Commit 21d3cac1ab for qemu.org
commit 21d3cac1abbc74d7b39245fcc8f811061fb18290
Author: Peter Maydell <peter.maydell@linaro.org>
Date: Thu Jan 15 15:26:30 2026 +0000
hw/arm/omap1: Remove omap_badwidth_read* calls
The omap_badwidth_read* and omap_badwidth_write* functions are
used by various OMAP devices when the guest makes an access
to registers with an invalid width; they do two things:
- log a GUEST_ERROR for the access
- call cpu_physical_memory_read() or cpu_physical_memory_write()
with the offset they are passed in
The first of these produces an unhelpful log message because the
function name that is printed is that of the omap-badwidth_*
function, not that of the read or write function of the device that
called it; this means you can't tell what device is involved.
The second is wrong because the offset is an offset into the device
but we use it as an absolute physical address, so we will access
whatever is at low memory. That happens to be the boot ROM, so we
will ignore a write and return random garbage on a read. This bug
has been present since 2011, when we did the conversions to the
MemoryRegion APIs, which involved changing all devices from working
with absolute physical addresses to working with offsets within their
MemoryRegions. We must have missed updating these functions.
Replace the uses of the omap_badwidth_read* functions in omap1.c with
an open-coded call to qemu_log_mask() and RAZ/WI behaviour.
We do just the reads here because there are a lot of callsites in
omap1.c; the writes will be done in the next commit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff --git a/hw/arm/omap1.c b/hw/arm/omap1.c
index 9ca8eecfa0..742ee48fcf 100644
--- a/hw/arm/omap1.c
+++ b/hw/arm/omap1.c
@@ -209,7 +209,9 @@ static uint64_t omap_mpu_timer_read(void *opaque, hwaddr addr,
struct omap_mpu_timer_s *s = opaque;
if (size != 4) {
- return omap_badwidth_read32(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -315,7 +317,9 @@ static uint64_t omap_wd_timer_read(void *opaque, hwaddr addr,
struct omap_watchdog_timer_s *s = opaque;
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -439,7 +443,9 @@ static uint64_t omap_os_timer_read(void *opaque, hwaddr addr,
int offset = addr & OMAP_MPUI_REG_MASK;
if (size != 4) {
- return omap_badwidth_read32(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -540,7 +546,9 @@ static uint64_t omap_ulpd_pm_read(void *opaque, hwaddr addr,
uint16_t ret;
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -772,7 +780,9 @@ static uint64_t omap_pin_cfg_read(void *opaque, hwaddr addr,
struct omap_mpu_state_s *s = opaque;
if (size != 4) {
- return omap_badwidth_read32(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -995,7 +1005,9 @@ static uint64_t omap_id_read(void *opaque, hwaddr addr,
struct omap_mpu_state_s *s = opaque;
if (size != 4) {
- return omap_badwidth_read32(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -1077,7 +1089,9 @@ static uint64_t omap_mpui_read(void *opaque, hwaddr addr,
struct omap_mpu_state_s *s = opaque;
if (size != 4) {
- return omap_badwidth_read32(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -1175,7 +1189,9 @@ static uint64_t omap_tipb_bridge_read(void *opaque, hwaddr addr,
struct omap_tipb_bridge_s *s = opaque;
if (size < 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -1277,7 +1293,9 @@ static uint64_t omap_tcmi_read(void *opaque, hwaddr addr,
uint32_t ret;
if (size != 4) {
- return omap_badwidth_read32(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -1391,7 +1409,9 @@ static uint64_t omap_dpll_read(void *opaque, hwaddr addr,
struct dpll_ctl_s *s = opaque;
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
if (addr == 0x00) /* CTL_REG */
@@ -1471,7 +1491,9 @@ static uint64_t omap_clkm_read(void *opaque, hwaddr addr,
struct omap_mpu_state_s *s = opaque;
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -1764,7 +1786,9 @@ static uint64_t omap_clkdsp_read(void *opaque, hwaddr addr,
CPUState *cpu = CPU(s->cpu);
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (addr) {
@@ -1956,7 +1980,9 @@ static uint64_t omap_mpuio_read(void *opaque, hwaddr addr,
uint16_t ret;
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -2206,7 +2232,9 @@ static uint64_t omap_uwire_read(void *opaque, hwaddr addr, unsigned size)
int offset = addr & OMAP_MPUI_REG_MASK;
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -2347,7 +2375,9 @@ static uint64_t omap_pwl_read(void *opaque, hwaddr addr, unsigned size)
int offset = addr & OMAP_MPUI_REG_MASK;
if (size != 1) {
- return omap_badwidth_read8(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -2440,7 +2470,9 @@ static uint64_t omap_pwt_read(void *opaque, hwaddr addr, unsigned size)
int offset = addr & OMAP_MPUI_REG_MASK;
if (size != 1) {
- return omap_badwidth_read8(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -2574,7 +2606,9 @@ static uint64_t omap_rtc_read(void *opaque, hwaddr addr, unsigned size)
uint8_t i;
if (size != 1) {
- return omap_badwidth_read8(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -3118,7 +3152,9 @@ static uint64_t omap_mcbsp_read(void *opaque, hwaddr addr,
uint16_t ret;
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -3547,7 +3583,9 @@ static uint64_t omap_lpg_read(void *opaque, hwaddr addr, unsigned size)
int offset = addr & OMAP_MPUI_REG_MASK;
if (size != 1) {
- return omap_badwidth_read8(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
switch (offset) {
@@ -3628,7 +3666,9 @@ static uint64_t omap_mpui_io_read(void *opaque, hwaddr addr,
unsigned size)
{
if (size != 2) {
- return omap_badwidth_read16(opaque, addr);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: read at offset 0x%" HWADDR_PRIx
+ " with bad width %d\n", __func__, addr, size);
+ return 0;
}
if (addr == OMAP_MPUI_BASE) /* CMR */