Re: [PATCH 2/2] hw: move timer_new from init() into realize() to avoid memleaks
On 2/15/20 9:37 AM, pannengy...@huawei.com wrote:
From: Pan Nengyuan
There are some memleaks when we call 'device_list_properties'. This patch move
timer_new from init into realize to fix it.
Meanwhile, do the null check in mos6522_reset() to avoid null deref if we move
timer_new into realize().
Reported-by: Euler Robot
Signed-off-by: Pan Nengyuan
---
hw/arm/pxa2xx.c| 17 +++--
hw/arm/spitz.c | 8 +++-
hw/arm/strongarm.c | 18 --
hw/misc/mos6522.c | 14 --
hw/timer/cadence_ttc.c | 16 +++-
5 files changed, 53 insertions(+), 20 deletions(-)
diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c
index b33f8f1351..56a36202d7 100644
--- a/hw/arm/pxa2xx.c
+++ b/hw/arm/pxa2xx.c
@@ -1134,18 +1134,22 @@ static void pxa2xx_rtc_init(Object *obj)
s->last_rtcpicr = 0;
s->last_hz = s->last_sw = s->last_pi = qemu_clock_get_ms(rtc_clock);
+sysbus_init_irq(dev, >rtc_irq);
+
+memory_region_init_io(>iomem, obj, _rtc_ops, s,
+ "pxa2xx-rtc", 0x1);
+sysbus_init_mmio(dev, >iomem);
+}
+
+static void pxa2xx_rtc_realize(DeviceState *dev, Error **errp)
+{
+PXA2xxRTCState *s = PXA2XX_RTC(dev);
s->rtc_hz= timer_new_ms(rtc_clock, pxa2xx_rtc_hz_tick,s);
s->rtc_rdal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal1_tick, s);
s->rtc_rdal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal2_tick, s);
s->rtc_swal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal1_tick, s);
s->rtc_swal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal2_tick, s);
s->rtc_pi= timer_new_ms(rtc_clock, pxa2xx_rtc_pi_tick,s);
-
-sysbus_init_irq(dev, >rtc_irq);
-
-memory_region_init_io(>iomem, obj, _rtc_ops, s,
- "pxa2xx-rtc", 0x1);
-sysbus_init_mmio(dev, >iomem);
}
static int pxa2xx_rtc_pre_save(void *opaque)
@@ -1203,6 +1207,7 @@ static void pxa2xx_rtc_sysbus_class_init(ObjectClass
*klass, void *data)
dc->desc = "PXA2xx RTC Controller";
dc->vmsd = _pxa2xx_rtc_regs;
+dc->realize = pxa2xx_rtc_realize;
}
static const TypeInfo pxa2xx_rtc_sysbus_info = {
diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c
index e001088103..cbfa6934cf 100644
--- a/hw/arm/spitz.c
+++ b/hw/arm/spitz.c
@@ -524,11 +524,16 @@ static void spitz_keyboard_init(Object *obj)
spitz_keyboard_pre_map(s);
-s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
qdev_init_gpio_in(dev, spitz_keyboard_strobe, SPITZ_KEY_STROBE_NUM);
qdev_init_gpio_out(dev, s->sense, SPITZ_KEY_SENSE_NUM);
}
+static void spitz_keyboard_realize(DeviceState *dev, Error **errp)
+{
+SpitzKeyboardState *s = SPITZ_KEYBOARD(dev);
+s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
+}
+
/* LCD backlight controller */
#define LCDTG_RESCTL 0x00
@@ -1115,6 +1120,7 @@ static void spitz_keyboard_class_init(ObjectClass *klass,
void *data)
DeviceClass *dc = DEVICE_CLASS(klass);
dc->vmsd = _spitz_kbd;
+dc->realize = spitz_keyboard_realize;
}
static const TypeInfo spitz_keyboard_info = {
diff --git a/hw/arm/strongarm.c b/hw/arm/strongarm.c
index cd8a99aaf2..3010d765bb 100644
--- a/hw/arm/strongarm.c
+++ b/hw/arm/strongarm.c
@@ -399,9 +399,6 @@ static void strongarm_rtc_init(Object *obj)
s->last_rcnr = (uint32_t) mktimegm();
s->last_hz = qemu_clock_get_ms(rtc_clock);
-s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
-s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
-
sysbus_init_irq(dev, >rtc_irq);
sysbus_init_irq(dev, >rtc_hz_irq);
@@ -410,6 +407,13 @@ static void strongarm_rtc_init(Object *obj)
sysbus_init_mmio(dev, >iomem);
}
+static void strongarm_rtc_realize(DeviceState *dev, Error **errp)
+{
+StrongARMRTCState *s = STRONGARM_RTC(dev);
+s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
+s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
+}
+
static int strongarm_rtc_pre_save(void *opaque)
{
StrongARMRTCState *s = opaque;
@@ -451,6 +455,7 @@ static void strongarm_rtc_sysbus_class_init(ObjectClass
*klass, void *data)
dc->desc = "StrongARM RTC Controller";
dc->vmsd = _strongarm_rtc_regs;
+dc->realize = strongarm_rtc_realize;
}
static const TypeInfo strongarm_rtc_sysbus_info = {
@@ -1240,15 +1245,16 @@ static void strongarm_uart_init(Object *obj)
"uart", 0x1);
sysbus_init_mmio(dev, >iomem);
sysbus_init_irq(dev, >irq);
-
-s->rx_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
strongarm_uart_rx_to, s);
-s->tx_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, strongarm_uart_tx, s);
}
static void strongarm_uart_realize(DeviceState *dev, Error **errp)
{
StrongARMUARTState *s = STRONGARM_UART(dev);
+s->rx_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
+
Re: [PATCH 2/2] hw: move timer_new from init() into realize() to avoid memleaks
On 2/15/2020 4:37 PM, pannengy...@huawei.com wrote:
I'm sorry for the mail's subject, it's a single patch.
[PATCH 2/2] ---> [PATCH]
> From: Pan Nengyuan
>
> There are some memleaks when we call 'device_list_properties'. This patch
> move timer_new from init into realize to fix it.
> Meanwhile, do the null check in mos6522_reset() to avoid null deref if we
> move timer_new into realize().
>
> Reported-by: Euler Robot
> Signed-off-by: Pan Nengyuan
> ---
> hw/arm/pxa2xx.c| 17 +++--
> hw/arm/spitz.c | 8 +++-
> hw/arm/strongarm.c | 18 --
> hw/misc/mos6522.c | 14 --
> hw/timer/cadence_ttc.c | 16 +++-
> 5 files changed, 53 insertions(+), 20 deletions(-)
>
> diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c
> index b33f8f1351..56a36202d7 100644
> --- a/hw/arm/pxa2xx.c
> +++ b/hw/arm/pxa2xx.c
> @@ -1134,18 +1134,22 @@ static void pxa2xx_rtc_init(Object *obj)
> s->last_rtcpicr = 0;
> s->last_hz = s->last_sw = s->last_pi = qemu_clock_get_ms(rtc_clock);
>
> +sysbus_init_irq(dev, >rtc_irq);
> +
> +memory_region_init_io(>iomem, obj, _rtc_ops, s,
> + "pxa2xx-rtc", 0x1);
> +sysbus_init_mmio(dev, >iomem);
> +}
> +
> +static void pxa2xx_rtc_realize(DeviceState *dev, Error **errp)
> +{
> +PXA2xxRTCState *s = PXA2XX_RTC(dev);
> s->rtc_hz= timer_new_ms(rtc_clock, pxa2xx_rtc_hz_tick,s);
> s->rtc_rdal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal1_tick, s);
> s->rtc_rdal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal2_tick, s);
> s->rtc_swal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal1_tick, s);
> s->rtc_swal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal2_tick, s);
> s->rtc_pi= timer_new_ms(rtc_clock, pxa2xx_rtc_pi_tick,s);
> -
> -sysbus_init_irq(dev, >rtc_irq);
> -
> -memory_region_init_io(>iomem, obj, _rtc_ops, s,
> - "pxa2xx-rtc", 0x1);
> -sysbus_init_mmio(dev, >iomem);
> }
>
> static int pxa2xx_rtc_pre_save(void *opaque)
> @@ -1203,6 +1207,7 @@ static void pxa2xx_rtc_sysbus_class_init(ObjectClass
> *klass, void *data)
>
> dc->desc = "PXA2xx RTC Controller";
> dc->vmsd = _pxa2xx_rtc_regs;
> +dc->realize = pxa2xx_rtc_realize;
> }
>
> static const TypeInfo pxa2xx_rtc_sysbus_info = {
> diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c
> index e001088103..cbfa6934cf 100644
> --- a/hw/arm/spitz.c
> +++ b/hw/arm/spitz.c
> @@ -524,11 +524,16 @@ static void spitz_keyboard_init(Object *obj)
>
> spitz_keyboard_pre_map(s);
>
> -s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
> qdev_init_gpio_in(dev, spitz_keyboard_strobe, SPITZ_KEY_STROBE_NUM);
> qdev_init_gpio_out(dev, s->sense, SPITZ_KEY_SENSE_NUM);
> }
>
> +static void spitz_keyboard_realize(DeviceState *dev, Error **errp)
> +{
> +SpitzKeyboardState *s = SPITZ_KEYBOARD(dev);
> +s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
> +}
> +
> /* LCD backlight controller */
>
> #define LCDTG_RESCTL 0x00
> @@ -1115,6 +1120,7 @@ static void spitz_keyboard_class_init(ObjectClass
> *klass, void *data)
> DeviceClass *dc = DEVICE_CLASS(klass);
>
> dc->vmsd = _spitz_kbd;
> +dc->realize = spitz_keyboard_realize;
> }
>
> static const TypeInfo spitz_keyboard_info = {
> diff --git a/hw/arm/strongarm.c b/hw/arm/strongarm.c
> index cd8a99aaf2..3010d765bb 100644
> --- a/hw/arm/strongarm.c
> +++ b/hw/arm/strongarm.c
> @@ -399,9 +399,6 @@ static void strongarm_rtc_init(Object *obj)
> s->last_rcnr = (uint32_t) mktimegm();
> s->last_hz = qemu_clock_get_ms(rtc_clock);
>
> -s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
> -s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
> -
> sysbus_init_irq(dev, >rtc_irq);
> sysbus_init_irq(dev, >rtc_hz_irq);
>
> @@ -410,6 +407,13 @@ static void strongarm_rtc_init(Object *obj)
> sysbus_init_mmio(dev, >iomem);
> }
>
> +static void strongarm_rtc_realize(DeviceState *dev, Error **errp)
> +{
> +StrongARMRTCState *s = STRONGARM_RTC(dev);
> +s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
> +s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
> +}
> +
> static int strongarm_rtc_pre_save(void *opaque)
> {
> StrongARMRTCState *s = opaque;
> @@ -451,6 +455,7 @@ static void strongarm_rtc_sysbus_class_init(ObjectClass
> *klass, void *data)
>
> dc->desc = "StrongARM RTC Controller";
> dc->vmsd = _strongarm_rtc_regs;
> +dc->realize = strongarm_rtc_realize;
> }
>
> static const TypeInfo strongarm_rtc_sysbus_info = {
> @@ -1240,15 +1245,16 @@ static void strongarm_uart_init(Object *obj)
>"uart", 0x1);
> sysbus_init_mmio(dev, >iomem);
> sysbus_init_irq(dev, >irq);
> -
> -s->rx_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
>
[PATCH 2/2] hw: move timer_new from init() into realize() to avoid memleaks
From: Pan Nengyuan
There are some memleaks when we call 'device_list_properties'. This patch move
timer_new from init into realize to fix it.
Meanwhile, do the null check in mos6522_reset() to avoid null deref if we move
timer_new into realize().
Reported-by: Euler Robot
Signed-off-by: Pan Nengyuan
---
hw/arm/pxa2xx.c| 17 +++--
hw/arm/spitz.c | 8 +++-
hw/arm/strongarm.c | 18 --
hw/misc/mos6522.c | 14 --
hw/timer/cadence_ttc.c | 16 +++-
5 files changed, 53 insertions(+), 20 deletions(-)
diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c
index b33f8f1351..56a36202d7 100644
--- a/hw/arm/pxa2xx.c
+++ b/hw/arm/pxa2xx.c
@@ -1134,18 +1134,22 @@ static void pxa2xx_rtc_init(Object *obj)
s->last_rtcpicr = 0;
s->last_hz = s->last_sw = s->last_pi = qemu_clock_get_ms(rtc_clock);
+sysbus_init_irq(dev, >rtc_irq);
+
+memory_region_init_io(>iomem, obj, _rtc_ops, s,
+ "pxa2xx-rtc", 0x1);
+sysbus_init_mmio(dev, >iomem);
+}
+
+static void pxa2xx_rtc_realize(DeviceState *dev, Error **errp)
+{
+PXA2xxRTCState *s = PXA2XX_RTC(dev);
s->rtc_hz= timer_new_ms(rtc_clock, pxa2xx_rtc_hz_tick,s);
s->rtc_rdal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal1_tick, s);
s->rtc_rdal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_rdal2_tick, s);
s->rtc_swal1 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal1_tick, s);
s->rtc_swal2 = timer_new_ms(rtc_clock, pxa2xx_rtc_swal2_tick, s);
s->rtc_pi= timer_new_ms(rtc_clock, pxa2xx_rtc_pi_tick,s);
-
-sysbus_init_irq(dev, >rtc_irq);
-
-memory_region_init_io(>iomem, obj, _rtc_ops, s,
- "pxa2xx-rtc", 0x1);
-sysbus_init_mmio(dev, >iomem);
}
static int pxa2xx_rtc_pre_save(void *opaque)
@@ -1203,6 +1207,7 @@ static void pxa2xx_rtc_sysbus_class_init(ObjectClass
*klass, void *data)
dc->desc = "PXA2xx RTC Controller";
dc->vmsd = _pxa2xx_rtc_regs;
+dc->realize = pxa2xx_rtc_realize;
}
static const TypeInfo pxa2xx_rtc_sysbus_info = {
diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c
index e001088103..cbfa6934cf 100644
--- a/hw/arm/spitz.c
+++ b/hw/arm/spitz.c
@@ -524,11 +524,16 @@ static void spitz_keyboard_init(Object *obj)
spitz_keyboard_pre_map(s);
-s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
qdev_init_gpio_in(dev, spitz_keyboard_strobe, SPITZ_KEY_STROBE_NUM);
qdev_init_gpio_out(dev, s->sense, SPITZ_KEY_SENSE_NUM);
}
+static void spitz_keyboard_realize(DeviceState *dev, Error **errp)
+{
+SpitzKeyboardState *s = SPITZ_KEYBOARD(dev);
+s->kbdtimer = timer_new_ns(QEMU_CLOCK_VIRTUAL, spitz_keyboard_tick, s);
+}
+
/* LCD backlight controller */
#define LCDTG_RESCTL 0x00
@@ -1115,6 +1120,7 @@ static void spitz_keyboard_class_init(ObjectClass *klass,
void *data)
DeviceClass *dc = DEVICE_CLASS(klass);
dc->vmsd = _spitz_kbd;
+dc->realize = spitz_keyboard_realize;
}
static const TypeInfo spitz_keyboard_info = {
diff --git a/hw/arm/strongarm.c b/hw/arm/strongarm.c
index cd8a99aaf2..3010d765bb 100644
--- a/hw/arm/strongarm.c
+++ b/hw/arm/strongarm.c
@@ -399,9 +399,6 @@ static void strongarm_rtc_init(Object *obj)
s->last_rcnr = (uint32_t) mktimegm();
s->last_hz = qemu_clock_get_ms(rtc_clock);
-s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
-s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
-
sysbus_init_irq(dev, >rtc_irq);
sysbus_init_irq(dev, >rtc_hz_irq);
@@ -410,6 +407,13 @@ static void strongarm_rtc_init(Object *obj)
sysbus_init_mmio(dev, >iomem);
}
+static void strongarm_rtc_realize(DeviceState *dev, Error **errp)
+{
+StrongARMRTCState *s = STRONGARM_RTC(dev);
+s->rtc_alarm = timer_new_ms(rtc_clock, strongarm_rtc_alarm_tick, s);
+s->rtc_hz = timer_new_ms(rtc_clock, strongarm_rtc_hz_tick, s);
+}
+
static int strongarm_rtc_pre_save(void *opaque)
{
StrongARMRTCState *s = opaque;
@@ -451,6 +455,7 @@ static void strongarm_rtc_sysbus_class_init(ObjectClass
*klass, void *data)
dc->desc = "StrongARM RTC Controller";
dc->vmsd = _strongarm_rtc_regs;
+dc->realize = strongarm_rtc_realize;
}
static const TypeInfo strongarm_rtc_sysbus_info = {
@@ -1240,15 +1245,16 @@ static void strongarm_uart_init(Object *obj)
"uart", 0x1);
sysbus_init_mmio(dev, >iomem);
sysbus_init_irq(dev, >irq);
-
-s->rx_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
strongarm_uart_rx_to, s);
-s->tx_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, strongarm_uart_tx, s);
}
static void strongarm_uart_realize(DeviceState *dev, Error **errp)
{
StrongARMUARTState *s = STRONGARM_UART(dev);
+s->rx_timeout_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
+ strongarm_uart_rx_to,
+ s);
+s->tx_timer =
