From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PULL 28/29] hw/arm/vexpress: Avoid trivial memory leak of 'flashalias'
Date: Thu, 18 May 2023 13:51:06 +0100 [thread overview]
Message-ID: <20230518125107.146421-29-peter.maydell@linaro.org> (raw)
In-Reply-To: <20230518125107.146421-1-peter.maydell@linaro.org>
In the vexpress board code, we allocate a new MemoryRegion at the top
of vexpress_common_init() but only set it up and use it inside the
"if (map[VE_NORFLASHALIAS] != -1)" conditional, so we leak it if not.
This isn't a very interesting leak as it's a tiny amount of memory
once at startup, but it's easy to fix.
We could silence Coverity simply by moving the g_new() into the
if() block, but this use of g_new(MemoryRegion, 1) is a legacy from
when this board model was originally written; we wouldn't do that
if we wrote it today. The MemoryRegions are conceptually a part of
the board and must not go away until the whole board is done with
(at the end of the simulation), so they belong in its state struct.
This machine already has a VexpressMachineState struct that extends
MachineState, so statically put the MemoryRegions in there instead of
dynamically allocating them separately at runtime.
Spotted by Coverity (CID 1509083).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230512170223.3801643-3-peter.maydell@linaro.org
---
hw/arm/vexpress.c | 40 ++++++++++++++++++++--------------------
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c
index 34b012b528b..56abadd9b8b 100644
--- a/hw/arm/vexpress.c
+++ b/hw/arm/vexpress.c
@@ -173,6 +173,11 @@ struct VexpressMachineClass {
struct VexpressMachineState {
MachineState parent;
+ MemoryRegion vram;
+ MemoryRegion sram;
+ MemoryRegion flashalias;
+ MemoryRegion lowram;
+ MemoryRegion a15sram;
bool secure;
bool virt;
};
@@ -182,7 +187,7 @@ struct VexpressMachineState {
#define TYPE_VEXPRESS_A15_MACHINE MACHINE_TYPE_NAME("vexpress-a15")
OBJECT_DECLARE_TYPE(VexpressMachineState, VexpressMachineClass, VEXPRESS_MACHINE)
-typedef void DBoardInitFn(const VexpressMachineState *machine,
+typedef void DBoardInitFn(VexpressMachineState *machine,
ram_addr_t ram_size,
const char *cpu_type,
qemu_irq *pic);
@@ -263,14 +268,13 @@ static void init_cpus(MachineState *ms, const char *cpu_type,
}
}
-static void a9_daughterboard_init(const VexpressMachineState *vms,
+static void a9_daughterboard_init(VexpressMachineState *vms,
ram_addr_t ram_size,
const char *cpu_type,
qemu_irq *pic)
{
MachineState *machine = MACHINE(vms);
MemoryRegion *sysmem = get_system_memory();
- MemoryRegion *lowram = g_new(MemoryRegion, 1);
ram_addr_t low_ram_size;
if (ram_size > 0x40000000) {
@@ -287,9 +291,9 @@ static void a9_daughterboard_init(const VexpressMachineState *vms,
* address space should in theory be remappable to various
* things including ROM or RAM; we always map the RAM there.
*/
- memory_region_init_alias(lowram, NULL, "vexpress.lowmem", machine->ram,
- 0, low_ram_size);
- memory_region_add_subregion(sysmem, 0x0, lowram);
+ memory_region_init_alias(&vms->lowram, NULL, "vexpress.lowmem",
+ machine->ram, 0, low_ram_size);
+ memory_region_add_subregion(sysmem, 0x0, &vms->lowram);
memory_region_add_subregion(sysmem, 0x60000000, machine->ram);
/* 0x1e000000 A9MPCore (SCU) private memory region */
@@ -348,14 +352,13 @@ static VEDBoardInfo a9_daughterboard = {
.init = a9_daughterboard_init,
};
-static void a15_daughterboard_init(const VexpressMachineState *vms,
+static void a15_daughterboard_init(VexpressMachineState *vms,
ram_addr_t ram_size,
const char *cpu_type,
qemu_irq *pic)
{
MachineState *machine = MACHINE(vms);
MemoryRegion *sysmem = get_system_memory();
- MemoryRegion *sram = g_new(MemoryRegion, 1);
{
/* We have to use a separate 64 bit variable here to avoid the gcc
@@ -386,9 +389,9 @@ static void a15_daughterboard_init(const VexpressMachineState *vms,
/* 0x2b060000: SP805 watchdog: not modelled */
/* 0x2b0a0000: PL341 dynamic memory controller: not modelled */
/* 0x2e000000: system SRAM */
- memory_region_init_ram(sram, NULL, "vexpress.a15sram", 0x10000,
+ memory_region_init_ram(&vms->a15sram, NULL, "vexpress.a15sram", 0x10000,
&error_fatal);
- memory_region_add_subregion(sysmem, 0x2e000000, sram);
+ memory_region_add_subregion(sysmem, 0x2e000000, &vms->a15sram);
/* 0x7ffb0000: DMA330 DMA controller: not modelled */
/* 0x7ffd0000: PL354 static memory controller: not modelled */
@@ -547,10 +550,6 @@ static void vexpress_common_init(MachineState *machine)
I2CBus *i2c;
ram_addr_t vram_size, sram_size;
MemoryRegion *sysmem = get_system_memory();
- MemoryRegion *vram = g_new(MemoryRegion, 1);
- MemoryRegion *sram = g_new(MemoryRegion, 1);
- MemoryRegion *flashalias = g_new(MemoryRegion, 1);
- MemoryRegion *flash0mem;
const hwaddr *map = daughterboard->motherboard_map;
int i;
@@ -662,24 +661,25 @@ static void vexpress_common_init(MachineState *machine)
if (map[VE_NORFLASHALIAS] != -1) {
/* Map flash 0 as an alias into low memory */
+ MemoryRegion *flash0mem;
flash0mem = sysbus_mmio_get_region(SYS_BUS_DEVICE(pflash0), 0);
- memory_region_init_alias(flashalias, NULL, "vexpress.flashalias",
+ memory_region_init_alias(&vms->flashalias, NULL, "vexpress.flashalias",
flash0mem, 0, VEXPRESS_FLASH_SIZE);
- memory_region_add_subregion(sysmem, map[VE_NORFLASHALIAS], flashalias);
+ memory_region_add_subregion(sysmem, map[VE_NORFLASHALIAS], &vms->flashalias);
}
dinfo = drive_get(IF_PFLASH, 0, 1);
ve_pflash_cfi01_register(map[VE_NORFLASH1], "vexpress.flash1", dinfo);
sram_size = 0x2000000;
- memory_region_init_ram(sram, NULL, "vexpress.sram", sram_size,
+ memory_region_init_ram(&vms->sram, NULL, "vexpress.sram", sram_size,
&error_fatal);
- memory_region_add_subregion(sysmem, map[VE_SRAM], sram);
+ memory_region_add_subregion(sysmem, map[VE_SRAM], &vms->sram);
vram_size = 0x800000;
- memory_region_init_ram(vram, NULL, "vexpress.vram", vram_size,
+ memory_region_init_ram(&vms->vram, NULL, "vexpress.vram", vram_size,
&error_fatal);
- memory_region_add_subregion(sysmem, map[VE_VIDEORAM], vram);
+ memory_region_add_subregion(sysmem, map[VE_VIDEORAM], &vms->vram);
/* 0x4e000000 LAN9118 Ethernet */
if (nd_table[0].used) {
--
2.34.1
next prev parent reply other threads:[~2023-05-18 12:54 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-18 12:50 [PULL 00/29] target-arm queue Peter Maydell
2023-05-18 12:50 ` [PULL 01/29] sbsa-ref: switch default cpu core to Neoverse-N1 Peter Maydell
2023-05-18 12:50 ` [PULL 02/29] target/arm: Fix vd == vm overlap in sve_ldff1_z Peter Maydell
2023-05-18 12:50 ` [PULL 03/29] Maintainers: add myself as reviewer for sbsa-ref Peter Maydell
2023-05-18 12:50 ` [PULL 04/29] arm/kvm: add support for MTE Peter Maydell
2023-05-19 12:51 ` Alex Bennée
2023-05-19 13:31 ` Peter Maydell
2023-05-19 14:52 ` Peter Maydell
2023-05-22 9:48 ` Cornelia Huck
2023-05-22 10:12 ` Alex Bennée
2023-05-18 12:50 ` [PULL 05/29] target/arm: add RAZ/WI handling for DBGDTR[TX|RX] Peter Maydell
2023-05-18 12:50 ` [PULL 06/29] sbsa-ref: use Bochs graphics card instead of VGA Peter Maydell
2023-05-18 12:50 ` [PULL 07/29] target/arm: Split out disas_a64_legacy Peter Maydell
2023-05-18 12:50 ` [PULL 08/29] target/arm: Create decodetree skeleton for A64 Peter Maydell
2023-05-18 12:50 ` [PULL 09/29] target/arm: Pull calls to disas_sve() and disas_sme() out of legacy decoder Peter Maydell
2023-05-18 12:50 ` [PULL 10/29] target/arm: Convert PC-rel addressing to decodetree Peter Maydell
2023-05-18 12:50 ` [PULL 11/29] target/arm: Split gen_add_CC and gen_sub_CC Peter Maydell
2023-05-18 12:50 ` [PULL 12/29] target/arm: Convert Add/subtract (immediate) to decodetree Peter Maydell
2023-05-18 12:50 ` [PULL 13/29] target/arm: Convert Add/subtract (immediate with tags) " Peter Maydell
2023-05-18 12:50 ` [PULL 14/29] target/arm: Replace bitmask64 with MAKE_64BIT_MASK Peter Maydell
2023-05-18 12:50 ` [PULL 15/29] target/arm: Convert Logical (immediate) to decodetree Peter Maydell
2023-05-18 12:50 ` [PULL 16/29] target/arm: Convert Move wide " Peter Maydell
2023-05-18 12:50 ` [PULL 17/29] target/arm: Convert Bitfield " Peter Maydell
2023-05-18 12:50 ` [PULL 18/29] target/arm: Convert Extract instructions " Peter Maydell
2023-05-18 12:50 ` [PULL 19/29] target/arm: Convert unconditional branch immediate " Peter Maydell
2023-05-18 12:50 ` [PULL 20/29] target/arm: Convert CBZ, CBNZ " Peter Maydell
2023-05-18 12:50 ` [PULL 21/29] target/arm: Convert TBZ, TBNZ " Peter Maydell
2023-05-18 12:51 ` [PULL 22/29] target/arm: Convert conditional branch insns " Peter Maydell
2023-05-18 12:51 ` [PULL 23/29] target/arm: Convert BR, BLR, RET " Peter Maydell
2023-05-18 12:51 ` [PULL 24/29] target/arm: Convert BRA[AB]Z, BLR[AB]Z, RETA[AB] " Peter Maydell
2023-05-18 12:51 ` [PULL 25/29] target/arm: Convert BRAA, BRAB, BLRAA, BLRAB " Peter Maydell
2023-05-18 12:51 ` [PULL 26/29] target/arm: Convert ERET, ERETAA, ERETAB " Peter Maydell
2023-05-18 12:51 ` [PULL 27/29] target/arm: Saturate L2CTLR_EL1 core count field rather than overflowing Peter Maydell
2023-05-18 12:51 ` Peter Maydell [this message]
2023-05-18 12:51 ` [PULL 29/29] docs: Convert u2f.txt to rST Peter Maydell
2023-05-18 14:51 ` [PULL 00/29] target-arm queue Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230518125107.146421-29-peter.maydell@linaro.org \
--to=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).