- TF-A - lists.trustedfirmware.org

Trusted Firmware-A LTS v2.8.14 Release Announcement

by Varun Wadekar

Hello, Trusted Firmware-A LTS version 2.8.14 is now available. This release introduces errata workarounds for Cortex-A520, Cortex-A710, and Neoverse X2 CPUs. The complete list of changes can be found here<https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.14/change-log.html>. Thanks.

1 year, 11 months

1
0
0 0

Minor updates to the tf.org project maintenance

by Sandrine Bailleux

Hello TF-A and TF-M communities, I've done 2 minor updates to the generic tf.org project maintenance process, which TF-A and TF-M both use. Please see the pull request here: https://github.com/TrustedFirmware/tf_docs/pull/1 Please provide your feedback on the pull request, if any. Happy end-of-year celebrations to all! Best regards, Sandrine

2 years

1
0
0 0

Stack usage details with armclang TF-A build

by mail2diggi＠gmail.com

Dear all, we want analyze stack usage details when we build TF-A for armclang compiler but we are not able generate stack usage details. sorry for long thread and question please go through and suggest way forward to perform stack analysis with TF-A armclang build. as per https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial-… (section 2.3) when CC is set to armclang, GCC linker is used default (since the TF-A build system doesn’t currently support Arm Scatter files) So when we try to generate stack usage details we will not be able to use GCC -fstack-usage and -fdump-ipa-calgraph since CC is set to armclang and these flags will be un-recognized. Since we are building this for armclang we attempted to use following armlinker flags along with -g compiler flag (refer link:https://developer.arm.com/documentation/100748/0607/writing-optimized-…). --info=stack, --calgrapth, --calgraph_output=text But we end up with unrecognized options error for --info=stack, --calgrapth, --calgraph_output=text This error occurs because GCC linker is used default as per above link section 2.3 (since the TF-A build system doesn’t currently support Arm Scatter files) So we end up with not having stack usage details generated. Q1: Any suggestion to generate stack usage when CC=armclang and GCC linker is used by default. Q2: if we attempt to change LD with armlink we will end up with "Fatal error: L6031U: Could not open scatter description file." https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial-… section 2.3 suggest that "that the default linker may be manually overridden using the LD variable" can you please let us know how to override LD with armlinker without getting scatter issue. Using: armclang 6.6.2 version. Thank you Shivakumar Diggi

2 years

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Dec 14, 2023 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling the TF-A Tech Forum as no topic planned. Thanks & Regards, Olivier. " TF-A Tech Forum Thursday Dec 14, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

2 years

1
0
0 0

Function parameter should not be modified.

by Nithin G

Hello, In the file common/bl_common.c and other related files, there are instances where function parameters are being modified. This leads to violations when running the Coverity MISRA-C analysis for the ZynqMP platform. To address this issue a new variable is declared and used to store the value from the argument in the code. Is it possible to fix by taking a new variable? Please provide your suggestions. Regards, Nithin G

2 years

2
1
0 0

The condition clause of the for loop does not use the loop counter variable.

by Nithin G

Hello, In the file lib/xlat_tables/xlat_tables_common.c and other related files, the condition clause of the for loop does not use the loop counter variable "mm". This leads to violations when running the Coverity MISRA-C analysis for the ZynqMP platform. Addressing this issue added mm as part of loop counter and this belongs to core translational table logic and other violations also related to this. Is it possible to address this issue? Please provide your suggestions. Regards, Nithin G

2 years

2
1
0 0

Trusted Firmware-A LTS v2.8.13 Release Announcement

by Varun Wadekar

Hello, Trusted Firmware-A LTS version 2.8.13 is now available. This release introduces workarounds for new CPU errata for Cortex-A78C, Cortex-X3, and Neoverse V1/V2. It also adds support for the SLS mitigation. The complete list of changes can be found here<https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.13/change-log.html>. Thanks.

2 years

1
0
0 0

Function bl31_lib_init() has external linkage but is only used in one translation unit.

by Nithin G

Hello, In the file bl31/bl31_main.c, there is a function named bl31_lib_init with its definition. Simultaneously, the declaration of this function is included in include/bl31/bl31.h since the function bl31_lib_init used only in one translational unit. leading to a violation when running the Coverity MISRA-C analysis for the ZynqMP. Addressing this issue need to remove the declaration of the function from the bl31.h file and making its definition static. To maintain visibility, included a static declaration in the bl31_main.c file. However, it will may impact in future modifications due to the removal of the declaration in bl31.h. Please provide your suggestions. Regards, Nithin

2 years

2
2
0 0

Experimental rust-spmc project release

by Imre Kis

Dear All, We would like to announce that we have published an experimental project called rust-spmc which is a S-EL1 FF-A Secure Partition Manager Core implementation in Rust. We started this as a free time project and now we had the opportunity to publish it on trustedfirmware.org. In its current state it has a partial implementation of the FF-A protocol, and it is able to run the secure partitions of Trusted Services with all tests passing on Arm FVP. It also provides the required compartmentalization between the S-EL0 secure partitions. Please note that the project is experimental (i.e. PoC, not suitable for production) and it is currently not scheduled by Arm for further development. The Rust language is an ideal language for implementing firmware components given its lack of undefined behavior and its memory safety guarantees. Our goal was to demonstrate the capabilities of language in a security critical firmware environment and to gather feedback from partners which could open up the possibility of further development of the project. The repository is available here: https://git.trustedfirmware.org/rust-spmc/rust-spmc.git/ We also prepared a readme with instructions for testing the project: https://git.trustedfirmware.org/rust-spmc/rust-spmc.git/about/ Please reach out to us if you are interested in the project or if you have any questions. Regards, Bálint Dobszay & Imre Kis

2 years

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Nov 30, 2023 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling the TF-A Tech Forum as no topic. Thanks & Regards, Olivier. " TF-A Tech Forum Thursday Nov 30, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

2 years

1
0
0 0

rk3328: WARNING: BL31: cortex_a53: CPU workaround for 1530924 was missing!

by Diederik de Haas

When booting my Pine64 Rock64 (rk3328), I see the following warning: WARNING: BL31: cortex_a53: CPU workaround for 1530924 was missing! That warning is present in u-boot 2023.01 and also in 2023.07. Asking on their IRC channel and they indicated it should be fixed in TF-A. In the source code I saw various commits which all seem a variation of 74665119f04de0cd7c735fa741aff607a4a9fde8 titled "Enable workaround for Cortex-A53 erratum 1530924" But such a commit seems to be missing for the rk3328 platform. I guess a patch like this is needed to fix that? ```patch diff --git a/plat/rockchip/rk3328/platform.mk b/plat/rockchip/rk3328/ platform.mk index 5b4766d51..bd86a1cc8 100644 --- a/plat/rockchip/rk3328/platform.mk +++ b/plat/rockchip/rk3328/platform.mk @@ -65,6 +65,7 @@ include lib/libfdt/libfdt.mk # Enable workarounds for selected Cortex-A53 errata ERRATA_A53_855873 := 1 +ERRATA_A53_1530924 := 1 $(eval $(call add_define,PLAT_EXTRA_LD_SCRIPT)) $(eval $(call add_define,PLAT_SKIP_OPTEE_S_EL1_INT_REGISTER)) ``` The Contributor’s Guide indicates that it requires a Microsoft Github account, so I opted to post a patch to this list. Cheers, Diederik PS: https://developer.trustedfirmware.org/ seems to be full of spam; you may want to look into that.

2 years

2
4
0 0

Trusted Firmware-A LTS v2.8.12 Release Announcement

by Varun Wadekar

Hello, Trusted Firmware-A LTS version 2.8.12 is now available. This release removes the Cryptocell driver support and contains fixes for the Tegra platform, the SMCCC library, and SDEI. The complete list of changes can be found here<https://ci-builds.trustedfirmware.org/static-files/DcqMVUzlEWpu-LYx_0-RuHeu…>. Thanks.

2 years, 1 month

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 120 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 20 of 120 defect(s) ** CID 408744: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 320 in mv_ddr4_dq_vref_calibration() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 254 in mv_ddr4_dq_vref_calibration() ________________________________________________________________________________________________________ *** CID 408744: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 320 in mv_ddr4_dq_vref_calibration() 314 (BYTE_HOMOGENEOUS_LOW | BYTE_SPLIT_OUT_MIX)) == 315 (BYTE_HOMOGENEOUS_LOW | BYTE_SPLIT_OUT_MIX)) { 316 if ((dq_vref_start_win[if_id][subphy_num][vref_idx] + 317 dq_vref_end_win[if_id][subphy_num][vref_idx]) / 2 <= 31) { 318 dq_vref_start_win[if_id][subphy_num][vref_idx] += 64; 319 dq_vref_end_win[if_id][subphy_num][vref_idx] += 64; >>> CID 408744: (OVERRUN) >>> Overrunning array "valid_vref_ptr[if_id]" of 9 26-byte elements at element index 12 (byte offset 337) using index "subphy_num" (which evaluates to 12). 320 DEBUG_CALIBRATION 321 (DEBUG_LEVEL_TRACE, 322 ("%s vref_idx %d if %d subphy %d added 64 adlls to window\n", 323 __func__, valid_vref_ptr[if_id][subphy_num][vref_idx], 324 if_id, subphy_num)); 325 } /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 340 in mv_ddr4_dq_vref_calibration() 334 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy_num); 335 DEBUG_CALIBRATION(DEBUG_LEVEL_INFO, 336 ("calculating center of mass for subphy %d, valid window size %d\n", 337 subphy_num, valid_win_size[if_id][subphy_num])); 338 if (valid_vref_cnt[if_id][subphy_num] > 0) { 339 /* calculate center of mass sampling point (t, v) for each subphy */ >>> CID 408744: (OVERRUN) >>> Overrunning array of 234 bytes at byte offset 312 by dereferencing pointer "valid_vref_ptr[if_id][subphy_num]". 340 status = mv_ddr4_center_of_mass_calc(dev_num, if_id, subphy_num, TX_DIR, 341 dq_vref_start_win[if_id][subphy_num], 342 dq_vref_end_win[if_id][subphy_num], 343 valid_vref_ptr[if_id][subphy_num], 344 valid_vref_cnt[if_id][subphy_num], 345 &center_vref[if_id][subphy_num], /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 254 in mv_ddr4_dq_vref_calibration() 248 if (vref_state_per_subphy[if_id][subphy_num] == MV_DDR4_VREF_SUBPHY_CAL_UNDER) 249 DEBUG_CALIBRATION(DEBUG_LEVEL_ERROR, 250 ("warning: %s: subphy %d vref tap %d voltage noise\n", 251 __func__, subphy_num, vref_tap_idx)); 252 /* window is valid; keep current vref_tap_idx value and increment counter */ 253 vref_idx = valid_vref_cnt[if_id][subphy_num]; >>> CID 408744: (OVERRUN) >>> Overrunning array "valid_vref_ptr[if_id]" of 9 26-byte elements at element index 12 (byte offset 337) using index "subphy_num" (which evaluates to 12). 254 valid_vref_ptr[if_id][subphy_num][vref_idx] = vref_tap_idx; 255 valid_vref_cnt[if_id][subphy_num]++; 256 257 /* set 0 for possible negative values */ 258 vref_byte_status[if_id][subphy_num][vref_idx] |= 259 patterns_byte_status[if_id][subphy_num]; ** CID 408743: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 693 in mv_ddr4_centralization() ________________________________________________________________________________________________________ *** CID 408743: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 693 in mv_ddr4_centralization() 687 * that we have already dealt with this bytes by adding 64 adlls 688 * to the low bytes 689 */ 690 if (patterns_byte_status[if_id][subphy_num] & 691 (BYTE_HOMOGENEOUS_LOW | BYTE_SPLIT_OUT_MIX)) 692 patterns_byte_status[if_id][subphy_num] = BYTE_SPLIT_OUT_MIX; >>> CID 408743: Memory - illegal accesses (OVERRUN) >>> Overrunning array "rx_vw_pos[if_id]" of 9 bytes at byte offset 12 using index "subphy_num" (which evaluates to 12). 693 if (rx_vw_pos[if_id][subphy_num] == 0) /* rx_vw_pos is initialized during tap tune */ 694 pbs_max = 31 - 0xa; 695 else 696 pbs_max = 31; 697 698 /* continue if locked */ ** CID 408742: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 258 in mv_ddr4_dq_vref_calibration() ________________________________________________________________________________________________________ *** CID 408742: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 258 in mv_ddr4_dq_vref_calibration() 252 /* window is valid; keep current vref_tap_idx value and increment counter */ 253 vref_idx = valid_vref_cnt[if_id][subphy_num]; 254 valid_vref_ptr[if_id][subphy_num][vref_idx] = vref_tap_idx; 255 valid_vref_cnt[if_id][subphy_num]++; 256 257 /* set 0 for possible negative values */ >>> CID 408742: Memory - illegal accesses (OVERRUN) >>> Overrunning array "patterns_byte_status[if_id]" of 9 bytes at byte offset 12 using index "subphy_num" (which evaluates to 12). 258 vref_byte_status[if_id][subphy_num][vref_idx] |= 259 patterns_byte_status[if_id][subphy_num]; 260 dq_vref_start_win[if_id][subphy_num][vref_idx] = 261 c_opt_per_bus[if_id][subphy_num] + 1 - 262 valid_win_size[if_id][subphy_num] / 2; 263 dq_vref_start_win[if_id][subphy_num][vref_idx] = ** CID 408741: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/drivers/snps/snps_fw.c: 428 in snps_mail_box_print_major_msg() ________________________________________________________________________________________________________ *** CID 408741: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/drivers/snps/snps_fw.c: 428 in snps_mail_box_print_major_msg() 422 * and print the required message string, according to it's message id. */ 423 static void snps_mail_box_print_major_msg(int msg_id) 424 { 425 int major_msg_count = sizeof(mb_major_messages) / sizeof(mb_major_messages[0]); 426 427 for (int i = 0; i <= major_msg_count; i++) >>> CID 408741: Memory - illegal accesses (OVERRUN) >>> Overrunning array "mb_major_messages" of 17 16-byte elements at element index 17 (byte offset 287) using index "i" (which evaluates to 17). 428 if (mb_major_messages[i].message_id == msg_id) { 429 pr_debug("%s\n", mb_major_messages[i].string); 430 return; 431 } 432 433 /* in case msg_id wasn't found in major messages database */ ** CID 408740: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr_topology.c: 190 in mv_ddr_topology_map_update() /drivers/marvell/mv_ddr/mv_ddr_topology.c: 210 in mv_ddr_topology_map_update() ________________________________________________________________________________________________________ *** CID 408740: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr_topology.c: 190 in mv_ddr_topology_map_update() 184 /* update bus bit mask in topology map */ 185 tm->bus_act_mask = mv_ddr_bus_bit_mask_get(); 186 187 /* update cs bit mask in topology map */ 188 val = mv_ddr_spd_cs_bit_mask_get(&tm->spd_data); 189 for (i = 0; i < octets_per_if_num; i++) >>> CID 408740: (OVERRUN) >>> Overrunning array "iface_params->as_bus_params" of 9 16-byte elements at element index 12 (byte offset 207) using index "i" (which evaluates to 12). 190 iface_params->as_bus_params[i].cs_bitmask = val; 191 192 /* check dram module type */ 193 val = mv_ddr_spd_module_type_get(&tm->spd_data); 194 switch (val) { 195 case MV_DDR_SPD_MODULE_TYPE_UDIMM: /drivers/marvell/mv_ddr/mv_ddr_topology.c: 210 in mv_ddr_topology_map_update() 204 return -1; 205 } 206 207 /* update mirror bit mask in topology map */ 208 val = mv_ddr_spd_mem_mirror_get(&tm->spd_data); 209 for (i = 0; i < octets_per_if_num; i++) >>> CID 408740: (OVERRUN) >>> Overrunning array "iface_params->as_bus_params" of 9 16-byte elements at element index 12 (byte offset 207) using index "i" (which evaluates to 12). 210 iface_params->as_bus_params[i].mirror_enable_bitmask = val << 1; 211 212 tclk = 1000000 / mv_ddr_freq_get(iface_params->memory_freq); 213 /* update cas write latency (cwl) */ 214 val = mv_ddr_cwl_calc(tclk); 215 if (val == 0) { ** CID 408739: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1614 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1617 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1602 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1463 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1580 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1488 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1611 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1414 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1475 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1608 in ddr3_tip_ip_training_wrapper() ________________________________________________________________________________________________________ *** CID 408739: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1614 in ddr3_tip_ip_training_wrapper() 1608 if (((l2h_adll_value[sybphy_id][bit_id] + 1609 h2l_adll_value[sybphy_id][bit_id]) / 2) > 1610 max_center_subphy_adll[sybphy_id]) 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) 1617 min_center_subphy_adll[sybphy_id] = 1618 (l2h_adll_value[sybphy_id][bit_id] + 1619 h2l_adll_value[sybphy_id][bit_id]) / 2; /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1617 in ddr3_tip_ip_training_wrapper() 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1617 min_center_subphy_adll[sybphy_id] = 1618 (l2h_adll_value[sybphy_id][bit_id] + 1619 h2l_adll_value[sybphy_id][bit_id]) / 2; 1620 } 1621 1622 /* calculate the center of the current subphy */ /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1602 in ddr3_tip_ip_training_wrapper() 1596 center_subphy_adll_window[sybphy_id] = 0; 1597 max_center_subphy_adll[sybphy_id] = 0; 1598 min_center_subphy_adll[sybphy_id] = 64; 1599 /* find the max and min center adll value in the current subphy */ 1600 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1601 /* debug print all the bit edges after alignment */ >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1602 DEBUG_TRAINING_IP_ENGINE 1603 (DEBUG_LEVEL_TRACE, 1604 ("if_id %d sybphy_id %d bit %d l2h %d h2l %d\n", 1605 if_id, sybphy_id, bit_id, l2h_adll_value[sybphy_id][bit_id], 1606 h2l_adll_value[sybphy_id][bit_id])); 1607 /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1463 in ddr3_tip_ip_training_wrapper() 1457 /* low ui */ 1458 if (e1 <= 31 && e2 <= 31) { 1459 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1460 BIT_LOW_UI; 1461 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_LOW; 1462 l2h_adll_value[sybphy_id][bit_id] = e1; >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1463 h2l_adll_value[sybphy_id][bit_id] = e2; 1464 DEBUG_TRAINING_IP_ENGINE 1465 (DEBUG_LEVEL_TRACE, 1466 ("if_id %d sybphy_id %d bit %d BIT_LOW_UI\n", 1467 if_id, sybphy_id, bit_id)); 1468 } /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1580 in ddr3_tip_ip_training_wrapper() 1574 TRAINING_LOAD_OPERATION_UNLOAD, CS_SINGLE, 1575 &h2l_if_train_res, 0, cons_tap, 1); 1576 1577 if (MV_OK != status) 1578 return status; 1579 >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1580 h2l_adll_value[sybphy_id][bit_id] = 1581 h2l_if_train_res[sybphy_id * 1582 BUS_WIDTH_IN_BITS + bit_id] & PUP_RESULT_EDGE_1_MASK; 1583 } 1584 } 1585 } /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1488 in ddr3_tip_ip_training_wrapper() 1482 if (e1 <= 31 && e2 >= 32) { 1483 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1484 BIT_SPLIT_IN; 1485 byte_status[if_id][sybphy_id] |= 1486 BYTE_HOMOGENEOUS_SPLIT_IN; 1487 l2h_adll_value[sybphy_id][bit_id] = e1; >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1488 h2l_adll_value[sybphy_id][bit_id] = e2; 1489 DEBUG_TRAINING_IP_ENGINE 1490 (DEBUG_LEVEL_TRACE, 1491 ("if_id %d sybphy_id %d bit %d BIT_SPLIT_IN\n", 1492 if_id, sybphy_id, bit_id)); 1493 } /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1611 in ddr3_tip_ip_training_wrapper() 1605 if_id, sybphy_id, bit_id, l2h_adll_value[sybphy_id][bit_id], 1606 h2l_adll_value[sybphy_id][bit_id])); 1607 1608 if (((l2h_adll_value[sybphy_id][bit_id] + 1609 h2l_adll_value[sybphy_id][bit_id]) / 2) > 1610 max_center_subphy_adll[sybphy_id]) >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1414 in ddr3_tip_ip_training_wrapper() 1408 bit_end = 0; 1409 1410 /* zero the data base */ 1411 bit_bit_mask[sybphy_id] = 0; 1412 byte_status[if_id][sybphy_id] = BYTE_NOT_DEFINED; 1413 for (bit_id = 0; bit_id < bit_end; bit_id++) { >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1414 h2l_adll_value[sybphy_id][bit_id] = 64; 1415 l2h_adll_value[sybphy_id][bit_id] = 0; 1416 for (search_dir_id = HWS_LOW2HIGH; search_dir_id <= HWS_HIGH2LOW; 1417 search_dir_id++) { 1418 status = ddr3_tip_read_training_result 1419 (dev_num, if_id, /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1475 in ddr3_tip_ip_training_wrapper() 1469 /* high ui */ 1470 if (e1 >= 32 && e2 >= 32) { 1471 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1472 BIT_HIGH_UI; 1473 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_HIGH; 1474 l2h_adll_value[sybphy_id][bit_id] = e1; >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1475 h2l_adll_value[sybphy_id][bit_id] = e2; 1476 DEBUG_TRAINING_IP_ENGINE 1477 (DEBUG_LEVEL_TRACE, 1478 ("if_id %d sybphy_id %d bit %d BIT_HIGH_UI\n", 1479 if_id, sybphy_id, bit_id)); 1480 } /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1608 in ddr3_tip_ip_training_wrapper() 1602 DEBUG_TRAINING_IP_ENGINE 1603 (DEBUG_LEVEL_TRACE, 1604 ("if_id %d sybphy_id %d bit %d l2h %d h2l %d\n", 1605 if_id, sybphy_id, bit_id, l2h_adll_value[sybphy_id][bit_id], 1606 h2l_adll_value[sybphy_id][bit_id])); 1607 >>> CID 408739: (OVERRUN) >>> Overrunning array "h2l_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1608 if (((l2h_adll_value[sybphy_id][bit_id] + 1609 h2l_adll_value[sybphy_id][bit_id]) / 2) > 1610 max_center_subphy_adll[sybphy_id]) 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; ** CID 408738: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1617 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1462 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1614 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1611 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1602 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1474 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1608 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1544 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1487 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1415 in ddr3_tip_ip_training_wrapper() ________________________________________________________________________________________________________ *** CID 408738: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1617 in ddr3_tip_ip_training_wrapper() 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1617 min_center_subphy_adll[sybphy_id] = 1618 (l2h_adll_value[sybphy_id][bit_id] + 1619 h2l_adll_value[sybphy_id][bit_id]) / 2; 1620 } 1621 1622 /* calculate the center of the current subphy */ /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1462 in ddr3_tip_ip_training_wrapper() 1456 } else { 1457 /* low ui */ 1458 if (e1 <= 31 && e2 <= 31) { 1459 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1460 BIT_LOW_UI; 1461 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_LOW; >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1462 l2h_adll_value[sybphy_id][bit_id] = e1; 1463 h2l_adll_value[sybphy_id][bit_id] = e2; 1464 DEBUG_TRAINING_IP_ENGINE 1465 (DEBUG_LEVEL_TRACE, 1466 ("if_id %d sybphy_id %d bit %d BIT_LOW_UI\n", 1467 if_id, sybphy_id, bit_id)); /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1614 in ddr3_tip_ip_training_wrapper() 1608 if (((l2h_adll_value[sybphy_id][bit_id] + 1609 h2l_adll_value[sybphy_id][bit_id]) / 2) > 1610 max_center_subphy_adll[sybphy_id]) 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) 1617 min_center_subphy_adll[sybphy_id] = 1618 (l2h_adll_value[sybphy_id][bit_id] + 1619 h2l_adll_value[sybphy_id][bit_id]) / 2; /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1611 in ddr3_tip_ip_training_wrapper() 1605 if_id, sybphy_id, bit_id, l2h_adll_value[sybphy_id][bit_id], 1606 h2l_adll_value[sybphy_id][bit_id])); 1607 1608 if (((l2h_adll_value[sybphy_id][bit_id] + 1609 h2l_adll_value[sybphy_id][bit_id]) / 2) > 1610 max_center_subphy_adll[sybphy_id]) >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1602 in ddr3_tip_ip_training_wrapper() 1596 center_subphy_adll_window[sybphy_id] = 0; 1597 max_center_subphy_adll[sybphy_id] = 0; 1598 min_center_subphy_adll[sybphy_id] = 64; 1599 /* find the max and min center adll value in the current subphy */ 1600 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1601 /* debug print all the bit edges after alignment */ >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1602 DEBUG_TRAINING_IP_ENGINE 1603 (DEBUG_LEVEL_TRACE, 1604 ("if_id %d sybphy_id %d bit %d l2h %d h2l %d\n", 1605 if_id, sybphy_id, bit_id, l2h_adll_value[sybphy_id][bit_id], 1606 h2l_adll_value[sybphy_id][bit_id])); 1607 /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1474 in ddr3_tip_ip_training_wrapper() 1468 } 1469 /* high ui */ 1470 if (e1 >= 32 && e2 >= 32) { 1471 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1472 BIT_HIGH_UI; 1473 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_HIGH; >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1474 l2h_adll_value[sybphy_id][bit_id] = e1; 1475 h2l_adll_value[sybphy_id][bit_id] = e2; 1476 DEBUG_TRAINING_IP_ENGINE 1477 (DEBUG_LEVEL_TRACE, 1478 ("if_id %d sybphy_id %d bit %d BIT_HIGH_UI\n", 1479 if_id, sybphy_id, bit_id)); /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1608 in ddr3_tip_ip_training_wrapper() 1602 DEBUG_TRAINING_IP_ENGINE 1603 (DEBUG_LEVEL_TRACE, 1604 ("if_id %d sybphy_id %d bit %d l2h %d h2l %d\n", 1605 if_id, sybphy_id, bit_id, l2h_adll_value[sybphy_id][bit_id], 1606 h2l_adll_value[sybphy_id][bit_id])); 1607 >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1608 if (((l2h_adll_value[sybphy_id][bit_id] + 1609 h2l_adll_value[sybphy_id][bit_id]) / 2) > 1610 max_center_subphy_adll[sybphy_id]) 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1544 in ddr3_tip_ip_training_wrapper() 1538 TRAINING_LOAD_OPERATION_UNLOAD, CS_SINGLE, 1539 &l2h_if_train_res, 0, 0, 1); 1540 1541 if (MV_OK != status) 1542 return status; 1543 >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1544 l2h_adll_value[sybphy_id][bit_id] = 1545 l2h_if_train_res[sybphy_id * 1546 BUS_WIDTH_IN_BITS + bit_id] & PUP_RESULT_EDGE_1_MASK; 1547 } 1548 } 1549 } /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1487 in ddr3_tip_ip_training_wrapper() 1481 /* split in */ 1482 if (e1 <= 31 && e2 >= 32) { 1483 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1484 BIT_SPLIT_IN; 1485 byte_status[if_id][sybphy_id] |= 1486 BYTE_HOMOGENEOUS_SPLIT_IN; >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1487 l2h_adll_value[sybphy_id][bit_id] = e1; 1488 h2l_adll_value[sybphy_id][bit_id] = e2; 1489 DEBUG_TRAINING_IP_ENGINE 1490 (DEBUG_LEVEL_TRACE, 1491 ("if_id %d sybphy_id %d bit %d BIT_SPLIT_IN\n", 1492 if_id, sybphy_id, bit_id)); /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1415 in ddr3_tip_ip_training_wrapper() 1409 1410 /* zero the data base */ 1411 bit_bit_mask[sybphy_id] = 0; 1412 byte_status[if_id][sybphy_id] = BYTE_NOT_DEFINED; 1413 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1414 h2l_adll_value[sybphy_id][bit_id] = 64; >>> CID 408738: (OVERRUN) >>> Overrunning array "l2h_adll_value" of 9 8-byte elements at element index 12 (byte offset 103) using index "sybphy_id" (which evaluates to 12). 1415 l2h_adll_value[sybphy_id][bit_id] = 0; 1416 for (search_dir_id = HWS_LOW2HIGH; search_dir_id <= HWS_HIGH2LOW; 1417 search_dir_id++) { 1418 status = ddr3_tip_read_training_result 1419 (dev_num, if_id, 1420 ACCESS_TYPE_UNICAST, sybphy_id, bit_id, ** CID 408737: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 396 in mv_ddr4_dq_vref_calibration() ________________________________________________________________________________________________________ *** CID 408737: Memory - illegal accesses (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 396 in mv_ddr4_dq_vref_calibration() 390 for (subphy_num = 0; subphy_num < subphy_max; subphy_num++) { 391 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy_num); 392 for (dq_idx = 0; dq_idx < 8; dq_idx++) { 393 pad_num = dq_map_table[dq_idx + 394 subphy_num * BUS_WIDTH_IN_BITS + 395 if_id * BUS_WIDTH_IN_BITS * subphy_max]; >>> CID 408737: Memory - illegal accesses (OVERRUN) >>> Overrunning array "pbs_res_per_bus[if_id]" of 9 8-byte elements at element index 12 (byte offset 103) using index "subphy_num" (which evaluates to 12). 396 status = ddr3_tip_bus_write(dev_num, ACCESS_TYPE_UNICAST, if_id, ACCESS_TYPE_UNICAST, 397 subphy_num, DDR_PHY_DATA, 398 0x10 + pad_num + effective_cs * 0x10, 399 pbs_res_per_bus[if_id][subphy_num][dq_idx]); 400 if (status != MV_OK) 401 return status; ** CID 408736: Memory - corruptions (OVERRUN) ________________________________________________________________________________________________________ *** CID 408736: Memory - corruptions (OVERRUN) /drivers/marvell/mv_ddr/apn806/mv_ddr_plat.c: 586 in mv_ddr_clk_dividers_set() 580 if_id)); 581 return -1; 582 } 583 584 if (mv_ddr_first_time_setting) { 585 /* get ddr init freq */ >>> CID 408736: Memory - corruptions (OVERRUN) >>> Overrunning callee's array of size 13 by passing argument "mv_ddr_init_freq_get()" (which evaluates to 14) in call to "mv_ddr_freq_get". 586 init_ddr_freq_val = mv_ddr_freq_get(mv_ddr_init_freq_get()); 587 588 /* get mc & ddr clk dividers values */ 589 reg = reg_read(DEV_GEN_CTRL1_REG_ADDR); 590 ddr_div = (reg >> MISC_CLKDIV_RATIO_1_OFFS) & MISC_CLKDIV_RATIO_1_MASK; 591 ** CID 408735: Data race undermines locking (LOCK_EVASION) /plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm.c: 410 in cpupm_pwr_state_valid() ________________________________________________________________________________________________________ *** CID 408735: Data race undermines locking (LOCK_EVASION) /plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm.c: 410 in cpupm_pwr_state_valid() 404 if (cpupm_init() != MTK_CPUPM_E_OK) { 405 return MTK_CPUPM_E_FAIL; 406 } 407 408 if (read_cntpct_el0() >= (uint64_t)CPUPM_BOOTUP_TIME_THR) { 409 plat_cpu_pm_lock(); >>> CID 408735: Data race undermines locking (LOCK_EVASION) >>> Thread1 sets "cpu_pm_status" to a new value. Now the two threads have an inconsistent view of "cpu_pm_status" and updates to fields correlated with "cpu_pm_status" may be lost. 410 cpu_pm_status |= CPU_PM_PLAT_READY; 411 plat_cpu_pm_unlock(); 412 } 413 414 if (!IS_PLAT_SYSTEM_SUSPEND(afflv) && (cpu_pm_status & CPU_PM_PLAT_READY) == 0) { 415 return MTK_CPUPM_E_FAIL; ** CID 408734: Memory - corruptions (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 1285 in mv_ddr4_tap_tuning() ________________________________________________________________________________________________________ *** CID 408734: Memory - corruptions (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 1285 in mv_ddr4_tap_tuning() 1279 pattern, EDGE_FPF, CS_SINGLE, PARAM_NOT_CARE, training_result); 1280 1281 for (iface = 0; iface < MAX_INTERFACE_NUM; iface++) { 1282 VALIDATE_IF_ACTIVE(tm->if_act_mask, iface); 1283 for (subphy = 0; subphy < subphy_max; subphy++) { 1284 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy); >>> CID 408734: Memory - corruptions (OVERRUN) >>> Overrunning array "rx_vw_pos[iface]" of 9 bytes at byte offset 12 using index "subphy" (which evaluates to 12). 1285 rx_vw_pos[iface][subphy] = ALIGN_CENTER; 1286 new_pbs_per_byte[subphy] = new_pbs; /* rx init */ 1287 if ((mode == TX_DIR) && (loop == 0)) { 1288 /* read nominal wl */ 1289 ddr3_tip_bus_read(dev, iface, ACCESS_TYPE_UNICAST, subphy, 1290 DDR_PHY_DATA, WL_PHY_REG(effective_cs), ** CID 408733: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1598 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1623 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1626 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1617 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1614 in ddr3_tip_ip_training_wrapper() ________________________________________________________________________________________________________ *** CID 408733: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1598 in ddr3_tip_ip_training_wrapper() 1592 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, sybphy_id); 1593 1594 if ((byte_status[if_id][sybphy_id] != BYTE_NOT_DEFINED) && (direction == OPER_WRITE)) { 1595 /* clear the arrays and parameters */ 1596 center_subphy_adll_window[sybphy_id] = 0; 1597 max_center_subphy_adll[sybphy_id] = 0; >>> CID 408733: (OVERRUN) >>> Overrunning array "min_center_subphy_adll" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1598 min_center_subphy_adll[sybphy_id] = 64; 1599 /* find the max and min center adll value in the current subphy */ 1600 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1601 /* debug print all the bit edges after alignment */ 1602 DEBUG_TRAINING_IP_ENGINE 1603 (DEBUG_LEVEL_TRACE, /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1623 in ddr3_tip_ip_training_wrapper() 1617 min_center_subphy_adll[sybphy_id] = 1618 (l2h_adll_value[sybphy_id][bit_id] + 1619 h2l_adll_value[sybphy_id][bit_id]) / 2; 1620 } 1621 1622 /* calculate the center of the current subphy */ >>> CID 408733: (OVERRUN) >>> Overrunning array "min_center_subphy_adll" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1623 center_subphy_adll_window[sybphy_id] = 1624 max_center_subphy_adll[sybphy_id] - 1625 min_center_subphy_adll[sybphy_id]; 1626 DEBUG_TRAINING_IP_ENGINE 1627 (DEBUG_LEVEL_TRACE, 1628 ("if_id %d sybphy_id %d min center %d max center %d center %d\n", /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1626 in ddr3_tip_ip_training_wrapper() 1620 } 1621 1622 /* calculate the center of the current subphy */ 1623 center_subphy_adll_window[sybphy_id] = 1624 max_center_subphy_adll[sybphy_id] - 1625 min_center_subphy_adll[sybphy_id]; >>> CID 408733: (OVERRUN) >>> Overrunning array "min_center_subphy_adll" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1626 DEBUG_TRAINING_IP_ENGINE 1627 (DEBUG_LEVEL_TRACE, 1628 ("if_id %d sybphy_id %d min center %d max center %d center %d\n", 1629 if_id, sybphy_id, min_center_subphy_adll[sybphy_id], 1630 max_center_subphy_adll[sybphy_id], 1631 center_subphy_adll_window[sybphy_id])); /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1617 in ddr3_tip_ip_training_wrapper() 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) >>> CID 408733: (OVERRUN) >>> Overrunning array "min_center_subphy_adll" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1617 min_center_subphy_adll[sybphy_id] = 1618 (l2h_adll_value[sybphy_id][bit_id] + 1619 h2l_adll_value[sybphy_id][bit_id]) / 2; 1620 } 1621 1622 /* calculate the center of the current subphy */ /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1614 in ddr3_tip_ip_training_wrapper() 1608 if (((l2h_adll_value[sybphy_id][bit_id] + 1609 h2l_adll_value[sybphy_id][bit_id]) / 2) > 1610 max_center_subphy_adll[sybphy_id]) 1611 max_center_subphy_adll[sybphy_id] = 1612 (l2h_adll_value[sybphy_id][bit_id] + 1613 h2l_adll_value[sybphy_id][bit_id]) / 2; >>> CID 408733: (OVERRUN) >>> Overrunning array "min_center_subphy_adll" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1614 if (((l2h_adll_value[sybphy_id][bit_id] + 1615 h2l_adll_value[sybphy_id][bit_id]) / 2) < 1616 min_center_subphy_adll[sybphy_id]) 1617 min_center_subphy_adll[sybphy_id] = 1618 (l2h_adll_value[sybphy_id][bit_id] + 1619 h2l_adll_value[sybphy_id][bit_id]) / 2; ** CID 408732: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1654 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1461 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1563 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1662 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1526 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1485 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1664 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1641 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1503 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1473 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1448 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1412 in ddr3_tip_ip_training_wrapper() /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1594 in ddr3_tip_ip_training_wrapper() ________________________________________________________________________________________________________ *** CID 408732: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1654 in ddr3_tip_ip_training_wrapper() 1648 /* 1649 * in case all of the bits in the current subphy are 1650 * less than 32 which will find alignment in the subphy bits 1651 * mark this subphy as homogeneous split in 1652 */ 1653 if (center_subphy_adll_window[sybphy_id] <= 31) >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1654 byte_status[if_id][sybphy_id] = BYTE_HOMOGENEOUS_SPLIT_IN; 1655 1656 /* 1657 * in case the current byte is split_out and the center is bigger than 31 1658 * the byte can be aligned. in this case add 64 to the the low ui bits aligning it 1659 * to the other ui bits /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1461 in ddr3_tip_ip_training_wrapper() 1455 if_id, sybphy_id, bit_id)); 1456 } else { 1457 /* low ui */ 1458 if (e1 <= 31 && e2 <= 31) { 1459 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1460 BIT_LOW_UI; >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1461 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_LOW; 1462 l2h_adll_value[sybphy_id][bit_id] = e1; 1463 h2l_adll_value[sybphy_id][bit_id] = e2; 1464 DEBUG_TRAINING_IP_ENGINE 1465 (DEBUG_LEVEL_TRACE, 1466 ("if_id %d sybphy_id %d bit %d BIT_LOW_UI\n", /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1563 in ddr3_tip_ip_training_wrapper() 1557 num_iter / 2, num_iter / 2, 1558 pattern, EDGE_FP, train_cs_type, 1559 cs_num, train_status); 1560 1561 for (sybphy_id = 0; sybphy_id < octets_per_if_num; sybphy_id++) { 1562 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, sybphy_id); >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1563 if (byte_status[if_id][sybphy_id] != BYTE_NOT_DEFINED) { 1564 if (bit_bit_mask[sybphy_id] == 0) 1565 continue; 1566 1567 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1568 if ((bit_bit_mask[sybphy_id] & (1 << bit_id)) == 0) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1662 in ddr3_tip_ip_training_wrapper() 1656 /* 1657 * in case the current byte is split_out and the center is bigger than 31 1658 * the byte can be aligned. in this case add 64 to the the low ui bits aligning it 1659 * to the other ui bits 1660 */ 1661 if (center_subphy_adll_window[sybphy_id] >= 32) { >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1662 byte_status[if_id][sybphy_id] = BYTE_SPLIT_OUT_MIX; 1663 1664 DEBUG_TRAINING_IP_ENGINE 1665 (DEBUG_LEVEL_TRACE, 1666 ("if_id %d sybphy_id %d byte state 0x%x\n", 1667 if_id, sybphy_id, byte_status[if_id][sybphy_id])); /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1526 in ddr3_tip_ip_training_wrapper() 1520 num_iter / 2, num_iter / 2, 1521 pattern, EDGE_FP, train_cs_type, 1522 cs_num, train_status); 1523 1524 for (sybphy_id = 0; sybphy_id < octets_per_if_num; sybphy_id++) { 1525 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, sybphy_id); >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1526 if (byte_status[if_id][sybphy_id] != BYTE_NOT_DEFINED) { 1527 if (bit_bit_mask[sybphy_id] == 0) 1528 continue; /* this byte bits have no split out state */ 1529 1530 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1531 if ((bit_bit_mask[sybphy_id] & (1 << bit_id)) == 0) /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1485 in ddr3_tip_ip_training_wrapper() 1479 if_id, sybphy_id, bit_id)); 1480 } 1481 /* split in */ 1482 if (e1 <= 31 && e2 >= 32) { 1483 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1484 BIT_SPLIT_IN; >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1485 byte_status[if_id][sybphy_id] |= 1486 BYTE_HOMOGENEOUS_SPLIT_IN; 1487 l2h_adll_value[sybphy_id][bit_id] = e1; 1488 h2l_adll_value[sybphy_id][bit_id] = e2; 1489 DEBUG_TRAINING_IP_ENGINE 1490 (DEBUG_LEVEL_TRACE, /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1664 in ddr3_tip_ip_training_wrapper() 1658 * the byte can be aligned. in this case add 64 to the the low ui bits aligning it 1659 * to the other ui bits 1660 */ 1661 if (center_subphy_adll_window[sybphy_id] >= 32) { 1662 byte_status[if_id][sybphy_id] = BYTE_SPLIT_OUT_MIX; 1663 >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1664 DEBUG_TRAINING_IP_ENGINE 1665 (DEBUG_LEVEL_TRACE, 1666 ("if_id %d sybphy_id %d byte state 0x%x\n", 1667 if_id, sybphy_id, byte_status[if_id][sybphy_id])); 1668 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1669 if (bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] == BIT_LOW_UI) { /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1641 in ddr3_tip_ip_training_wrapper() 1635 * check byte state and fix bits state if needed 1636 * in case the level 1 and 2 above subphy results are 1637 * homogeneous continue to the next subphy 1638 */ 1639 for (sybphy_id = 0; sybphy_id < octets_per_if_num; sybphy_id++) { 1640 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, sybphy_id); >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1641 if ((byte_status[if_id][sybphy_id] == BYTE_HOMOGENEOUS_LOW) || 1642 (byte_status[if_id][sybphy_id] == BYTE_HOMOGENEOUS_HIGH) || 1643 (byte_status[if_id][sybphy_id] == BYTE_HOMOGENEOUS_SPLIT_IN) || 1644 (byte_status[if_id][sybphy_id] == BYTE_HOMOGENEOUS_SPLIT_OUT) || 1645 (byte_status[if_id][sybphy_id] == BYTE_NOT_DEFINED)) 1646 continue; /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1503 in ddr3_tip_ip_training_wrapper() 1497 (DEBUG_LEVEL_INFO, 1498 ("if_id %d sybphy_id %d bit %d l2h 0x%x (e1 0x%x)" 1499 "h2l 0x%x (e2 0x%x): bit cannot be categorized\n", 1500 if_id, sybphy_id, bit_id, result[HWS_LOW2HIGH][0], e1, 1501 result[HWS_HIGH2LOW][0], e2)); 1502 /* mark the byte as not defined */ >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1503 byte_status[if_id][sybphy_id] = BYTE_NOT_DEFINED; 1504 break; /* continue to next pup - no reason to analyze this byte */ 1505 } 1506 } /* for all bits */ 1507 } /* for all PUPs */ 1508 /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1473 in ddr3_tip_ip_training_wrapper() 1467 if_id, sybphy_id, bit_id)); 1468 } 1469 /* high ui */ 1470 if (e1 >= 32 && e2 >= 32) { 1471 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1472 BIT_HIGH_UI; >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1473 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_HIGH; 1474 l2h_adll_value[sybphy_id][bit_id] = e1; 1475 h2l_adll_value[sybphy_id][bit_id] = e2; 1476 DEBUG_TRAINING_IP_ENGINE 1477 (DEBUG_LEVEL_TRACE, 1478 ("if_id %d sybphy_id %d bit %d BIT_HIGH_UI\n", /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1448 in ddr3_tip_ip_training_wrapper() 1442 if (direction == OPER_READ) { 1443 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_LOW; 1444 } else if ((e2 - e1) > 32) { /* oper_write */ 1445 /* split out */ 1446 bit_state[sybphy_id * BUS_WIDTH_IN_BITS + bit_id] = 1447 BIT_SPLIT_OUT; >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1448 byte_status[if_id][sybphy_id] |= BYTE_HOMOGENEOUS_SPLIT_OUT; 1449 /* mark problem bits */ 1450 bit_bit_mask[sybphy_id] |= (1 << bit_id); 1451 bit_bit_mask_active = 1; 1452 DEBUG_TRAINING_IP_ENGINE 1453 (DEBUG_LEVEL_TRACE, /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1412 in ddr3_tip_ip_training_wrapper() 1406 bit_end = BUS_WIDTH_IN_BITS; 1407 else 1408 bit_end = 0; 1409 1410 /* zero the data base */ 1411 bit_bit_mask[sybphy_id] = 0; >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1412 byte_status[if_id][sybphy_id] = BYTE_NOT_DEFINED; 1413 for (bit_id = 0; bit_id < bit_end; bit_id++) { 1414 h2l_adll_value[sybphy_id][bit_id] = 64; 1415 l2h_adll_value[sybphy_id][bit_id] = 0; 1416 for (search_dir_id = HWS_LOW2HIGH; search_dir_id <= HWS_HIGH2LOW; 1417 search_dir_id++) { /drivers/marvell/mv_ddr/ddr3_training_ip_engine.c: 1594 in ddr3_tip_ip_training_wrapper() 1588 * phase 3 will occur only in write operation 1589 * find the maximum and the minimum center of each subphy 1590 */ 1591 for (sybphy_id = 0; sybphy_id < octets_per_if_num; sybphy_id++) { 1592 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, sybphy_id); 1593 >>> CID 408732: (OVERRUN) >>> Overrunning array "byte_status[if_id]" of 9 bytes at byte offset 12 using index "sybphy_id" (which evaluates to 12). 1594 if ((byte_status[if_id][sybphy_id] != BYTE_NOT_DEFINED) && (direction == OPER_WRITE)) { 1595 /* clear the arrays and parameters */ 1596 center_subphy_adll_window[sybphy_id] = 0; 1597 max_center_subphy_adll[sybphy_id] = 0; 1598 min_center_subphy_adll[sybphy_id] = 64; 1599 /* find the max and min center adll value in the current subphy */ ** CID 408731: Uninitialized variables (UNINIT) ________________________________________________________________________________________________________ *** CID 408731: Uninitialized variables (UNINIT) /drivers/marvell/mv_ddr/ddr3_training_leveling.c: 777 in ddr3_tip_dynamic_per_bit_read_leveling() 771 for (if_id = 0; if_id <= MAX_INTERFACE_NUM - 1; if_id++) { 772 VALIDATE_IF_ACTIVE(tm->if_act_mask, if_id); 773 for (bus_num = 0; bus_num < octets_per_if_num; 774 bus_num++) { 775 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, bus_num); 776 if (per_bit_rl_pup_status[if_id][bus_num] == 1) >>> CID 408731: Uninitialized variables (UNINIT) >>> Using uninitialized value "data2_write[if_id][bus_num]" when calling "ddr3_tip_bus_write". 777 ddr3_tip_bus_write(dev_num, 778 ACCESS_TYPE_UNICAST, 779 if_id, 780 ACCESS_TYPE_UNICAST, 781 bus_num, DDR_PHY_DATA, 782 RL_PHY_REG(effective_cs), ** CID 408730: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_mpr_pda_if.c: 516 in mv_ddr4_dq_pins_mapping() /drivers/marvell/mv_ddr/mv_ddr4_mpr_pda_if.c: 508 in mv_ddr4_dq_pins_mapping() ________________________________________________________________________________________________________ *** CID 408730: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_mpr_pda_if.c: 516 in mv_ddr4_dq_pins_mapping() 510 } 511 512 /* stage 3: map dram dq to mc dq and update database */ 513 for (subphy_num = 0; subphy_num < subphy_max; subphy_num++) { 514 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy_num); 515 for (dq_num = 0; dq_num < BUS_WIDTH_IN_BITS; dq_num++) >>> CID 408730: (OVERRUN) >>> Overrunning array "dq_val" of 9 8-byte elements at element index 11 (byte offset 95) using index "subphy_num" (which evaluates to 11). 516 dram_to_mc_dq_map[subphy_num][7 - dq_val[subphy_num][dq_num]] = dq_num; 517 } 518 519 /* set dq_map_enable */ 520 dq_map_enable = 1; 521 /drivers/marvell/mv_ddr/mv_ddr4_mpr_pda_if.c: 508 in mv_ddr4_dq_pins_mapping() 502 /* extract pattern for each subphy */ 503 for (mpr_type = 0; mpr_type < MV_DDR4_MPR_READ_PATTERN_NUM; mpr_type++) 504 subphy_pattern[mpr_type] = ((mpr_pattern[mpr_type][2] >> (subphy_num * 8)) & 0xff); 505 506 for (dq_num = 0; dq_num < BUS_WIDTH_IN_BITS; dq_num++) 507 for (mpr_type = 0; mpr_type < MV_DDR4_MPR_READ_PATTERN_NUM; mpr_type++) >>> CID 408730: (OVERRUN) >>> Overrunning array "dq_val" of 9 8-byte elements at element index 11 (byte offset 95) using index "subphy_num" (which evaluates to 11). 508 dq_val[subphy_num][dq_num] += (((subphy_pattern[mpr_type] >> dq_num) & 1) * 509 (1 << mpr_type)); 510 } 511 512 /* stage 3: map dram dq to mc dq and update database */ 513 for (subphy_num = 0; subphy_num < subphy_max; subphy_num++) { ** CID 408729: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2228 in mv_ddr4_dm_tuning() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2225 in mv_ddr4_dm_tuning() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2222 in mv_ddr4_dm_tuning() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2200 in mv_ddr4_dm_tuning() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2223 in mv_ddr4_dm_tuning() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2205 in mv_ddr4_dm_tuning() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2226 in mv_ddr4_dm_tuning() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2229 in mv_ddr4_dm_tuning() ________________________________________________________________________________________________________ *** CID 408729: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2228 in mv_ddr4_dm_tuning() 2222 result[subphy][HWS_LOW2HIGH][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2223 result[subphy][HWS_HIGH2LOW][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2224 2225 if (result[subphy][HWS_LOW2HIGH][bit] > vw_sphy_lo_lmt[subphy]) 2226 vw_sphy_lo_lmt[subphy] = result[subphy][HWS_LOW2HIGH][bit]; 2227 >>> CID 408729: (OVERRUN) >>> Overrunning array "result" of 9 16-byte elements at element index 12 (byte offset 207) using index "subphy" (which evaluates to 12). 2228 if (result[subphy][HWS_HIGH2LOW][bit] < vw_sphy_hi_lmt[subphy]) 2229 vw_sphy_hi_lmt[subphy] = result[subphy][HWS_HIGH2LOW][bit]; 2230 } 2231 2232 DEBUG_DM_TUNING(DEBUG_LEVEL_INFO, 2233 ("loop %d, dm subphy %d, vw %d, %d\n", loop, subphy, /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2225 in mv_ddr4_dm_tuning() 2219 continue; 2220 2221 for (bit = 0; bit < BUS_WIDTH_IN_BITS; bit++) { 2222 result[subphy][HWS_LOW2HIGH][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2223 result[subphy][HWS_HIGH2LOW][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2224 >>> CID 408729: (OVERRUN) >>> Overrunning array "result" of 9 16-byte elements at element index 12 (byte offset 207) using index "subphy" (which evaluates to 12). 2225 if (result[subphy][HWS_LOW2HIGH][bit] > vw_sphy_lo_lmt[subphy]) 2226 vw_sphy_lo_lmt[subphy] = result[subphy][HWS_LOW2HIGH][bit]; 2227 2228 if (result[subphy][HWS_HIGH2LOW][bit] < vw_sphy_hi_lmt[subphy]) 2229 vw_sphy_hi_lmt[subphy] = result[subphy][HWS_HIGH2LOW][bit]; 2230 } /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2222 in mv_ddr4_dm_tuning() 2216 } 2217 2218 if (dm_status[subphy] == LOCKED) 2219 continue; 2220 2221 for (bit = 0; bit < BUS_WIDTH_IN_BITS; bit++) { >>> CID 408729: (OVERRUN) >>> Overrunning array "result" of 9 16-byte elements at element index 12 (byte offset 207) using index "subphy" (which evaluates to 12). 2222 result[subphy][HWS_LOW2HIGH][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2223 result[subphy][HWS_HIGH2LOW][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2224 2225 if (result[subphy][HWS_LOW2HIGH][bit] > vw_sphy_lo_lmt[subphy]) 2226 vw_sphy_lo_lmt[subphy] = result[subphy][HWS_LOW2HIGH][bit]; 2227 /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2200 in mv_ddr4_dm_tuning() 2194 for (subphy = 0; subphy < subphy_max; subphy++) { 2195 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy); 2196 ddr3_tip_bus_write(0, ACCESS_TYPE_UNICAST, 0, ACCESS_TYPE_UNICAST, subphy, DDR_PHY_DATA, 2197 CTX_PHY_REG(cs), ctx_vector[subphy]); 2198 2199 for (search_dir = HWS_LOW2HIGH; search_dir <= HWS_HIGH2LOW; search_dir++) { >>> CID 408729: (OVERRUN) >>> "&result[subphy][search_dir]" evaluates to an address that is at byte offset 192 of an array of 144 bytes. 2200 ddr3_tip_read_training_result(0, 0, ACCESS_TYPE_UNICAST, subphy, 2201 ALL_BITS_PER_PUP, search_dir, dir, result_type, 2202 TRAINING_LOAD_OPERATION_UNLOAD, CS_SINGLE, 2203 &(result[subphy][search_dir]), 2204 1, 0, 0); 2205 DEBUG_DM_TUNING(DEBUG_LEVEL_INFO, /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2223 in mv_ddr4_dm_tuning() 2217 2218 if (dm_status[subphy] == LOCKED) 2219 continue; 2220 2221 for (bit = 0; bit < BUS_WIDTH_IN_BITS; bit++) { 2222 result[subphy][HWS_LOW2HIGH][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; >>> CID 408729: (OVERRUN) >>> Overrunning array "result" of 9 16-byte elements at element index 12 (byte offset 207) using index "subphy" (which evaluates to 12). 2223 result[subphy][HWS_HIGH2LOW][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2224 2225 if (result[subphy][HWS_LOW2HIGH][bit] > vw_sphy_lo_lmt[subphy]) 2226 vw_sphy_lo_lmt[subphy] = result[subphy][HWS_LOW2HIGH][bit]; 2227 2228 if (result[subphy][HWS_HIGH2LOW][bit] < vw_sphy_hi_lmt[subphy]) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2205 in mv_ddr4_dm_tuning() 2199 for (search_dir = HWS_LOW2HIGH; search_dir <= HWS_HIGH2LOW; search_dir++) { 2200 ddr3_tip_read_training_result(0, 0, ACCESS_TYPE_UNICAST, subphy, 2201 ALL_BITS_PER_PUP, search_dir, dir, result_type, 2202 TRAINING_LOAD_OPERATION_UNLOAD, CS_SINGLE, 2203 &(result[subphy][search_dir]), 2204 1, 0, 0); >>> CID 408729: (OVERRUN) >>> Overrunning array "result" of 9 16-byte elements at element index 12 (byte offset 207) using index "subphy" (which evaluates to 12). 2205 DEBUG_DM_TUNING(DEBUG_LEVEL_INFO, 2206 ("dm cs %d if %d subphy %d result: 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x 0x%x\n", 2207 cs, 0, subphy, 2208 result[subphy][search_dir][0], 2209 result[subphy][search_dir][1], 2210 result[subphy][search_dir][2], /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2226 in mv_ddr4_dm_tuning() 2220 2221 for (bit = 0; bit < BUS_WIDTH_IN_BITS; bit++) { 2222 result[subphy][HWS_LOW2HIGH][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2223 result[subphy][HWS_HIGH2LOW][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2224 2225 if (result[subphy][HWS_LOW2HIGH][bit] > vw_sphy_lo_lmt[subphy]) >>> CID 408729: (OVERRUN) >>> Overrunning array "result" of 9 16-byte elements at element index 12 (byte offset 207) using index "subphy" (which evaluates to 12). 2226 vw_sphy_lo_lmt[subphy] = result[subphy][HWS_LOW2HIGH][bit]; 2227 2228 if (result[subphy][HWS_HIGH2LOW][bit] < vw_sphy_hi_lmt[subphy]) 2229 vw_sphy_hi_lmt[subphy] = result[subphy][HWS_HIGH2LOW][bit]; 2230 } 2231 /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 2229 in mv_ddr4_dm_tuning() 2223 result[subphy][HWS_HIGH2LOW][bit] &= LEAST_SIGNIFICANT_BYTE_MASK; 2224 2225 if (result[subphy][HWS_LOW2HIGH][bit] > vw_sphy_lo_lmt[subphy]) 2226 vw_sphy_lo_lmt[subphy] = result[subphy][HWS_LOW2HIGH][bit]; 2227 2228 if (result[subphy][HWS_HIGH2LOW][bit] < vw_sphy_hi_lmt[subphy]) >>> CID 408729: (OVERRUN) >>> Overrunning array "result" of 9 16-byte elements at element index 12 (byte offset 207) using index "subphy" (which evaluates to 12). 2229 vw_sphy_hi_lmt[subphy] = result[subphy][HWS_HIGH2LOW][bit]; 2230 } 2231 2232 DEBUG_DM_TUNING(DEBUG_LEVEL_INFO, 2233 ("loop %d, dm subphy %d, vw %d, %d\n", loop, subphy, 2234 vw_sphy_lo_lmt[subphy], vw_sphy_hi_lmt[subphy])); ** CID 408728: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 606 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 412 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 605 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 370 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 291 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 285 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 648 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 440 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 332 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 677 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 394 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 554 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 517 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 487 in ddr3_tip_vref() /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 376 in ddr3_tip_vref() ________________________________________________________________________________________________________ *** CID 408728: (OVERRUN) /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 606 in ddr3_tip_vref() 600 vref_map[currrent_vref], 601 __LINE__)); 602 } 603 } else { 604 /* we change state and change step */ 605 if (pup_st[pup][if_id] == VREF_STEP_1) { >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 606 pup_st[pup][if_id] = 607 VREF_STEP_2; 608 lim_vref[pup][if_id] = 609 current_vref[pup] 610 [if_id] - initial_step; 611 last_valid_window[pup] /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 412 in ddr3_tip_vref() 406 * better Vref value 407 * define the pup as 408 * converge and step 409 * back to nominal 410 * Vref. 411 */ >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 412 pup_st[pup] 413 [if_id] = 414 VREF_CONVERGE; 415 algo_run_flag++; 416 interface_state 417 [if_id]++; /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 605 in ddr3_tip_vref() 599 (val & (~0xf)) | 600 vref_map[currrent_vref], 601 __LINE__)); 602 } 603 } else { 604 /* we change state and change step */ >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 605 if (pup_st[pup][if_id] == VREF_STEP_1) { 606 pup_st[pup][if_id] = 607 VREF_STEP_2; 608 lim_vref[pup][if_id] = 609 current_vref[pup] 610 [if_id] - initial_step; /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 370 in ddr3_tip_vref() 364 /* Compare results and respond as function of state */ 365 for (if_id = 0; if_id < MAX_INTERFACE_NUM; if_id++) { 366 VALIDATE_IF_ACTIVE(tm->if_act_mask, if_id); 367 for (pup = 0; 368 pup < octets_per_if_num; pup++) { 369 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, pup); >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 370 DEBUG_TRAINING_HW_ALG(DEBUG_LEVEL_TRACE, 371 ("I/F[ %d ], pup[ %d ] STATE #%d (%d)\n", 372 if_id, pup, 373 pup_st[pup] 374 [if_id], __LINE__)); 375 /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 291 in ddr3_tip_vref() 285 pup_st[pup][if_id] = VREF_CONVERGE; 286 DEBUG_TRAINING_HW_ALG( 287 DEBUG_LEVEL_INFO, 288 ("VREF config, IF[ %d ]pup[ %d ] - Vref tune not requered (%d)\n", 289 if_id, pup, __LINE__)); 290 } else { >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 291 pup_st[pup][if_id] = VREF_STEP_1; 292 CHECK_STATUS(ddr3_tip_bus_read 293 (dev_num, if_id, 294 ACCESS_TYPE_UNICAST, pup, 295 DDR_PHY_DATA, reg_addr, &val)); 296 CHECK_STATUS(ddr3_tip_bus_write /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 285 in ddr3_tip_vref() 279 last_vref[pup][if_id] = 0; 280 lim_vref[pup][if_id] = 0; 281 current_valid_window[pup][if_id] = 0; 282 last_valid_window[pup][if_id] = 0; 283 if (vref_window_size[if_id][pup] > 284 vref_window_size_th) { >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 285 pup_st[pup][if_id] = VREF_CONVERGE; 286 DEBUG_TRAINING_HW_ALG( 287 DEBUG_LEVEL_INFO, 288 ("VREF config, IF[ %d ]pup[ %d ] - Vref tune not requered (%d)\n", 289 if_id, pup, __LINE__)); 290 } else { /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 648 in ddr3_tip_vref() 642 if_id, pup, 643 (val & (~0xf)) | 644 vref_map[current_vref[pup] 645 [if_id]], 646 __LINE__)); 647 >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 648 } else if (pup_st[pup][if_id] == VREF_STEP_2) { 649 /* 650 * The last search was the max 651 * point set value and exit 652 */ 653 CHECK_STATUS /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 440 in ddr3_tip_vref() 434 : (current_vref[pup] 435 [if_id] + 436 initial_step); 437 if (current_vref[pup] 438 [if_id] == 439 VREF_MAX_INDEX) { >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 440 pup_st[pup] 441 [if_id] 442 = 443 VREF_STEP_2; 444 } 445 lim_vref[pup] /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 332 in ddr3_tip_vref() 326 get_valid_win_rx(dev_num, if_id, res); 327 for (pup = 0; 328 pup < octets_per_if_num; 329 pup++) { 330 VALIDATE_BUS_ACTIVE 331 (tm->bus_act_mask, pup); >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 332 if (pup_st[pup] 333 [if_id] == 334 VREF_CONVERGE) 335 continue; 336 337 current_valid_window[pup] /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 677 in ddr3_tip_vref() 671 ("VREF config, IF[ %d ]pup[ %d ] - Vref = %X (%d)\n", 672 if_id, pup, 673 (val & (~0xf)) | 674 vref_map[last_vref[pup] 675 [if_id]], 676 __LINE__)); >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 677 pup_st[pup][if_id] = 678 VREF_CONVERGE; 679 algo_run_flag++; 680 interface_state[if_id]++; 681 DEBUG_TRAINING_HW_ALG 682 (DEBUG_LEVEL_TRACE, /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 394 in ddr3_tip_vref() 388 /* 389 * The -1 is for solution resolution +/- 1 tap 390 * of ADLL 391 */ 392 if (current_valid_window[pup][if_id] + 200 >= 393 (last_valid_window[pup][if_id])) { >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 394 if (pup_st[pup][if_id] == VREF_STEP_1) { 395 /* 396 * We stay in the same state and 397 * step just update the window 398 * size (take the max) and Vref 399 */ /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 554 in ddr3_tip_vref() 548 * better Vref value 549 * define the pup as 550 * converge and step 551 * back to nominal 552 * Vref. 553 */ >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 554 pup_st[pup] 555 [if_id] = 556 VREF_CONVERGE; 557 558 algo_run_flag++; 559 interface_state /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 517 in ddr3_tip_vref() 511 * better Vref value 512 * define the pup as 513 * converge and step 514 * back to nominal 515 * Vref. 516 */ >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 517 pup_st[pup] 518 [if_id] = 519 VREF_CONVERGE; 520 algo_run_flag++; 521 522 interface_state /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 487 in ddr3_tip_vref() 481 (DEBUG_LEVEL_TRACE, 482 ("VREF config, IF[ %d ]pup[ %d ] - Vref = %X (%d)\n", 483 if_id, pup, 484 (val & (~0xf)) | 485 vref_map[currrent_vref], 486 __LINE__)); >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 487 } else if (pup_st[pup][if_id] 488 == VREF_STEP_2) { 489 /* 490 * We keep on search back with 491 * the same step size. 492 */ /drivers/marvell/mv_ddr/ddr3_training_hw_algo.c: 376 in ddr3_tip_vref() 370 DEBUG_TRAINING_HW_ALG(DEBUG_LEVEL_TRACE, 371 ("I/F[ %d ], pup[ %d ] STATE #%d (%d)\n", 372 if_id, pup, 373 pup_st[pup] 374 [if_id], __LINE__)); 375 >>> CID 408728: (OVERRUN) >>> Overrunning array "pup_st" of 9 bytes at byte offset 12 using index "pup" (which evaluates to 12). 376 if (pup_st[pup][if_id] == VREF_CONVERGE) 377 continue; 378 379 DEBUG_TRAINING_HW_ALG(DEBUG_LEVEL_TRACE, 380 ("I/F[ %d ], pup[ %d ] CHECK progress - Current %d Last %d, limit VREF %d (%d)\n", 381 if_id, pup, ** CID 408727: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/marvell/mv_ddr/drivers/snps/snps_update.c: 660 in dmem_1d_2d_rtt_nom_wr_park_get() ________________________________________________________________________________________________________ *** CID 408727: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/marvell/mv_ddr/drivers/snps/snps_update.c: 660 in dmem_1d_2d_rtt_nom_wr_park_get() 654 u16 ret_val = 0; 655 u16 rtt_park, rtt_nom, rtt_wr; 656 657 rtt_nom = mv_ddr_rtt_nom_get(); 658 rtt_park = mv_ddr_rtt_park_get(); 659 rtt_wr = mv_ddr_rtt_wr_get(); >>> CID 408727: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "rtt_nom != 4294967295U" is always true regardless of the values of its operands. This occurs as the logical first operand of "&&". 660 if (rtt_nom != PARAM_UNDEFINED && rtt_park != PARAM_UNDEFINED && rtt_wr != PARAM_UNDEFINED) { 661 ret_val = (rtt_nom & RTT_NOM_WR_PARK0_RTT_NOM_MR1_MASK) << RTT_NOM_WR_PARK0_RTT_NOM_MR1_OFFS; 662 ret_val |= (rtt_park & RTT_NOM_WR_PARK0_RTT_PARK_MR5_MASK) << RTT_NOM_WR_PARK0_RTT_PARK_MR5_OFFS; 663 ret_val |= (rtt_wr & RTT_NOM_WR_PARK0_RTT_WR_MR2_MASK) << RTT_NOM_WR_PARK0_RTT_WR_MR2_OFFS; 664 ret_val |= RTT_NOM_WR_PARK0_EN_VAL; 665 } ** CID 408726: Data race undermines locking (LOCK_EVASION) /plat/mediatek/common/lpm/mt_lp_rq.c: 152 in mt_lp_rq_get_status() ________________________________________________________________________________________________________ *** CID 408726: Data race undermines locking (LOCK_EVASION) /plat/mediatek/common/lpm/mt_lp_rq.c: 152 in mt_lp_rq_get_status() 146 for (i = 0; i < plat_mt_rqm.resource_num; i++) { 147 update_sta |= ((rs[i]->res_usage & plat_mt_rqm.user_valid) != 0) ? 148 rs[i]->res_rq : 0; 149 } 150 151 plat_mt_rqm.generic_resource_req = update_sta; >>> CID 408726: Data race undermines locking (LOCK_EVASION) >>> Thread1 sets "flag" to a new value. Now the two threads have an inconsistent view of "flag" and updates to fields correlated with "flag" may be lost. 152 plat_mt_rqm.flag = MT_LP_RQ_FLAG_DONE; 153 spin_unlock(&mt_lp_rq_lock); 154 } 155 156 switch (type) { 157 case PLAT_RQ_REQ_USAGE: ** CID 408725: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 350 in mv_ddr4_dq_vref_calibration() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 370 in mv_ddr4_dq_vref_calibration() /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 369 in mv_ddr4_dq_vref_calibration() ________________________________________________________________________________________________________ *** CID 408725: (OVERRUN) /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 350 in mv_ddr4_dq_vref_calibration() 344 valid_vref_cnt[if_id][subphy_num], 345 &center_vref[if_id][subphy_num], 346 &center_adll[if_id][subphy_num]); 347 if (status != MV_OK) 348 return status; 349 >>> CID 408725: (OVERRUN) >>> Overrunning array "center_vref[if_id]" of 9 bytes at byte offset 12 using index "subphy_num" (which evaluates to 12). 350 DEBUG_CALIBRATION(DEBUG_LEVEL_INFO, 351 ("center of mass results: vref %d, adll %d\n", 352 center_vref[if_id][subphy_num], center_adll[if_id][subphy_num])); 353 } else { 354 DEBUG_CALIBRATION(DEBUG_LEVEL_ERROR, 355 ("%s subphy %d no vref results to calculate the center of mass\n", /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 340 in mv_ddr4_dq_vref_calibration() 334 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy_num); 335 DEBUG_CALIBRATION(DEBUG_LEVEL_INFO, 336 ("calculating center of mass for subphy %d, valid window size %d\n", 337 subphy_num, valid_win_size[if_id][subphy_num])); 338 if (valid_vref_cnt[if_id][subphy_num] > 0) { 339 /* calculate center of mass sampling point (t, v) for each subphy */ >>> CID 408725: (OVERRUN) >>> Overrunning array of 9 bytes at byte offset 12 by dereferencing pointer "&center_vref[if_id][subphy_num]". 340 status = mv_ddr4_center_of_mass_calc(dev_num, if_id, subphy_num, TX_DIR, 341 dq_vref_start_win[if_id][subphy_num], 342 dq_vref_end_win[if_id][subphy_num], 343 valid_vref_ptr[if_id][subphy_num], 344 valid_vref_cnt[if_id][subphy_num], 345 &center_vref[if_id][subphy_num], /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 370 in mv_ddr4_dq_vref_calibration() 364 VALIDATE_IF_ACTIVE(tm->if_act_mask, if_id); 365 vref_avg = 0; 366 vref_subphy_num = 0; 367 for (subphy_num = 0; subphy_num < subphy_max; subphy_num++) { 368 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy_num); 369 vref_avg += center_vref[if_id][subphy_num]; >>> CID 408725: (OVERRUN) >>> Overrunning array "center_vref[if_id]" of 9 bytes at byte offset 12 using index "subphy_num" (which evaluates to 12). 370 dq_vref_vec[subphy_num] = center_vref[if_id][subphy_num]; 371 vref_subphy_num++; 372 } 373 374 mv_ddr4_vref_tap_set(dev_num, if_id, ACCESS_TYPE_UNICAST, 375 vref_avg / vref_subphy_num, MV_DDR4_VREF_TAP_START); /drivers/marvell/mv_ddr/mv_ddr4_training_calibration.c: 369 in mv_ddr4_dq_vref_calibration() 363 for (if_id = 0; if_id < MAX_INTERFACE_NUM; if_id++) { 364 VALIDATE_IF_ACTIVE(tm->if_act_mask, if_id); 365 vref_avg = 0; 366 vref_subphy_num = 0; 367 for (subphy_num = 0; subphy_num < subphy_max; subphy_num++) { 368 VALIDATE_BUS_ACTIVE(tm->bus_act_mask, subphy_num); >>> CID 408725: (OVERRUN) >>> Overrunning array "center_vref[if_id]" of 9 bytes at byte offset 12 using index "subphy_num" (which evaluates to 12). 369 vref_avg += center_vref[if_id][subphy_num]; 370 dq_vref_vec[subphy_num] = center_vref[if_id][subphy_num]; 371 vref_subphy_num++; 372 } 373 374 mv_ddr4_vref_tap_set(dev_num, if_id, ACCESS_TYPE_UNICAST, ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

2 years, 1 month

1
0
0 0

We cannot force Arm features for platforms

by Marcin Juszkiewicz

TL;DR: move Mandatory features to be runtime checked (value 2) Month ago there was changeset from Govindraj Raja merged [1]. The plan was to enable all mandatory features based on architecture version set by plaform (using ARM_ARCH_{MAJOR,MINOR} variables). 1. https://review.trustedfirmware.org/q/topic:%22gr/build_refactor%22 The idea is nice. But only for final products. If you are working on silicon bring up or on virtualization platform (QEMU or other) then you got hit badly... I am working on SBSA Reference Platform in QEMU. It can have one of several cpu models. From old v8.0 cores up to v9.0 ones. And then there is also 'max' core which cannot be mapped to any architecture level because it contains all Arm cpu features QEMU can emulate. We need to support all of them in one TF-A binary. Whenever something fails we have some cpu cores in non-bootable state. We had to enable FGT to get 'max' boot Linux. Now we have to move DIT to be runtime checked to boot anything below Neoverse-V1 at all. And HCX to get 'max' boot Linux again. At current state of TF-A we cannot handle it. Toplevel Makefile includes platform.mk which sets ARM_ARCH_{MAJOR,MINOR} and then make_helpers/arch_features.mk enables mandatory options by setting them to value "1" which means "present, no need to check". Due to this we have those changes in Gerrit: DIT: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/24870 TRF: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23648 And instead of sending another one to switch FGT, RNG and HCX I decided to write this email. I have spent half of day today bisecting TF-A, booting several tools and operating systems to check how we are and where the problem is. Still have to get Neoverse-N2 booting properly but other than then I got to the point where all cpu cores boot into Linux. We need to change make_helpers/arch_features.mk to stop enabling mandatory features as "present, no need to check" (value '1') but to use runtime check (value '2') instead. This way any platform which contains CPU not yet fully developed can boot TF-A. Or platform where one firmware can boot different cpu models. I am sorry that I bring it so late in release cycle but was unable to use computer for a development for some time.

2 years, 1 month

5
8
0 0

Stack usage

by kbhuvanacbe＠gmail.com

We have executed below command on terminal to get stack size using ARMCLANG compiler. but we are getting "undefined symbol". armclang --target=arm-arm-none-eabi -march=armv8-a -c -g file.c -o file.o armlink file.o --info=stack armlink file.o --callgraph -o FileImage.axf Could anyone answer me that how to get stack size using ARMCLANG compiler for TFA code.

2 years, 1 month

3
10
0 0

Canceled event with note: TF-A Tech Forum @ Thu Nov 16, 2023 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling this week as no topic. Thanks & Regards, Olivier." TF-A Tech Forum Thursday Nov 16, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

2 years, 1 month

1
0
0 0

Trusted Firmware-A LTS v2.8.11 Release Announcement

by Varun Wadekar

Hello, Trusted Firmware-A LTS version 2.8.11 is now available. This release contains the workarounds for CPU errata, platform errata, and fixes for Versal/Versal-NET security vulnerabilities. The complete list of changes can be found here<https://ci-builds.trustedfirmware.org/static-files/NdY070C96xYcXq0KeqQzbFaI…>. Thanks.

2 years, 1 month

1
0
0 0

Changelog for v2.10 Release

by Juan Pablo Conde

Hello everyone, Please take a look at the changelog for your respective platforms ahead of the TF-A v2.10 release. The changelog is autogenerated from the commit messages of the patches that have been merged since the v2.9 release. Here's your chance to give us guidance on any small manual adjustments you would like to see. Patch: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/24865 Rendered Version: https://ci-builds.trustedfirmware.org/static-files/cUYrGRM_T04eS_lYaTNfWT13… Thanks, Juan Pablo

2 years, 1 month

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 405370: Memory - illegal accesses (OVERRUN) /lib/psci/psci_stat.c: 210 in psci_get_stat() ________________________________________________________________________________________________________ *** CID 405370: Memory - illegal accesses (OVERRUN) /lib/psci/psci_stat.c: 210 in psci_get_stat() 204 /* Get the index into the stats array */ 205 local_state = state_info.pwr_domain_state[pwrlvl]; 206 stat_idx = get_stat_idx(local_state, pwrlvl); 207 208 if (pwrlvl > PSCI_CPU_PWR_LVL) { 209 /* Get the power domain index */ >>> CID 405370: Memory - illegal accesses (OVERRUN) >>> Overrunning array "psci_cpu_pd_nodes" of 16 16-byte elements at element index 4294967295 (byte offset 68719476735) using index "target_idx" (which evaluates to 4294967295). 210 parent_idx = SPECULATION_SAFE_VALUE(psci_cpu_pd_nodes[target_idx].parent_node); 211 for (lvl = PSCI_CPU_PWR_LVL + 1U; lvl < pwrlvl; lvl++) 212 parent_idx = SPECULATION_SAFE_VALUE(psci_non_cpu_pd_nodes[parent_idx].parent_node); 213 214 /* Get the non cpu power domain stats */ 215 *psci_stat = psci_non_cpu_stat[parent_idx][stat_idx]; ** CID 405369: Memory - illegal accesses (OVERRUN) /lib/psci/psci_stat.c: 218 in psci_get_stat() ________________________________________________________________________________________________________ *** CID 405369: Memory - illegal accesses (OVERRUN) /lib/psci/psci_stat.c: 218 in psci_get_stat() 212 parent_idx = SPECULATION_SAFE_VALUE(psci_non_cpu_pd_nodes[parent_idx].parent_node); 213 214 /* Get the non cpu power domain stats */ 215 *psci_stat = psci_non_cpu_stat[parent_idx][stat_idx]; 216 } else { 217 /* Get the cpu power domain stats */ >>> CID 405369: Memory - illegal accesses (OVERRUN) >>> Overrunning array "psci_cpu_stat" of 16 32-byte elements at element index 4294967295 (byte offset 137438953471) using index "target_idx" (which evaluates to 4294967295). 218 *psci_stat = psci_cpu_stat[target_idx][stat_idx]; 219 } 220 221 return PSCI_E_SUCCESS; 222 } 223 ** CID 405368: (NEGATIVE_RETURNS) /lib/psci/psci_stat.c: 210 in psci_get_stat() /lib/psci/psci_stat.c: 218 in psci_get_stat() ________________________________________________________________________________________________________ *** CID 405368: (NEGATIVE_RETURNS) /lib/psci/psci_stat.c: 210 in psci_get_stat() 204 /* Get the index into the stats array */ 205 local_state = state_info.pwr_domain_state[pwrlvl]; 206 stat_idx = get_stat_idx(local_state, pwrlvl); 207 208 if (pwrlvl > PSCI_CPU_PWR_LVL) { 209 /* Get the power domain index */ >>> CID 405368: (NEGATIVE_RETURNS) >>> Using variable "target_idx" as an index to array "psci_cpu_pd_nodes". 210 parent_idx = SPECULATION_SAFE_VALUE(psci_cpu_pd_nodes[target_idx].parent_node); 211 for (lvl = PSCI_CPU_PWR_LVL + 1U; lvl < pwrlvl; lvl++) 212 parent_idx = SPECULATION_SAFE_VALUE(psci_non_cpu_pd_nodes[parent_idx].parent_node); 213 214 /* Get the non cpu power domain stats */ 215 *psci_stat = psci_non_cpu_stat[parent_idx][stat_idx]; /lib/psci/psci_stat.c: 218 in psci_get_stat() 212 parent_idx = SPECULATION_SAFE_VALUE(psci_non_cpu_pd_nodes[parent_idx].parent_node); 213 214 /* Get the non cpu power domain stats */ 215 *psci_stat = psci_non_cpu_stat[parent_idx][stat_idx]; 216 } else { 217 /* Get the cpu power domain stats */ >>> CID 405368: (NEGATIVE_RETURNS) >>> Using variable "target_idx" as an index to array "psci_cpu_stat". 218 *psci_stat = psci_cpu_stat[target_idx][stat_idx]; 219 } 220 221 return PSCI_E_SUCCESS; 222 } 223 ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

2 years, 1 month

1
0
0 0

Minor update to Platform ports requirements

by Govindraj Raja

Hi All / Platform owners, There is a minor update to Platform ports requirements based on patches merged recently. https://trustedfirmware-a.readthedocs.io/en/latest/porting-guide.html#build… So please use correct ARM_ARCH_MAJOR and ARM_ARCH_MINOR from platform makefile or from build options to utilize the 'arch_features.mk' to enable all mandatory features by default. Enabling of optional features remain unchanged and based on availability and need can be enabled from platform makefile. Some of platform port convert examples are as below: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23463/20/pla… https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23670/21/pla… -- Thanks, Govindraj.R & Manish Pandey

2 years, 1 month

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Nov 2, 2023 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, The TF-A Tech Forum is cancelled this week as no topic planned. Regards, Olivier." TF-A Tech Forum Thursday Nov 2, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

2 years, 1 month

1
0
0 0

TF-A Hang on NXP i.MX 8M Plus QuadLite

by Marcel Ziswiler

Hi there We recently got our first batch of i.MX 8M Plus QuadLite based SoMs. While NXP downstream works just fine on them they just hang booting with latest upstream U-Boot (and TF-A). Replacing TF-A with the downstream NXP one made upstream U-Boot work as well. Further debugging TF-A showed imx_gpc_pm_domain_enable() to be the culprit. Looking more specifically I discovered the following so far downstream-only commit [1]. So it looks like in downstream NXP is limiting the to-be-enabled power management domains to HSIOMIX, USB1_PHY and USB2_PHY. Anybody knows why exactly this is done and why this got never upstreamed? Thank you very much for any insights into this matter. [1] https://github.com/nxp-imx/imx-atf/commit/47759cfca10b2286a218062915d4a2808… Cheers Marcel

2 years, 1 month

1
0
0 0

Suspend to RAM support for K3 J7200

by Thomas Richard

Hello, I just sent a series to gerrit: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23992. I'm writing this email to add more context to this series, as I didn't find how to to it with gerrit. This series is only the TF-A part to add suspend to RAM support for the TI K3 J7200 target. Some modifications are also needed in Linux kernel, U-Boot (R5 SPL) and DM-Firmware. During the suspend sequence, TF-A save itself in DRAM, in a reserved memory region dedicated to lpm. TF-A will be restored by R5 SPL. We need to save it in DRAM (which will be in retention mode during suspend) because as it runs in SRAM, it will be lost once the SOC is powered-off by the PMIC. Best Regards, -- Thomas Richard, Bootlin Embedded Linux and Kernel engineering https://bootlin.com

2 years, 1 month

4
3
0 0

Trusted Firmware-A LTS v2.8.10 Release Announcement

by Yann GAUTIER - foss

Hello, Trusted Firmware-A LTS version 2.8.10 is now available. This release contains the support for MbedTLS v2.28.5, and documentation updates. The complete list can be found here<https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.10/change-log.html>. Thanks.

2 years, 1 month

1
0
0 0

TF-A Tech Forum on Oct 19th 2023

by Olivier Deprez

Hi, For the TF-A Tech forum on Oct, 19th Manish Badarkhe from Arm TF-A team will present: Migration to PSA Crypto API Agenda: Existing Crypto Mechanism - using legacy Crypto API What is PSA? Design of PSA Crypto API Use of PSA Crypto API in TF-A PSA Crypto API verification using CI Future Scope: MbedTLS with PSA Crypto driver Regards, Olivier. ________________________________________ From: Trusted Firmware Public Meetings Sent: 14 June 2020 19:21 To: Trusted Firmware Public Meetings; tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Invitation: TF-A Tech Forum @ Every 2 weeks from 16:00 to 17:00 on Thursday (BST) (tf-a(a)lists.trustedfirmware.org) When: 19 October 2023 17:00-18:00. Where: You have been invited to the following event. TF-A Tech Forum When Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time Calendar tf-a(a)lists.trustedfirmware.org Who • Bill Fletcher- creator • tf-a(a)lists.trustedfirmware.org more details »<https://www.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1cTJrM…> We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/<https://www.google.com/url?q=https%3A%2F%2Fwww.trustedfirmware.org%2Fmeetin…> Trusted Firmware is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/9159704974<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fj%2F9159704974&sa=D&us…> Meeting ID: 915 970 4974 One tap mobile +16465588656,,9159704974# US (New York) +16699009128,,9159704974# US (San Jose) Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-free Meeting ID: 915 970 4974 Find your local number: https://zoom.us/u/ad27hc6t7h<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2Fad27hc6t7h&sa=D&us…> Going (tf-a(a)lists.trustedfirmware.org)? All events in this series: Yes<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> - Maybe<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> - No<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> more options »<https://www.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1cTJrM…> Invitation from Google Calendar<https://www.google.com/calendar/> You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more<https://support.google.com/calendar/answer/37135#forwarding>.

2 years, 2 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-A