coreboot

coreboot@coreboot.org

12 participants
39011 discussions

New Defects reported by Coverity Scan for coreboot
by scan-admin＠coverity.com 23 Sep '22

23 Sep '22

Hi, Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan. 1 new defect(s) introduced to coreboot found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1487474: Uninitialized variables (UNINIT) ________________________________________________________________________________________________________ *** CID 1487474: Uninitialized variables (UNINIT) /src/soc/intel/apollolake/cse.c: 82 in read_cse_file() 76 msg.flags = flags; 77 msg.data_size = *size; 78 msg.offset = offset; 79 80 reply_size = sizeof(rmsg); 81 >>> CID 1487474: Uninitialized variables (UNINIT) >>> Using uninitialized value "msg". Field "msg.hdr.is_resp" is uninitialized when calling "heci_send_receive". 82 if (heci_send_receive(&msg, sizeof(msg), &rmsg, &reply_size, HECI_MKHI_ADDR)) { 83 printk(BIOS_ERR, "HECI: Failed to read file\n"); 84 return 0; 85 } 86 87 if (rmsg.data_size > *size) { ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 0

coreboot 4.18 release planned for October 5th
by Zeh, Werner 21 Sep '22

21 Sep '22

Dear coreboot community. According to our schedule for releases we are a bit behind now and therefore we would like to announce that the next release will happen in two weeks from now on 5th October 2022. So please test the current tree as much as you can do and avoid introducing new heavy features until we publish 4.18. Thanks Werner & Martin

1 0

New Defects reported by Coverity Scan for coreboot
by scan-admin＠coverity.com 20 Sep '22

20 Sep '22

Hi, Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan. 17 new defect(s) introduced to coreboot found with Coverity Scan. 10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 17 of 17 defect(s) ** CID 1498234: Memory - corruptions (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1498234: Memory - corruptions (ARRAY_VS_SINGLETON) /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 329 in pmu_ctr_start_hw() 323 324 /* 325 * Some of the hardware may not support mcountinhibit but perf stat 326 * still can work if supervisor mode programs the initial value. 327 */ 328 mctr_inhbt = csr_read(CSR_MCOUNTINHIBIT); >>> CID 1498234: Memory - corruptions (ARRAY_VS_SINGLETON) >>> Passing "&mctr_inhbt" to function "__test_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 329 if (!__test_bit(cidx, &mctr_inhbt)) 330 return SBI_EALREADY_STARTED; 331 332 __clear_bit(cidx, &mctr_inhbt); 333 334 if (sbi_hart_has_extension(scratch, SBI_HART_EXT_SSCOFPMF)) ** CID 1498233: Memory - corruptions (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1498233: Memory - corruptions (ARRAY_VS_SINGLETON) /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 413 in pmu_ctr_stop_hw() 407 mctr_inhbt = csr_read(CSR_MCOUNTINHIBIT); 408 409 /* Make sure the counter index lies within the range and is not TM bit */ 410 if (cidx >= num_hw_ctrs || cidx == 1) 411 return SBI_EINVAL; 412 >>> CID 1498233: Memory - corruptions (ARRAY_VS_SINGLETON) >>> Passing "&mctr_inhbt" to function "__test_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 413 if (!__test_bit(cidx, &mctr_inhbt)) { 414 __set_bit(cidx, &mctr_inhbt); 415 csr_write(CSR_MCOUNTINHIBIT, mctr_inhbt); 416 return 0; 417 } else 418 return SBI_EALREADY_STOPPED; ** CID 1498232: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/drivers/uart/util.c: 64 in uart_bitbang_tx_byte() ________________________________________________________________________________________________________ *** CID 1498232: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/drivers/uart/util.c: 64 in uart_bitbang_tx_byte() 58 stopwatch_tick(&sw); 59 60 /* 'i' counts the total bits sent at the end of the loop */ 61 for (i = 2; i < 10; i++) { 62 set_tx(data & 1); 63 data >>= 1; >>> CID 1498232: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "i * 1000000" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "int64_t" (64 bits, signed). 64 while (stopwatch_duration_usecs(&sw) < i * MHz / baud_rate) 65 stopwatch_tick(&sw); 66 } 67 68 /* Send stop bit */ 69 set_tx(1); 70 while (stopwatch_duration_usecs(&sw) < i * MHz / baud_rate) 71 stopwatch_tick(&sw); ** CID 1498231: Error handling issues (CHECKED_RETURN) /3rdparty/opensbi/lib/utils/reset/fdt_reset_htif.c: 25 in htif_reset_init() ________________________________________________________________________________________________________ *** CID 1498231: Error handling issues (CHECKED_RETURN) /3rdparty/opensbi/lib/utils/reset/fdt_reset_htif.c: 25 in htif_reset_init() 19 20 if (!fdt_get_node_addr_size(fdt, nodeoff, 0, &fromhost_addr, NULL)) { 21 custom = true; 22 tohost_addr = fromhost_addr + sizeof(uint64_t); 23 } 24 >>> CID 1498231: Error handling issues (CHECKED_RETURN) >>> Calling "fdt_get_node_addr_size" without checking return value (as is done elsewhere 16 out of 18 times). 25 fdt_get_node_addr_size(fdt, nodeoff, 1, &tohost_addr, NULL); 26 27 return htif_system_reset_init(custom, fromhost_addr, tohost_addr); 28 } 29 30 static const struct fdt_match htif_reset_match[] = { ** CID 1498230: (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1498230: (ARRAY_VS_SINGLETON) /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 465 in sbi_pmu_ctr_stop() 459 uint32_t event_code; 460 int i, cidx; 461 462 if ((cbase + sbi_fls(cmask)) >= total_ctrs) 463 return SBI_EINVAL; 464 >>> CID 1498230: (ARRAY_VS_SINGLETON) >>> Passing "&cmask" to function "find_first_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 465 for_each_set_bit(i, &cmask, total_ctrs) { 466 cidx = i + cbase; 467 event_idx_type = pmu_ctr_validate(cidx, &event_code); 468 if (event_idx_type < 0) 469 /* Continue the stop operation for other counters */ 470 continue; /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 465 in sbi_pmu_ctr_stop() 459 uint32_t event_code; 460 int i, cidx; 461 462 if ((cbase + sbi_fls(cmask)) >= total_ctrs) 463 return SBI_EINVAL; 464 >>> CID 1498230: (ARRAY_VS_SINGLETON) >>> Passing "&cmask" to function "find_next_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 465 for_each_set_bit(i, &cmask, total_ctrs) { 466 cidx = i + cbase; 467 event_idx_type = pmu_ctr_validate(cidx, &event_code); 468 if (event_idx_type < 0) 469 /* Continue the stop operation for other counters */ 470 continue; ** CID 1498229: Integer handling issues (BAD_SHIFT) /3rdparty/opensbi/lib/sbi/sbi_domain.c: 149 in is_region_valid() ________________________________________________________________________________________________________ *** CID 1498229: Integer handling issues (BAD_SHIFT) /3rdparty/opensbi/lib/sbi/sbi_domain.c: 149 in is_region_valid() 143 /* Check if region complies with constraints */ 144 static bool is_region_valid(const struct sbi_domain_memregion *reg) 145 { 146 if (reg->order < 3 || __riscv_xlen < reg->order) 147 return FALSE; 148 >>> CID 1498229: Integer handling issues (BAD_SHIFT) >>> In expression "1UL << reg->order", left shifting by more than 63 bits has undefined behavior. The shift amount, "reg->order", is as much as 64. 149 if (reg->base & (BIT(reg->order) - 1)) 150 return FALSE; 151 152 return TRUE; 153 } 154 ** CID 1498228: Memory - corruptions (OVERRUN) /3rdparty/opensbi/lib/utils/ipi/aclint_mswi.c: 84 in aclint_mswi_cold_init() ________________________________________________________________________________________________________ *** CID 1498228: Memory - corruptions (OVERRUN) /3rdparty/opensbi/lib/utils/ipi/aclint_mswi.c: 84 in aclint_mswi_cold_init() 78 (mswi->first_hartid >= SBI_HARTMASK_MAX_BITS) || 79 (mswi->hart_count > ACLINT_MSWI_MAX_HARTS)) 80 return SBI_EINVAL; 81 82 /* Update MSWI hartid table */ 83 for (i = 0; i < mswi->hart_count; i++) >>> CID 1498228: Memory - corruptions (OVERRUN) >>> Overrunning array "mswi_hartid2data" of 128 8-byte elements at element index 4221 (byte offset 33775) using index "mswi->first_hartid + i" (which evaluates to 4221). 84 mswi_hartid2data[mswi->first_hartid + i] = mswi; 85 86 /* Add MSWI regions to the root domain */ 87 for (pos = 0; pos < mswi->size; pos += ACLINT_MSWI_ALIGN) { 88 region_size = ((mswi->size - pos) < ACLINT_MSWI_ALIGN) ? 89 (mswi->size - pos) : ACLINT_MSWI_ALIGN; ** CID 1498227: (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1498227: (ARRAY_VS_SINGLETON) /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 635 in pmu_ctr_find_fw() 629 */ 630 static int pmu_ctr_find_fw(unsigned long cbase, unsigned long cmask, 631 uint32_t event_code, u32 hartid) 632 { 633 int i, cidx; 634 >>> CID 1498227: (ARRAY_VS_SINGLETON) >>> Passing "&cmask" to function "find_next_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 635 for_each_set_bit(i, &cmask, BITS_PER_LONG) { 636 cidx = i + cbase; 637 if (cidx < num_hw_ctrs || total_ctrs <= cidx) 638 continue; 639 if (active_events[hartid][i] != SBI_PMU_EVENT_IDX_INVALID) 640 continue; /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 635 in pmu_ctr_find_fw() 629 */ 630 static int pmu_ctr_find_fw(unsigned long cbase, unsigned long cmask, 631 uint32_t event_code, u32 hartid) 632 { 633 int i, cidx; 634 >>> CID 1498227: (ARRAY_VS_SINGLETON) >>> Passing "&cmask" to function "find_first_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 635 for_each_set_bit(i, &cmask, BITS_PER_LONG) { 636 cidx = i + cbase; 637 if (cidx < num_hw_ctrs || total_ctrs <= cidx) 638 continue; 639 if (active_events[hartid][i] != SBI_PMU_EVENT_IDX_INVALID) 640 continue; ** CID 1498226: Memory - corruptions (OVERRUN) /3rdparty/opensbi/lib/utils/timer/aclint_mtimer.c: 207 in aclint_mtimer_cold_init() ________________________________________________________________________________________________________ *** CID 1498226: Memory - corruptions (OVERRUN) /3rdparty/opensbi/lib/utils/timer/aclint_mtimer.c: 207 in aclint_mtimer_cold_init() 201 mt->time_wr = mtimer_time_wr64; 202 } 203 #endif 204 205 /* Update MTIMER hartid table */ 206 for (i = 0; i < mt->hart_count; i++) >>> CID 1498226: Memory - corruptions (OVERRUN) >>> Overrunning array "mtimer_hartid2data" of 128 8-byte elements at element index 4221 (byte offset 33775) using index "mt->first_hartid + i" (which evaluates to 4221). 207 mtimer_hartid2data[mt->first_hartid + i] = mt; 208 209 /* Add MTIMER regions to the root domain */ 210 if (mt->mtime_addr == (mt->mtimecmp_addr + mt->mtimecmp_size)) { 211 rc = aclint_mtimer_add_regions(mt->mtimecmp_addr, 212 mt->mtime_size + mt->mtimecmp_size); ** CID 1498225: Error handling issues (CHECKED_RETURN) /3rdparty/opensbi/lib/utils/serial/fdt_serial_htif.c: 30 in serial_htif_init() ________________________________________________________________________________________________________ *** CID 1498225: Error handling issues (CHECKED_RETURN) /3rdparty/opensbi/lib/utils/serial/fdt_serial_htif.c: 30 in serial_htif_init() 24 25 if (!fdt_get_node_addr_size(fdt, nodeoff, 0, &fromhost_addr, NULL)) { 26 custom = true; 27 tohost_addr = fromhost_addr + sizeof(uint64_t); 28 } 29 >>> CID 1498225: Error handling issues (CHECKED_RETURN) >>> Calling "fdt_get_node_addr_size" without checking return value (as is done elsewhere 16 out of 18 times). 30 fdt_get_node_addr_size(fdt, nodeoff, 1, &tohost_addr, NULL); 31 32 return htif_serial_init(custom, fromhost_addr, tohost_addr); 33 } 34 35 struct fdt_serial fdt_serial_htif = { 36 .match_table = serial_htif_match, 37 .init = serial_htif_init ** CID 1498224: Null pointer dereferences (FORWARD_NULL) /3rdparty/opensbi/lib/utils/fdt/fdt_domain.c: 251 in __fdt_parse_region() ________________________________________________________________________________________________________ *** CID 1498224: Null pointer dereferences (FORWARD_NULL) /3rdparty/opensbi/lib/utils/fdt/fdt_domain.c: 251 in __fdt_parse_region() 245 region = &fdt_regions[fdt_domains_count][*region_count]; 246 247 /* Read "base" DT property */ 248 val = fdt_getprop(fdt, region_offset, "base", &len); 249 if (!val && len >= 8) 250 return SBI_EINVAL; >>> CID 1498224: Null pointer dereferences (FORWARD_NULL) >>> Dereferencing null pointer "val". 251 val64 = fdt32_to_cpu(val[0]); 252 val64 = (val64 << 32) | fdt32_to_cpu(val[1]); 253 region->base = val64; 254 255 /* Read "order" DT property */ 256 val = fdt_getprop(fdt, region_offset, "order", &len); ** CID 1498223: Parse warnings (PARSE_ERROR) /src/soc/intel/apollolake/chip.c: 19 in () ________________________________________________________________________________________________________ *** CID 1498223: Parse warnings (PARSE_ERROR) /src/soc/intel/apollolake/chip.c: 19 in () 13 #include <intelblocks/cfg.h> 14 #include <intelblocks/fast_spi.h> 15 #include <intelblocks/msr.h> 16 #include <intelblocks/p2sb.h> 17 #include <intelblocks/power_limit.h> 18 #include <intelblocks/xdci.h> >>> CID 1498223: Parse warnings (PARSE_ERROR) >>> cannot open source file "intelpch/lockdown.h" 19 #include <intelpch/lockdown.h> 20 #include <fsp/api.h> 21 #include <fsp/util.h> 22 #include <intelblocks/cpulib.h> 23 #include <intelblocks/gpio.h> 24 #include <intelblocks/itss.h> ** CID 1498222: (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1498222: (ARRAY_VS_SINGLETON) /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 384 in sbi_pmu_ctr_start() 378 if ((cbase + sbi_fls(cmask)) >= total_ctrs) 379 return ret; 380 381 if (flags & SBI_PMU_START_FLAG_SET_INIT_VALUE) 382 bUpdate = TRUE; 383 >>> CID 1498222: (ARRAY_VS_SINGLETON) >>> Passing "&cmask" to function "find_first_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 384 for_each_set_bit(i, &cmask, total_ctrs) { 385 cidx = i + cbase; 386 event_idx_type = pmu_ctr_validate(cidx, &event_code); 387 if (event_idx_type < 0) 388 /* Continue the start operation for other counters */ 389 continue; /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 384 in sbi_pmu_ctr_start() 378 if ((cbase + sbi_fls(cmask)) >= total_ctrs) 379 return ret; 380 381 if (flags & SBI_PMU_START_FLAG_SET_INIT_VALUE) 382 bUpdate = TRUE; 383 >>> CID 1498222: (ARRAY_VS_SINGLETON) >>> Passing "&cmask" to function "find_next_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 384 for_each_set_bit(i, &cmask, total_ctrs) { 385 cidx = i + cbase; 386 event_idx_type = pmu_ctr_validate(cidx, &event_code); 387 if (event_idx_type < 0) 388 /* Continue the start operation for other counters */ 389 continue; ** CID 1498221: Control flow issues (DEADCODE) /3rdparty/opensbi/lib/utils/fdt/fdt_helper.c: 811 in fdt_parse_aclint_node() ________________________________________________________________________________________________________ *** CID 1498221: Control flow issues (DEADCODE) /3rdparty/opensbi/lib/utils/fdt/fdt_helper.c: 811 in fdt_parse_aclint_node() 805 cpu_intc_offset = fdt_node_offset_by_phandle(fdt, phandle); 806 if (cpu_intc_offset < 0) 807 continue; 808 809 cpu_offset = fdt_parent_offset(fdt, cpu_intc_offset); 810 if (cpu_intc_offset < 0) >>> CID 1498221: Control flow issues (DEADCODE) >>> Execution cannot reach this statement: "continue;". 811 continue; 812 813 rc = fdt_parse_hart_id(fdt, cpu_offset, &hartid); 814 if (rc) 815 continue; 816 ** CID 1498220: Control flow issues (DEADCODE) /3rdparty/opensbi/lib/utils/irqchip/fdt_irqchip_plic.c: 90 in irqchip_plic_update_hartid_table() ________________________________________________________________________________________________________ *** CID 1498220: Control flow issues (DEADCODE) /3rdparty/opensbi/lib/utils/irqchip/fdt_irqchip_plic.c: 90 in irqchip_plic_update_hartid_table() 84 cpu_intc_offset = fdt_node_offset_by_phandle(fdt, phandle); 85 if (cpu_intc_offset < 0) 86 continue; 87 88 cpu_offset = fdt_parent_offset(fdt, cpu_intc_offset); 89 if (cpu_intc_offset < 0) >>> CID 1498220: Control flow issues (DEADCODE) >>> Execution cannot reach this statement: "continue;". 90 continue; 91 92 err = fdt_parse_hart_id(fdt, cpu_offset, &hartid); 93 if (err) 94 continue; 95 ** CID 1498219: Memory - corruptions (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1498219: Memory - corruptions (ARRAY_VS_SINGLETON) /3rdparty/opensbi/lib/sbi/sbi_pmu.c: 590 in pmu_ctr_find_hw() 584 if (temp->select != (data & select_mask)) 585 continue; 586 } 587 /* Fixed counters should not be part of the search */ 588 ctr_mask = temp->counters & (cmask << cbase) & 589 (~SBI_PMU_FIXED_CTR_MASK); >>> CID 1498219: Memory - corruptions (ARRAY_VS_SINGLETON) >>> Passing "&ctr_mask" to function "find_next_bit" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 590 for_each_set_bit_from(cbase, &ctr_mask, SBI_PMU_HW_CTR_MAX) { 591 /** 592 * Some of the platform may not support mcountinhibit. 593 * Checking the active_events is enough for them 594 */ 595 if (active_events[hartid][cbase] != SBI_PMU_EVENT_IDX_INVALID) ** CID 1498218: Control flow issues (DEADCODE) /3rdparty/opensbi/lib/sbi/sbi_domain.c: 336 in sbi_domain_dump() ________________________________________________________________________________________________________ *** CID 1498218: Control flow issues (DEADCODE) /3rdparty/opensbi/lib/sbi/sbi_domain.c: 336 in sbi_domain_dump() 330 331 sbi_printf("Domain%d Region%02d %s: 0x%" PRILX "-0x%" PRILX " ", 332 dom->index, i, suffix, rstart, rend); 333 334 k = 0; 335 if (reg->flags & SBI_DOMAIN_MEMREGION_MMODE) >>> CID 1498218: Control flow issues (DEADCODE) >>> Execution cannot reach the expression "44" inside this statement: "sbi_printf("%cM", (k++ ? 44...". 336 sbi_printf("%cM", (k++) ? ',' : '('); 337 if (reg->flags & SBI_DOMAIN_MEMREGION_MMIO) 338 sbi_printf("%cI", (k++) ? ',' : '('); 339 if (reg->flags & SBI_DOMAIN_MEMREGION_READABLE) 340 sbi_printf("%cR", (k++) ? ',' : '('); 341 if (reg->flags & SBI_DOMAIN_MEMREGION_WRITEABLE) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 0

New Defects reported by Coverity Scan for coreboot
by scan-admin＠coverity.com 13 Sep '22

13 Sep '22

Hi, Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan. 1 new defect(s) introduced to coreboot found with Coverity Scan. 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1497908: (UNINIT) /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1219 in edp_ctrl_calc_tu() /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1218 in edp_ctrl_calc_tu() /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1221 in edp_ctrl_calc_tu() /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1220 in edp_ctrl_calc_tu() /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1163 in edp_ctrl_calc_tu() ________________________________________________________________________________________________________ *** CID 1497908: (UNINIT) /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1219 in edp_ctrl_calc_tu() 1213 tu.delay_start_time_fp = (tu.delay_start_link * f) / tu.lclk; 1214 1215 /* OUTPUTS */ 1216 tu_table->valid_boundary_link = tu.valid_boundary_link; 1217 tu_table->delay_start_link = tu.delay_start_link; 1218 tu_table->boundary_moderation_en = tu.boundary_moderation_en; >>> CID 1497908: (UNINIT) >>> Using uninitialized value "tu.valid_lower_boundary_link". 1219 tu_table->valid_lower_boundary_link = tu.valid_lower_boundary_link; 1220 tu_table->upper_boundary_count = tu.upper_boundary_count; 1221 tu_table->lower_boundary_count = tu.lower_boundary_count; 1222 tu_table->tu_size_minus1 = tu.tu_size_minus1; 1223 1224 printk(BIOS_INFO, "TU: valid_boundary_link: %d\n", /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1218 in edp_ctrl_calc_tu() 1212 1213 tu.delay_start_time_fp = (tu.delay_start_link * f) / tu.lclk; 1214 1215 /* OUTPUTS */ 1216 tu_table->valid_boundary_link = tu.valid_boundary_link; 1217 tu_table->delay_start_link = tu.delay_start_link; >>> CID 1497908: (UNINIT) >>> Using uninitialized value "tu.boundary_moderation_en". 1218 tu_table->boundary_moderation_en = tu.boundary_moderation_en; 1219 tu_table->valid_lower_boundary_link = tu.valid_lower_boundary_link; 1220 tu_table->upper_boundary_count = tu.upper_boundary_count; 1221 tu_table->lower_boundary_count = tu.lower_boundary_count; 1222 tu_table->tu_size_minus1 = tu.tu_size_minus1; 1223 /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1221 in edp_ctrl_calc_tu() 1215 /* OUTPUTS */ 1216 tu_table->valid_boundary_link = tu.valid_boundary_link; 1217 tu_table->delay_start_link = tu.delay_start_link; 1218 tu_table->boundary_moderation_en = tu.boundary_moderation_en; 1219 tu_table->valid_lower_boundary_link = tu.valid_lower_boundary_link; 1220 tu_table->upper_boundary_count = tu.upper_boundary_count; >>> CID 1497908: (UNINIT) >>> Using uninitialized value "tu.lower_boundary_count". 1221 tu_table->lower_boundary_count = tu.lower_boundary_count; 1222 tu_table->tu_size_minus1 = tu.tu_size_minus1; 1223 1224 printk(BIOS_INFO, "TU: valid_boundary_link: %d\n", 1225 tu_table->valid_boundary_link); 1226 printk(BIOS_INFO, "TU: delay_start_link: %d\n", /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1220 in edp_ctrl_calc_tu() 1214 1215 /* OUTPUTS */ 1216 tu_table->valid_boundary_link = tu.valid_boundary_link; 1217 tu_table->delay_start_link = tu.delay_start_link; 1218 tu_table->boundary_moderation_en = tu.boundary_moderation_en; 1219 tu_table->valid_lower_boundary_link = tu.valid_lower_boundary_link; >>> CID 1497908: (UNINIT) >>> Using uninitialized value "tu.upper_boundary_count". 1220 tu_table->upper_boundary_count = tu.upper_boundary_count; 1221 tu_table->lower_boundary_count = tu.lower_boundary_count; 1222 tu_table->tu_size_minus1 = tu.tu_size_minus1; 1223 1224 printk(BIOS_INFO, "TU: valid_boundary_link: %d\n", 1225 tu_table->valid_boundary_link); /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1163 in edp_ctrl_calc_tu() 1157 tu.delay_start_link_extra_pclk = EXTRA_PIXCLK_CYCLE_DELAY; 1158 tu.diff_abs_fp = tu.resulting_valid_fp - tu.ratio_by_tu_fp; 1159 if (tu.diff_abs_fp < 0) 1160 tu.diff_abs_fp = tu.diff_abs_fp * -1; 1161 1162 tu.boundary_mod_lower_err = 0; >>> CID 1497908: (UNINIT) >>> Using uninitialized value "tu.min_hblank_violated". 1163 if ((tu.diff_abs_fp != 0 && 1164 ((tu.diff_abs_fp > BRUTE_FORCE_THRESHOLD_fp) || 1165 (tu.even_distribution_legacy == 0) || 1166 (DP_BRUTE_FORCE == 1))) || 1167 (tu.min_hblank_violated == 1)) { 1168 do { /src/soc/qualcomm/sc7280/display/edp_ctrl.c: 1181 in edp_ctrl_calc_tu() 1175 for (tu.i_upper_boundary_count = 1; 1176 tu.i_upper_boundary_count <= 15; 1177 tu.i_upper_boundary_count++) { 1178 for (tu.i_lower_boundary_count = 1; 1179 tu.i_lower_boundary_count <= 15; 1180 tu.i_lower_boundary_count++) { >>> CID 1497908: (UNINIT) >>> Using uninitialized value "tu.min_hblank_violated" when calling "tu_valid_boundary_calc". 1181 tu_valid_boundary_calc(&tu); 1182 } 1183 } 1184 } 1185 tu.delay_start_link_extra_pclk--; 1186 } while (tu.boundary_moderation_en != true && ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 0

LPC problem in Coreboot for Apollo Lake
by roman perepelitsin 12 Sep '22

12 Sep '22

I use coreboot for ApolloLake CPU (Atom). We have SuperIO WB83627-DHG chip on carrier board. LPC enabled, POST codes work normal. But I can't get access to SIO under Linux (via port 0x2e). Superiotool can't find chip. Also, I have CPLD on LPCB - I use it to view LPC transactions - so, then I try to out byte to 0x2e - transaction on LPC is none. But, I enable UART0 on SIO (via devicetree.cb) - and it works fine. Whats wrong? *Devtree (part):* device pci 1f.0 on # - LPC chip superio/winbond/w83627dhg device pnp 2e.0 off end # Floppy device pnp 2e.1 off end # Parallel Port device pnp 2e.2 on # COM1 io 0x60 = 0x3f8 irq 0x70 = 4 end device pnp 2e.3 off # COM2 end device pnp 2e.5 off # Keyboard end device pnp 2e.6 off # SPI end device pnp 2e.307 off # GPIO 1 end device pnp 2e.8 off # WDTO#, PLED end device pnp 2e.009 off # GPIO2 end device pnp 2e.109 off # GPIO3 end device pnp 2e.209 off # GPIO4 end device pnp 2e.309 off # GPIO5 end device pnp 2e.a off # ACPI end device pnp 2e.b off # HWM end device pnp 2e.c off # PECI, SST end end # w83627dhg *PNP020C (in /sys/bus/pnp/devices/00:01) resources:* state = active io 0x2e-0x2f io 0x4e-0x4f io 0x61-0x61 io 0x63-0x63 io 0x65-0x65 io 0x67-0x67 io 0x80-0x80 io 0x92-0x92 io 0xb2-0xb3 io 0x400-0x4fe *dsdt.asl from coreboot:* #include <acpi/acpi.h> DefinitionBlock( "dsdt.aml", "DSDT", 0x02, // DSDT revision: ACPI v2.0 and up OEM_ID, ACPI_TABLE_CREATOR, 0x20110725 // OEM revision ) { /* global NVS and variables */ #include <soc/intel/apollolake/acpi/globalnvs.asl> /* CPU */ #include <cpu/intel/common/acpi/cpu.asl> Scope (\_SB) { Device (PCI0) { #include <soc/intel/apollolake/acpi/northbridge.asl> #include <soc/intel/apollolake/acpi/southbridge.asl> #include <soc/intel/apollolake/acpi/pch_hda.asl> } } #include <southbridge/intel/common/acpi/sleepstates.asl> Scope (\_SB.PCI0.LPCB) { #include <acpi/ec.asl> /* ec is empty */ #include <acpi/superio.asl> } } -- regards, Perepelitsin Roman

2 2

New Defects reported by Coverity Scan for coreboot
by scan-admin＠coverity.com 09 Sep '22

09 Sep '22

Hi, Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan. 2 new defect(s) introduced to coreboot found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1497845: Memory - corruptions (USE_AFTER_FREE) /3rdparty/vboot/futility/file_type_bios.c: 282 in write_new_preamble() ________________________________________________________________________________________________________ *** CID 1497845: Memory - corruptions (USE_AFTER_FREE) /3rdparty/vboot/futility/file_type_bios.c: 282 in write_new_preamble() 276 /* and the new preamble */ 277 memcpy(vblock->buf + more, preamble, preamble->preamble_size); 278 retval = 0; 279 280 end: 281 free(preamble); >>> CID 1497845: Memory - corruptions (USE_AFTER_FREE) >>> Calling "free" frees pointer "body_sig" which has already been freed. [Note: The source code implementation of the function has been overridden by a builtin model.] 282 free(body_sig); 283 284 return retval; 285 } 286 287 static int write_loem(const char *ab, struct bios_area_s *vblock) ** CID 1497844: Memory - corruptions (USE_AFTER_FREE) /3rdparty/vboot/futility/cmd_sign.c: 307 in ft_sign_raw_firmware() ________________________________________________________________________________________________________ *** CID 1497844: Memory - corruptions (USE_AFTER_FREE) /3rdparty/vboot/futility/cmd_sign.c: 307 in ft_sign_raw_firmware() 301 sign_option.keyblock->keyblock_size, 302 preamble, preamble->preamble_size); 303 304 done: 305 futil_unmap_and_close_file(fd, FILE_MODE_SIGN(sign_option), buf, len); 306 free(preamble); >>> CID 1497844: Memory - corruptions (USE_AFTER_FREE) >>> Calling "free" frees pointer "body_sig" which has already been freed. [Note: The source code implementation of the function has been overridden by a builtin model.] 307 free(body_sig); 308 309 return rv; 310 } 311 312 static int load_keyset(void) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 0

[coreboot - Bug #414] (New) X9SAE-V: No USB keyboard init with SeaBIOS while using Radeon RX 6800XT
by Aaron Burton 08 Sep '22

08 Sep '22

Issue #414 has been reported by Aaron Burton. ---------------------------------------- Bug #414: X9SAE-V: No USB keyboard init with SeaBIOS while using Radeon RX 6800XT https://ticket.coreboot.org/issues/414 * Author: Aaron Burton * Status: New * Priority: Normal * Category: board support * Target version: none * Start date: 2022-09-05 * Affected versions: 4.17 * Affected hardware: X9SAE-V ---------------------------------------- While booting coreboot 4.17 to SeaBIOS 1.16 on a Supermicro X9SAE-V, the keyboard flashes on then off (LED Backlit USB keyboard) and does not let me interact with SeaBIOS until the linux kernel is loaded on the OS side. Currently using a PS/2 keyboard to unlock my boot drive via SeaBIOS. Using any other GPU does not affect the USB keyboard and works just fine. The Radeon RX 6800XT is a reference card with a USB-C port on it, naturally I tried a USB-C adaptor on the GPU to get the USB keyboard to work, but no luck. Building coreboot with either native, secure VGABIOS loading, or libgfxinit does not fix the problem either. Seems to be specific to this GPU on hardware init. Coreboot dot config is attached. ---Files-------------------------------- coreboot-config (17.7 KB) -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: https://ticket.coreboot.org/my/account

3 4

New on blogs.coreboot.org: [GSoC] Optimize Erase Function Selection, wrap-up
by blogs.coreboot.org 08 Sep '22

08 Sep '22

1 0

Can we make unit test failures more obvious in Gerrit?
by Julius Werner 07 Sep '22

07 Sep '22

Right now, when you have a CL that builds fine but fails unit tests, Jenkins with Verified -1 it with a failure page like this https://qa.coreboot.org/job/coreboot-gerrit/215770/ , which just says "Test Result (no failures)". If you know your way around Jenkins you can click on the "Console Output" link on the left and scroll down to see the actual unit test errors, but most people who see this for the first time will probably be very confused and have a hard chance finding that on their own. Is there any way we could make that more obvious and display the unit tests as a real element among the test results (or at least put some sort of "click Console Output to see errors" message on there)? Unfortunately I have no idea how anything on that page is configured or generated -- Patrick or Martin, I hope one of you guys would know more?

3 3

[coreboot - Bug #415] (New) RESOURCE_ALLOCATION_TOP_DOWN breaks edk2
by Sean Rhodes 07 Sep '22

07 Sep '22

Issue #415 has been reported by Sean Rhodes. ---------------------------------------- Bug #415: RESOURCE_ALLOCATION_TOP_DOWN breaks edk2 https://ticket.coreboot.org/issues/415 * Author: Sean Rhodes * Status: New * Priority: Low * Target version: none * Start date: 2022-09-07 * Affected versions: master ---------------------------------------- CB:41957 enabled RESOURCE_ALLOCATION_TOP_DOWN by default, which stopped edk2 from booting. The commit has been reverted, so this ticket is just to post logs. ---Files-------------------------------- resource_allocatorv4.txt (94 KB) -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: https://ticket.coreboot.org/my/account

2 5

Jump to page:

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

coreboot