From nobody Sat May 18 14:01:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1582007739827436.68814971078893; Mon, 17 Feb 2020 22:35:39 -0800 (PST) Received: from localhost ([::1]:57336 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wTp-0000nc-S9 for importer@patchew.org; Tue, 18 Feb 2020 01:35:37 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48913) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wSX-000805-Vp for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:18 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1j3wSW-0007Bv-W9 for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:17 -0500 Received: from mail-wr1-x443.google.com ([2a00:1450:4864:20::443]:46486) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1j3wSW-000791-I3 for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:16 -0500 Received: by mail-wr1-x443.google.com with SMTP id z7so22413760wrl.13 for ; Mon, 17 Feb 2020 22:33:59 -0800 (PST) Received: from x1w.redhat.com (78.red-88-21-202.staticip.rima-tde.net. [88.21.202.78]) by smtp.gmail.com with ESMTPSA id y7sm4374683wrr.56.2020.02.17.22.33.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Feb 2020 22:33:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ZEnCz22/lMoX438dE+AVCeyGWeT3h5NvPmvnHleFQyA=; b=l6iln52nRqYuloUTsipGqEbsTvYJe3SlJ28+5HGa44iYEIqpLX+vW09TzBVZUQrm74 7oJ/HDdniVc/Puejnf33dYmHLiHhNoN8AkYX+UmvyDfFCqnzXDjux67EMAl/aI6QLACL YG09l09dTvAZbp/whf4H1CVystMvcXbikU2nEBfypgKjVPuV60yqRxmUeWJojFqSLVa3 uUBQfKs/cg8kH8gCfHuRre34UkgZuuAC/HZYaQj5X9/2r4rNX1H/HJ9Pf1EMDe2FA2pI bTTiLlVo8EnNfnOyThwESSiPB6Efa7CMPJKy0RlqbUeG0aMCHz4Ic4bDnfofW0R3QQM7 pFoQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=ZEnCz22/lMoX438dE+AVCeyGWeT3h5NvPmvnHleFQyA=; b=TJHuFabst6fN7kQzRSPw/3Hi2HHPXQlJDUGCAJJMIqbnQCnicjnQ0M7LGe7F/tSNUG T9fgNiMI1qutZHzRraYw0d1JAJyMQPsSx0Oe7dE3mjlGgPNTeU/XDuIQ2rdgQ+OzsboN tRGdxPTVhQvPfnQThu1uLqIS9sGUZZXeQQDgYJxL0mxatqkSzjk1ddM2k3ZgOGtidLVx PcmyBFIwuU3rM/JxNFDvLaqT54b+aIY6hNOFiksToO7T0aOj70ZLoZdldftRtSSYII/U 4FiYHuFFmYhAOOskLbGoagmjLRdCth+c6lX0f6dQvFwFxeRaIFui0VznRhpQ0imC+1zP jVzg== X-Gm-Message-State: APjAAAU6OgdL+hahEhFSlOHLjdrjGxEGy66pgei+F25QpXROq2zJEtG1 fZIL/duB98NREqKQA0gBzh0= X-Google-Smtp-Source: APXvYqzBmrRQq+e/Uo5HTRLbcne9TquDRtGvVgpwh0YoWASbhAKH29BTLWxDWuB/kxV7gVgvDCk1rw== X-Received: by 2002:a5d:560d:: with SMTP id l13mr774391wrv.222.1582007638595; Mon, 17 Feb 2020 22:33:58 -0800 (PST) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: Helge Deller , qemu-devel@nongnu.org, Sven Schnelle Subject: [PATCH v2 1/4] hw/hppa/dino: Add comments with register name Date: Tue, 18 Feb 2020 07:33:52 +0100 Message-Id: <20200218063355.18577-2-f4bug@amsat.org> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200218063355.18577-1-f4bug@amsat.org> References: <20200218063355.18577-1-f4bug@amsat.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::443 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Add a comment with the name of each register in the 0x800-0x8ff range. Acked-by: Helge Deller Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- hw/hppa/dino.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/hw/hppa/dino.c b/hw/hppa/dino.c index 9797a7f0d9..c237ad3b1b 100644 --- a/hw/hppa/dino.c +++ b/hw/hppa/dino.c @@ -85,18 +85,18 @@ =20 #define DINO800_REGS ((DINO_TLTIM - DINO_GMASK) / 4) static const uint32_t reg800_keep_bits[DINO800_REGS] =3D { - MAKE_64BIT_MASK(0, 1), - MAKE_64BIT_MASK(0, 7), - MAKE_64BIT_MASK(0, 7), - MAKE_64BIT_MASK(0, 8), - MAKE_64BIT_MASK(0, 7), - MAKE_64BIT_MASK(0, 9), - MAKE_64BIT_MASK(0, 32), - MAKE_64BIT_MASK(0, 8), - MAKE_64BIT_MASK(0, 30), - MAKE_64BIT_MASK(0, 25), - MAKE_64BIT_MASK(0, 22), - MAKE_64BIT_MASK(0, 9), + MAKE_64BIT_MASK(0, 1), /* GMASK */ + MAKE_64BIT_MASK(0, 7), /* PAMR */ + MAKE_64BIT_MASK(0, 7), /* PAPR */ + MAKE_64BIT_MASK(0, 8), /* DAMODE */ + MAKE_64BIT_MASK(0, 7), /* PCICMD */ + MAKE_64BIT_MASK(0, 9), /* PCISTS */ + MAKE_64BIT_MASK(0, 32), /* Undefined */ + MAKE_64BIT_MASK(0, 8), /* MLTIM */ + MAKE_64BIT_MASK(0, 30), /* BRDG_FEAT */ + MAKE_64BIT_MASK(0, 25), /* PCIROR */ + MAKE_64BIT_MASK(0, 22), /* PCIWOR */ + MAKE_64BIT_MASK(0, 9), /* TLTIM */ }; =20 typedef struct DinoState { --=20 2.21.1 From nobody Sat May 18 14:01:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1582007743440305.25496477490935; Mon, 17 Feb 2020 22:35:43 -0800 (PST) Received: from localhost ([::1]:57340 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wTu-0000uM-5C for importer@patchew.org; Tue, 18 Feb 2020 01:35:42 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48933) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wSY-000807-Le for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:20 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1j3wSX-0007CF-0Q for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:18 -0500 Received: from mail-wm1-x341.google.com ([2a00:1450:4864:20::341]:34425) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1j3wSW-00079F-I6 for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:16 -0500 Received: by mail-wm1-x341.google.com with SMTP id s144so1430347wme.1 for ; Mon, 17 Feb 2020 22:34:00 -0800 (PST) Received: from x1w.redhat.com (78.red-88-21-202.staticip.rima-tde.net. [88.21.202.78]) by smtp.gmail.com with ESMTPSA id y7sm4374683wrr.56.2020.02.17.22.33.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Feb 2020 22:33:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=k1xqlJVlTLtcTlhlmT931ESAK8LlPdAYPZWP3/ppI/8=; b=lfIthtvZ1bKftbhIlVx++TUxj40O84d7rHQYlRUHU+4ERwyqfxkiz9nfIniJy2+9Eh 2GypA3ZidYiuIsDjKRot9RplT+0dKBiCHsE/tjzdt6wgfOE4WjWdvqrGZpn86lckvrfj s/WY8aGtPEsK1Qn7yWQKTn2QED7wXsWIHSFyhJgnrWejszI4gpKhPWtrd+HijSZ2EXAv 4f8C2KEURdvzA1cSFzgMmVR8JPSyv3HR8W8YHmmyJhRRGGaY5g/ISkGiR0I9ErtzyxpM mXmpd6BHb59pLQ+8nBbtabd2HRLqvLu8hNIfDotbaywS0xeYctmviTo7C+9SnbUbSKaL PLvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=k1xqlJVlTLtcTlhlmT931ESAK8LlPdAYPZWP3/ppI/8=; b=euyKMTJcqvEqmquiv/N92rR7ORNq+aOhaiMyViKIpwIF8L+Go6Kd2tqAX/sm7Ft+o7 UcKFYaQH1FNZqHahEadf1RjPQVmaw4XAPQWEM9Kfn+5qJ8T7UP91LCynzC3322U8/MY9 4iisC46mHPWt9e/Am1ZxHhleK1l+rymaPQOikvGOs/3nbI4zcbS8rt5srqy8eDxijvEH EMRUBXXrnkihWg1ByuwatqE71N8f1ngqyQY6SlZ0EtoLHNQ7v0oc5mVIDeBIIYxJk+as Adr8MYpOaoLZm19UIhaiAJGhQSkx2Dq/NfQMNvojijQ5OaVPEYJzVGkHyl8brJ0qLlnS 6AMA== X-Gm-Message-State: APjAAAVZlwMBLiJlbSxUXsZUA7ibPMU+kFkwfn3kiPv6RdVprXyJrC/R 3P+mEtu4pXRNpiP+9/qvATo= X-Google-Smtp-Source: APXvYqyZZaT7hyyQmExb7dVOkRakMd+MdUzaFKLWBkfrXIanLzl7eIMDflGNBht0NO/a41lBV93giQ== X-Received: by 2002:a05:600c:20f:: with SMTP id 15mr1096631wmi.128.1582007639939; Mon, 17 Feb 2020 22:33:59 -0800 (PST) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: Helge Deller , qemu-devel@nongnu.org, Sven Schnelle Subject: [PATCH v2 2/4] hw/hppa/dino: Fix reg800_keep_bits overrun (CID 1419387 1419393 1419394) Date: Tue, 18 Feb 2020 07:33:53 +0100 Message-Id: <20200218063355.18577-3-f4bug@amsat.org> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200218063355.18577-1-f4bug@amsat.org> References: <20200218063355.18577-1-f4bug@amsat.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::341 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Coverity reports: *** CID 1419387: Memory - illegal accesses (OVERRUN) /hw/hppa/dino.c: 267 in dino_chip_read_with_attrs() 261 val =3D s->ilr & s->imr & s->icr; 262 break; 263 case DINO_TOC_ADDR: 264 val =3D s->toc_addr; 265 break; 266 case DINO_GMASK ... DINO_TLTIM: >>> CID 1419387: Memory - illegal accesses (OVERRUN) >>> Overrunning array "s->reg800" of 12 4-byte elements at element in= dex 12 (byte offset 48) using index "(addr - 2048UL) / 4UL" (which evaluate= s to 12). 267 val =3D s->reg800[(addr - DINO_GMASK) / 4]; 268 if (addr =3D=3D DINO_PAMR) { 269 val &=3D ~0x01; /* LSB is hardwired to 0 */ 270 } 271 if (addr =3D=3D DINO_MLTIM) { 272 val &=3D ~0x07; /* 3 LSB are hardwired to 0 */ *** CID 1419393: Memory - corruptions (OVERRUN) /hw/hppa/dino.c: 363 in dino_chip_write_with_attrs() 357 /* These registers are read-only. */ 358 break; 359 360 case DINO_GMASK ... DINO_TLTIM: 361 i =3D (addr - DINO_GMASK) / 4; 362 val &=3D reg800_keep_bits[i]; >>> CID 1419393: Memory - corruptions (OVERRUN) >>> Overrunning array "s->reg800" of 12 4-byte elements at element in= dex 12 (byte offset 48) using index "i" (which evaluates to 12). 363 s->reg800[i] =3D val; 364 break; 365 366 default: 367 /* Controlled by dino_chip_mem_valid above. */ 368 g_assert_not_reached(); *** CID 1419394: Memory - illegal accesses (OVERRUN) /hw/hppa/dino.c: 362 in dino_chip_write_with_attrs() 356 case DINO_IRR1: 357 /* These registers are read-only. */ 358 break; 359 360 case DINO_GMASK ... DINO_TLTIM: 361 i =3D (addr - DINO_GMASK) / 4; >>> CID 1419394: Memory - illegal accesses (OVERRUN) >>> Overrunning array "reg800_keep_bits" of 12 4-byte elements at ele= ment index 12 (byte offset 48) using index "i" (which evaluates to 12). 362 val &=3D reg800_keep_bits[i]; 363 s->reg800[i] =3D val; 364 break; 365 366 default: 367 /* Controlled by dino_chip_mem_valid above. */ Indeed the array should contain 13 entries, the undocumented register 0x82c is missing. Fix by increasing the array size and adding the missing register. CID 1419387 can be verified with: $ echo x 0xfff80830 | hppa-softmmu/qemu-system-hppa -S -monitor stdio -di= splay none QEMU 4.2.50 monitor - type 'help' for more information (qemu) x 0xfff80830 qemu/hw/hppa/dino.c:267:15: runtime error: index 12 out of bounds for typ= e 'uint32_t [12]' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/phil/source= /qemu/hw/hppa/dino.c:267:15 in 00000000fff80830: 0x00000000 and CID 1419393/1419394 with: $ echo writeb 0xfff80830 0x69 \ | hppa-softmmu/qemu-system-hppa -S -accel qtest -qtest stdio -display n= one [I 1581634452.654113] OPENED [R +4.105415] writeb 0xfff80830 0x69 qemu/hw/hppa/dino.c:362:16: runtime error: index 12 out of bounds for typ= e 'const uint32_t [12]' SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior qemu/hw/hppa/dino= .c:362:16 in =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D29607=3D=3DERROR: AddressSanitizer: global-buffer-overflow on addre= ss 0x5577dae32f30 at pc 0x5577d93f2463 bp 0x7ffd97ea11b0 sp 0x7ffd97ea11a8 READ of size 4 at 0x5577dae32f30 thread T0 #0 0x5577d93f2462 in dino_chip_write_with_attrs qemu/hw/hppa/dino.c:3= 62:16 #1 0x5577d9025664 in memory_region_write_with_attrs_accessor qemu/mem= ory.c:503:12 #2 0x5577d9024920 in access_with_adjusted_size qemu/memory.c:539:18 #3 0x5577d9023608 in memory_region_dispatch_write qemu/memory.c:1482:= 13 #4 0x5577d8e3177a in flatview_write_continue qemu/exec.c:3166:23 #5 0x5577d8e20357 in flatview_write qemu/exec.c:3206:14 #6 0x5577d8e1fef4 in address_space_write qemu/exec.c:3296:18 #7 0x5577d8e20693 in address_space_rw qemu/exec.c:3306:16 #8 0x5577d9011595 in qtest_process_command qemu/qtest.c:432:13 #9 0x5577d900d19f in qtest_process_inbuf qemu/qtest.c:705:9 #10 0x5577d900ca22 in qtest_read qemu/qtest.c:717:5 #11 0x5577da8c4254 in qemu_chr_be_write_impl qemu/chardev/char.c:183:9 #12 0x5577da8c430c in qemu_chr_be_write qemu/chardev/char.c:195:9 #13 0x5577da8cf587 in fd_chr_read qemu/chardev/char-fd.c:68:9 #14 0x5577da9836cd in qio_channel_fd_source_dispatch qemu/io/channel-= watch.c:84:12 #15 0x7faf44509ecc in g_main_context_dispatch (/lib64/libglib-2.0.so.= 0+0x4fecc) #16 0x5577dab75f96 in glib_pollfds_poll qemu/util/main-loop.c:219:9 #17 0x5577dab74797 in os_host_main_loop_wait qemu/util/main-loop.c:24= 2:5 #18 0x5577dab7435a in main_loop_wait qemu/util/main-loop.c:518:11 #19 0x5577d9514eb3 in main_loop qemu/vl.c:1682:9 #20 0x5577d950699d in main qemu/vl.c:4450:5 #21 0x7faf41a87f42 in __libc_start_main (/lib64/libc.so.6+0x23f42) #22 0x5577d8cd4d4d in _start (qemu/build/sanitizer/hppa-softmmu/qemu-= system-hppa+0x1256d4d) 0x5577dae32f30 is located 0 bytes to the right of global variable 'reg800= _keep_bits' defined in 'qemu/hw/hppa/dino.c:87:23' (0x5577dae32f00) of size= 48 SUMMARY: AddressSanitizer: global-buffer-overflow qemu/hw/hppa/dino.c:362= :16 in dino_chip_write_with_attrs Shadow bytes around the buggy address: 0x0aaf7b5be590: 00 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 0x0aaf7b5be5a0: 07 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 0x0aaf7b5be5b0: 07 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x0aaf7b5be5c0: 00 00 00 02 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x0aaf7b5be5d0: 00 00 00 00 00 00 00 00 00 00 00 03 f9 f9 f9 f9 =3D>0x0aaf7b5be5e0: 00 00 00 00 00 00[f9]f9 f9 f9 f9 f9 00 00 00 00 0x0aaf7b5be5f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0aaf7b5be600: 00 00 01 f9 f9 f9 f9 f9 00 00 00 00 07 f9 f9 f9 0x0aaf7b5be610: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 0x0aaf7b5be620: 00 00 00 05 f9 f9 f9 f9 00 00 00 00 07 f9 f9 f9 0x0aaf7b5be630: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc =3D=3D29607=3D=3DABORTING Fixes: Covertiy CID 1419387 / 1419393 / 1419394 (commit 18092598a5) Acked-by: Helge Deller Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- v2: Describe CID 1419387, fixed description (pm215) --- hw/hppa/dino.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/hppa/dino.c b/hw/hppa/dino.c index c237ad3b1b..8868e31793 100644 --- a/hw/hppa/dino.c +++ b/hw/hppa/dino.c @@ -83,7 +83,7 @@ #define DINO_PCI_HOST_BRIDGE(obj) \ OBJECT_CHECK(DinoState, (obj), TYPE_DINO_PCI_HOST_BRIDGE) =20 -#define DINO800_REGS ((DINO_TLTIM - DINO_GMASK) / 4) +#define DINO800_REGS (1 + (DINO_TLTIM - DINO_GMASK) / 4) static const uint32_t reg800_keep_bits[DINO800_REGS] =3D { MAKE_64BIT_MASK(0, 1), /* GMASK */ MAKE_64BIT_MASK(0, 7), /* PAMR */ @@ -96,6 +96,7 @@ static const uint32_t reg800_keep_bits[DINO800_REGS] =3D { MAKE_64BIT_MASK(0, 30), /* BRDG_FEAT */ MAKE_64BIT_MASK(0, 25), /* PCIROR */ MAKE_64BIT_MASK(0, 22), /* PCIWOR */ + MAKE_64BIT_MASK(0, 32), /* Undocumented */ MAKE_64BIT_MASK(0, 9), /* TLTIM */ }; =20 --=20 2.21.1 From nobody Sat May 18 14:01:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1582007741763108.25556803595225; Mon, 17 Feb 2020 22:35:41 -0800 (PST) Received: from localhost ([::1]:57338 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wTs-0000qN-Pe for importer@patchew.org; Tue, 18 Feb 2020 01:35:40 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48907) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wSX-000800-Tj for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:18 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1j3wSX-0007C0-00 for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:17 -0500 Received: from mail-wr1-x443.google.com ([2a00:1450:4864:20::443]:42211) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1j3wSW-00079N-I0 for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:16 -0500 Received: by mail-wr1-x443.google.com with SMTP id k11so22425013wrd.9 for ; Mon, 17 Feb 2020 22:34:01 -0800 (PST) Received: from x1w.redhat.com (78.red-88-21-202.staticip.rima-tde.net. [88.21.202.78]) by smtp.gmail.com with ESMTPSA id y7sm4374683wrr.56.2020.02.17.22.34.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Feb 2020 22:34:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=CUTlMRFxyq2wU+LUYyVinYtmHtyQQUF4r0SxHNLjeD8=; b=oeG+AhwDUFvFRJyX2fwfNVyU5x03r9TTB6xe+hEeaxunodkEbK/HRfqQUyWxMI84AQ WdBn1TMYMP07wS8Y0I7KFX2fcW/FOGvCbK0W91yTWmQYIOGYi4Bw4VOYXyPFAQb4+A79 kOOeS5NybxhNO4BhKpVP2sE6eNOrG6myMpn28ArbWN43M8r4VXlTtk00wUBDc/3nyM5w iDYZG4d3VDkow5hM90pxdgAHRHZpNu4P/NvhWCDtIOdxyuhiRMxKfiRgcMA27Kmo+PFm 8PTfkAxQa9q8jnWnE4RPAPT1Fjxg1JnlroK20NnyfYm5oAVsE3djLxVBWhY3tl8RaaGX rV2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=CUTlMRFxyq2wU+LUYyVinYtmHtyQQUF4r0SxHNLjeD8=; b=h+6SGdWZ/5L7ZEvgebySPSmb0f+4Th6+hkvJI7i6Xw1HiuuPfSVIUIOe+9tpKrOX0x hnp0GaUUewOHh9jZ8V2CIJo23vcONwtikF5Rb6CGmO3r5hcYgoqVEHVy0RjKp2sZuJWf uceCMzRk/d0MzKCaIJXjqt0pDATUGJH8YG4QRKDSroF1uI1MYFxlrauzciNMqYvV0u1y VjfkXCJID6nZLJJOiZ6+jsxUXJ9Wlf4DEbU9z8hKhj6zpbxJgTVRsqRYNTXN/KaVJLGp L+W+LsnExRiEVzPcbzY79Iv5QVgnHwANqT3PK6YfKqNG+lndO0xEC8vanlU5C1qE49mL ZElQ== X-Gm-Message-State: APjAAAUuWx2GJTkw24CCpgCyMgLhnYttE+2hHCWrkZ+OsGA97B74BMFH OWmxM6FerHlEgYW59Rc1WaK0O4tS/W8= X-Google-Smtp-Source: APXvYqxgMjtJSe3WaFRTTAc8LrGMW8wBmhS6snDuEJIFac5xGPdfGR878PufVfWcCDo06bAf7WGYxA== X-Received: by 2002:adf:97d6:: with SMTP id t22mr26317307wrb.407.1582007641102; Mon, 17 Feb 2020 22:34:01 -0800 (PST) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: Helge Deller , qemu-devel@nongnu.org, Sven Schnelle Subject: [PATCH v2 3/4] hw/hppa/dino: Fix bitmask for the PCIROR register Date: Tue, 18 Feb 2020 07:33:54 +0100 Message-Id: <20200218063355.18577-4-f4bug@amsat.org> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200218063355.18577-1-f4bug@amsat.org> References: <20200218063355.18577-1-f4bug@amsat.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::443 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Only 24 bits of the PCIROR register are documented (see pp. 37 of datasheet referenced in this file header). Acked-by: Helge Deller Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- hw/hppa/dino.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/hppa/dino.c b/hw/hppa/dino.c index 8868e31793..be799aad43 100644 --- a/hw/hppa/dino.c +++ b/hw/hppa/dino.c @@ -94,7 +94,7 @@ static const uint32_t reg800_keep_bits[DINO800_REGS] =3D { MAKE_64BIT_MASK(0, 32), /* Undefined */ MAKE_64BIT_MASK(0, 8), /* MLTIM */ MAKE_64BIT_MASK(0, 30), /* BRDG_FEAT */ - MAKE_64BIT_MASK(0, 25), /* PCIROR */ + MAKE_64BIT_MASK(0, 24), /* PCIROR */ MAKE_64BIT_MASK(0, 22), /* PCIWOR */ MAKE_64BIT_MASK(0, 32), /* Undocumented */ MAKE_64BIT_MASK(0, 9), /* TLTIM */ --=20 2.21.1 From nobody Sat May 18 14:01:32 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1582007821884271.36013276509095; Mon, 17 Feb 2020 22:37:01 -0800 (PST) Received: from localhost ([::1]:57364 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wVA-00037e-UF for importer@patchew.org; Tue, 18 Feb 2020 01:37:00 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48912) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1j3wSX-000804-WF for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:18 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1j3wSX-0007C6-02 for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:17 -0500 Received: from mail-wm1-x342.google.com ([2a00:1450:4864:20::342]:38096) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1j3wSW-00079a-JF for qemu-devel@nongnu.org; Tue, 18 Feb 2020 01:34:16 -0500 Received: by mail-wm1-x342.google.com with SMTP id a9so1570845wmj.3 for ; Mon, 17 Feb 2020 22:34:03 -0800 (PST) Received: from x1w.redhat.com (78.red-88-21-202.staticip.rima-tde.net. [88.21.202.78]) by smtp.gmail.com with ESMTPSA id y7sm4374683wrr.56.2020.02.17.22.34.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Feb 2020 22:34:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2Ouq7XQLosFxrv2edg/baO3XM9qB7VdwC5zrCS7tFOI=; b=bKxJiORA0jLEcMV7/mcaMBwiChyd/75WZ2/7cQeXERBOLP9/B8ow/CXqdcLEb4jhN3 4Yvgh1z2YCfOUQkObx19QEOlt6qxflCU3HJj2jPq9ZNAtcfy7fd09wgAyf9kc9fEVJ9k JbhlmGlYw4v1CvLotiH3WAvAc9kCF8fyP6gxp5PBiA2ZYomX3+fRArNfGDhDhQ1jvkB9 FEg8b0RhxEuC3A20erXETk7iZCNThAzQWzzNi0+mKNpZJDp/Ldr9LOQpwOy8zZ17ssTJ TB9ZuBqwpZEcFFvPGhNZ/Vh7jG5B+UJb7dRFt9Nogi0kQnIuu4c7R4jWwhYwHYUC2EJJ EjKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=2Ouq7XQLosFxrv2edg/baO3XM9qB7VdwC5zrCS7tFOI=; b=mMpcZ36lpv/0GVoSa9Rm0Ok0bAJBhXj59k+nscHRvQWs7hr+gJZbhoE5Hty9frFXX0 E5cb/LEtVgX4KwjPOg39b3roUOzRPzTaeieTQvQQ4YT5ONRXwXfmmgFc7V3fP9ZmPtpQ kLqUJCXcq7KnJvkM66xXxRdEeIrn9peu61yEcMSxd/vFRYJ0paZhBrfCU5wqI5MLUTt9 d5JE7DOXcxsjcnrYNMXl6bJClXF8KYKVTdU+MBrjuAqA4vB0oKaPRWEUVhaShMDGkskI mZlnDVNCKewyKumygFm+XU8t5LPhcG1FT1vjz1VYV/7CYj8kXQGl3OpPgY0N17GkIOKv V2VQ== X-Gm-Message-State: APjAAAVhZp0vq6IJGsf799CBK8R6eK1bPmnFPOKYDA3bavqFwFh88hpq 8No2gCa3XD6uUUCVivAJ8/k= X-Google-Smtp-Source: APXvYqzgpVhOrzUFGVjcgkdfbJn2zWj3DjYFVk9IQ6yewPjlo+lpOkSO2L33cAlBKQJvd/X0uIZPtw== X-Received: by 2002:a05:600c:34b:: with SMTP id u11mr1074911wmd.69.1582007642317; Mon, 17 Feb 2020 22:34:02 -0800 (PST) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: Helge Deller , qemu-devel@nongnu.org, Sven Schnelle Subject: [PATCH v2 4/4] hw/hppa/dino: Do not accept accesses to registers 0x818 and 0x82c Date: Tue, 18 Feb 2020 07:33:55 +0100 Message-Id: <20200218063355.18577-5-f4bug@amsat.org> X-Mailer: git-send-email 2.21.1 In-Reply-To: <20200218063355.18577-1-f4bug@amsat.org> References: <20200218063355.18577-1-f4bug@amsat.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::342 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Register 0x818 is documented as 'undefined', and register 0x82c is not documented. Refuse their access. Acked-by: Helge Deller Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- hw/hppa/dino.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hw/hppa/dino.c b/hw/hppa/dino.c index be799aad43..2b1b38c58a 100644 --- a/hw/hppa/dino.c +++ b/hw/hppa/dino.c @@ -181,7 +181,9 @@ static bool dino_chip_mem_valid(void *opaque, hwaddr ad= dr, case DINO_IO_ADDR_EN: case DINO_PCI_IO_DATA: case DINO_TOC_ADDR: - case DINO_GMASK ... DINO_TLTIM: + case DINO_GMASK ... DINO_PCISTS: + case DINO_MLTIM ... DINO_PCIWOR: + case DINO_TLTIM: ret =3D true; break; case DINO_PCI_IO_DATA + 2: --=20 2.21.1