valgrind reports write unitialized bytes from buf[]. Clear them.
ASan reports we store to misaligned address in buf[]. Use stl_le_p()
for that.
Cc: Sam Eiderman <shmuel.eiderman@oracle.com>
Cc: John Snow <jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20200317092354.31831-1-armbru@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
The scripts/coccinelle/memory-region-housekeeping.cocci reported:
* TODO [[view:./hw/ppc/ppc405_boards.c::face=ovl-face1::linb=195::colb=8::cole=30][potential use of memory_region_init_rom*() in ./hw/ppc/ppc405_boards.c::195]]
* TODO [[view:./hw/ppc/ppc405_boards.c::face=ovl-face1::linb=464::colb=8::cole=30][potential use of memory_region_init_rom*() in ./hw/ppc/ppc405_boards.c::464]]
We can indeed replace the memory_region_init_ram() and
memory_region_set_readonly() calls by memory_region_init_rom().
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
The scripts/coccinelle/memory-region-housekeeping.cocci reported:
* TODO [[view:./hw/arm/stm32f205_soc.c::face=ovl-face1::linb=96::colb=4::cole=26][potential use of memory_region_init_rom*() in ./hw/arm/stm32f205_soc.c::96]]
* TODO [[view:./hw/arm/stm32f405_soc.c::face=ovl-face1::linb=98::colb=4::cole=26][potential use of memory_region_init_rom*() in ./hw/arm/stm32f405_soc.c::98]]
We can indeed replace the memory_region_init_ram() and
memory_region_set_readonly() calls by memory_region_init_rom().
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Avoid orphan memory regions being added in the /unattached QOM
container.
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
When a device creates a MemoryRegion without setting its ownership,
the MemoryRegion is added to the machine "/unattached" container in
the QOM tree.
Example with the Samsung SMDKC210 board:
$ arm-softmmu/qemu-system-arm -M smdkc210 -S -monitor stdio
(qemu) info qom-tree
/machine (smdkc210-machine)
/unattached (container)
/io[0] (qemu:memory-region)
/exynos4210.dram0[0] (qemu:memory-region)
/exynos4210.irom[0] (qemu:memory-region)
/exynos4210.iram[0] (qemu:memory-region)
/exynos4210.chipid[0] (qemu:memory-region)
...
/device[26] (exynos4210.uart)
/exynos4210.uart[0] (qemu:memory-region)
/soc (exynos4210)
^
\__ [*]
The irom/iram/chipid regions should go under 'soc' at [*].
Add a semantic patch to let the device own the memory region.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Add a semantic patch to detect potential replacement of
memory_region_init_ram(readonly) by memory_region_init_rom().
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Reviewed-by: KONRAD Frederic <frederic.konrad@adacore.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
This commit was produced with the Coccinelle script
scripts/coccinelle/memory-region-housekeeping.cocci.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Add a semantic patch to replace memory_region_init_ram(readonly)
by memory_region_init_rom().
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
As we are going to add various semantic changes related to the memory
region API, rename this script to be more generic.
Add a 'usage' header, and an entry in MAINTAINERS to avoid checkpatch
warning.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
memory_region_init_rom_nomigrate() has the same content than
memory_region_init_ram_shared_nomigrate(), with setting the
readonly mode. The code is easier to review as creating a
readonly ram/shared/nomigrate region.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Since memory region aliases are neither rom nor ram, they are
described as i/o, which is often incorrect. Return instead the
type of the original region we are aliasing.
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
The polymorphic locking macros don't support QemuRecMutex yet. Add it
so that lock guards can be used with QemuRecMutex.
Convert TCG plugins functions that benefit from these macros. Manual
qemu_rec_mutex_lock/unlock() callers are left unmodified in cases where
clarity would not improve by switching to the macros.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch introduces two lock guard macros that automatically unlock a
lock object (QemuMutex and others):
void f(void) {
QEMU_LOCK_GUARD(&mutex);
if (!may_fail()) {
return; /* automatically unlocks mutex */
}
...
}
and:
WITH_QEMU_LOCK_GUARD(&mutex) {
if (!may_fail()) {
return; /* automatically unlocks mutex */
}
}
/* automatically unlocks mutex here */
...
Convert qemu-timer.c functions that benefit from these macros as an
example. Manual qemu_mutex_lock/unlock() callers are left unmodified in
cases where clarity would not improve by switching to the macros.
Many other QemuMutex users remain in the codebase that might benefit
from lock guards. Over time they can be converted, if that is
desirable.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
[Use QEMU_MAKE_LOCKABLE_NONNULL. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This will be needed for lock guards, because if the lock is NULL the
dummy for loop of the lock guard never runs. This can cause confusion
and dummy warnings in the compiler, but even if it did not, aborting
with a NULL pointer dereference is a less surprising behavior.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
A recently added acceptance test is important not only for
Malta machine, but for overall MIPS target, since it tests
smp feature.
CC: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <1584061252-16635-4-git-send-email-aleksandar.markovic@rt-rk.com>
For some longish time I've been using multiple email addresses
for mailing list communication, and would like to consolidate it
into a single email address that is the most convenient to me.
My other emails, from rt-rk.com and wavecomp.com domains remain
active and I will respond from them too, if needed, but I would
like to manage almost all communication using gmail.com account.
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <1584061252-16635-3-git-send-email-aleksandar.markovic@rt-rk.com>
Aurelien has been and will forever remain an idol in QEMU for
MIPS world. However, since he decided to move on to other projects,
acknowledge the reality, and formally releive him from maintainer's
duties for QEMU for MIPS items. Aurelien is though welcome to come
back at any time. Some empty spots caused by this are filled in by
Aleksandar.
CC: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Message-Id: <1584061252-16635-2-git-send-email-aleksandar.markovic@rt-rk.com>
PXA255 does not support a USB OHCI controller, so don't wire it up.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200313160215.28155-1-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The Linux kernel recently started using FAST_READ_4 commands.
This results in flash read failures. At the same time, the m25p80
emulation is seen to read 8 more bytes than expected. Adjusting the
expected number of dummy cycles to match FAST_READ fixes the problem.
Fixes: f95c4bffdc4c ("aspeed/smc: snoop SPI transfers to fake dummy cycles")
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Whenever an unsupported command is encountered, the current code
interprets each transferred byte as new command. Most of the time, those
'commands' are interpreted as new unknown commands. However, in rare
cases, it may be that for example address or length information
passed with the original command is by itself a valid command.
If that happens, the state machine may get completely confused and,
worst case, start writing data into the flash or even erase it.
To avoid the problem, transition into STATE_READING_DATA and keep
sending a value of 0 until the chip is deselected after encountering
an unsupported command.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When requesting JEDEC data using the JEDEC_READ command, the Linux kernel
always requests 6 bytes. The current implementation only returns three
bytes, and interprets the remaining three bytes as new commands.
While this does not matter most of the time, it is at the very least
confusing. To avoid the problem, always report up to 6 bytes of JEDEC
data. Fill remaining data with 0.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
While at it, add some trace messages to help debug problems
seen when running the latest Linux kernel.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The current code causes clang static code analyzer generate warning:
hw/net/imx_fec.c:858:9: warning: Value stored to 'value' is never read
value = value & 0x0000000f;
^ ~~~~~~~~~~~~~~~~~~
hw/net/imx_fec.c:864:9: warning: Value stored to 'value' is never read
value = value & 0x000000fd;
^ ~~~~~~~~~~~~~~~~~~
According to the definition of the function, the two “value” assignments
should be written to registers.
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Chen Qun <kuhn.chenqun@huawei.com>
Message-id: 20200313123242.13236-1-kuhn.chenqun@huawei.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
With this patch, the USB controllers on 'sabrelite' are detected
and can be used to boot the system.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200313014551.12554-6-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
IMX6UL USB controllers are quite similar to IMX7 USB controllers.
Wire them up the same way.
The only real difference is that wiring up phy devices is necessary
to avoid phy reset timeouts in the Linux kernel.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200313014551.12554-5-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Recent Linux kernels (post v4.20) crash due to accesses to flexcan
and pwm controllers. Instantiate as unimplemented devices to work
around the problem.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200313014551.12554-4-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
USB1 and USB2 interrupt numbers were swapped. USB_PHY2 interrupt number
is 45. That didn't really matter up to now since the interrupts were not
used, but it needs to be fixed to be able to wire up the USB controllers.
Fixes: 31cbf933f0e ("i.MX6UL: Add i.MX6UL SOC")
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200313014551.12554-3-linux@roeck-us.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add basic USB PHY support as implemented in i.MX23, i.MX28, i.MX6,
and i.MX7 SoCs.
The only support really needed - at least to boot Linux - is support
for soft reset, which needs to reset various registers to their initial
value. Otherwise, just record register values.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200313014551.12554-2-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This tag contains the last of the patches I'd like to target for the 5.0 soft
freeze. At this point we're mostly collecting fixes, but there are a few new
features. The changes include:
* An OpenSBI update, including the various bits necessary to put CI together
and an image for the 32-bit sifive_u board.
* A fix that disallows TSR when outside of machine mode.
* A fix for VS-mode interrupt forwarding.
-----BEGIN PGP SIGNATURE-----
iQJHBAABCgAxFiEEKzw3R0RoQ7JKlDp6LhMZ81+7GIkFAl5wSz4THHBhbG1lckBk
YWJiZWx0LmNvbQAKCRAuExnzX7sYicR+D/9KZs8PxEKSG1fL6/ZYwHxtbDfwhBDu
vtpBn1nxgXjbPmzCjGjFmldULKu9lJLSSZ7tLRKmMdaWDdKo2kTZ55h7NEkMxoxT
xy9LYsiaM3adbkBArRhME9XRx1lh6LbVuvUhq4qx4Hn2xROQnWJ9tA1kNs0BApRx
tIKmN71BtJM4NVZExdiX929UfyT6IZUbQlTpq1pEyucvUia+rvCnCg+ZTnSQbPiT
NQc327vmcOTZWAT41KuitHLH79ijqd6tqnbkeOp57BRUoGnGM0S3zREUVuF9cpgh
hQSDUOBu8xLzryR75oVXHOYJSTRqVwE9DaWQ45LRCgYYVgbSvqRuwICI038WEjtV
Y1ZFBEl8/3wKEv30l+K4qDZ+TlNWBu4epdwSnEs1j0dOwaUvUIsEWnKslJr5tjKc
E+CC9KZeci+J34MUqzwKeQolvpd9ng1c1DKPKdWnw//2Pl6aeH4XG9ZuuFE2/+K5
gWuCd25guUpmlp+oa+S+5F/9YvwZEubS6DJquabEK3J0eoDOZZPYaPX6LCG+e91P
2Q3jIh6k65GyN3wYv1H9yNY23hE99AaVUK6f8fMwyLc+iXSbPoQI0kHH3LHxOhOU
dogRKsMS8nWF+x+wzTicLJl4tH2l8ra9R8AfhUMaQGugimvK/5fZreRk5532RiPy
m8qEu9Ablinv2Q==
=is1w
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-5.0-sf5' into staging
RISC-V Patches for the 5.0 Soft Freeze, Part 5
This tag contains the last of the patches I'd like to target for the 5.0 soft
freeze. At this point we're mostly collecting fixes, but there are a few new
features. The changes include:
* An OpenSBI update, including the various bits necessary to put CI together
and an image for the 32-bit sifive_u board.
* A fix that disallows TSR when outside of machine mode.
* A fix for VS-mode interrupt forwarding.
# gpg: Signature made Tue 17 Mar 2020 03:59:58 GMT
# gpg: using RSA key 2B3C3747446843B24A943A7A2E1319F35FBB1889
# gpg: issuer "palmer@dabbelt.com"
# gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>" [unknown]
# gpg: aka "Palmer Dabbelt <palmer@sifive.com>" [unknown]
# gpg: aka "Palmer Dabbelt <palmerdabbelt@google.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41
# Subkey fingerprint: 2B3C 3747 4468 43B2 4A94 3A7A 2E13 19F3 5FBB 1889
* remotes/palmer/tags/riscv-for-master-5.0-sf5:
target/riscv: Fix VS mode interrupts forwarding.
gitlab-ci.yml: Add jobs to build OpenSBI firmware binaries
riscv: sifive_u: Update BIOS_FILENAME for 32-bit
roms: opensbi: Add 32-bit firmware image for sifive_u machine
roms: opensbi: Upgrade from v0.5 to v0.6
target/riscv: Correctly implement TSR trap
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Linux guests wait ~30 seconds when closing the emulated /dev/ttyUSB0.
During that time, the kernel driver is sending many control URBs
requesting GetModemStat (5). Real hardware returns a status with
FTDI_THRE (Transmitter Holding Register) and FTDI_TEMT (Transmitter
Empty) set. QEMU leaves them clear, and it seems Linux is waiting for
FTDI_TEMT to be set to indicate the tx queue is empty before closing.
Set the bits when responding to a GetModemStat query and avoid the
shutdown delay.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-id: 20200316174610.115820-5-jandryuk@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
A FTDI USB adapter on an xHCI controller can send 512 byte USB packets.
These are 8 * ( 2 bytes header + 62 bytes data). A 384 byte receive
buffer is insufficient to fill a 512 byte packet, so bump the receive
size to 496 ( 512 - 2 * 8 ).
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Message-id: 20200316174610.115820-4-jandryuk@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
usb-serial has issues with xHCI controllers where data is lost in the
VM. Inspecting the URBs in the guest, EHCI starts every 64 byte boundary
(wMaxPacketSize) with a header. EHCI hands packets into
usb_serial_token_in() with size 64, so these cannot cross the 64 byte
boundary. The xHCI controller has packets of 512 bytes and the usb-serial
will just write through the 64 byte boundary. In the guest, this means
data bytes are interpreted as header, so data bytes don't make it out
the serial interface.
Re-work usb_serial_token_in to chunk data into 64 byte units - 2 byte
header and 62 bytes data. The Linux driver reads wMaxPacketSize to find
the chunk size, so we match that.
Real hardware was observed to pass in 512 byte URBs (496 bytes data +
8 * 2 byte headers). Since usb-serial only buffers 384 bytes of data,
usb-serial will pass in 6 64 byte blocks and 1 12 byte partial block for
462 bytes max.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Message-id: 20200316174610.115820-3-jandryuk@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
We'll be adding a loop, so move the code into a helper function. breaks
are replaced with returns. While making this change, add braces to
single line if statements to comply with coding style and keep
checkpatch happy.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
Message-id: 20200316174610.115820-2-jandryuk@gmail.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The only change here is moving the decision about rtas-size
to QEMU.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
