V9URgkrKmEjm+VodO24yXE=; b=K3de6EuOEQGwLKlvsi9JPU+NAdtD8NV5a60kfqlc5a3jXSJi7cwgOAc8cj3QcyAep1 FoH45bDCGq2Ks2odR6KIY6yrZx9iKjLgI2+mwGEIOOB2BvL7+6lbdF+i+v/1nL2pT8Vf HbCRGqF5G/+2tSKeh0DRXc881HpdlqraJIS0Q3/ERc3A8c0pUJyC0Ni7e6mlvvsW7u73 3D0aRgxoSdnHJ29Nk2Y4D/IaQCOkY9b9EZ7LJUFls1NKNCynCwVL1Lq6PbkFkQXwsmD7 Hft/uax5RtRW+X3X+aLb0K5QajQJjFhNP7AJQ2Cr7UMgIOljYoPqmlLFMJAOIYYD8Bdp Bf6w== X-Gm-Message-State: AOJu0Yx3UQo1tgypQz1V3XtTbz1U61eIrTcuC9vZpjh/MMTcJ6HXfS8S dEEOH7NReVrV5C2UtjsshtL+j0GhTuXiAGEe6ojxHSp3i09j9Uhdv/ed/WvsDUfQMdWQsT7GLST Z X-Google-Smtp-Source: AGHT+IEnztkOL3KTo7g9KVqtcd7YlezJS/MHpbqNnO5dcvJBMGLWE5IEZyDktzTr6LTM7hO0jpzkJA== X-Received: by 2002:a5d:4c91:0:b0:367:96b9:760a with SMTP id ffacd0b85a97d-36b5d0ae662mr6825401f8f.41.1722332429644; Tue, 30 Jul 2024 02:40:29 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:29 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 13/21] target/arm: Fix UMOPA/UMOPS of 16-bit values Date: Tue, 30 Jul 2024 10:40:12 +0100 Message-Id: <20240730094020.2758637-14-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42d; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42d.google.com X-Spam_score_int: -11 X-Spam_score: -1.2 X-Spam_bar: - X-Spam_report: (-1.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, THIS_AD=0.899 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org The UMOPA/UMOPS instructions are supposed to multiply unsigned 8 or 16 bit elements and accumulate the products into a 64-bit element. In the Arm ARM pseudocode, this is done with the usual infinite-precision signed arithmetic. However our implementation doesn't quite get it right, because in the DEF_IMOP_64() macro we do: sum += (NTYPE)(n >> 0) * (MTYPE)(m >> 0); where NTYPE and MTYPE are uint16_t or int16_t. In the uint16_t case, the C usual arithmetic conversions mean the values are converted to "int" type and the multiply is done as a 32-bit multiply. This means that if the inputs are, for example, 0xffff and 0xffff then the result is 0xFFFE0001 as an int, which is then promoted to uint64_t for the accumulation into sum; this promotion incorrectly sign extends the multiply. Avoid the incorrect sign extension by casting to int64_t before the multiply, so we do the multiply as 64-bit signed arithmetic, which is a type large enough that the multiply can never overflow into the sign bit. (The equivalent 8-bit operations in DEF_IMOP_32() are fine, because the 8-bit multiplies can never overflow into the sign bit of a 32-bit integer.) Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2372 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20240722172957.1041231-3-peter.maydell@linaro.org --- target/arm/tcg/sme_helper.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/target/arm/tcg/sme_helper.c b/target/arm/tcg/sme_helper.c index 50bb088d048..3ba826a6ceb 100644 --- a/target/arm/tcg/sme_helper.c +++ b/target/arm/tcg/sme_helper.c @@ -1162,10 +1162,10 @@ static uint64_t NAME(uint64_t n, uint64_t m, uint64_t a, uint8_t p, bool neg) \ uint64_t sum = 0; \ /* Apply P to N as a mask, making the inactive elements 0. */ \ n &= expand_pred_h(p); \ - sum += (NTYPE)(n >> 0) * (MTYPE)(m >> 0); \ - sum += (NTYPE)(n >> 16) * (MTYPE)(m >> 16); \ - sum += (NTYPE)(n >> 32) * (MTYPE)(m >> 32); \ - sum += (NTYPE)(n >> 48) * (MTYPE)(m >> 48); \ + sum += (int64_t)(NTYPE)(n >> 0) * (MTYPE)(m >> 0); \ + sum += (int64_t)(NTYPE)(n >> 16) * (MTYPE)(m >> 16); \ + sum += (int64_t)(NTYPE)(n >> 32) * (MTYPE)(m >> 32); \ + sum += (int64_t)(NTYPE)(n >> 48) * (MTYPE)(m >> 48); \ return neg ? a - sum : a + sum; \ } From patchwork Tue Jul 30 09:40:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747150 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B1AAFC3DA61 for ; Tue, 30 Jul 2024 09:42:21 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLP-0003sk-1S; Tue, 30 Jul 2024 05:40:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLN-0003mL-Er for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:33 -0400 Received: from mail-wr1-x42d.google.com ([2a00:1450:4864:20::42d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLL-0000cT-IH for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:32 -0400 Received: by mail-wr1-x42d.google.com with SMTP id ffacd0b85a97d-368526b1333so1544766f8f.1 for ; Tue, 30 Jul 2024 02:40:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332430; x=1722937230; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=bV8H5RVK0b+LxsupxZcm8cD3g3amlRE8yjf1z8/+Mwk=; b=DDOLs4fdM2IeNlbh6TtmsLdxaGCc84bXoFcunIZCXH8GLagfROfSmSAQHlgHcLObEQ cMcEv+UwP3oAkAynKdgIQ4DhKOc0gSeSEZfAeZj73PpREaViNfFnKwug/qYb4LX/Pbpd zAEKDuFV2ZQPXFevJBuD6fdspbyJ/c1YxhZbZ9pHzRevEzwC8eKrEpBdvkAg6OTaQg2Q OPPNGYsfVY5HR3ZK/qPXMGjgptac5aJggGbBu/0S7gQVXxZJlbaWzSez6p0INIb2IJy9 fwgQZVURLAqi6Fp4DzK4luU/aN0bmSidzPOYZGUrWy6Epknkvi67raNk+mG8GQZBngQh 2zig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332430; x=1722937230; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bV8H5RVK0b+LxsupxZcm8cD3g3amlRE8yjf1z8/+Mwk=; b=gdIi5ryp26NT5IA9ZvAfpbQwIumZ9gN5yAdRAE7YlamjeCZAq5KHfKhtDRyobm26Ch GHa/pj5f1gi5d1rU7jtjprfoHEUZZOTvfKi5NlA5Mywin6toTWLsdXVI1CrK36TWdHhr aIrhHUQpdFjHh6txWpnCsVgkrgTqWXDf5Fmq5HaugcOLpOwLcu2C7BCrUrCtz8r4Q7Vc qTIlTMFB2qS52IO9ZTFtEvKXWQwNu/+tjNJhgCTCnBUy4x3++BDYvGR5DQJndl/GEF3f geLm9lIiojwfTer+XDVFqcEIAK11xekRrZTWAjS4IhHZVzTMOvt97Ca07lk71n3vy5mB /KcQ== X-Gm-Message-State: AOJu0Yxl+Sd1sas6t7/72XicMpxlN9f1qwRsdb0B/ifC0wPHh4SdfEIg Kq8hbVQd4X6ERLCbMfeMVA564whglgorARpLrpSSZLq545WAxn2JeVKnQ6b7F1dCXjGiK+h68ms s X-Google-Smtp-Source: AGHT+IGmviJ5DQ+0j9n9zkrKIPgQHyJEZagTewrufB3D7XbyWcVyurnxNTE6679OyWb275vqFpi7Wg== X-Received: by 2002:adf:f549:0:b0:367:8fd9:db6b with SMTP id ffacd0b85a97d-36b8c8df31fmr1081238f8f.9.1722332430071; Tue, 30 Jul 2024 02:40:30 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:29 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 14/21] target/arm: Avoid shifts by -1 in tszimm_shr() and tszimm_shl() Date: Tue, 30 Jul 2024 10:40:13 +0100 Message-Id: <20240730094020.2758637-15-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42d; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org The function tszimm_esz() returns a shift amount, or possibly -1 in certain cases that correspond to unallocated encodings in the instruction set. We catch these later in the trans_ functions (generally with an "a-esz < 0" check), but before we do the decodetree-generated code will also call tszimm_shr() or tszimm_sl(), which will use the tszimm_esz() return value as a shift count without checking that it is not negative, which is undefined behaviour. Avoid the UB by checking the return value in tszimm_shr() and tszimm_shl(). Cc: qemu-stable@nongnu.org Resolves: Coverity CID 1547617, 1547694 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20240722172957.1041231-4-peter.maydell@linaro.org --- target/arm/tcg/translate-sve.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/target/arm/tcg/translate-sve.c b/target/arm/tcg/translate-sve.c index 798ab2bfb13..a72c2620960 100644 --- a/target/arm/tcg/translate-sve.c +++ b/target/arm/tcg/translate-sve.c @@ -50,13 +50,27 @@ static int tszimm_esz(DisasContext *s, int x) static int tszimm_shr(DisasContext *s, int x) { - return (16 << tszimm_esz(s, x)) - x; + /* + * We won't use the tszimm_shr() value if tszimm_esz() returns -1 (the + * trans function will check for esz < 0), so we can return any + * value we like from here in that case as long as we avoid UB. + */ + int esz = tszimm_esz(s, x); + if (esz < 0) { + return esz; + } + return (16 << esz) - x; } /* See e.g. LSL (immediate, predicated). */ static int tszimm_shl(DisasContext *s, int x) { - return x - (8 << tszimm_esz(s, x)); + /* As with tszimm_shr(), value will be unused if esz < 0 */ + int esz = tszimm_esz(s, x); + if (esz < 0) { + return esz; + } + return x - (8 << esz); } /* The SH bit is in bit 8. Extract the low 8 and shift. */ From patchwork Tue Jul 30 09:40:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747160 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BBCDDC3DA61 for ; Tue, 30 Jul 2024 09:44:07 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLR-00044C-Ni; Tue, 30 Jul 2024 05:40:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLO-0003oo-2g for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:34 -0400 Received: from mail-wr1-x430.google.com ([2a00:1450:4864:20::430]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLL-0000cd-RR for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:33 -0400 Received: by mail-wr1-x430.google.com with SMTP id ffacd0b85a97d-3685afd0c56so2044926f8f.1 for ; Tue, 30 Jul 2024 02:40:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332430; x=1722937230; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=06XQlRqaiDDlTS/bWwdh4Kb7Kl/gVH3uLLyO2TZuWqM=; b=BtIIc3aRF1ZS62sZDoM5oACm8M+d9FWOPGsBpczLqKS0wnEATg0zm6luq8Rm7yi/nJ z/xm6UsrxrhMSmxePSX/cSKbG4BChChWvGJ1oDkYq0ORK2iJfe3R19ay6qcEM1PLB3eg j+wxKbBax2Jv18HtG/JSu5RHNP7Ap16he5hiWmtNVDLSciaDoKWcB50wmKGVp3RUxFdo WWIlY6gK1ntPuo35L4polyl9VSqs/NCuD/nbtvfvbnMyZjj9doUJwNob8YNlWn8cAGP3 +PNgSY5aY+2n0C4rRht7Gza8PeWs+ymNikHMLgTyq/fuL+GWALgS+diYkQ1YIMJS4BGX Nrog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332430; x=1722937230; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=06XQlRqaiDDlTS/bWwdh4Kb7Kl/gVH3uLLyO2TZuWqM=; b=Wwi9WuisV5xlyyUG2XpAFyIGRDMUlzEAVhj57oEpYFpg1SsXtIitrCtQazkJjx0JKE ChwyenjrgMZdjnAXP3TDiw4EwX2O0JQG65mGZqEMDbg6jMZXtBKIrbwi/AVeL0b3a2CT uQjx7EomnxVjujhyY5cYnp3w3qelfkPwxyuKJhrA2cwJ0U8lO0DTEV02BvLxMO+Tjh0B 18aVm2VPiep8RRKp4zl6guwRDGX1I691Z8lI0Yn8QcpiKstkp1YXI6zTWZ7yTYMtq9QK I18RjoFSN0toaWiy2lSSCuX4bmFJC69BesbbgxgDY7icoqHq2aZ+UBNTXOl6uXmzlnsI Qe3Q== X-Gm-Message-State: AOJu0Yw+lMaxcDG5Almge5RHubsyheMjXWcYgY6NMhJFOdjGcfHYokFo fBG/+u4YgtYTjXyY0kboGtdSWx9weRLgKrdlXSj07OYmgc7p2vkHsbuP/mUF2EIRy8VN4PFikzc k X-Google-Smtp-Source: AGHT+IGGl+mT0nTJTrpVzaH0YKACvStMEWK3mqHsRzeM5Iowa1ZPPJBzxdbJUsotIkrym+8yWd7FTw== X-Received: by 2002:a05:6000:186c:b0:368:4e28:47f7 with SMTP id ffacd0b85a97d-36b5cefd51dmr8858749f8f.6.1722332430466; Tue, 30 Jul 2024 02:40:30 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:30 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 15/21] target/arm: Ignore SMCR_EL2.LEN and SVCR_EL2.LEN if EL2 is not enabled Date: Tue, 30 Jul 2024 10:40:14 +0100 Message-Id: <20240730094020.2758637-16-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::430; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x430.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org When determining the current vector length, the SMCR_EL2.LEN and SVCR_EL2.LEN settings should only be considered if EL2 is enabled (compare the pseudocode CurrentSVL and CurrentNSVL which call EL2Enabled()). We were checking against ARM_FEATURE_EL2 rather than calling arm_is_el2_enabled(), which meant that we would look at SMCR_EL2/SVCR_EL2 when in Secure EL1 or Secure EL0 even if Secure EL2 was not enabled. Use the correct check in sve_vqm1_for_el_sm(). Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20240722172957.1041231-5-peter.maydell@linaro.org --- target/arm/helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index ce319572354..8fb4b474e83 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -7232,7 +7232,7 @@ uint32_t sve_vqm1_for_el_sm(CPUARMState *env, int el, bool sm) if (el <= 1 && !el_is_in_host(env, el)) { len = MIN(len, 0xf & (uint32_t)cr[1]); } - if (el <= 2 && arm_feature(env, ARM_FEATURE_EL2)) { + if (el <= 2 && arm_is_el2_enabled(env)) { len = MIN(len, 0xf & (uint32_t)cr[2]); } if (arm_feature(env, ARM_FEATURE_EL3)) { From patchwork Tue Jul 30 09:40:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747159 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 80B39C3DA49 for ; Tue, 30 Jul 2024 09:44:05 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLV-0004K5-IG; Tue, 30 Jul 2024 05:40:41 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLO-0003rG-L8 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:34 -0400 Received: from mail-wm1-x332.google.com ([2a00:1450:4864:20::332]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLM-0000cw-KL for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:34 -0400 Received: by mail-wm1-x332.google.com with SMTP id 5b1f17b1804b1-42816ca797fso20884055e9.2 for ; Tue, 30 Jul 2024 02:40:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332431; x=1722937231; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Rm4cAgPkSZIkkBZ/4z1vocwRbdja/wzHAdJooiJoAB0=; b=Mg//dpd3EZ8cAA+pczh29wbZphM7sdJM8IoaQXqHGbQEXaLryji8D3RKOFzFUNt2mt 6yyCGCtYhsA0DtRaTIVvK7KZT/PLlW92NEJPHF4WYtqSIxLEhKt/5x0MvK99CbB6D0D0 /rLhEBY+ZxATtMuY8Zwjpqema43oOsKd/eR+xrIjZlA4uyl63Kw5/1Boga8BejNr30IZ 5P2CFJ9ka3tMVfnaDewZHsbHdE5TwGv3PhQQYdrfSdeDd1Lx/6XW5Ibzqh815l5hoFUR vOAmgfGi35MTny1obxQ/tpjeloWbbfoF8IiTn/RN7MGOkRWVXLow71b3r12AjgAOJ5D+ h6ZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332431; x=1722937231; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Rm4cAgPkSZIkkBZ/4z1vocwRbdja/wzHAdJooiJoAB0=; b=ui9WKgCOzf5oZ7gKCxuuNpVgqXgLV4WGjFUO3Y7v2VLKFM998yfW9CxV/rrR708c0G v5X+0MCKMlzkpZztPDay7S4d4D916adFHRhzvCQsi5Uxi8PhrggADR0kZTqAICV2jIUQ pjhBdU+mHufgds8Ink1xXdIjvOUoYD32BKkIy2GxqXo8zqCX8t3DZ5tqNeKJoI7BLPx+ OJB2ej2gC2pzvzvaLsg/VA4AZzXI0LM+Z/iEO1LAleFFtjoQzZDTT+iRo/TaHdbYKYho GiWeJF7NcJ+DIXa5xoBx1e+Mi+tYaq/0eHZp3YMJpd5NuRP39uIVit3tiq0ue8zQNWSw lz0g== X-Gm-Message-State: AOJu0Yz9UlkooTJPL2eVWpgLGAhbwuHAvxdKUMLLsSkEdFfLLCsaBS+U n2+aoeYnpCDgtL8siz+D7XJ28/LNXCc13MN17SCbRvSLpli1ga1jXagqlPb0qB/jIuu0fTRyp2+ W X-Google-Smtp-Source: AGHT+IGlO75m1Hn93j1EXTOTaS2rzk6rt/iDwBeeCAgSV3xt7YSgz8xNOhQW19fci+oKFqWg3St2IA== X-Received: by 2002:a05:6000:4d1:b0:367:8847:5bf4 with SMTP id ffacd0b85a97d-36b5cee9bbbmr7710993f8f.10.1722332430904; Tue, 30 Jul 2024 02:40:30 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:30 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 16/21] target/tricore: Use unsigned types for bitops in helper_eq_b() Date: Tue, 30 Jul 2024 10:40:15 +0100 Message-Id: <20240730094020.2758637-17-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::332; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x332.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Coverity points out that in helper_eq_b() we have an int32_t 'msk' and we end up shifting into its sign bit. This is OK for QEMU because we use -fwrapv to give this well defined semantics, but when you look at what this function is doing it's doing bit operations, so we should be using an unsigned variable anyway. This also matches the return type of the function. Make 'ret' and 'msk' uint32_t. Resolves: Coverity CID 1547758 Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Message-id: 20240723151042.1396610-1-peter.maydell@linaro.org --- target/tricore/op_helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/target/tricore/op_helper.c b/target/tricore/op_helper.c index ba9c4444b39..a0d5a0da1df 100644 --- a/target/tricore/op_helper.c +++ b/target/tricore/op_helper.c @@ -1505,8 +1505,8 @@ uint32_t helper_sub_h(CPUTriCoreState *env, target_ulong r1, target_ulong r2) uint32_t helper_eq_b(target_ulong r1, target_ulong r2) { - int32_t ret; - int32_t i, msk; + uint32_t ret, msk; + int32_t i; ret = 0; msk = 0xff; From patchwork Tue Jul 30 09:40:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747162 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EA670C3DA61 for ; Tue, 30 Jul 2024 09:44:16 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLR-00041z-4e; Tue, 30 Jul 2024 05:40:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLO-0003rn-Pv for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:34 -0400 Received: from mail-wr1-x434.google.com ([2a00:1450:4864:20::434]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLN-0000dA-5B for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:34 -0400 Received: by mail-wr1-x434.google.com with SMTP id ffacd0b85a97d-368663d7f80so2042983f8f.3 for ; Tue, 30 Jul 2024 02:40:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332431; x=1722937231; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=kU9D23p+W3yoB6z9qvYF5ze3lbw4IbqA/FP/4T6R+9k=; b=mzn1ljL9ldqf2tn5wsodeTq+tXrBm8HuULVBDKqkxGZhq6uM77EQ9V/7PjXZrOzWCK eKigAHcQrIHm572u7/Z6ZEnIQE9iKbV45AmxMDZZtB1vrqWvRlzjTqlnG0Q89mUNywDG NFw6WEg9Ncng9jJZIu+1RIS9tf6VG40/S7UZ2S2qOi+lDnDQ2TX2zVSCfkYziq2wEtMa 1U2UszD/o08olF4+/a4SlmIpTK3IYQh2iz9KaQQPu30MS+uJymLmeKkLCklAcUvGM2zH RSLagYNGBvCtu+BRrc/M7VYc2Jmd9cgl35XlmorjwZCd0VLxXhVz5CSJRTor/cH2/etT rUOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332431; x=1722937231; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kU9D23p+W3yoB6z9qvYF5ze3lbw4IbqA/FP/4T6R+9k=; b=U14Jz07RmtAQEz5lXyuBvTH1cQyYGyuYxg0qqX8OP2O/Qlw0q6I8MBGDPEZDy//1nn AK207r7qexrtYmYQKsDpNvZyLgYxp2PS8ty9QrUVEaCV7vA+CI4y5bbTbBDOsZdxRp02 NwW6zQ1YxVAxCbc0YEzNpfW7OG6a4nFWesVr/II3IjYOAlBwawdwJ2FS7M9HAvwqFcAb IUUG1cR19paUZNp7uOplCL5aXxeqWKEqsn4eEqqJjnKBHfOM+YCbQJZQjyS2Yb0rqiz8 Oj5UgteGEaA+njoQeWPqNCcho/r7A7tsmMP425whHZf8hBLUsBMnWBJKy1Dbrug0bg5R i/dw== X-Gm-Message-State: AOJu0YxI1Bt6aMakxP5NRLYQu+dEvuvSfv1WC7dFGYKFoz5CoL/fc/UO 085A1XHPl6jXkndmyFbALq+MZTnnDaAvxz4NyuihyjJgvIT6FMNmwElkipxlS2Dom7/0oRoSREx J X-Google-Smtp-Source: AGHT+IGg+F3J6w+eKYe8GjUEUA0r8uZjKZuKAsOEocrjEZ1wAXvfBgpQt/LwAPEkr8zYE9y4T7HgZw== X-Received: by 2002:a5d:4e0d:0:b0:360:79d4:b098 with SMTP id ffacd0b85a97d-36b5d03ce06mr5650520f8f.29.1722332431397; Tue, 30 Jul 2024 02:40:31 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:31 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 17/21] target/xtensa: Make use of 'segment' in pptlb helper less confusing Date: Tue, 30 Jul 2024 10:40:16 +0100 Message-Id: <20240730094020.2758637-18-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::434; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x434.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Coverity gets confused about the use of the 'segment' variable in the pptlb helper function: it thinks that we can take a code path where we first initialize it: unsigned segment = XTENSA_MPU_PROBE_B; // 0x40000000 and then use that value as a shift count: } else if (nhits == 1 && (env->sregs[MPUENB] & (1u << segment))) { In fact this isn't possible, beacuse xtensa_mpu_lookup() is passed '&segment', and it uses that as an output value, which it will always set if it returns nonzero. But the way the code is currently written is confusing to a human reader as well as to Coverity. Instead of initializing 'segment' at the top of the function with a value that's only used in the "nhits == 0" code path, use the constant value directly in that code path, and don't initialize segment. This matches the way we use xtensa_mpu_lookup() in its other callsites in get_physical_addr_mpu(). Resolves: Coverity CID 1547589 Signed-off-by: Peter Maydell Acked-by: Max Filippov Message-id: 20240723151454.1396826-1-peter.maydell@linaro.org --- target/xtensa/mmu_helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/target/xtensa/mmu_helper.c b/target/xtensa/mmu_helper.c index 997b21d3890..29b84d5dbf6 100644 --- a/target/xtensa/mmu_helper.c +++ b/target/xtensa/mmu_helper.c @@ -991,7 +991,7 @@ uint32_t HELPER(rptlb1)(CPUXtensaState *env, uint32_t s) uint32_t HELPER(pptlb)(CPUXtensaState *env, uint32_t v) { unsigned nhits; - unsigned segment = XTENSA_MPU_PROBE_B; + unsigned segment; unsigned bg_segment; nhits = xtensa_mpu_lookup(env->mpu_fg, env->config->n_mpu_fg_segments, @@ -1005,7 +1005,7 @@ uint32_t HELPER(pptlb)(CPUXtensaState *env, uint32_t v) xtensa_mpu_lookup(env->config->mpu_bg, env->config->n_mpu_bg_segments, v, &bg_segment); - return env->config->mpu_bg[bg_segment].attr | segment; + return env->config->mpu_bg[bg_segment].attr | XTENSA_MPU_PROBE_B; } } From patchwork Tue Jul 30 09:40:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747161 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D95F3C3DA61 for ; Tue, 30 Jul 2024 09:44:11 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLR-00043q-Jv; Tue, 30 Jul 2024 05:40:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLP-0003tp-7B for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:35 -0400 Received: from mail-wr1-x42d.google.com ([2a00:1450:4864:20::42d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLN-0000dQ-CR for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:34 -0400 Received: by mail-wr1-x42d.google.com with SMTP id ffacd0b85a97d-3687f8fcab5so1997966f8f.3 for ; Tue, 30 Jul 2024 02:40:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332432; x=1722937232; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=lVuR3ZLOLOt/AiMMURW3eUdzjUzZNpRvpqI9AHUBE2w=; b=yPfzRwwXa0X/tc87ftEMJA0//2UCYz/gW8yn3/B+WvfCyAgsy2NlWx7JVUQqP6oUJo Il2VCLX3teA+sPEVriJj7/8Ixi5vU1kWLMPLxFpfrZBmwN2FRvmEo8LXMiSYjc+jTaR2 zX2dFfbD4U8ms1ffXmcqeQuO4aGnDyI9V8TqJLHIvr4pP8VpzVv/a/IugHOOorIeUpiO 3MZ5fFI6aLfCE97frjf+OODEBNnsrtixrzbHYEaDmLP0hXJ8ZW8tPJRMv+SbRGmgZwbP Zxc/hdBPfe1E9pXlHXtUHalx865R8QHHBsG0+XZskUawZjsNKSMSKyzFw+ZDNSdObQ96 Ry5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332432; x=1722937232; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lVuR3ZLOLOt/AiMMURW3eUdzjUzZNpRvpqI9AHUBE2w=; b=NmMOqms/IS4oolttJRuAzkXoZuhT/5H/9RWXYxVXz+vaab1Tis5mLw6oDELqZqPylK SzZkr8gOv1bs7gBflpdXl6zkkFKPdCWMrMErCBCfqgzbUavDHvrxaLjky9BTSxAR56vO JP+Dl8wfTxD6vNmPzIg6K6zm3tT50WQxWM71KnYVzmH6xZc6gZmrNs6ckxNI24HTujg2 4Y5gVF72KG9KeuTGpT8Nf3c3UdjzPYgoIoWnD4MZOh+l+IhoDREmjipVGvzEMbSBwFtd E+pkar8QLBquQViKKI2dmwCY4vlye7wItv2m6h4cE2TZYFRQXqIOqY0cdqOC6g/LNkT5 PbFQ== X-Gm-Message-State: AOJu0YydkuiNaPySa0g6RfYZJWnPzubW/Z5nspE4+ldnDEie63+b6H/q Mc481ovOxleuq7GYsoJWnmtePa1Px1DnvpAV7joXxSi+KwdKpuclcFF15s8RJxxLpMxC1Rg6HjT k X-Google-Smtp-Source: AGHT+IHg2dW/K/bkCA0b2pW4OxpUzaXwuxO+6wxsVEphb8AX+Cb8OluNUB6SQQbkSKgM6W1dhBjrXA== X-Received: by 2002:a05:6000:120f:b0:367:4383:d9b4 with SMTP id ffacd0b85a97d-36b5d093e98mr6188697f8f.56.1722332431836; Tue, 30 Jul 2024 02:40:31 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:31 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 18/21] target/m68k: avoid shift into sign bit in dump_address_map() Date: Tue, 30 Jul 2024 10:40:17 +0100 Message-Id: <20240730094020.2758637-19-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42d; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Coverity complains (CID 1547592) that in dump_address_map() we take a value stored in a signed integer variable 'i' and shift it by enough to shift into the sign bit when we construct the value 'logical'. This isn't a bug for QEMU because we use -fwrapv semantics, but we can make Coverity happy by using an unsigned type for the loop variables i, j, k in this function. While we're changing the declaration of the variables, put them in the for() loops so their scope is the minimum required (a style now permitted by our coding style guide). Resolves: Coverity CID 1547592 Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-id: 20240723154207.1483665-1-peter.maydell@linaro.org --- target/m68k/helper.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/target/m68k/helper.c b/target/m68k/helper.c index 7967ad13cbf..4c85badd5d3 100644 --- a/target/m68k/helper.c +++ b/target/m68k/helper.c @@ -479,7 +479,6 @@ static void print_address_zone(uint32_t logical, uint32_t physical, static void dump_address_map(CPUM68KState *env, uint32_t root_pointer) { - int i, j, k; int tic_size, tic_shift; uint32_t tib_mask; uint32_t tia, tib, tic; @@ -502,19 +501,19 @@ static void dump_address_map(CPUM68KState *env, uint32_t root_pointer) tic_shift = 12; tib_mask = M68K_4K_PAGE_MASK; } - for (i = 0; i < M68K_ROOT_POINTER_ENTRIES; i++) { + for (unsigned i = 0; i < M68K_ROOT_POINTER_ENTRIES; i++) { tia = address_space_ldl(cs->as, M68K_POINTER_BASE(root_pointer) + i * 4, MEMTXATTRS_UNSPECIFIED, &txres); if (txres != MEMTX_OK || !M68K_UDT_VALID(tia)) { continue; } - for (j = 0; j < M68K_ROOT_POINTER_ENTRIES; j++) { + for (unsigned j = 0; j < M68K_ROOT_POINTER_ENTRIES; j++) { tib = address_space_ldl(cs->as, M68K_POINTER_BASE(tia) + j * 4, MEMTXATTRS_UNSPECIFIED, &txres); if (txres != MEMTX_OK || !M68K_UDT_VALID(tib)) { continue; } - for (k = 0; k < tic_size; k++) { + for (unsigned k = 0; k < tic_size; k++) { tic = address_space_ldl(cs->as, (tib & tib_mask) + k * 4, MEMTXATTRS_UNSPECIFIED, &txres); if (txres != MEMTX_OK || !M68K_PDT_VALID(tic)) { From patchwork Tue Jul 30 09:40:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747151 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9AF08C3DA61 for ; Tue, 30 Jul 2024 09:42:30 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLT-00049h-0Y; Tue, 30 Jul 2024 05:40:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLP-0003vB-GL for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:35 -0400 Received: from mail-wr1-x434.google.com ([2a00:1450:4864:20::434]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLN-0000dZ-Ou for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:35 -0400 Received: by mail-wr1-x434.google.com with SMTP id ffacd0b85a97d-36887ca3da2so1923382f8f.2 for ; Tue, 30 Jul 2024 02:40:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332432; x=1722937232; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=y9IjY/fhNilZFR1VTqsWrhWqxlwIIF2aeXKAohFdZZ8=; b=DWnwCkv3JRpt7N6/dYTLrTsCzywUp3qSCHFszcJ+Qvcaf6KNGZE7cil66PUL4dwB3w mGaztCpnqfhCdv90swb0PAJtcvCu8DLPa6+Y4lQGvU5hKeJSyShSsruGss5QsJQ0knIv 5edUihVWhtlgJ31Vyh1iPH+Pp4SWUvp+A3wDhQPfOUgKnp/CidMEY0HmmvV3i4sBVsio IIjsB8uSWv/3trp9Jggm3bBu8oA7zNPSVmGjOekdQTeRIZqMI1le2Cv/ljykVWbK2Mnb egRgiyTMDpjK+CyQReGIL4A1c3HUJGlgJDc8kNlrUj9fCwNFxewzY1N04ynMb83RcnmF abJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332432; x=1722937232; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=y9IjY/fhNilZFR1VTqsWrhWqxlwIIF2aeXKAohFdZZ8=; b=aCUQG/xyinJcDP/YZxqXZwyykh1x3BDdUCE0zhippBE0umfMPr2mE2TyjayVfyhhkm w1Ig0kh3VFh4e5wLvxQSQcYqkfEHd9qqecorM2lXGbhVCo8T7pm8LJIG1pD8NzBjrUkn Ui9vn/vBnL2nUvQ13q6mN/Tv7UpWto3VuFj8N9MdzwXI6kI9oypu7Jp96g8pypOfjlp2 /M0ggtpCci9InXkgzHQDXQYM8veaqA9Lf3wsU4yzwvWkkc1m3x4ti5HXdB9VG4ClM2yO VjjDCsmjIf1l0rY/eW6592O3GBjUK9txlEHlphtA93jjqO3s6zsqSpN79YScf1zY+GL0 9F1A== X-Gm-Message-State: AOJu0Yysx+n5yqb82T6a6hla/bhFh+gG+uW69g2asybWf0CLo78p7cEU /iNa+z7bcB3CQ3wZR3EWHIp5lpxx/D1P7MrIQrkhX2g8ntVufB8x/1wF/waDOiIEcxxAxaOj8lp c X-Google-Smtp-Source: AGHT+IEfRmKpL1iptkOfHV8ZKKO7OSHt4+cBUuTeiVC/ds4f8Yv39g9b6NdRnG2fnhkcxlJjdbrFoQ== X-Received: by 2002:a5d:6ac8:0:b0:35f:d70:6193 with SMTP id ffacd0b85a97d-36b5d08b2b8mr6428959f8f.41.1722332432253; Tue, 30 Jul 2024 02:40:32 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:32 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 19/21] target/i386: Remove dead assignment to ss in do_interrupt64() Date: Tue, 30 Jul 2024 10:40:18 +0100 Message-Id: <20240730094020.2758637-20-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::434; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x434.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Coverity points out that in do_interrupt64() in the "to inner privilege" codepath we set "ss = 0", but because we also set "new_stack = 1" there, later in the function we will always override that value of ss with "ss = 0 | dpl". Remove the unnecessary initialization of ss, which allows us to reduce the scope of the variable to only where it is used. Borrow a comment from helper_lcall_protected() that explains what "0 | dpl" means here. Resolves: Coverity CID 1527395 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-id: 20240723162525.1585743-1-peter.maydell@linaro.org --- target/i386/tcg/seg_helper.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c index aac092a356b..bab552cd535 100644 --- a/target/i386/tcg/seg_helper.c +++ b/target/i386/tcg/seg_helper.c @@ -926,7 +926,7 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, target_ulong ptr; int type, dpl, selector, cpl, ist; int has_error_code, new_stack; - uint32_t e1, e2, e3, ss, eflags; + uint32_t e1, e2, e3, eflags; target_ulong old_eip, offset; bool set_rf; StackAccess sa; @@ -1007,7 +1007,6 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, /* to inner privilege */ new_stack = 1; sa.sp = get_rsp_from_tss(env, ist != 0 ? ist + 3 : dpl); - ss = 0; } else { /* to same privilege */ if (env->eflags & VM_MASK) { @@ -1040,7 +1039,7 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int, env->eflags &= ~(TF_MASK | VM_MASK | RF_MASK | NT_MASK); if (new_stack) { - ss = 0 | dpl; + uint32_t ss = 0 | dpl; /* SS = NULL selector with RPL = new CPL */ cpu_x86_load_seg_cache(env, R_SS, ss, 0, 0, dpl << DESC_DPL_SHIFT); } env->regs[R_ESP] = sa.sp; From patchwork Tue Jul 30 09:40:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747153 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 4FED0C49EA1 for ; Tue, 30 Jul 2024 09:42:33 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLS-000464-Ce; Tue, 30 Jul 2024 05:40:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLP-0003vj-LE for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:35 -0400 Received: from mail-wm1-x334.google.com ([2a00:1450:4864:20::334]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLO-0000df-3N for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:35 -0400 Received: by mail-wm1-x334.google.com with SMTP id 5b1f17b1804b1-4280bca3960so25368305e9.3 for ; Tue, 30 Jul 2024 02:40:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332433; x=1722937233; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/p7od16yWan/HDEkGj2xKqznwD/3Uyvk/bZAOed461U=; b=aGWOjwOlSK8J+sC6ZJFJL5xn4uDPoP2r9y+PnjvTm4AiZrhZEdYkqUwA+Za0qNBgef WJ4bEqSlF8CEJlfaodpfX6k6MJj00QxMAt7q6NmXRAy/iBHts9Zh3EZ7kKvMQ1qNs4yy gfaNauvpvfljZcWLbWsSK4WhrJW1+TDVnX/RpYMw5qpYR++DHUjwC21EC63Nsv/jFr6l DjGrkxGYluRrJ/FJE5tabXp+pMvt9gJEv5REwdtgc3x/x2EzLVXftcksZVCm9UYBaTup G89y0viz8OOUgU75D0yU4PWhOND9MPEuYJ0gP0r6jsEFw5Nr1xoMB2uXsoz7ogdjuk4m n1hQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332433; x=1722937233; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/p7od16yWan/HDEkGj2xKqznwD/3Uyvk/bZAOed461U=; b=RJn3A0AtQqd96/3C3V8kCfv3cIFWTK2/wD3CaHLlyW8+clAlS550NFKy4OxwBm5x6C 070JuaVaKbVV9eKkIKcqAzXkp6O17puNpqyZgr8Qw3thq9YzBVKKp7h9xuscrklpaCoq hZ/JWtuw3aQ7y/SkX56Bf8RmSbISfNjbEXk1QAbDHFBoBXBCg1uf345Bgxy88TpEajW9 RudyEVbaIBYwerDg5NuWv52nWYomfDHUQjaTHWLGgJDNMmEriba8+brpqre52pPuOy7m XaC+rZeA6tlZh6wu5/mLaXKagsHY/eDWURxxoIMGhp8wQJpulOm3LVPp7klO0U2xwWcj V17g== X-Gm-Message-State: AOJu0YyDzzjo/QlqYcV/viywDfQJz5mjikfL34D7V8XoS8LGNn0ZOXsB yC6p6SgI1Dtghd3F22FmaEM0oKpGDiRgDPpLq1J4LItteCnxYbu5oYGvAu8uuZ7L/Cw6csMssjc V X-Google-Smtp-Source: AGHT+IF+pNRJ3pVHCBr6CxeZULr52V7dsxz+Q49euP97uyNx8prcWL+oyFJOo9gR81G+7Li8QtV/Mg== X-Received: by 2002:a05:600c:6dce:b0:427:985b:178b with SMTP id 5b1f17b1804b1-42811d871a4mr68531495e9.16.1722332432646; Tue, 30 Jul 2024 02:40:32 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:32 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 20/21] target/sh4: Avoid shift into sign bit in update_itlb_use() Date: Tue, 30 Jul 2024 10:40:19 +0100 Message-Id: <20240730094020.2758637-21-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::334; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x334.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In update_itlb_use() the variables or_mask and and_mask are uint8_t, which means that in expressions like "and_mask << 24" the usual C arithmetic conversions will result in the shift being done as a signed int type, and so we will shift into the sign bit. For QEMU this isn't undefined behaviour because we use -fwrapv; but we can avoid it anyway by using uint32_t types for or_mask and and_mask. Resolves: Coverity CID 1547628 Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Reviewed-by: Yoshinori Sato Message-id: 20240723172431.1757296-1-peter.maydell@linaro.org --- target/sh4/helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/sh4/helper.c b/target/sh4/helper.c index 67029106277..9659c695504 100644 --- a/target/sh4/helper.c +++ b/target/sh4/helper.c @@ -187,7 +187,7 @@ void superh_cpu_do_interrupt(CPUState *cs) static void update_itlb_use(CPUSH4State * env, int itlbnb) { - uint8_t or_mask = 0, and_mask = (uint8_t) - 1; + uint32_t or_mask = 0, and_mask = 0xff; switch (itlbnb) { case 0: From patchwork Tue Jul 30 09:40:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 13747163 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 38958C3DA49 for ; Tue, 30 Jul 2024 09:44:29 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sYjLR-00044e-RB; Tue, 30 Jul 2024 05:40:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sYjLQ-0003y0-6Z for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:36 -0400 Received: from mail-wr1-x42e.google.com ([2a00:1450:4864:20::42e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sYjLO-0000eC-G1 for qemu-devel@nongnu.org; Tue, 30 Jul 2024 05:40:35 -0400 Received: by mail-wr1-x42e.google.com with SMTP id ffacd0b85a97d-3684bea9728so2289809f8f.3 for ; Tue, 30 Jul 2024 02:40:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722332433; x=1722937233; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=jfxWTbmPHfPItv3Jo669wf0TJh+oQpU/CHJm1l2IvZY=; b=f3x38ekkwj/oKWFcFQEGzkUITXRcmlvJWTMZTO+sBE7c4qAZrvww9P86Np+PexAy7G /DivMIrFh9p/u4q+oXZYEVQ3dVX3Ajb/4bNz+ZNyd7uOZ1qr3Gv0obvHiLyzaQTZFCUJ KhtbWluwB3WeCp0k4/G7fc3H4umMuTTiWo83xN4k+RDcmGETZjIFYS3/+k9CLAUBf3PM uUsjPC6D3ktEMspJfYGvVAzL3XJD8SMo/U014sVylh9ngOpY6LYWauvVFYwLHljMDh8A YbCNXAW7PDuJnNrT7QOYO3XFusDWYFKrbCNBgeBDDy8Md8+po0VmDWttLAGJA6N9Lkkz +dfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722332433; x=1722937233; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jfxWTbmPHfPItv3Jo669wf0TJh+oQpU/CHJm1l2IvZY=; b=vbaD8wANyuFgSwXKHw9eEjdy49PxqbB52Xh+dZPpxmdJf88RDJrUJTah+GvsmaBYvq Au55G1OPt+Voe9U+1bQr587iyRnDrJWgFhcmSoZfT7j1HkbR7Wm6J/iF6nCKubmIeYpt LnBPcjLT5Ga+cxADnyJcwUwAhNgjWcXjxtRP7JP5e7OxplHlM0UDcfcL/Y/022hJ279a u0+WY67X4tnZAOk2LGhlDxeih+pCTfGMToJeOyU5l/zMHmPR/kgX8WE+2FX20sgyDYaA Npj6CyDnauHl6s6k7SpyKyu2Peb4WUXZDh352Yc7ZxblVGx9RPOLDsenP4vUpRr1szZ8 QRTg== X-Gm-Message-State: AOJu0YxK3/6PH0e6FUqiQ4FuDOAmRAuUlEV70IzPDz6I3LccLLBSvOVs qg2ViJBVBdUThyPV+TPP1aQ6akCggz4XuuoFldINx/eC3/E388re0G+mTJFgbQZfC54H5k0ZK/P B X-Google-Smtp-Source: AGHT+IHai7uLDlxDLkqZbV6e4fqlgoceBTG5yuftQG2j57yPVODDrFyNIbziHbuoXhhUwDCkFC8Cag== X-Received: by 2002:a05:6000:1546:b0:368:420e:b790 with SMTP id ffacd0b85a97d-36b5cef8f76mr8545304f8f.14.1722332433088; Tue, 30 Jul 2024 02:40:33 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b36862549sm14194974f8f.106.2024.07.30.02.40.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 02:40:32 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 21/21] system/physmem: Where we assume we have a RAM MR, assert it Date: Tue, 30 Jul 2024 10:40:20 +0100 Message-Id: <20240730094020.2758637-22-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240730094020.2758637-1-peter.maydell@linaro.org> References: <20240730094020.2758637-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::42e; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x42e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In the functions invalidate_and_set_dirty() and cpu_physical_memory_snapshot_and_clear_dirty(), we assume that we are dealing with RAM memory regions. In this case we know that memory_region_get_ram_addr() will succeed. Assert this before we use the returned ram_addr_t in arithmetic. This makes Coverity happier about these functions: it otherwise complains that we might have an arithmetic overflow that stems from the possible -1 return from memory_region_get_ram_addr(). Resolves: Coverity CID 1547629, 1547715 Signed-off-by: Peter Maydell Reviewed-by: Peter Xu Reviewed-by: David Hildenbrand Message-id: 20240723170513.1676453-1-peter.maydell@linaro.org --- system/physmem.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/system/physmem.c b/system/physmem.c index 0e19186e1b4..94600a33ec3 100644 --- a/system/physmem.c +++ b/system/physmem.c @@ -923,13 +923,19 @@ DirtyBitmapSnapshot *cpu_physical_memory_snapshot_and_clear_dirty (MemoryRegion *mr, hwaddr offset, hwaddr length, unsigned client) { DirtyMemoryBlocks *blocks; - ram_addr_t start = memory_region_get_ram_addr(mr) + offset; + ram_addr_t start, first, last; unsigned long align = 1UL << (TARGET_PAGE_BITS + BITS_PER_LEVEL); - ram_addr_t first = QEMU_ALIGN_DOWN(start, align); - ram_addr_t last = QEMU_ALIGN_UP(start + length, align); DirtyBitmapSnapshot *snap; unsigned long page, end, dest; + start = memory_region_get_ram_addr(mr); + /* We know we're only called for RAM MemoryRegions */ + assert(start != RAM_ADDR_INVALID); + start += offset; + + first = QEMU_ALIGN_DOWN(start, align); + last = QEMU_ALIGN_UP(start + length, align); + snap = g_malloc0(sizeof(*snap) + ((last - first) >> (TARGET_PAGE_BITS + 3))); snap->start = first; @@ -2659,7 +2665,11 @@ static void invalidate_and_set_dirty(MemoryRegion *mr, hwaddr addr, hwaddr length) { uint8_t dirty_log_mask = memory_region_get_dirty_log_mask(mr); - addr += memory_region_get_ram_addr(mr); + ram_addr_t ramaddr = memory_region_get_ram_addr(mr); + + /* We know we're only called for RAM MemoryRegions */ + assert(ramaddr != RAM_ADDR_INVALID); + addr += ramaddr; /* No early return if dirty_log_mask is or becomes 0, because * cpu_physical_memory_set_dirty_range will still call