mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hw/rtc/ls7a_rtc: Fix uninitialied bugs and toymatch writing function

Browse Source 
1. Initialize the tm struct in toymatch_write() and ls7a_toy_start() to
   fix uninitialized bugs.
2. Fix toymatch_val_to_time function. By the document, when we calculate
   the expiration year, we should first get current year, and replace the
   0-5 bits with toymatch's 26-31 bits.

Fixes: Coverity CID 1489766, 1489763

Signed-off-by: Xiaojuan Yang <yangxiaojuan@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220701093407.2150607-2-yangxiaojuan@loongson.cn>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This commit is contained in:
Xiaojuan Yang 2022-07-01 17:33:57 +08:00 committed by Richard Henderson
parent 490c03ab11
commit 4f2c65877c
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
hw/rtc/ls7a_rtc.c
View File

@ -148,8 +148,9 @@ static inline uint64_t toy_time_to_val_year(struct tm tm)
return year; return year;
} }
static inline void toymatch_val_to_time(uint64_t val, struct tm *tm) static inline void toymatch_val_to_time(LS7ARtcState *s, uint64_t val, struct tm *tm)
{ {
qemu_get_timedate(tm, s->offset_toy);
tm->tm_sec = FIELD_EX32(val, TOY_MATCH, SEC); tm->tm_sec = FIELD_EX32(val, TOY_MATCH, SEC);
tm->tm_min = FIELD_EX32(val, TOY_MATCH, MIN); tm->tm_min = FIELD_EX32(val, TOY_MATCH, MIN);
tm->tm_hour = FIELD_EX32(val, TOY_MATCH, HOUR); tm->tm_hour = FIELD_EX32(val, TOY_MATCH, HOUR);
@ -158,17 +159,18 @@ static inline void toymatch_val_to_time(uint64_t val, struct tm *tm)
tm->tm_year += (FIELD_EX32(val, TOY_MATCH, YEAR) - (tm->tm_year & 0x3f)); tm->tm_year += (FIELD_EX32(val, TOY_MATCH, YEAR) - (tm->tm_year & 0x3f));
} }
static void toymatch_write(LS7ARtcState *s, struct tm *tm, uint64_t val, int num) static void toymatch_write(LS7ARtcState *s, uint64_t val, int num)
{ {
int64_t now, expire_time; int64_t now, expire_time;
struct tm tm = {};
/* it do not support write when toy disabled */ /* it do not support write when toy disabled */
if (toy_enabled(s)) { if (toy_enabled(s)) {
s->toymatch[num] = val; s->toymatch[num] = val;
/* caculate expire time */ /* caculate expire time */
now = qemu_clock_get_ms(rtc_clock); now = qemu_clock_get_ms(rtc_clock);
toymatch_val_to_time(val, tm); toymatch_val_to_time(s, val, &tm);
expire_time = now + (qemu_timedate_diff(tm) - s->offset_toy) * 1000; expire_time = now + (qemu_timedate_diff(&tm) - s->offset_toy) * 1000;
timer_mod(s->toy_timer[num], expire_time); timer_mod(s->toy_timer[num], expire_time);
} }
} }
@ -223,7 +225,7 @@ static void ls7a_toy_start(LS7ARtcState *s)
{ {
int i; int i;
uint64_t expire_time, now; uint64_t expire_time, now;
struct tm tm; struct tm tm = {};
/* /*
* need to recaculate toy offset * need to recaculate toy offset
* and expire time when enable it. * and expire time when enable it.
@ -236,7 +238,7 @@ static void ls7a_toy_start(LS7ARtcState *s)
/* recaculate expire time and enable timer */ /* recaculate expire time and enable timer */
for (i = 0; i < TIMER_NUMS; i++) { for (i = 0; i < TIMER_NUMS; i++) {
toymatch_val_to_time(s->toymatch[i], &tm); toymatch_val_to_time(s, s->toymatch[i], &tm);
expire_time = now + (qemu_timedate_diff(&tm) - s->offset_toy) * 1000; expire_time = now + (qemu_timedate_diff(&tm) - s->offset_toy) * 1000;
timer_mod(s->toy_timer[i], expire_time); timer_mod(s->toy_timer[i], expire_time);
} }
@ -352,13 +354,13 @@ static void ls7a_rtc_write(void *opaque, hwaddr addr,
} }
break; break;
case SYS_TOYMATCH0: case SYS_TOYMATCH0:
toymatch_write(s, &tm, val, 0); toymatch_write(s, val, 0);
break; break;
case SYS_TOYMATCH1: case SYS_TOYMATCH1:
toymatch_write(s, &tm, val, 1); toymatch_write(s, val, 1);
break; break;
case SYS_TOYMATCH2: case SYS_TOYMATCH2:
toymatch_write(s, &tm, val, 2); toymatch_write(s, val, 2);
break; break;
case SYS_RTCCTRL: case SYS_RTCCTRL:
/* get old ctrl */ /* get old ctrl */