From: Peter Maydell <peter.maydell@linaro.org>
To: Michael Clark <mjc@sifive.com>
Cc: QEMU Developers <qemu-devel@nongnu.org>,
Bastian Koppelmann <kbastian@mail.uni-paderborn.de>,
Palmer Dabbelt <palmer@sifive.com>,
Sagar Karandikar <sagark@eecs.berkeley.edu>,
RISC-V Patches <patches@groups.riscv.org>
Subject: Re: [Qemu-devel] [PATCH v8 16/23] RISC-V Spike Machines
Date: Mon, 14 May 2018 17:49:58 +0100 [thread overview]
Message-ID: <CAFEAcA8Jf0TFey2oRPaGa_Nvne-PpfWcZ4f77JOr-cTJAMpkNA@mail.gmail.com> (raw)
In-Reply-To: <1519998711-73430-17-git-send-email-mjc@sifive.com>
On 2 March 2018 at 13:51, Michael Clark <mjc@sifive.com> wrote:
> RISC-V machines compatble with Spike aka riscv-isa-sim, the RISC-V
> Instruction Set Simulator. The following machines are implemented:
>
> - 'spike_v1.9.1'; HTIF console, config-string, Privileged ISA Version 1.9.1
> - 'spike_v1.10'; HTIF console, device-tree, Privileged ISA Version 1.10
>
> Acked-by: Richard Henderson <richard.henderson@linaro.org>
> Signed-off-by: Sagar Karandikar <sagark@eecs.berkeley.edu>
> Signed-off-by: Michael Clark <mjc@sifive.com>
Hi; Coverity (CID 1391015) thinks there's a memory leak here:
> + /* part one of config string - before memory size specified */
> + const char *config_string_tmpl =
> + "platform {\n"
> + " vendor ucb;\n"
> + " arch spike;\n"
> + "};\n"
> + "rtc {\n"
> + " addr 0x%" PRIx64 "x;\n"
> + "};\n"
> + "ram {\n"
> + " 0 {\n"
> + " addr 0x%" PRIx64 "x;\n"
> + " size 0x%" PRIx64 "x;\n"
> + " };\n"
> + "};\n"
> + "core {\n"
> + " 0" " {\n"
> + " " "0 {\n"
> + " isa %s;\n"
> + " timecmp 0x%" PRIx64 "x;\n"
> + " ipi 0x%" PRIx64 "x;\n"
> + " };\n"
> + " };\n"
> + "};\n";
> +
> + /* build config string with supplied memory size */
> + char *isa = riscv_isa_string(&s->soc.harts[0]);
> + size_t config_string_size = strlen(config_string_tmpl) + 48;
> + char *config_string = malloc(config_string_size);
We malloc() config_string here...
> + snprintf(config_string, config_string_size, config_string_tmpl,
> + (uint64_t)memmap[SPIKE_CLINT].base + SIFIVE_TIME_BASE,
> + (uint64_t)memmap[SPIKE_DRAM].base,
> + (uint64_t)ram_size, isa,
> + (uint64_t)memmap[SPIKE_CLINT].base + SIFIVE_TIMECMP_BASE,
> + (uint64_t)memmap[SPIKE_CLINT].base + SIFIVE_SIP_BASE);
> + g_free(isa);
> + size_t config_string_len = strlen(config_string);
> +
> + /* copy in the reset vector */
> + copy_le32_to_phys(memmap[SPIKE_MROM].base, reset_vec, sizeof(reset_vec));
> +
> + /* copy in the config string */
> + cpu_physical_memory_write(memmap[SPIKE_MROM].base + sizeof(reset_vec),
> + config_string, config_string_len);
...and finish using it here, but we never free it.
We also don't check that malloc() succeeded, so we'll crash if it
returns NULL. The recommended fix for this is to use g_malloc()
instead.
thanks
-- PMM
next prev parent reply other threads:[~2018-05-14 16:50 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-02 13:51 [Qemu-devel] [PATCH v8 00/23] RISC-V QEMU Port Submission Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 01/23] RISC-V Maintainers Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 02/23] RISC-V ELF Machine Definition Michael Clark
2018-03-09 13:05 ` Philippe Mathieu-Daudé
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 03/23] RISC-V CPU Core Definition Michael Clark
2018-03-03 2:23 ` Michael Clark
2018-03-03 2:34 ` Michael Clark
2018-03-05 9:44 ` Igor Mammedov
2018-03-05 22:24 ` Michael Clark
2018-03-06 8:58 ` Igor Mammedov
2018-03-06 10:41 ` Igor Mammedov
2018-03-07 3:23 ` Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 04/23] RISC-V Disassembler Michael Clark
2018-04-27 12:26 ` Peter Maydell
2018-04-29 23:27 ` Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 05/23] RISC-V CPU Helpers Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 06/23] RISC-V FPU Support Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 07/23] RISC-V GDB Stub Michael Clark
2018-03-09 12:46 ` Philippe Mathieu-Daudé
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 08/23] RISC-V TCG Code Generation Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 09/23] RISC-V Physical Memory Protection Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 10/23] RISC-V Linux User Emulation Michael Clark
2018-04-04 12:44 ` Laurent Vivier
2018-04-08 20:59 ` Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 11/23] Add symbol table callback interface to load_elf Michael Clark
2018-03-09 11:34 ` Philippe Mathieu-Daudé
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 12/23] RISC-V HTIF Console Michael Clark
2018-03-09 11:52 ` Philippe Mathieu-Daudé
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 13/23] RISC-V HART Array Michael Clark
2018-03-09 12:52 ` Philippe Mathieu-Daudé
2018-03-09 13:48 ` Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 14/23] SiFive RISC-V CLINT Block Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 15/23] SiFive RISC-V PLIC Block Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 16/23] RISC-V Spike Machines Michael Clark
2018-03-09 4:50 ` Michael Clark
2018-05-14 16:49 ` Peter Maydell [this message]
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 17/23] SiFive RISC-V Test Finisher Michael Clark
2018-03-09 11:57 ` Philippe Mathieu-Daudé
2018-03-10 3:01 ` Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 18/23] RISC-V VirtIO Machine Michael Clark
2018-04-27 14:17 ` Peter Maydell
2018-04-30 0:18 ` Michael Clark
2018-04-30 7:49 ` Peter Maydell
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 19/23] SiFive RISC-V UART Device Michael Clark
2018-03-09 12:39 ` Philippe Mathieu-Daudé
2018-03-10 3:02 ` Michael Clark
2018-03-10 9:40 ` Mark Cave-Ayland
2018-03-11 11:43 ` Bastian Koppelmann
2018-03-16 18:30 ` Michael Clark
2018-03-16 18:36 ` Michael Clark
2018-03-16 20:46 ` Bastian Koppelmann
2018-04-10 3:21 ` Antony Pavlov
2018-04-10 6:17 ` Thomas Huth
2018-04-10 8:04 ` Antony Pavlov
2018-04-11 21:12 ` Michael Clark
2018-04-11 22:25 ` Eric Blake
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 20/23] SiFive RISC-V PRCI Block Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 21/23] SiFive Freedom E Series RISC-V Machine Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 22/23] SiFive Freedom U " Michael Clark
2018-03-02 13:51 ` [Qemu-devel] [PATCH v8 23/23] RISC-V Build Infrastructure Michael Clark
2018-03-02 14:33 ` Eric Blake
2018-03-03 2:37 ` Michael Clark
2018-03-05 15:59 ` Eric Blake
2018-03-09 13:03 ` Philippe Mathieu-Daudé
2018-03-02 14:17 ` [Qemu-devel] [PATCH v8 00/23] RISC-V QEMU Port Submission no-reply
2018-03-05 8:41 ` Richard W.M. Jones
2018-03-05 10:02 ` Alex Bennée
2018-03-09 15:07 ` Michael Clark
2018-03-09 16:43 ` Peter Maydell
2018-03-09 18:27 ` Richard W.M. Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFEAcA8Jf0TFey2oRPaGa_Nvne-PpfWcZ4f77JOr-cTJAMpkNA@mail.gmail.com \
--to=peter.maydell@linaro.org \
--cc=kbastian@mail.uni-paderborn.de \
--cc=mjc@sifive.com \
--cc=palmer@sifive.com \
--cc=patches@groups.riscv.org \
--cc=qemu-devel@nongnu.org \
--cc=sagark@eecs.berkeley.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).