From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-arm@nongnu.org, qemu-devel@nongnu.org
Subject: [PATCH for-11.0 0/7] hw/arm/omap: Remove omap_badwidth_* functions
Date: Wed, 10 Dec 2025 18:36:53 +0000 [thread overview]
Message-ID: <20251210183700.3446237-1-peter.maydell@linaro.org> (raw)
The omap_badwidth_read* and omap_badwidth_write* functions are
used by various OMAP devices when the guest makes an access
to registers with an invalid width. They do two things:
- log a GUEST_ERROR for the access
- call cpu_physical_memory_read() or cpu_physical_memory_write()
with the offset they are passed in
The first of these produces an unhelpful log message because the
function name that is printed is that of the omap_badwidth_*
function, not that of the read or write function of the device that
called it; this means you can't tell what device is involved.
The second is wrong because the offset is an offset into the device
but we use it as an absolute physical address, so we will access
whatever is at low memory. That happens to be the boot ROM, so we
will ignore a write and return random garbage on a read. This bug
has been present since 2011, when we did the conversions to the
MemoryRegion APIs, which involved changing all devices from working
with absolute physical addresses to working with offsets within their
MemoryRegions. We must have missed updating these functions.
At this point it is unclear what the original intention was in feeding
these bad accesses back into the memory system. Rather than trying to
make them do that again, this series replaces them with open-coded
calls to qemu_log_mask() and RAZ/WI behaviour, and then removes
the implementations.
The benefit of this is that we remove a callsite of
cpu_physical_memory_read/write that was doing something badly
wrong anyway.
thanks
-- PMM
Peter Maydell (7):
hw/sd/omap_mmc: Remove omap_badwidth_* calls
hw/i2c/omap_i2c: Remove omap_badwidth_* calls
hw/gpio/omap_gpio: Remove omap_badwidth_* calls
hw/dma/omap_dma: Remove omap_badwidth_* calls
hw/arm/omap1: Remove omap_badwidth_read* calls
hw/arm/omap1: Remove omap_badwidth_write* calls
hw/arm/omap1: Remove omap_badwidth_* implementations
include/hw/arm/omap.h | 10 ---
hw/arm/omap1.c | 203 +++++++++++++++++++++---------------------
hw/dma/omap_dma.c | 7 +-
hw/gpio/omap_gpio.c | 7 +-
hw/i2c/omap_i2c.c | 7 +-
hw/sd/omap_mmc.c | 7 +-
6 files changed, 122 insertions(+), 119 deletions(-)
--
2.43.0
next reply other threads:[~2025-12-10 18:37 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-10 18:36 Peter Maydell [this message]
2025-12-10 18:36 ` [PATCH for-11.0 1/7] hw/sd/omap_mmc: Remove omap_badwidth_* calls Peter Maydell
2025-12-10 18:36 ` [PATCH for-11.0 2/7] hw/i2c/omap_i2c: " Peter Maydell
2025-12-10 18:36 ` [PATCH for-11.0 3/7] hw/gpio/omap_gpio: " Peter Maydell
2025-12-10 18:36 ` [PATCH for-11.0 4/7] hw/dma/omap_dma: " Peter Maydell
2025-12-10 18:36 ` [PATCH for-11.0 5/7] hw/arm/omap1: Remove omap_badwidth_read* calls Peter Maydell
2025-12-10 18:36 ` [PATCH for-11.0 6/7] hw/arm/omap1: Remove omap_badwidth_write* calls Peter Maydell
2025-12-10 18:37 ` [PATCH for-11.0 7/7] hw/arm/omap1: Remove omap_badwidth_* implementations Peter Maydell
2025-12-11 15:18 ` [PATCH for-11.0 0/7] hw/arm/omap: Remove omap_badwidth_* functions Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251210183700.3446237-1-peter.maydell@linaro.org \
--to=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).