Merge tag 'pull-target-arm-20240622' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* hw/net/can/xlnx-versal-canfd: Fix sorting of the tx queue
* hw/arm/xilinx_zynq: Fix IRQ/FIQ routing
* hw/intc/arm_gic: Fix deactivation of SPI lines
* hw/timer/a9gtimer: Handle QTest mode in a9_gtimer_get_current_cpu
* hw/misc: Set valid access size for Exynos4210 RNG
* hw/arm/sbsa-ref: switch to 1GHz timer frequency
* hw/arm/sbsa-ref: Enable CPU cluster on ARM sbsa machine
* hw/arm/virt: allow creation of a second NonSecure UART
* hw/arm/virt: Avoid unexpected warning from Linux guest on host with Fujitsu CPUs
* scripts/coverity-scan/COMPONENTS.md: update component regexes
* hw/usb/hcd-dwc2: Handle invalid address access in read and write functions
* hw/usb/hcd-ohci: Fix ohci_service_td: accept zero-length TDs where CBP=BE+1
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmZ2vigZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3mRzD/9+Upo0E9GoNE8FaZYk+xw9
# tB7V0C5RxZCW74ggjsoRSs2Mq45X+jzjT5cmlo3bCyj9z146eyOovcqroJHlggy7
# W3nqE7Yg6tUz6MEbrDq54BVNGmBdwY4kpYr5MvXrhtb9A+/QjaW8MqlmT5NCvUb+
# KZ+i4PTAF5dALCZblnqL5+9RYfwMOeR8R03ZbV2H0OCvO16N1rWsgoRzReVbpmy2
# LEXGber13O7HnSRiMjvxTn92yZBO+tgmLB5w6V4aaYKEhj3B0wTO+GVEUMz0Rmzw
# LunrZhtQql9MOrdJIvgPrrFRmGHamnNu3IV0750xrRPQ1mJlVevaaCpl1IlaVeXG
# /PnY8HWaDJgwlPMDZVga38KSVQavdC8/Uvdw816a0rBzbclAAUZSNf8cuNeJ7qmk
# 2CQp/C8vuarWH0Ut0Qav8uuepd5jDt5TT3crBPhxMRwxsNTsSgjXxe7s3jdVWe2C
# +z1sC/KnSmmFUwyu14GA4WsUdz05m4Mmixz4unXemMeexibUA3n4RSTiUYzTNcb4
# NmhEY4WbhuDtnSqqeSFyKtS5WCIG9A8YmcEzHWNsbaZAIEdS5QlxCSocbzG2mO6G
# zD/kWMn0nmYWejYgaT3LcL5BvkwmePV6u3jQNmVL8aQgG+OPZh7tvCR2gSMPWpml
# Y2pVvKZ+Tcx3GqZOUqKsrA==
# =oPnm
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 22 Jun 2024 05:06:00 AM PDT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg: aka "Peter Maydell <peter@archaic.org.uk>" [unknown]
* tag 'pull-target-arm-20240622' of https://git.linaro.org/people/pmaydell/qemu-arm:
hw/arm/sbsa-ref: Enable CPU cluster on ARM sbsa machine
hw/usb/hcd-ohci: Fix ohci_service_td: accept zero-length TDs where CBP=BE+1
hw/misc: Set valid access size for Exynos4210 RNG
hw/arm/virt: Avoid unexpected warning from Linux guest on host with Fujitsu CPUs
hw/arm/virt: allow creation of a second NonSecure UART
hw/arm/virt: Rename VIRT_UART and VIRT_SECURE_UART to VIRT_UART[01]
hw/arm/virt: Add serial aliases in DTB
hw/usb/hcd-dwc2: Handle invalid address access in read and write functions
hw/timer/a9gtimer: Handle QTest mode in a9_gtimer_get_current_cpu
scripts/coverity-scan/COMPONENTS.md: Include libqmp in testlibs
scripts/coverity-scan/COMPONENTS.md: Fix monitor component
scripts/coverity-scan/COMPONENTS.md: Add crypto headers in host/include to the crypto component
scripts/coverity-scan/COMPONENTS.md: Fix 'char' component
scripts/coverity-scan/COMPONENTS.md: Update paths to match gitlab CI
hw/arm/xilinx_zynq: Fix IRQ/FIQ routing
hw/intc/arm_gic: Fix deactivation of SPI lines
hw/arm/sbsa-ref: switch to 1GHz timer frequency
hw/net/can/xlnx-versal-canfd: Fix sorting of the tx queue
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
diff --git a/docs/system/arm/sbsa.rst b/docs/system/arm/sbsa.rst
index 2bf22a1..2bf3fc8 100644
--- a/docs/system/arm/sbsa.rst
+++ b/docs/system/arm/sbsa.rst
@@ -62,6 +62,7 @@
- platform version
- GIC addresses
- NUMA node id for CPUs and memory
+ - CPU topology information
Platform version
''''''''''''''''
@@ -88,3 +89,6 @@
0.3
The USB controller is an XHCI device, not EHCI.
+
+0.4
+ CPU topology information is present in devicetree.
diff --git a/docs/system/arm/virt.rst b/docs/system/arm/virt.rst
index 26fcba0..e67e7f0 100644
--- a/docs/system/arm/virt.rst
+++ b/docs/system/arm/virt.rst
@@ -26,7 +26,7 @@
- PCI/PCIe devices
- Flash memory
-- One PL011 UART
+- Either one or two PL011 UARTs for the NonSecure World
- An RTC
- The fw_cfg device that allows a guest to obtain data from QEMU
- A PL061 GPIO controller
@@ -48,6 +48,10 @@
- A secure flash memory
- 16MB of secure RAM
+The second NonSecure UART only exists if a backend is configured
+explicitly (e.g. with a second -serial command line option) and
+TrustZone emulation is not enabled.
+
Supported guest CPU types:
- ``cortex-a7`` (32-bit)
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
index e884692..ae37a92 100644
--- a/hw/arm/sbsa-ref.c
+++ b/hw/arm/sbsa-ref.c
@@ -62,16 +62,12 @@
/*
* Generic timer frequency in Hz (which drives both the CPU generic timers
- * and the SBSA watchdog-timer). Older versions of the TF-A firmware
- * typically used with sbsa-ref (including the binaries in our Avocado test
- * Aarch64SbsarefMachine.test_sbsaref_alpine_linux_max_pauth_impdef
- * assume it is this value.
+ * and the SBSA watchdog-timer). Older (<2.11) versions of the TF-A firmware
+ * assumed 62.5MHz here.
*
- * TODO: this value is not architecturally correct for an Armv8.6 or
- * better CPU, so we should move to 1GHz once the TF-A fix above has
- * made it into a release and into our Avocado test.
+ * Starting with Armv8.6 CPU 1GHz timer frequency is mandated.
*/
-#define SBSA_GTIMER_HZ 62500000
+#define SBSA_GTIMER_HZ 1000000000
enum {
SBSA_FLASH,
@@ -223,7 +219,7 @@
* fw compatibility.
*/
qemu_fdt_setprop_cell(fdt, "/", "machine-version-major", 0);
- qemu_fdt_setprop_cell(fdt, "/", "machine-version-minor", 3);
+ qemu_fdt_setprop_cell(fdt, "/", "machine-version-minor", 4);
if (ms->numa_state->have_numa_distance) {
int size = nb_numa_nodes * nb_numa_nodes * 3 * sizeof(uint32_t);
@@ -280,6 +276,14 @@
g_free(nodename);
}
+ /* Add CPU topology description through fdt node topology. */
+ qemu_fdt_add_subnode(sms->fdt, "/cpus/topology");
+
+ qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "sockets", ms->smp.sockets);
+ qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "clusters", ms->smp.clusters);
+ qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "cores", ms->smp.cores);
+ qemu_fdt_setprop_cell(sms->fdt, "/cpus/topology", "threads", ms->smp.threads);
+
sbsa_fdt_add_gic_node(sms);
}
@@ -902,6 +906,7 @@
mc->default_ram_size = 1 * GiB;
mc->default_ram_id = "sbsa-ref.ram";
mc->default_cpus = 4;
+ mc->smp_props.clusters_supported = true;
mc->possible_cpu_arch_ids = sbsa_ref_possible_cpu_arch_ids;
mc->cpu_index_to_instance_props = sbsa_ref_cpu_index_to_props;
mc->get_default_cpu_node_id = sbsa_ref_get_default_cpu_node_id;
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index c3ccfef..b2366f2 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -79,11 +79,11 @@
}
static void acpi_dsdt_add_uart(Aml *scope, const MemMapEntry *uart_memmap,
- uint32_t uart_irq)
+ uint32_t uart_irq, int uartidx)
{
- Aml *dev = aml_device("COM0");
+ Aml *dev = aml_device("COM%d", uartidx);
aml_append(dev, aml_name_decl("_HID", aml_string("ARMH0011")));
- aml_append(dev, aml_name_decl("_UID", aml_int(0)));
+ aml_append(dev, aml_name_decl("_UID", aml_int(uartidx)));
Aml *crs = aml_resource_template();
aml_append(crs, aml_memory32_fixed(uart_memmap->base,
@@ -440,10 +440,10 @@
.base_addr.width = 32,
.base_addr.offset = 0,
.base_addr.size = 3,
- .base_addr.addr = vms->memmap[VIRT_UART].base,
+ .base_addr.addr = vms->memmap[VIRT_UART0].base,
.interrupt_type = (1 << 3),/* Bit[3] ARMH GIC interrupt*/
.pc_interrupt = 0, /* IRQ */
- .interrupt = (vms->irqmap[VIRT_UART] + ARM_SPI_BASE),
+ .interrupt = (vms->irqmap[VIRT_UART0] + ARM_SPI_BASE),
.baud_rate = 3, /* 9600 */
.parity = 0, /* No Parity */
.stop_bits = 1, /* 1 Stop bit */
@@ -631,11 +631,11 @@
/* BaseAddressRegister[] */
build_append_gas(table_data, AML_AS_SYSTEM_MEMORY, 32, 0, 3,
- vms->memmap[VIRT_UART].base);
+ vms->memmap[VIRT_UART0].base);
/* AddressSize[] */
build_append_int_noprefix(table_data,
- vms->memmap[VIRT_UART].size, 4);
+ vms->memmap[VIRT_UART0].size, 4);
/* NamespaceString[] */
g_array_append_vals(table_data, name, namespace_length);
@@ -816,8 +816,12 @@
*/
scope = aml_scope("\\_SB");
acpi_dsdt_add_cpus(scope, vms);
- acpi_dsdt_add_uart(scope, &memmap[VIRT_UART],
- (irqmap[VIRT_UART] + ARM_SPI_BASE));
+ acpi_dsdt_add_uart(scope, &memmap[VIRT_UART0],
+ (irqmap[VIRT_UART0] + ARM_SPI_BASE), 0);
+ if (vms->second_ns_uart_present) {
+ acpi_dsdt_add_uart(scope, &memmap[VIRT_UART1],
+ (irqmap[VIRT_UART1] + ARM_SPI_BASE), 1);
+ }
if (vmc->acpi_expose_flash) {
acpi_dsdt_add_flash(scope, &memmap[VIRT_FLASH]);
}
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index c7a1f75..0784ee7 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -165,11 +165,11 @@
[VIRT_GIC_ITS] = { 0x08080000, 0x00020000 },
/* This redistributor space allows up to 2*64kB*123 CPUs */
[VIRT_GIC_REDIST] = { 0x080A0000, 0x00F60000 },
- [VIRT_UART] = { 0x09000000, 0x00001000 },
+ [VIRT_UART0] = { 0x09000000, 0x00001000 },
[VIRT_RTC] = { 0x09010000, 0x00001000 },
[VIRT_FW_CFG] = { 0x09020000, 0x00000018 },
[VIRT_GPIO] = { 0x09030000, 0x00001000 },
- [VIRT_SECURE_UART] = { 0x09040000, 0x00001000 },
+ [VIRT_UART1] = { 0x09040000, 0x00001000 },
[VIRT_SMMU] = { 0x09050000, 0x00020000 },
[VIRT_PCDIMM_ACPI] = { 0x09070000, MEMORY_HOTPLUG_IO_LEN },
[VIRT_ACPI_GED] = { 0x09080000, ACPI_GED_EVT_SEL_LEN },
@@ -212,11 +212,11 @@
};
static const int a15irqmap[] = {
- [VIRT_UART] = 1,
+ [VIRT_UART0] = 1,
[VIRT_RTC] = 2,
[VIRT_PCIE] = 3, /* ... to 6 */
[VIRT_GPIO] = 7,
- [VIRT_SECURE_UART] = 8,
+ [VIRT_UART1] = 8,
[VIRT_ACPI_GED] = 9,
[VIRT_MMIO] = 16, /* ...to 16 + NUM_VIRTIO_TRANSPORTS - 1 */
[VIRT_GIC_V2M] = 48, /* ...to 48 + NUM_GICV2M_SPIS - 1 */
@@ -271,6 +271,17 @@
qemu_fdt_setprop_cell(fdt, "/", "#size-cells", 0x2);
qemu_fdt_setprop_string(fdt, "/", "model", "linux,dummy-virt");
+ /*
+ * For QEMU, all DMA is coherent. Advertising this in the root node
+ * has two benefits:
+ *
+ * - It avoids potential bugs where we forget to mark a DMA
+ * capable device as being dma-coherent
+ * - It avoids spurious warnings from the Linux kernel about
+ * devices which can't do DMA at all
+ */
+ qemu_fdt_setprop(fdt, "/", "dma-coherent", NULL, 0);
+
/* /chosen must exist for load_dtb to fill in necessary properties later */
qemu_fdt_add_subnode(fdt, "/chosen");
if (vms->dtb_randomness) {
@@ -284,6 +295,8 @@
}
}
+ qemu_fdt_add_subnode(fdt, "/aliases");
+
/* Clock node, for the benefit of the UART. The kernel device tree
* binding documentation claims the PL011 node clock properties are
* optional but in practice if you omit them the kernel refuses to
@@ -904,7 +917,7 @@
}
static void create_uart(const VirtMachineState *vms, int uart,
- MemoryRegion *mem, Chardev *chr)
+ MemoryRegion *mem, Chardev *chr, bool secure)
{
char *nodename;
hwaddr base = vms->memmap[uart].base;
@@ -937,9 +950,13 @@
qemu_fdt_setprop(ms->fdt, nodename, "clock-names",
clocknames, sizeof(clocknames));
- if (uart == VIRT_UART) {
+ if (uart == VIRT_UART0) {
qemu_fdt_setprop_string(ms->fdt, "/chosen", "stdout-path", nodename);
+ qemu_fdt_setprop_string(ms->fdt, "/aliases", "serial0", nodename);
} else {
+ qemu_fdt_setprop_string(ms->fdt, "/aliases", "serial1", nodename);
+ }
+ if (secure) {
/* Mark as not usable by the normal world */
qemu_fdt_setprop_string(ms->fdt, nodename, "status", "disabled");
qemu_fdt_setprop_string(ms->fdt, nodename, "secure-status", "okay");
@@ -2313,11 +2330,41 @@
fdt_add_pmu_nodes(vms);
- create_uart(vms, VIRT_UART, sysmem, serial_hd(0));
+ /*
+ * The first UART always exists. If the security extensions are
+ * enabled, the second UART also always exists. Otherwise, it only exists
+ * if a backend is configured explicitly via '-serial <backend>'.
+ * This avoids potentially breaking existing user setups that expect
+ * only one NonSecure UART to be present (for instance, older EDK2
+ * binaries).
+ *
+ * The nodes end up in the DTB in reverse order of creation, so we must
+ * create UART0 last to ensure it appears as the first node in the DTB,
+ * for compatibility with guest software that just iterates through the
+ * DTB to find the first UART, as older versions of EDK2 do.
+ * DTB readers that follow the spec, as Linux does, should honour the
+ * aliases node information and /chosen/stdout-path regardless of
+ * the order that nodes appear in the DTB.
+ *
+ * For similar back-compatibility reasons, if UART1 is the secure UART
+ * we create it second (and so it appears first in the DTB), because
+ * that's what QEMU has always done.
+ */
+ if (!vms->secure) {
+ Chardev *serial1 = serial_hd(1);
+
+ if (serial1) {
+ vms->second_ns_uart_present = true;
+ create_uart(vms, VIRT_UART1, sysmem, serial1, false);
+ }
+ }
+ create_uart(vms, VIRT_UART0, sysmem, serial_hd(0), false);
+ if (vms->secure) {
+ create_uart(vms, VIRT_UART1, secure_sysmem, serial_hd(1), true);
+ }
if (vms->secure) {
create_secure_ram(vms, secure_sysmem, secure_tag_sysmem);
- create_uart(vms, VIRT_SECURE_UART, secure_sysmem, serial_hd(1));
}
if (tag_sysmem) {
diff --git a/hw/arm/xilinx_zynq.c b/hw/arm/xilinx_zynq.c
index 7f7a3d2..c79661b 100644
--- a/hw/arm/xilinx_zynq.c
+++ b/hw/arm/xilinx_zynq.c
@@ -252,10 +252,11 @@
zynq_binfo.gic_cpu_if_addr = MPCORE_PERIPHBASE + 0x100;
sysbus_create_varargs("l2x0", MPCORE_PERIPHBASE + 0x2000, NULL);
for (n = 0; n < smp_cpus; n++) {
+ /* See "hw/intc/arm_gic.h" for the IRQ line association */
DeviceState *cpudev = DEVICE(zynq_machine->cpu[n]);
- sysbus_connect_irq(busdev, (2 * n) + 0,
+ sysbus_connect_irq(busdev, n,
qdev_get_gpio_in(cpudev, ARM_CPU_IRQ));
- sysbus_connect_irq(busdev, (2 * n) + 1,
+ sysbus_connect_irq(busdev, smp_cpus + n,
qdev_get_gpio_in(cpudev, ARM_CPU_FIQ));
}
diff --git a/hw/intc/gic_internal.h b/hw/intc/gic_internal.h
index 8d29b40..8ddbf55 100644
--- a/hw/intc/gic_internal.h
+++ b/hw/intc/gic_internal.h
@@ -280,6 +280,8 @@
static inline void gic_clear_active(GICState *s, int irq, int cpu)
{
+ unsigned int cm;
+
if (gic_is_vcpu(cpu)) {
uint32_t *entry = gic_get_lr_entry(s, irq, cpu);
GICH_LR_CLEAR_ACTIVE(*entry);
@@ -301,11 +303,13 @@
* the GIC is secure.
*/
if (!s->security_extn || GIC_DIST_TEST_GROUP(phys_irq, 1 << rcpu)) {
- GIC_DIST_CLEAR_ACTIVE(phys_irq, 1 << rcpu);
+ cm = phys_irq < GIC_INTERNAL ? 1 << rcpu : ALL_CPU_MASK;
+ GIC_DIST_CLEAR_ACTIVE(phys_irq, cm);
}
}
} else {
- GIC_DIST_CLEAR_ACTIVE(irq, 1 << cpu);
+ cm = irq < GIC_INTERNAL ? 1 << cpu : ALL_CPU_MASK;
+ GIC_DIST_CLEAR_ACTIVE(irq, cm);
}
}
diff --git a/hw/misc/exynos4210_rng.c b/hw/misc/exynos4210_rng.c
index 0756bd3..674d8ee 100644
--- a/hw/misc/exynos4210_rng.c
+++ b/hw/misc/exynos4210_rng.c
@@ -217,6 +217,8 @@
.read = exynos4210_rng_read,
.write = exynos4210_rng_write,
.endianness = DEVICE_NATIVE_ENDIAN,
+ .valid.min_access_size = 4,
+ .valid.max_access_size = 4,
};
static void exynos4210_rng_reset(DeviceState *dev)
diff --git a/hw/net/can/xlnx-versal-canfd.c b/hw/net/can/xlnx-versal-canfd.c
index 47a14cf..5f083c2 100644
--- a/hw/net/can/xlnx-versal-canfd.c
+++ b/hw/net/can/xlnx-versal-canfd.c
@@ -1312,7 +1312,10 @@
tx_ready_reg_info *tx_reg_1 = (tx_ready_reg_info *) data1;
tx_ready_reg_info *tx_reg_2 = (tx_ready_reg_info *) data2;
- return tx_reg_1->can_id - tx_reg_2->can_id;
+ if (tx_reg_1->can_id == tx_reg_2->can_id) {
+ return (tx_reg_1->reg_num < tx_reg_2->reg_num) ? -1 : 1;
+ }
+ return (tx_reg_1->can_id < tx_reg_2->can_id) ? -1 : 1;
}
static void free_list(GSList *list)
diff --git a/hw/timer/a9gtimer.c b/hw/timer/a9gtimer.c
index a2ac5bd..64d80cd 100644
--- a/hw/timer/a9gtimer.c
+++ b/hw/timer/a9gtimer.c
@@ -32,6 +32,7 @@
#include "qemu/log.h"
#include "qemu/module.h"
#include "hw/core/cpu.h"
+#include "sysemu/qtest.h"
#ifndef A9_GTIMER_ERR_DEBUG
#define A9_GTIMER_ERR_DEBUG 0
@@ -48,6 +49,10 @@
static inline int a9_gtimer_get_current_cpu(A9GTimerState *s)
{
+ if (qtest_enabled()) {
+ return 0;
+ }
+
if (current_cpu->cpu_index >= s->num_cpu) {
hw_error("a9gtimer: num-cpu %d but this cpu is %d!\n",
s->num_cpu, current_cpu->cpu_index);
diff --git a/hw/usb/hcd-dwc2.c b/hw/usb/hcd-dwc2.c
index 8cac9c0..b4f0652 100644
--- a/hw/usb/hcd-dwc2.c
+++ b/hw/usb/hcd-dwc2.c
@@ -1128,7 +1128,10 @@
val = dwc2_pcgreg_read(ptr, addr, (addr - HSOTG_REG(0xe00)) >> 2, size);
break;
default:
- g_assert_not_reached();
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n",
+ __func__, addr);
+ val = 0;
+ break;
}
return val;
@@ -1160,7 +1163,9 @@
dwc2_pcgreg_write(ptr, addr, (addr - HSOTG_REG(0xe00)) >> 2, val, size);
break;
default:
- g_assert_not_reached();
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"HWADDR_PRIx"\n",
+ __func__, addr);
+ break;
}
}
diff --git a/hw/usb/hcd-ohci.c b/hw/usb/hcd-ohci.c
index acd6016..71b5491 100644
--- a/hw/usb/hcd-ohci.c
+++ b/hw/usb/hcd-ohci.c
@@ -941,8 +941,8 @@
if ((td.cbp & 0xfffff000) != (td.be & 0xfffff000)) {
len = (td.be & 0xfff) + 0x1001 - (td.cbp & 0xfff);
} else {
- if (td.cbp > td.be) {
- trace_usb_ohci_iso_td_bad_cc_overrun(td.cbp, td.be);
+ if (td.cbp - 1 > td.be) { /* rely on td.cbp != 0 */
+ trace_usb_ohci_td_bad_buf(td.cbp, td.be);
ohci_die(ohci);
return 1;
}
diff --git a/hw/usb/trace-events b/hw/usb/trace-events
index 4673271..dd04f14 100644
--- a/hw/usb/trace-events
+++ b/hw/usb/trace-events
@@ -29,6 +29,7 @@
usb_ohci_iso_td_nak(int ret) "got NAK/STALL %d"
usb_ohci_iso_td_bad_response(int ret) "Bad device response %d"
usb_ohci_td_bad_pid(const char *s, uint32_t edf, uint32_t tdf) "Bad pid %s: ed.flags 0x%x td.flags 0x%x"
+usb_ohci_td_bad_buf(uint32_t cbp, uint32_t be) "Bad cbp = 0x%x > be = 0x%x"
usb_ohci_port_attach(int index) "port #%d"
usb_ohci_port_detach(int index) "port #%d"
usb_ohci_port_wakeup(int index) "port #%d"
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
index bb486d3..ab961bb 100644
--- a/include/hw/arm/virt.h
+++ b/include/hw/arm/virt.h
@@ -59,7 +59,7 @@
VIRT_GIC_ITS,
VIRT_GIC_REDIST,
VIRT_SMMU,
- VIRT_UART,
+ VIRT_UART0,
VIRT_MMIO,
VIRT_RTC,
VIRT_FW_CFG,
@@ -69,7 +69,7 @@
VIRT_PCIE_ECAM,
VIRT_PLATFORM_BUS,
VIRT_GPIO,
- VIRT_SECURE_UART,
+ VIRT_UART1,
VIRT_SECURE_MEM,
VIRT_SECURE_GPIO,
VIRT_PCDIMM_ACPI,
@@ -151,6 +151,7 @@
bool ras;
bool mte;
bool dtb_randomness;
+ bool second_ns_uart_present;
OnOffAuto acpi;
VirtGICType gic_version;
VirtIOMMUType iommu;
diff --git a/scripts/coverity-scan/COMPONENTS.md b/scripts/coverity-scan/COMPONENTS.md
index 1537e49..858190b 100644
--- a/scripts/coverity-scan/COMPONENTS.md
+++ b/scripts/coverity-scan/COMPONENTS.md
@@ -1,157 +1,160 @@
This is the list of currently configured Coverity components:
alpha
- ~ (/qemu)?((/include)?/hw/alpha/.*|/target/alpha/.*)
+ ~ .*/qemu((/include)?/hw/alpha/.*|/target/alpha/.*)
arm
- ~ (/qemu)?((/include)?/hw/arm/.*|(/include)?/hw/.*/(arm|allwinner-a10|bcm28|digic|exynos|imx|omap|stellaris|pxa2xx|versatile|zynq|cadence).*|/hw/net/xgmac.c|/hw/ssi/xilinx_spips.c|/target/arm/.*)
+ ~ .*/qemu((/include)?/hw/arm/.*|(/include)?/hw/.*/(arm|allwinner-a10|bcm28|digic|exynos|imx|omap|stellaris|pxa2xx|versatile|zynq|cadence).*|/hw/net/xgmac.c|/hw/ssi/xilinx_spips.c|/target/arm/.*)
avr
- ~ (/qemu)?((/include)?/hw/avr/.*|/target/avr/.*)
+ ~ .*/qemu((/include)?/hw/avr/.*|/target/avr/.*)
cris
- ~ (/qemu)?((/include)?/hw/cris/.*|/target/cris/.*)
+ ~ .*/qemu((/include)?/hw/cris/.*|/target/cris/.*)
hexagon-gen (component should be ignored in analysis)
- ~ (/qemu)?(/target/hexagon/.*generated.*)
+ ~ .*/qemu(/target/hexagon/.*generated.*)
hexagon
- ~ (/qemu)?(/target/hexagon/.*)
+ ~ .*/qemu(/target/hexagon/.*)
hppa
- ~ (/qemu)?((/include)?/hw/hppa/.*|/target/hppa/.*)
+ ~ .*/qemu((/include)?/hw/hppa/.*|/target/hppa/.*)
i386
- ~ (/qemu)?((/include)?/hw/i386/.*|/target/i386/.*|/hw/intc/[^/]*apic[^/]*\.c)
+ ~ .*/qemu((/include)?/hw/i386/.*|/target/i386/.*|/hw/intc/[^/]*apic[^/]*\.c)
loongarch
- ~ (/qemu)?((/include)?/hw/(loongarch/.*|.*/loongarch.*)|/target/loongarch/.*)
+ ~ .*/qemu((/include)?/hw/(loongarch/.*|.*/loongarch.*)|/target/loongarch/.*)
m68k
- ~ (/qemu)?((/include)?/hw/m68k/.*|/target/m68k/.*|(/include)?/hw(/.*)?/mcf.*|(/include)?/hw/nubus/.*)
+ ~ .*/qemu((/include)?/hw/m68k/.*|/target/m68k/.*|(/include)?/hw(/.*)?/mcf.*|(/include)?/hw/nubus/.*)
microblaze
- ~ (/qemu)?((/include)?/hw/microblaze/.*|/target/microblaze/.*)
+ ~ .*/qemu((/include)?/hw/microblaze/.*|/target/microblaze/.*)
mips
- ~ (/qemu)?((/include)?/hw/mips/.*|/target/mips/.*)
+ ~ .*/qemu((/include)?/hw/mips/.*|/target/mips/.*)
openrisc
- ~ (/qemu)?((/include)?/hw/openrisc/.*|/target/openrisc/.*)
+ ~ .*/qemu((/include)?/hw/openrisc/.*|/target/openrisc/.*)
ppc
- ~ (/qemu)?((/include)?/hw/ppc/.*|/target/ppc/.*|/hw/pci-host/(uninorth.*|dec.*|prep.*|ppc.*)|/hw/misc/macio/.*|(/include)?/hw/.*/(xics|openpic|spapr).*)
+ ~ .*/qemu((/include)?/hw/ppc/.*|/target/ppc/.*|/hw/pci-host/(uninorth.*|dec.*|prep.*|ppc.*)|/hw/misc/macio/.*|(/include)?/hw/.*/(xics|openpic|spapr).*)
riscv
- ~ (/qemu)?((/include)?/hw/riscv/.*|/target/riscv/.*|/hw/.*/(riscv_|ibex_|sifive_).*)
+ ~ .*/qemu((/include)?/hw/riscv/.*|/target/riscv/.*|/hw/.*/(riscv_|ibex_|sifive_).*)
rx
- ~ (/qemu)?((/include)?/hw/rx/.*|/target/rx/.*)
+ ~ .*/qemu((/include)?/hw/rx/.*|/target/rx/.*)
s390
- ~ (/qemu)?((/include)?/hw/s390x/.*|/target/s390x/.*|/hw/.*/s390_.*)
+ ~ .*/qemu((/include)?/hw/s390x/.*|/target/s390x/.*|/hw/.*/s390_.*)
sh4
- ~ (/qemu)?((/include)?/hw/sh4/.*|/target/sh4/.*)
+ ~ .*/qemu((/include)?/hw/sh4/.*|/target/sh4/.*)
sparc
- ~ (/qemu)?((/include)?/hw/sparc(64)?.*|/target/sparc/.*|/hw/.*/grlib.*|/hw/display/cg3.c)
+ ~ .*/qemu((/include)?/hw/sparc(64)?.*|/target/sparc/.*|/hw/.*/grlib.*|/hw/display/cg3.c)
tricore
- ~ (/qemu)?((/include)?/hw/tricore/.*|/target/tricore/.*)
+ ~ .*/qemu((/include)?/hw/tricore/.*|/target/tricore/.*)
xtensa
- ~ (/qemu)?((/include)?/hw/xtensa/.*|/target/xtensa/.*)
+ ~ .*/qemu((/include)?/hw/xtensa/.*|/target/xtensa/.*)
9pfs
- ~ (/qemu)?(/hw/9pfs/.*|/fsdev/.*)
+ ~ .*/qemu(/hw/9pfs/.*|/fsdev/.*)
audio
- ~ (/qemu)?((/include)?/(audio|hw/audio)/.*)
+ ~ .*/qemu((/include)?/(audio|hw/audio)/.*)
block
- ~ (/qemu)?(/block.*|(/include?)/(block|storage-daemon)/.*|(/include)?/hw/(block|ide|nvme)/.*|/qemu-(img|io).*|/util/(aio|async|thread-pool).*)
+ ~ .*/qemu(/block.*|(/include?)/(block|storage-daemon)/.*|(/include)?/hw/(block|ide|nvme)/.*|/qemu-(img|io).*|/util/(aio|async|thread-pool).*)
char
- ~ (/qemu)?(/qemu-char\.c|/include/sysemu/char\.h|(/include)?/hw/char/.*)
+ ~ .*/qemu((/include)?/hw/char/.*)
+
+chardev
+ ~ .*/qemu((/include)?/chardev/.*)
crypto
- ~ (/qemu)?((/include)?/crypto/.*|/hw/.*/.*crypto.*|(/include/sysemu|/backends)/cryptodev.*)
+ ~ .*/qemu((/include)?/crypto/.*|/hw/.*/.*crypto.*|(/include/sysemu|/backends)/cryptodev.*|/host/include/.*/host/crypto/.*)
disas
- ~ (/qemu)?((/include)?/disas.*)
+ ~ .*/qemu((/include)?/disas.*)
fpu
- ~ (/qemu)?((/include)?(/fpu|/libdecnumber)/.*)
+ ~ .*/qemu((/include)?(/fpu|/libdecnumber)/.*)
io
- ~ (/qemu)?((/include)?/io/.*)
+ ~ .*/qemu((/include)?/io/.*)
ipmi
- ~ (/qemu)?((/include)?/hw/ipmi/.*)
+ ~ .*/qemu((/include)?/hw/ipmi/.*)
migration
- ~ (/qemu)?((/include)?/migration/.*)
+ ~ .*/qemu((/include)?/migration/.*)
monitor
- ~ (/qemu)?(/qapi.*|/qobject/.*|/monitor\..*|/[hq]mp\..*)
+ ~ .*/qemu((/include)?/(qapi|qobject|monitor)/.*|/job-qmp.c)
nbd
- ~ (/qemu)?(/nbd/.*|/include/block/nbd.*|/qemu-nbd\.c)
+ ~ .*/qemu(/nbd/.*|/include/block/nbd.*|/qemu-nbd\.c)
net
- ~ (/qemu)?((/include)?(/hw)?/(net|rdma)/.*)
+ ~ .*/qemu((/include)?(/hw)?/(net|rdma)/.*)
pci
- ~ (/qemu)?(/include)?/hw/(cxl/|pci).*
+ ~ .*/qemu(/include)?/hw/(cxl/|pci).*
qemu-ga
- ~ (/qemu)?(/qga/.*)
+ ~ .*/qemu(/qga/.*)
scsi
- ~ (/qemu)?(/scsi/.*|/hw/scsi/.*|/include/hw/scsi/.*)
+ ~ .*/qemu(/scsi/.*|/hw/scsi/.*|/include/hw/scsi/.*)
trace
- ~ (/qemu)?(/.*trace.*\.[ch])
+ ~ .*/qemu(/.*trace.*\.[ch])
ui
- ~ (/qemu)?((/include)?(/ui|/hw/display|/hw/input)/.*)
+ ~ .*/qemu((/include)?(/ui|/hw/display|/hw/input)/.*)
usb
- ~ (/qemu)?(/hw/usb/.*|/include/hw/usb/.*)
+ ~ .*/qemu(/hw/usb/.*|/include/hw/usb/.*)
user
- ~ (/qemu)?(/linux-user/.*|/bsd-user/.*|/user-exec\.c|/thunk\.c|/include/user/.*)
+ ~ .*/qemu(/linux-user/.*|/bsd-user/.*|/user-exec\.c|/thunk\.c|/include/user/.*)
util
- ~ (/qemu)?(/util/.*|/include/qemu/.*)
+ ~ .*/qemu(/util/.*|/include/qemu/.*)
vfio
- ~ (/qemu)?(/include)?/hw/vfio/.*
+ ~ .*/qemu(/include)?/hw/vfio/.*
virtio
- ~ (/qemu)?(/include)?/hw/virtio/.*
+ ~ .*/qemu(/include)?/hw/virtio/.*
xen
- ~ (/qemu)?(.*/xen.*)
+ ~ .*/qemu(.*/xen.*)
hvf
- ~ (/qemu)?(.*/hvf.*)
+ ~ .*/qemu(.*/hvf.*)
kvm
- ~ (/qemu)?(.*/kvm.*)
+ ~ .*/qemu(.*/kvm.*)
tcg
- ~ (/qemu)?(/accel/tcg|/replay|/tcg)/.*
+ ~ .*/qemu(/accel/tcg|/replay|/tcg)/.*
sysemu
- ~ (/qemu)?(/system/.*|/accel/.*)
+ ~ .*/qemu(/system/.*|/accel/.*)
(headers)
- ~ (/qemu)?(/include/.*)
+ ~ .*/qemu(/include/.*)
testlibs
- ~ (/qemu)?(/tests/qtest(/libqos/.*|/libqtest.*))
+ ~ .*/qemu(/tests/qtest(/libqos/.*|/libqtest.*|/libqmp.*))
tests
- ~ (/qemu)?(/tests/.*)
+ ~ .*/qemu(/tests/.*)
