From: "Philippe Mathieu-Daudé" <philmd@linaro.org>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Markus Armbruster <armbru@redhat.com>,
Kevin Wolf <kwolf@redhat.com>,
qemu-arm@nongnu.org, qemu-devel@nongnu.org
Subject: Re: [PATCH v2 5/6] hw/input/stellaris_input: Convert to qdev
Date: Mon, 30 Oct 2023 19:28:04 +0100 [thread overview]
Message-ID: <6b8b7608-208e-722b-97a3-8ee346fe7c76@linaro.org> (raw)
In-Reply-To: <CAFEAcA_GC8ypM2Y94KCU9Q_dntF6Na+igu-+0JZJ+MvPFE_HcA@mail.gmail.com>
On 30/10/23 15:41, Peter Maydell wrote:
> On Mon, 30 Oct 2023 at 13:52, Philippe Mathieu-Daudé <philmd@linaro.org> wrote:
>>
>> Hi Peter,
>>
>> Cc'ing Markus for QObject.
>>
>> On 30/10/23 12:48, Peter Maydell wrote:
>>> Convert the hw/input/stellaris_input device to qdev.
>>>
>>> The interface uses an array property for the board to specify the
>>> keycodes to use, so the s->keycodes memory is now allocated by the
>>> array-property machinery.
>>>
>>> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
>>> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
>>> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
>>> ---
>>> v1->v2: drop private/public comment lines
>>> ---
>>> include/hw/input/stellaris_gamepad.h | 22 ++++++++-
>>> hw/arm/stellaris.c | 26 +++++++---
>>> hw/input/stellaris_gamepad.c | 73 +++++++++++++++++++---------
>>> 3 files changed, 89 insertions(+), 32 deletions(-)
>>
>>
>>> diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c
>>> index 96585dd7106..707b0dae375 100644
>>> --- a/hw/arm/stellaris.c
>>> +++ b/hw/arm/stellaris.c
>>> @@ -31,6 +31,7 @@
>>> #include "hw/timer/stellaris-gptm.h"
>>> #include "hw/qdev-clock.h"
>>> #include "qom/object.h"
>>> +#include "qapi/qmp/qlist.h"
>>>
>>> #define GPIO_A 0
>>> #define GPIO_B 1
>>> @@ -1274,16 +1275,27 @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
>>> sysbus_connect_irq(SYS_BUS_DEVICE(enet), 0, qdev_get_gpio_in(nvic, 42));
>>> }
>>> if (board->peripherals & BP_GAMEPAD) {
>>> - qemu_irq gpad_irq[5];
>>> + QList *gpad_keycode_list = qlist_new();
>>
>> I'm trying to understand better qlist_new(), but unfortunately there
>> is not much documentation. Looking at how the allocated list was
>> released, I found use of g_autoptr in tests/unit/check-qobject.c,
>> so I tried:
>>
>> g_autoptr(QList) gpad_keycode_list = qlist_new();
>
> The API for qdev_prop_set_array() documents that it takes ownership
> of the list you pass it (and it ends up calling qobject_unref() on it).
> So I think adding g_autoptr() here will result in the memory being
> double-freed (once inside qobject_unref() when the refcount
> goes to 0, and once when g_autoptr frees it as it goes out of scope)...
Ah, I missed how qdev_prop_set_array() is involved.
>> * thread #2, stop reason = signal SIGABRT
>> * frame #0: 0x8b1eb11c libsystem_kernel.dylib`__pthread_kill + 8
>> frame #1: 0x8b222cc0 libsystem_pthread.dylib`pthread_kill + 288
>> frame #2: 0x8b132a50 libsystem_c.dylib`abort + 180
>> frame #3: 0x8b049b08 libsystem_malloc.dylib`malloc_vreport + 908
>> frame #4: 0x8b06924c libsystem_malloc.dylib`malloc_zone_error + 104
>> frame #5: 0x8b05b094
>> libsystem_malloc.dylib`nanov2_guard_corruption_detected + 44
>> frame #6: 0x8b05a2a8
>> libsystem_malloc.dylib`nanov2_allocate_outlined + 404
>> frame #7: 0x0201fdc0 libglib-2.0.0.dylib`g_malloc0 + 36
>> frame #8: 0x02007718 libglib-2.0.0.dylib`g_hash_table_setup_storage
>> + 76
>> frame #9: 0x020076b0 libglib-2.0.0.dylib`g_hash_table_new_full + 96
>
> ...which is probably why a later memory operation runs into a
> malloc data corruption assertion.
Yes, this is certainly the reason. Thanks for the explanation!
Phil.
next prev parent reply other threads:[~2023-10-30 18:29 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-30 11:47 [PATCH v2 0/6] arm/stellaris: convert gamepad input device to qdev Peter Maydell
2023-10-30 11:47 ` [PATCH v2 1/6] hw/input/stellaris_input: Rename to stellaris_gamepad Peter Maydell
2023-10-30 11:47 ` [PATCH v2 2/6] hw/input/stellaris_gamepad: Rename structs to our usual convention Peter Maydell
2023-10-30 11:47 ` [PATCH v2 3/6] qdev: Add qdev_prop_set_array() Peter Maydell
2023-10-30 11:48 ` [PATCH v2 4/6] hw/input/stellaris_gamepad: Remove StellarisGamepadButton struct Peter Maydell
2023-10-30 11:48 ` [PATCH v2 5/6] hw/input/stellaris_input: Convert to qdev Peter Maydell
2023-10-30 13:52 ` Philippe Mathieu-Daudé
2023-10-30 14:25 ` Markus Armbruster
2023-10-31 8:16 ` Philippe Mathieu-Daudé
2023-10-30 14:41 ` Peter Maydell
2023-10-30 18:28 ` Philippe Mathieu-Daudé [this message]
2023-10-30 20:37 ` Mark Cave-Ayland
2023-10-31 13:55 ` Peter Maydell
2023-10-31 14:05 ` Peter Maydell
2023-10-31 14:55 ` Philippe Mathieu-Daudé
2023-10-31 15:36 ` Peter Maydell
2023-10-30 11:48 ` [PATCH v2 6/6] hw/input/stellaris_gamepad: Convert to qemu_input_handler_register() Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6b8b7608-208e-722b-97a3-8ee346fe7c76@linaro.org \
--to=philmd@linaro.org \
--cc=armbru@redhat.com \
--cc=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).