hw/timer/ibex_timer.c | 14 +++++--------- include/hw/timer/ibex_timer.h | 1 - 2 files changed, 5 insertions(+), 10 deletions(-)
From: Wilfred Mallawa <wilfred.mallawa@wdc.com>
This change fixes a bug where a write only register is read.
As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
the 'INTR_TEST0' register is write only.
Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
---
hw/timer/ibex_timer.c | 14 +++++---------
include/hw/timer/ibex_timer.h | 1 -
2 files changed, 5 insertions(+), 10 deletions(-)
diff --git a/hw/timer/ibex_timer.c b/hw/timer/ibex_timer.c
index 66e1f8e48c..826c38b653 100644
--- a/hw/timer/ibex_timer.c
+++ b/hw/timer/ibex_timer.c
@@ -130,7 +130,6 @@ static void ibex_timer_reset(DeviceState *dev)
s->timer_compare_upper0 = 0xFFFFFFFF;
s->timer_intr_enable = 0x00000000;
s->timer_intr_state = 0x00000000;
- s->timer_intr_test = 0x00000000;
ibex_timer_update_irqs(s);
}
@@ -168,7 +167,8 @@ static uint64_t ibex_timer_read(void *opaque, hwaddr addr,
retvalue = s->timer_intr_state;
break;
case R_INTR_TEST:
- retvalue = s->timer_intr_test;
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "Attempted to read INTR_TEST, a write only register");
break;
default:
qemu_log_mask(LOG_GUEST_ERROR,
@@ -215,10 +215,7 @@ static void ibex_timer_write(void *opaque, hwaddr addr,
s->timer_intr_state &= ~val;
break;
case R_INTR_TEST:
- s->timer_intr_test = val;
- if (s->timer_intr_enable &
- s->timer_intr_test &
- R_INTR_ENABLE_IE_0_MASK) {
+ if (s->timer_intr_enable & val & R_INTR_ENABLE_IE_0_MASK) {
s->timer_intr_state |= R_INTR_STATE_IS_0_MASK;
qemu_set_irq(s->irq, true);
}
@@ -247,8 +244,8 @@ static int ibex_timer_post_load(void *opaque, int version_id)
static const VMStateDescription vmstate_ibex_timer = {
.name = TYPE_IBEX_TIMER,
- .version_id = 1,
- .minimum_version_id = 1,
+ .version_id = 2,
+ .minimum_version_id = 2,
.post_load = ibex_timer_post_load,
.fields = (VMStateField[]) {
VMSTATE_UINT32(timer_ctrl, IbexTimerState),
@@ -257,7 +254,6 @@ static const VMStateDescription vmstate_ibex_timer = {
VMSTATE_UINT32(timer_compare_upper0, IbexTimerState),
VMSTATE_UINT32(timer_intr_enable, IbexTimerState),
VMSTATE_UINT32(timer_intr_state, IbexTimerState),
- VMSTATE_UINT32(timer_intr_test, IbexTimerState),
VMSTATE_END_OF_LIST()
}
};
diff --git a/include/hw/timer/ibex_timer.h b/include/hw/timer/ibex_timer.h
index b6f69b38ee..1a0a28d5fa 100644
--- a/include/hw/timer/ibex_timer.h
+++ b/include/hw/timer/ibex_timer.h
@@ -43,7 +43,6 @@ struct IbexTimerState {
uint32_t timer_compare_upper0;
uint32_t timer_intr_enable;
uint32_t timer_intr_state;
- uint32_t timer_intr_test;
uint32_t timebase_freq;
--
2.34.1
On Mon, Jan 10, 2022 at 1:16 PM Alistair Francis <alistair.francis@opensource.wdc.com> wrote: > > From: Wilfred Mallawa <wilfred.mallawa@wdc.com> > > This change fixes a bug where a write only register is read. > As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table > the 'INTR_TEST0' register is write only. > > Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com> > --- > hw/timer/ibex_timer.c | 14 +++++--------- > include/hw/timer/ibex_timer.h | 1 - > 2 files changed, 5 insertions(+), 10 deletions(-) > Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
On Mon, Jan 10, 2022 at 3:16 PM Alistair Francis
<alistair.francis@opensource.wdc.com> wrote:
>
> From: Wilfred Mallawa <wilfred.mallawa@wdc.com>
>
> This change fixes a bug where a write only register is read.
> As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
> the 'INTR_TEST0' register is write only.
>
> Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
Thanks for the patch!
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Alistair
> ---
> hw/timer/ibex_timer.c | 14 +++++---------
> include/hw/timer/ibex_timer.h | 1 -
> 2 files changed, 5 insertions(+), 10 deletions(-)
>
> diff --git a/hw/timer/ibex_timer.c b/hw/timer/ibex_timer.c
> index 66e1f8e48c..826c38b653 100644
> --- a/hw/timer/ibex_timer.c
> +++ b/hw/timer/ibex_timer.c
> @@ -130,7 +130,6 @@ static void ibex_timer_reset(DeviceState *dev)
> s->timer_compare_upper0 = 0xFFFFFFFF;
> s->timer_intr_enable = 0x00000000;
> s->timer_intr_state = 0x00000000;
> - s->timer_intr_test = 0x00000000;
>
> ibex_timer_update_irqs(s);
> }
> @@ -168,7 +167,8 @@ static uint64_t ibex_timer_read(void *opaque, hwaddr addr,
> retvalue = s->timer_intr_state;
> break;
> case R_INTR_TEST:
> - retvalue = s->timer_intr_test;
> + qemu_log_mask(LOG_GUEST_ERROR,
> + "Attempted to read INTR_TEST, a write only register");
> break;
> default:
> qemu_log_mask(LOG_GUEST_ERROR,
> @@ -215,10 +215,7 @@ static void ibex_timer_write(void *opaque, hwaddr addr,
> s->timer_intr_state &= ~val;
> break;
> case R_INTR_TEST:
> - s->timer_intr_test = val;
> - if (s->timer_intr_enable &
> - s->timer_intr_test &
> - R_INTR_ENABLE_IE_0_MASK) {
> + if (s->timer_intr_enable & val & R_INTR_ENABLE_IE_0_MASK) {
> s->timer_intr_state |= R_INTR_STATE_IS_0_MASK;
> qemu_set_irq(s->irq, true);
> }
> @@ -247,8 +244,8 @@ static int ibex_timer_post_load(void *opaque, int version_id)
>
> static const VMStateDescription vmstate_ibex_timer = {
> .name = TYPE_IBEX_TIMER,
> - .version_id = 1,
> - .minimum_version_id = 1,
> + .version_id = 2,
> + .minimum_version_id = 2,
> .post_load = ibex_timer_post_load,
> .fields = (VMStateField[]) {
> VMSTATE_UINT32(timer_ctrl, IbexTimerState),
> @@ -257,7 +254,6 @@ static const VMStateDescription vmstate_ibex_timer = {
> VMSTATE_UINT32(timer_compare_upper0, IbexTimerState),
> VMSTATE_UINT32(timer_intr_enable, IbexTimerState),
> VMSTATE_UINT32(timer_intr_state, IbexTimerState),
> - VMSTATE_UINT32(timer_intr_test, IbexTimerState),
> VMSTATE_END_OF_LIST()
> }
> };
> diff --git a/include/hw/timer/ibex_timer.h b/include/hw/timer/ibex_timer.h
> index b6f69b38ee..1a0a28d5fa 100644
> --- a/include/hw/timer/ibex_timer.h
> +++ b/include/hw/timer/ibex_timer.h
> @@ -43,7 +43,6 @@ struct IbexTimerState {
> uint32_t timer_compare_upper0;
> uint32_t timer_intr_enable;
> uint32_t timer_intr_state;
> - uint32_t timer_intr_test;
>
> uint32_t timebase_freq;
>
> --
> 2.34.1
>
On 1/10/22 06:16, Alistair Francis wrote: > From: Wilfred Mallawa <wilfred.mallawa@wdc.com> > > This change fixes a bug where a write only register is read. > As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table > the 'INTR_TEST0' register is write only. > > Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com> > --- > hw/timer/ibex_timer.c | 14 +++++--------- > include/hw/timer/ibex_timer.h | 1 - > 2 files changed, 5 insertions(+), 10 deletions(-) Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
On Mon, Jan 10, 2022 at 3:16 PM Alistair Francis
<alistair.francis@opensource.wdc.com> wrote:
>
> From: Wilfred Mallawa <wilfred.mallawa@wdc.com>
>
> This change fixes a bug where a write only register is read.
> As per https://docs.opentitan.org/hw/ip/rv_timer/doc/#register-table
> the 'INTR_TEST0' register is write only.
>
> Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
Thanks!
Applied to riscv-to-apply.next
Alistair
> ---
> hw/timer/ibex_timer.c | 14 +++++---------
> include/hw/timer/ibex_timer.h | 1 -
> 2 files changed, 5 insertions(+), 10 deletions(-)
>
> diff --git a/hw/timer/ibex_timer.c b/hw/timer/ibex_timer.c
> index 66e1f8e48c..826c38b653 100644
> --- a/hw/timer/ibex_timer.c
> +++ b/hw/timer/ibex_timer.c
> @@ -130,7 +130,6 @@ static void ibex_timer_reset(DeviceState *dev)
> s->timer_compare_upper0 = 0xFFFFFFFF;
> s->timer_intr_enable = 0x00000000;
> s->timer_intr_state = 0x00000000;
> - s->timer_intr_test = 0x00000000;
>
> ibex_timer_update_irqs(s);
> }
> @@ -168,7 +167,8 @@ static uint64_t ibex_timer_read(void *opaque, hwaddr addr,
> retvalue = s->timer_intr_state;
> break;
> case R_INTR_TEST:
> - retvalue = s->timer_intr_test;
> + qemu_log_mask(LOG_GUEST_ERROR,
> + "Attempted to read INTR_TEST, a write only register");
> break;
> default:
> qemu_log_mask(LOG_GUEST_ERROR,
> @@ -215,10 +215,7 @@ static void ibex_timer_write(void *opaque, hwaddr addr,
> s->timer_intr_state &= ~val;
> break;
> case R_INTR_TEST:
> - s->timer_intr_test = val;
> - if (s->timer_intr_enable &
> - s->timer_intr_test &
> - R_INTR_ENABLE_IE_0_MASK) {
> + if (s->timer_intr_enable & val & R_INTR_ENABLE_IE_0_MASK) {
> s->timer_intr_state |= R_INTR_STATE_IS_0_MASK;
> qemu_set_irq(s->irq, true);
> }
> @@ -247,8 +244,8 @@ static int ibex_timer_post_load(void *opaque, int version_id)
>
> static const VMStateDescription vmstate_ibex_timer = {
> .name = TYPE_IBEX_TIMER,
> - .version_id = 1,
> - .minimum_version_id = 1,
> + .version_id = 2,
> + .minimum_version_id = 2,
> .post_load = ibex_timer_post_load,
> .fields = (VMStateField[]) {
> VMSTATE_UINT32(timer_ctrl, IbexTimerState),
> @@ -257,7 +254,6 @@ static const VMStateDescription vmstate_ibex_timer = {
> VMSTATE_UINT32(timer_compare_upper0, IbexTimerState),
> VMSTATE_UINT32(timer_intr_enable, IbexTimerState),
> VMSTATE_UINT32(timer_intr_state, IbexTimerState),
> - VMSTATE_UINT32(timer_intr_test, IbexTimerState),
> VMSTATE_END_OF_LIST()
> }
> };
> diff --git a/include/hw/timer/ibex_timer.h b/include/hw/timer/ibex_timer.h
> index b6f69b38ee..1a0a28d5fa 100644
> --- a/include/hw/timer/ibex_timer.h
> +++ b/include/hw/timer/ibex_timer.h
> @@ -43,7 +43,6 @@ struct IbexTimerState {
> uint32_t timer_compare_upper0;
> uint32_t timer_intr_enable;
> uint32_t timer_intr_state;
> - uint32_t timer_intr_test;
>
> uint32_t timebase_freq;
>
> --
> 2.34.1
>
© 2016 - 2024 Red Hat, Inc.