[PULL v2 00/15] Renesas hardware patches for 2020-06-22

[PULL v2 00/15] Renesas hardware patches for 2020-06-22

[Philippe Mathieu-Daudé]

The following changes since commit 171199f56f5f9bdf1e5d670d09ef1351d8f01bae:

  Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-202=
00619-3' into staging (2020-06-22 14:45:25 +0100)

are available in the Git repository at:

  https://gitlab.com/philmd/qemu.git tags/renesas-hw-20200622

for you to fetch changes up to 4adbfa45cc3793fa85157a4813306618f6009f52:

  docs: Document the RX target (2020-06-22 18:37:12 +0200)

Since v1:
- Fixed format-string issue on 32-bit platforms

----------------------------------------------------------------
- Add a common entry for Renesas hardware in MAINTAINERS
- Trivial SH4 cleanups
- Add RX GDB simulator from Yoshinori Sato

The Renesas RX target emulation was added in commit c8c35e5f51,
these patches complete the target by adding the hardware emulation.

Thank you Yoshinori for adding this code to QEMU, and your patience
during the review process. Now your port is fully integrated.

CI results:
. https://cirrus-ci.com/build/6140199509950464
. https://travis-ci.org/github/philmd/qemu/builds/700954881
. https://app.shippable.com/github/philmd/qemu/runs/812/summary/console
----------------------------------------------------------------

$ git backport-diff -u renesas-hw-20200621
Key:
[----] : patches are identical
[####] : number of functional differences between upstream/downstream patch
[down] : patch is downstream-only
The flags [FC] indicate (F)unctional and (C)ontextual differences, respectively

001/15:[----] [--] 'MAINTAINERS: Cover sh_intc files in the R2D/Shix machine sections'
002/15:[----] [--] 'MAINTAINERS: Add an entry for common Renesas peripherals'
003/15:[----] [--] 'hw/sh4: Use MemoryRegion typedef'
004/15:[----] [--] 'hw/sh4: Extract timer definitions to 'hw/timer/tmu012.h''
005/15:[----] [--] 'hw/timer/sh_timer: Remove unused 'qemu/timer.h' include'
006/15:[----] [--] 'hw/intc: RX62N interrupt controller (ICUa)'
007/15:[----] [--] 'hw/timer: RX62N 8-Bit timer (TMR)'
008/15:[----] [--] 'hw/timer: RX62N compare match timer (CMT)'
009/15:[----] [--] 'hw/char: RX62N serial communication interface (SCI)'
010/15:[----] [--] 'hw/rx: RX62N microcontroller (MCU)'
011/15:[----] [--] 'hw/rx: Honor -accel qtest'
012/15:[----] [--] 'hw/rx: Register R5F562N7 and R5F562N8 MCUs'
013/15:[0006] [FC] 'hw/rx: Add RX GDB simulator'
014/15:[----] [--] 'BootLinuxConsoleTest: Test the RX GDB simulator'
015/15:[----] [--] 'docs: Document the RX target'

Philippe Mathieu-Daud=C3=A9 (7):
  MAINTAINERS: Cover sh_intc files in the R2D/Shix machine sections
  MAINTAINERS: Add an entry for common Renesas peripherals
  hw/sh4: Use MemoryRegion typedef
  hw/sh4: Extract timer definitions to 'hw/timer/tmu012.h'
  hw/timer/sh_timer: Remove unused 'qemu/timer.h' include
  hw/rx: Register R5F562N7 and R5F562N8 MCUs
  BootLinuxConsoleTest: Test the RX GDB simulator

Richard Henderson (1):
  hw/rx: Honor -accel qtest

Yoshinori Sato (7):
  hw/intc: RX62N interrupt controller (ICUa)
  hw/timer: RX62N 8-Bit timer (TMR)
  hw/timer: RX62N compare match timer (CMT)
  hw/char: RX62N serial communication interface (SCI)
  hw/rx: RX62N microcontroller (MCU)
  hw/rx: Add RX GDB simulator
  docs: Document the RX target

 docs/system/target-rx.rst             |  36 ++
 docs/system/targets.rst               |   1 +
 default-configs/rx-softmmu.mak        |   1 +
 include/hw/char/renesas_sci.h         |  51 +++
 include/hw/intc/rx_icu.h              |  76 ++++
 include/hw/rx/rx62n.h                 |  76 ++++
 include/hw/sh4/sh.h                   |  12 +-
 include/hw/timer/renesas_cmt.h        |  40 +++
 include/hw/timer/renesas_tmr.h        |  55 +++
 include/hw/timer/tmu012.h             |  23 ++
 hw/char/renesas_sci.c                 | 350 +++++++++++++++++++
 hw/intc/rx_icu.c                      | 397 +++++++++++++++++++++
 hw/rx/rx-gdbsim.c                     | 198 +++++++++++
 hw/rx/rx62n.c                         | 323 +++++++++++++++++
 hw/sh4/sh7750.c                       |   1 +
 hw/timer/renesas_cmt.c                | 283 +++++++++++++++
 hw/timer/renesas_tmr.c                | 477 ++++++++++++++++++++++++++
 hw/timer/sh_timer.c                   |   3 +-
 MAINTAINERS                           |  33 +-
 hw/Kconfig                            |   1 +
 hw/char/Kconfig                       |   3 +
 hw/char/Makefile.objs                 |   1 +
 hw/intc/Kconfig                       |   3 +
 hw/intc/Makefile.objs                 |   1 +
 hw/rx/Kconfig                         |  10 +
 hw/rx/Makefile.objs                   |   2 +
 hw/timer/Kconfig                      |   6 +
 hw/timer/Makefile.objs                |   2 +
 tests/acceptance/machine_rx_gdbsim.py |  68 ++++
 29 files changed, 2520 insertions(+), 13 deletions(-)
 create mode 100644 docs/system/target-rx.rst
 create mode 100644 include/hw/char/renesas_sci.h
 create mode 100644 include/hw/intc/rx_icu.h
 create mode 100644 include/hw/rx/rx62n.h
 create mode 100644 include/hw/timer/renesas_cmt.h
 create mode 100644 include/hw/timer/renesas_tmr.h
 create mode 100644 include/hw/timer/tmu012.h
 create mode 100644 hw/char/renesas_sci.c
 create mode 100644 hw/intc/rx_icu.c
 create mode 100644 hw/rx/rx-gdbsim.c
 create mode 100644 hw/rx/rx62n.c
 create mode 100644 hw/timer/renesas_cmt.c
 create mode 100644 hw/timer/renesas_tmr.c
 create mode 100644 hw/rx/Kconfig
 create mode 100644 hw/rx/Makefile.objs
 create mode 100644 tests/acceptance/machine_rx_gdbsim.py

--=20
2.21.3

[PULL v2 13/15] hw/rx: Add RX GDB simulator

[Philippe Mathieu-Daudé]

From: Yoshinori Sato <ysato@users.sourceforge.jp>

Add the RX machine internally simulated in GDB.

Signed-off-by: Yoshinori Sato <ysato@users.sourceforge.jp>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
[PMD: Use TYPE_RX62N_CPU, use #define for RX62N_NR_TMR/CMT/SCI,
 renamed CPU -> MCU, device -> microcontroller]
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200224141923.82118-18-ysato@users.sourceforge.jp>
[PMD: Split of MCU, rename gdbsim, Add gdbsim-r5f562n7/r5f562n8]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 default-configs/rx-softmmu.mak |   1 +
 include/hw/rx/rx62n.h          |   4 +
 hw/rx/rx-gdbsim.c              | 198 +++++++++++++++++++++++++++++++++
 MAINTAINERS                    |   7 ++
 hw/rx/Kconfig                  |   4 +
 hw/rx/Makefile.objs            |   1 +
 6 files changed, 215 insertions(+)
 create mode 100644 hw/rx/rx-gdbsim.c

diff --git a/default-configs/rx-softmmu.mak b/default-configs/rx-softmmu.mak
index 7c4eb2c1a0..df2b4e4f42 100644
--- a/default-configs/rx-softmmu.mak
+++ b/default-configs/rx-softmmu.mak
@@ -1,2 +1,3 @@
 # Default configuration for rx-softmmu
 
+CONFIG_RX_GDBSIM=y
diff --git a/include/hw/rx/rx62n.h b/include/hw/rx/rx62n.h
index 1d3e6a5cad..aa94758c27 100644
--- a/include/hw/rx/rx62n.h
+++ b/include/hw/rx/rx62n.h
@@ -37,6 +37,10 @@
 #define TYPE_R5F562N7_MCU "r5f562n7-mcu"
 #define TYPE_R5F562N8_MCU "r5f562n8-mcu"
 
+#define EXT_CS_BASE         0x01000000
+#define VECTOR_TABLE_BASE   0xffffff80
+#define RX62N_CFLASH_BASE   0xfff80000
+
 #define RX62N_NR_TMR    2
 #define RX62N_NR_CMT    2
 #define RX62N_NR_SCI    6
diff --git a/hw/rx/rx-gdbsim.c b/hw/rx/rx-gdbsim.c
new file mode 100644
index 0000000000..b8a56fa7af
--- /dev/null
+++ b/hw/rx/rx-gdbsim.c
@@ -0,0 +1,198 @@
+/*
+ * RX QEMU GDB simulator
+ *
+ * Copyright (c) 2019 Yoshinori Sato
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/cutils.h"
+#include "qemu/error-report.h"
+#include "qapi/error.h"
+#include "qemu-common.h"
+#include "cpu.h"
+#include "hw/hw.h"
+#include "hw/sysbus.h"
+#include "hw/loader.h"
+#include "hw/rx/rx62n.h"
+#include "sysemu/sysemu.h"
+#include "sysemu/qtest.h"
+#include "sysemu/device_tree.h"
+#include "hw/boards.h"
+
+/* Same address of GDB integrated simulator */
+#define SDRAM_BASE  EXT_CS_BASE
+
+typedef struct RxGdbSimMachineClass {
+    /*< private >*/
+    MachineClass parent_class;
+    /*< public >*/
+    const char *mcu_name;
+    uint32_t xtal_freq_hz;
+} RxGdbSimMachineClass;
+
+typedef struct RxGdbSimMachineState {
+    /*< private >*/
+    MachineState parent_obj;
+    /*< public >*/
+    RX62NState mcu;
+} RxGdbSimMachineState;
+
+#define TYPE_RX_GDBSIM_MACHINE MACHINE_TYPE_NAME("rx62n-common")
+
+#define RX_GDBSIM_MACHINE(obj) \
+    OBJECT_CHECK(RxGdbSimMachineState, (obj), TYPE_RX_GDBSIM_MACHINE)
+
+#define RX_GDBSIM_MACHINE_CLASS(klass) \
+    OBJECT_CLASS_CHECK(RxGdbSimMachineClass, (klass), TYPE_RX_GDBSIM_MACHINE)
+#define RX_GDBSIM_MACHINE_GET_CLASS(obj) \
+    OBJECT_GET_CLASS(RxGdbSimMachineClass, (obj), TYPE_RX_GDBSIM_MACHINE)
+
+static void rx_load_image(RXCPU *cpu, const char *filename,
+                          uint32_t start, uint32_t size)
+{
+    static uint32_t extable[32];
+    long kernel_size;
+    int i;
+
+    kernel_size = load_image_targphys(filename, start, size);
+    if (kernel_size < 0) {
+        fprintf(stderr, "qemu: could not load kernel '%s'\n", filename);
+        exit(1);
+    }
+    cpu->env.pc = start;
+
+    /* setup exception trap trampoline */
+    /* linux kernel only works little-endian mode */
+    for (i = 0; i < ARRAY_SIZE(extable); i++) {
+        extable[i] = cpu_to_le32(0x10 + i * 4);
+    }
+    rom_add_blob_fixed("extable", extable, sizeof(extable), VECTOR_TABLE_BASE);
+}
+
+static void rx_gdbsim_init(MachineState *machine)
+{
+    MachineClass *mc = MACHINE_GET_CLASS(machine);
+    RxGdbSimMachineState *s = RX_GDBSIM_MACHINE(machine);
+    RxGdbSimMachineClass *rxc = RX_GDBSIM_MACHINE_GET_CLASS(machine);
+    MemoryRegion *sysmem = get_system_memory();
+    const char *kernel_filename = machine->kernel_filename;
+    const char *dtb_filename = machine->dtb;
+
+    if (machine->ram_size < mc->default_ram_size) {
+        char *sz = size_to_str(mc->default_ram_size);
+        error_report("Invalid RAM size, should be more than %s", sz);
+        g_free(sz);
+    }
+
+    /* Allocate memory space */
+    memory_region_add_subregion(sysmem, SDRAM_BASE, machine->ram);
+
+    /* Initialize MCU */
+    object_initialize_child(OBJECT(machine), "mcu", &s->mcu, rxc->mcu_name);
+    object_property_set_link(OBJECT(&s->mcu), OBJECT(sysmem),
+                             "main-bus", &error_abort);
+    object_property_set_uint(OBJECT(&s->mcu), rxc->xtal_freq_hz,
+                             "xtal-frequency-hz", &error_abort);
+    object_property_set_bool(OBJECT(&s->mcu), kernel_filename != NULL,
+                             "load-kernel", &error_abort);
+    qdev_realize(DEVICE(&s->mcu), NULL, &error_abort);
+
+    /* Load kernel and dtb */
+    if (kernel_filename) {
+        ram_addr_t kernel_offset;
+
+        /*
+         * The kernel image is loaded into
+         * the latter half of the SDRAM space.
+         */
+        kernel_offset = machine->ram_size / 2;
+        rx_load_image(RXCPU(first_cpu), kernel_filename,
+                      SDRAM_BASE + kernel_offset, kernel_offset);
+        if (dtb_filename) {
+            ram_addr_t dtb_offset;
+            int dtb_size;
+            void *dtb;
+
+            dtb = load_device_tree(dtb_filename, &dtb_size);
+            if (dtb == NULL) {
+                error_report("Couldn't open dtb file %s", dtb_filename);
+                exit(1);
+            }
+            if (machine->kernel_cmdline &&
+                qemu_fdt_setprop_string(dtb, "/chosen", "bootargs",
+                                        machine->kernel_cmdline) < 0) {
+                error_report("Couldn't set /chosen/bootargs");
+                exit(1);
+            }
+            /* DTB is located at the end of SDRAM space. */
+            dtb_offset = machine->ram_size - dtb_size;
+            rom_add_blob_fixed("dtb", dtb, dtb_size,
+                               SDRAM_BASE + dtb_offset);
+            /* Set dtb address to R1 */
+            RXCPU(first_cpu)->env.regs[1] = SDRAM_BASE + dtb_offset;
+        }
+    }
+}
+
+static void rx_gdbsim_class_init(ObjectClass *oc, void *data)
+{
+    MachineClass *mc = MACHINE_CLASS(oc);
+
+    mc->init = rx_gdbsim_init;
+    mc->default_cpu_type = TYPE_RX62N_CPU;
+    mc->default_ram_size = 16 * MiB;
+    mc->default_ram_id = "ext-sdram";
+}
+
+static void rx62n7_class_init(ObjectClass *oc, void *data)
+{
+    RxGdbSimMachineClass *rxc = RX_GDBSIM_MACHINE_CLASS(oc);
+    MachineClass *mc = MACHINE_CLASS(oc);
+
+    rxc->mcu_name = TYPE_R5F562N7_MCU;
+    rxc->xtal_freq_hz = 12 * 1000 * 1000;
+    mc->desc = "gdb simulator (R5F562N7 MCU and external RAM)";
+};
+
+static void rx62n8_class_init(ObjectClass *oc, void *data)
+{
+    RxGdbSimMachineClass *rxc = RX_GDBSIM_MACHINE_CLASS(oc);
+    MachineClass *mc = MACHINE_CLASS(oc);
+
+    rxc->mcu_name = TYPE_R5F562N8_MCU;
+    rxc->xtal_freq_hz = 12 * 1000 * 1000;
+    mc->desc = "gdb simulator (R5F562N8 MCU and external RAM)";
+};
+
+static const TypeInfo rx_gdbsim_types[] = {
+    {
+        .name           = MACHINE_TYPE_NAME("gdbsim-r5f562n7"),
+        .parent         = TYPE_RX_GDBSIM_MACHINE,
+        .class_init     = rx62n7_class_init,
+    }, {
+        .name           = MACHINE_TYPE_NAME("gdbsim-r5f562n8"),
+        .parent         = TYPE_RX_GDBSIM_MACHINE,
+        .class_init     = rx62n8_class_init,
+    }, {
+        .name           = TYPE_RX_GDBSIM_MACHINE,
+        .parent         = TYPE_MACHINE,
+        .instance_size  = sizeof(RxGdbSimMachineState),
+        .class_size     = sizeof(RxGdbSimMachineClass),
+        .class_init     = rx_gdbsim_class_init,
+        .abstract       = true,
+     }
+};
+
+DEFINE_TYPES(rx_gdbsim_types)
diff --git a/MAINTAINERS b/MAINTAINERS
index 570807936c..dc0203784a 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1256,6 +1256,13 @@ F: include/hw/riscv/opentitan.h
 F: include/hw/char/ibex_uart.h
 F: include/hw/intc/ibex_plic.h
 
+RX Machines
+-----------
+rx-gdbsim
+M: Yoshinori Sato <ysato@users.sourceforge.jp>
+S: Maintained
+F: hw/rx/rx-gdbsim.c
+
 SH4 Machines
 ------------
 R2D
diff --git a/hw/rx/Kconfig b/hw/rx/Kconfig
index e7b1c59516..2b297c5a6a 100644
--- a/hw/rx/Kconfig
+++ b/hw/rx/Kconfig
@@ -4,3 +4,7 @@ config RX62N_MCU
     select RENESAS_TMR
     select RENESAS_CMT
     select RENESAS_SCI
+
+config RX_GDBSIM
+    bool
+    select RX62N_MCU
diff --git a/hw/rx/Makefile.objs b/hw/rx/Makefile.objs
index fe19ee7984..4ef6b9e5b1 100644
--- a/hw/rx/Makefile.objs
+++ b/hw/rx/Makefile.objs
@@ -1 +1,2 @@
 obj-$(CONFIG_RX62N_MCU) += rx62n.o
+obj-$(CONFIG_RX_GDBSIM) += rx-gdbsim.o
-- 
2.21.3

Re: [PULL v2 00/15] Renesas hardware patches for 2020-06-22

[Peter Maydell]

On Mon, 22 Jun 2020 at 20:19, Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
>
> The following changes since commit 171199f56f5f9bdf1e5d670d09ef1351d8f01bae:
>
>   Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-202=
> 00619-3' into staging (2020-06-22 14:45:25 +0100)
>
> are available in the Git repository at:
>
>   https://gitlab.com/philmd/qemu.git tags/renesas-hw-20200622
>
> for you to fetch changes up to 4adbfa45cc3793fa85157a4813306618f6009f52:
>
>   docs: Document the RX target (2020-06-22 18:37:12 +0200)
>
> Since v1:
> - Fixed format-string issue on 32-bit platforms
>
> ----------------------------------------------------------------
> - Add a common entry for Renesas hardware in MAINTAINERS
> - Trivial SH4 cleanups
> - Add RX GDB simulator from Yoshinori Sato
>
> The Renesas RX target emulation was added in commit c8c35e5f51,
> these patches complete the target by adding the hardware emulation.
>
> Thank you Yoshinori for adding this code to QEMU, and your patience
> during the review process. Now your port is fully integrated.
>
> CI results:
> . https://cirrus-ci.com/build/6140199509950464
> . https://travis-ci.org/github/philmd/qemu/builds/700954881
> . https://app.shippable.com/github/philmd/qemu/runs/812/summary/console
> ----------------------------------------------------------------


Applied, thanks.

Please update the changelog at https://wiki.qemu.org/ChangeLog/5.1
for any user-visible changes.

-- PMM

Re: [PULL v2 13/15] hw/rx: Add RX GDB simulator

[Peter Maydell]

On Mon, 22 Jun 2020 at 20:20, Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
>
> From: Yoshinori Sato <ysato@users.sourceforge.jp>
>
> Add the RX machine internally simulated in GDB.

Hi; Coverity points out a memory leak (CID 1432307) in this function:

> +static void rx_gdbsim_init(MachineState *machine)
> +{

> +        if (dtb_filename) {
> +            ram_addr_t dtb_offset;
> +            int dtb_size;
> +            void *dtb;
> +
> +            dtb = load_device_tree(dtb_filename, &dtb_size);

This allocates memory...

> +            if (dtb == NULL) {
> +                error_report("Couldn't open dtb file %s", dtb_filename);
> +                exit(1);
> +            }
> +            if (machine->kernel_cmdline &&
> +                qemu_fdt_setprop_string(dtb, "/chosen", "bootargs",
> +                                        machine->kernel_cmdline) < 0) {
> +                error_report("Couldn't set /chosen/bootargs");
> +                exit(1);
> +            }
> +            /* DTB is located at the end of SDRAM space. */
> +            dtb_offset = machine->ram_size - dtb_size;
> +            rom_add_blob_fixed("dtb", dtb, dtb_size,
> +                               SDRAM_BASE + dtb_offset);

...and rom_add_blob_fixed() copies that memory, it doesn't take
ownership of it, so after we've called it we need to
    g_free(fdt);

> +            /* Set dtb address to R1 */
> +            RXCPU(first_cpu)->env.regs[1] = SDRAM_BASE + dtb_offset;
> +        }
> +    }

thanks
-- PMM

Re: [PULL v2 13/15] hw/rx: Add RX GDB simulator

[Philippe Mathieu-Daudé]

Hi Yoshinori,

On 9/7/20 3:13 PM, Peter Maydell wrote:
> On Mon, 22 Jun 2020 at 20:20, Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
>>
>> From: Yoshinori Sato <ysato@users.sourceforge.jp>
>>
>> Add the RX machine internally simulated in GDB.
> 
> Hi; Coverity points out a memory leak (CID 1432307) in this function:
> 
>> +static void rx_gdbsim_init(MachineState *machine)
>> +{
> 
>> +        if (dtb_filename) {
>> +            ram_addr_t dtb_offset;
>> +            int dtb_size;
>> +            void *dtb;
>> +
>> +            dtb = load_device_tree(dtb_filename, &dtb_size);
> 
> This allocates memory...
> 
>> +            if (dtb == NULL) {
>> +                error_report("Couldn't open dtb file %s", dtb_filename);
>> +                exit(1);
>> +            }
>> +            if (machine->kernel_cmdline &&
>> +                qemu_fdt_setprop_string(dtb, "/chosen", "bootargs",
>> +                                        machine->kernel_cmdline) < 0) {
>> +                error_report("Couldn't set /chosen/bootargs");
>> +                exit(1);
>> +            }
>> +            /* DTB is located at the end of SDRAM space. */
>> +            dtb_offset = machine->ram_size - dtb_size;
>> +            rom_add_blob_fixed("dtb", dtb, dtb_size,
>> +                               SDRAM_BASE + dtb_offset);
> 
> ...and rom_add_blob_fixed() copies that memory, it doesn't take
> ownership of it, so after we've called it we need to
>     g_free(fdt);

Can you send a patch to fix this please?

> 
>> +            /* Set dtb address to R1 */
>> +            RXCPU(first_cpu)->env.regs[1] = SDRAM_BASE + dtb_offset;
>> +        }
>> +    }
> 
> thanks
> -- PMM
> 

Re: [PULL v2 13/15] hw/rx: Add RX GDB simulator

[Philippe Mathieu-Daudé]

On 9/9/20 7:56 PM, Philippe Mathieu-Daudé wrote:
> Hi Yoshinori,
> 
> On 9/7/20 3:13 PM, Peter Maydell wrote:
>> On Mon, 22 Jun 2020 at 20:20, Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
>>>
>>> From: Yoshinori Sato <ysato@users.sourceforge.jp>
>>>
>>> Add the RX machine internally simulated in GDB.
>>
>> Hi; Coverity points out a memory leak (CID 1432307) in this function:
>>
>>> +static void rx_gdbsim_init(MachineState *machine)
>>> +{
>>
>>> +        if (dtb_filename) {
>>> +            ram_addr_t dtb_offset;
>>> +            int dtb_size;
>>> +            void *dtb;
>>> +
>>> +            dtb = load_device_tree(dtb_filename, &dtb_size);
>>
>> This allocates memory...
>>
>>> +            if (dtb == NULL) {
>>> +                error_report("Couldn't open dtb file %s", dtb_filename);
>>> +                exit(1);
>>> +            }
>>> +            if (machine->kernel_cmdline &&
>>> +                qemu_fdt_setprop_string(dtb, "/chosen", "bootargs",
>>> +                                        machine->kernel_cmdline) < 0) {
>>> +                error_report("Couldn't set /chosen/bootargs");
>>> +                exit(1);
>>> +            }
>>> +            /* DTB is located at the end of SDRAM space. */
>>> +            dtb_offset = machine->ram_size - dtb_size;
>>> +            rom_add_blob_fixed("dtb", dtb, dtb_size,
>>> +                               SDRAM_BASE + dtb_offset);
>>
>> ...and rom_add_blob_fixed() copies that memory, it doesn't take
>> ownership of it, so after we've called it we need to
>>     g_free(fdt);
> 
> Can you send a patch to fix this please?

ping?

> 
>>
>>> +            /* Set dtb address to R1 */
>>> +            RXCPU(first_cpu)->env.regs[1] = SDRAM_BASE + dtb_offset;
>>> +        }
>>> +    }
>>
>> thanks
>> -- PMM
>>
>