From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746142558537.7732929030351; Mon, 16 Jul 2018 06:02:22 -0700 (PDT) Received: from localhost ([::1]:51258 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff38v-0002b3-Cm for importer@patchew.org; Mon, 16 Jul 2018 09:02:21 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43328) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36Q-00015P-2r for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36O-00022L-LH for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:46 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48734 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36J-0001xE-HR; Mon, 16 Jul 2018 08:59:39 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DDA49401EF09; Mon, 16 Jul 2018 12:59:38 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 48AB01C589; Mon, 16 Jul 2018 12:59:37 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:18 +0200 Message-Id: <1531745974-17187-2-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:38 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:38 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 01/17] qom/object: Add a new function object_initialize_child() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" A lot of code is using the object_initialize() function followed by a call to object_property_add_child() to add the newly initialized object as a chi= ld of the current object. Both functions increase the reference counter of the new object, but many spots that call these two functions then forget to drop one of the superfluous references. So the newly created object is often not cleaned up correctly when the parent is destroyed. In the worst case, this can cause crashes, e.g. because device objects are not correctly removed fr= om their parent_bus. Since this is a common pattern between many code spots, let's introduce a new function that takes care of calling all three required initialization functions, first object_initialize(), then object_property_add_child() and finally object_unref(). And since the function does a similar job like object_new_with_props(), also allow to set additional properties via varargs, and use user_creatable_complete() to make sure that the functions can be used similarly. And while we're at object.h, also fix some copy-n-paste errors in the comments there ("to store the area" --> "to store the error"). Signed-off-by: Thomas Huth Reviewed-by: Eduardo Habkost --- include/qom/object.h | 45 +++++++++++++++++++++++++++++++++++++++++-- qom/object.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++= ++++ 2 files changed, 97 insertions(+), 2 deletions(-) diff --git a/include/qom/object.h b/include/qom/object.h index f3d2308..f0b0bf3 100644 --- a/include/qom/object.h +++ b/include/qom/object.h @@ -749,6 +749,47 @@ int object_set_propv(Object *obj, void object_initialize(void *obj, size_t size, const char *typename); =20 /** + * object_initialize_child: + * @parentobj: The parent object to add a property to + * @propname: The name of the property + * @childobj: A pointer to the memory to be used for the object. + * @size: The maximum size available at @childobj for the object. + * @type: The name of the type of the object to instantiate. + * @errp: If an error occurs, a pointer to an area to store the error + * @...: list of property names and values + * + * This function will initialize an object. The memory for the object shou= ld + * have already been allocated. The object will then be added as child pro= perty + * to a parent with object_property_add_child() function. The returned obj= ect + * has a reference count of 1 (for the "child<...>" property from the pare= nt), + * so the object will be finalized automatically when the parent gets remo= ved. + * + * The variadic parameters are a list of pairs of (propname, propvalue) + * strings. The propname of %NULL indicates the end of the property list. + * If the object implements the user creatable interface, the object will + * be marked complete once all the properties have been processed. + */ +void object_initialize_child(Object *parentobj, const char *propname, + void *childobj, size_t size, const char *type, + Error **errp, ...) QEMU_SENTINEL; + +/** + * object_initialize_childv: + * @parentobj: The parent object to add a property to + * @propname: The name of the property + * @childobj: A pointer to the memory to be used for the object. + * @size: The maximum size available at @childobj for the object. + * @type: The name of the type of the object to instantiate. + * @errp: If an error occurs, a pointer to an area to store the error + * @vargs: list of property names and values + * + * See object_initialize_child() for documentation. + */ +void object_initialize_childv(Object *parentobj, const char *propname, + void *childobj, size_t size, const char *typ= e, + Error **errp, va_list vargs); + +/** * object_dynamic_cast: * @obj: The object to cast. * @typename: The @typename to cast to. @@ -1382,7 +1423,7 @@ Object *object_resolve_path_component(Object *parent,= const gchar *part); * @obj: the object to add a property to * @name: the name of the property * @child: the child object - * @errp: if an error occurs, a pointer to an area to store the area + * @errp: if an error occurs, a pointer to an area to store the error * * Child properties form the composition tree. All objects need to be a c= hild * of another object. Objects can only be a child of one object. @@ -1420,7 +1461,7 @@ void object_property_allow_set_link(const Object *, c= onst char *, * @child: a pointer to where the link object reference is stored * @check: callback to veto setting or NULL if the property is read-only * @flags: additional options for the link - * @errp: if an error occurs, a pointer to an area to store the area + * @errp: if an error occurs, a pointer to an area to store the error * * Links establish relationships between objects. Links are unidirectional * although two links can be combined to form a bidirectional relationship diff --git a/qom/object.c b/qom/object.c index 4609e34..75d1d48 100644 --- a/qom/object.c +++ b/qom/object.c @@ -392,6 +392,60 @@ void object_initialize(void *data, size_t size, const = char *typename) object_initialize_with_type(data, size, type); } =20 +void object_initialize_child(Object *parentobj, const char *propname, + void *childobj, size_t size, const char *type, + Error **errp, ...) +{ + va_list vargs; + + va_start(vargs, errp); + object_initialize_childv(parentobj, propname, childobj, size, type, er= rp, + vargs); + va_end(vargs); +} + +void object_initialize_childv(Object *parentobj, const char *propname, + void *childobj, size_t size, const char *typ= e, + Error **errp, va_list vargs) +{ + Error *local_err =3D NULL; + Object *obj; + + object_initialize(childobj, size, type); + obj =3D OBJECT(childobj); + + object_set_propv(obj, &local_err, vargs); + if (local_err) { + goto out; + } + + object_property_add_child(parentobj, propname, obj, &local_err); + if (local_err) { + goto out; + } + + if (object_dynamic_cast(obj, TYPE_USER_CREATABLE)) { + user_creatable_complete(obj, &local_err); + if (local_err) { + object_unparent(obj); + goto out; + } + } + + /* + * Since object_property_add_child added a reference to the child obje= ct, + * we can drop the reference added by object_initialize(), so the child + * property will own the only reference to the object. + */ + object_unref(obj); + +out: + if (local_err) { + error_propagate(errp, local_err); + object_unref(obj); + } +} + static inline bool object_property_is_child(ObjectProperty *prop) { return strstart(prop->type, "child<", NULL); --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746172774660.445621470205; Mon, 16 Jul 2018 06:02:52 -0700 (PDT) Received: from localhost ([::1]:51261 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff39P-0002vv-Ke for importer@patchew.org; Mon, 16 Jul 2018 09:02:51 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43311) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36P-00014l-7d for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:46 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36O-000222-8M for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:45 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48740 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36L-0001yq-96; Mon, 16 Jul 2018 08:59:41 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B4999401EF0B; Mon, 16 Jul 2018 12:59:40 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1FA2D1C589; Mon, 16 Jul 2018 12:59:39 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:19 +0200 Message-Id: <1531745974-17187-3-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:40 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:40 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 02/17] hw/core/sysbus: Add a function for creating and attaching an object X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" A lot of functions are initializing an object and attach it immediately afterwards to the system bus. Provide a common function for this, which also uses object_initialize_child() to make sure that the reference counter is correctly initialized to 1 afterwards. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis --- hw/core/sysbus.c | 8 ++++++++ include/hw/sysbus.h | 17 +++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/hw/core/sysbus.c b/hw/core/sysbus.c index ecfb0cf..3c8e53b 100644 --- a/hw/core/sysbus.c +++ b/hw/core/sysbus.c @@ -376,6 +376,14 @@ BusState *sysbus_get_default(void) return main_system_bus; } =20 +void sysbus_init_child_obj(Object *parent, const char *childname, void *ch= ild, + size_t childsize, const char *childtype) +{ + object_initialize_child(parent, childname, child, childsize, childtype, + &error_abort, NULL); + qdev_set_parent_bus(DEVICE(child), sysbus_get_default()); +} + static void sysbus_register_types(void) { type_register_static(&system_bus_info); diff --git a/include/hw/sysbus.h b/include/hw/sysbus.h index e88bb6d..0b59a3b 100644 --- a/include/hw/sysbus.h +++ b/include/hw/sysbus.h @@ -96,6 +96,23 @@ void sysbus_add_io(SysBusDevice *dev, hwaddr addr, MemoryRegion *mem); MemoryRegion *sysbus_address_space(SysBusDevice *dev); =20 +/** + * sysbus_init_child_obj: + * @parent: The parent object + * @childname: Used as name of the "child<>" property in the parent + * @child: A pointer to the memory to be used for the object. + * @childsize: The maximum size available at @child for the object. + * @childtype: The name of the type of the object to instantiate. + * + * This function will initialize an object and attach it to the main system + * bus. The memory for the object should have already been allocated. The + * object will then be added as child to the given parent. The returned ob= ject + * has a reference count of 1 (for the "child<...>" property from the pare= nt), + * so the object will be finalized automatically when the parent gets remo= ved. + */ +void sysbus_init_child_obj(Object *parent, const char *childname, void *ch= ild, + size_t childsize, const char *childtype); + /* Call func for every dynamically created sysbus device in the system */ void foreach_dynamic_sysbus_device(FindSysbusDeviceFunc *func, void *opaqu= e); =20 --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 153174614973649.61310420495056; Mon, 16 Jul 2018 06:02:29 -0700 (PDT) Received: from localhost ([::1]:51259 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff392-0002hZ-64 for importer@patchew.org; Mon, 16 Jul 2018 09:02:28 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43344) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36Q-000167-Mk for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:47 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36P-00023J-NW for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:46 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35414 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36N-000215-4E; Mon, 16 Jul 2018 08:59:43 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8BFF37C6A9; Mon, 16 Jul 2018 12:59:42 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id EB6101C589; Mon, 16 Jul 2018 12:59:40 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:20 +0200 Message-Id: <1531745974-17187-4-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 12:59:42 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 12:59:42 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 03/17] hw/arm/bcm2836: Fix crash with device_add bcm2837 on unsupported machines X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When trying to "device_add bcm2837" on a machine that is not suitable for this device, you can quickly crash QEMU afterwards, e.g. with "info qtree": echo "{'execute':'qmp_capabilities'} {'execute':'device_add', " \ "'arguments':{'driver':'bcm2837'}} {'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ aarch64-softmmu/qemu-system-aarch64 -M integratorcp,accel=3Dqtest -S -qmp = stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 12, "major": 2}, "package": "build-all"}, "capabilities": []}} {"return": {}} {"error": {"class": "GenericError", "desc": "Device 'bcm2837' can not be hotplugged on this machine"}} Segmentation fault (core dumped) The qdev_set_parent_bus() from instance_init adds a link to the child devic= es which is not valid anymore after the bcm2837 instance has been destroyed. Unfortunately, the child devices do not get destroyed / unlinked correctly because both object_initialize() and object_property_add_child() increase the reference count of the child objects by one, but only one reference is dropped when the parent gets removed. So let's use the new functions object_initialize_child() and sysbus_init_child_obj() instead to create the objects, which will take care of creating the child objects with the correct reference count of one. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/arm/bcm2836.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/hw/arm/bcm2836.c b/hw/arm/bcm2836.c index 6805a7d..2595d93 100644 --- a/hw/arm/bcm2836.c +++ b/hw/arm/bcm2836.c @@ -51,25 +51,19 @@ static void bcm2836_init(Object *obj) int n; =20 for (n =3D 0; n < BCM283X_NCPUS; n++) { - object_initialize(&s->cpus[n], sizeof(s->cpus[n]), - info->cpu_type); - object_property_add_child(obj, "cpu[*]", OBJECT(&s->cpus[n]), - &error_abort); + object_initialize_child(obj, "cpu[*]", &s->cpus[n], sizeof(s->cpus= [n]), + info->cpu_type, &error_abort, NULL); } =20 - object_initialize(&s->control, sizeof(s->control), TYPE_BCM2836_CONTRO= L); - object_property_add_child(obj, "control", OBJECT(&s->control), NULL); - qdev_set_parent_bus(DEVICE(&s->control), sysbus_get_default()); + sysbus_init_child_obj(obj, "control", &s->control, sizeof(s->control), + TYPE_BCM2836_CONTROL); =20 - object_initialize(&s->peripherals, sizeof(s->peripherals), - TYPE_BCM2835_PERIPHERALS); - object_property_add_child(obj, "peripherals", OBJECT(&s->peripherals), - &error_abort); + sysbus_init_child_obj(obj, "peripherals", &s->peripherals, + sizeof(s->peripherals), TYPE_BCM2835_PERIPHERALS= ); object_property_add_alias(obj, "board-rev", OBJECT(&s->peripherals), "board-rev", &error_abort); object_property_add_alias(obj, "vcram-size", OBJECT(&s->peripherals), "vcram-size", &error_abort); - qdev_set_parent_bus(DEVICE(&s->peripherals), sysbus_get_default()); } =20 static void bcm2836_realize(DeviceState *dev, Error **errp) --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746566224514.6581079791573; Mon, 16 Jul 2018 06:09:26 -0700 (PDT) Received: from localhost ([::1]:51299 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3Fe-0007wM-O1 for importer@patchew.org; Mon, 16 Jul 2018 09:09:18 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43430) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36W-0001Cf-Rs for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36S-00024Y-IJ for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:52 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48576 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36P-00022S-0H; Mon, 16 Jul 2018 08:59:45 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 655D0808255B; Mon, 16 Jul 2018 12:59:44 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id C3FAB1C589; Mon, 16 Jul 2018 12:59:42 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:21 +0200 Message-Id: <1531745974-17187-5-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 16 Jul 2018 12:59:44 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 16 Jul 2018 12:59:44 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 04/17] hw/arm/armv7: Fix crash when introspecting the "iotkit" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" QEMU currently crashes when introspecting the "iotkit" device and runnint "info qtree" afterwards, e.g. when running QEMU like this: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'iotkit'}}" "{'execute': 'human-monitor-command',= " \ "'arguments': {'command-line': 'info qtree'}}" | \ aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp stdio Use the new functions object_initialize_child() and sysbus_init_child_obj() to make sure that all objects get cleaned up correctly when the instances are destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis --- hw/arm/armv7m.c | 7 +++-- hw/arm/iotkit.c | 74 ++++++++++++++++++++++-------------------------= ---- hw/intc/armv7m_nvic.c | 5 ++-- 3 files changed, 37 insertions(+), 49 deletions(-) diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c index 9e00d40..6b07666 100644 --- a/hw/arm/armv7m.c +++ b/hw/arm/armv7m.c @@ -134,14 +134,13 @@ static void armv7m_instance_init(Object *obj) =20 memory_region_init(&s->container, obj, "armv7m-container", UINT64_MAX); =20 - object_initialize(&s->nvic, sizeof(s->nvic), TYPE_NVIC); - qdev_set_parent_bus(DEVICE(&s->nvic), sysbus_get_default()); + sysbus_init_child_obj(obj, "nvnic", &s->nvic, sizeof(s->nvic), TYPE_NV= IC); object_property_add_alias(obj, "num-irq", OBJECT(&s->nvic), "num-irq", &error_abort); =20 for (i =3D 0; i < ARRAY_SIZE(s->bitband); i++) { - object_initialize(&s->bitband[i], sizeof(s->bitband[i]), TYPE_BITB= AND); - qdev_set_parent_bus(DEVICE(&s->bitband[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "bitband[*]", &s->bitband[i], + sizeof(s->bitband[i]), TYPE_BITBAND); } } =20 diff --git a/hw/arm/iotkit.c b/hw/arm/iotkit.c index 133d5bb..c76d3ed 100644 --- a/hw/arm/iotkit.c +++ b/hw/arm/iotkit.c @@ -30,15 +30,6 @@ static void make_alias(IoTKit *s, MemoryRegion *mr, cons= t char *name, memory_region_add_subregion_overlap(&s->container, base, mr, -1500); } =20 -static void init_sysbus_child(Object *parent, const char *childname, - void *child, size_t childsize, - const char *childtype) -{ - object_initialize(child, childsize, childtype); - object_property_add_child(parent, childname, OBJECT(child), &error_abo= rt); - qdev_set_parent_bus(DEVICE(child), sysbus_get_default()); -} - static void irq_status_forwarder(void *opaque, int n, int level) { qemu_irq destirq =3D opaque; @@ -119,53 +110,52 @@ static void iotkit_init(Object *obj) =20 memory_region_init(&s->container, obj, "iotkit-container", UINT64_MAX); =20 - init_sysbus_child(obj, "armv7m", &s->armv7m, sizeof(s->armv7m), - TYPE_ARMV7M); + sysbus_init_child_obj(obj, "armv7m", &s->armv7m, sizeof(s->armv7m), + TYPE_ARMV7M); qdev_prop_set_string(DEVICE(&s->armv7m), "cpu-type", ARM_CPU_TYPE_NAME("cortex-m33")); =20 - init_sysbus_child(obj, "secctl", &s->secctl, sizeof(s->secctl), - TYPE_IOTKIT_SECCTL); - init_sysbus_child(obj, "apb-ppc0", &s->apb_ppc0, sizeof(s->apb_ppc0), - TYPE_TZ_PPC); - init_sysbus_child(obj, "apb-ppc1", &s->apb_ppc1, sizeof(s->apb_ppc1), - TYPE_TZ_PPC); - init_sysbus_child(obj, "mpc", &s->mpc, sizeof(s->mpc), TYPE_TZ_MPC); - object_initialize(&s->mpc_irq_orgate, sizeof(s->mpc_irq_orgate), - TYPE_OR_IRQ); - object_property_add_child(obj, "mpc-irq-orgate", - OBJECT(&s->mpc_irq_orgate), &error_abort); + sysbus_init_child_obj(obj, "secctl", &s->secctl, sizeof(s->secctl), + TYPE_IOTKIT_SECCTL); + sysbus_init_child_obj(obj, "apb-ppc0", &s->apb_ppc0, sizeof(s->apb_ppc= 0), + TYPE_TZ_PPC); + sysbus_init_child_obj(obj, "apb-ppc1", &s->apb_ppc1, sizeof(s->apb_ppc= 1), + TYPE_TZ_PPC); + sysbus_init_child_obj(obj, "mpc", &s->mpc, sizeof(s->mpc), TYPE_TZ_MPC= ); + object_initialize_child(obj, "mpc-irq-orgate", &s->mpc_irq_orgate, + sizeof(s->mpc_irq_orgate), TYPE_OR_IRQ, + &error_abort, NULL); + for (i =3D 0; i < ARRAY_SIZE(s->mpc_irq_splitter); i++) { char *name =3D g_strdup_printf("mpc-irq-splitter-%d", i); SplitIRQ *splitter =3D &s->mpc_irq_splitter[i]; =20 - object_initialize(splitter, sizeof(*splitter), TYPE_SPLIT_IRQ); - object_property_add_child(obj, name, OBJECT(splitter), &error_abor= t); + object_initialize_child(obj, name, splitter, sizeof(*splitter), + TYPE_SPLIT_IRQ, &error_abort, NULL); g_free(name); } - init_sysbus_child(obj, "timer0", &s->timer0, sizeof(s->timer0), - TYPE_CMSDK_APB_TIMER); - init_sysbus_child(obj, "timer1", &s->timer1, sizeof(s->timer1), - TYPE_CMSDK_APB_TIMER); - init_sysbus_child(obj, "dualtimer", &s->dualtimer, sizeof(s->dualtimer= ), - TYPE_UNIMPLEMENTED_DEVICE); - object_initialize(&s->ppc_irq_orgate, sizeof(s->ppc_irq_orgate), - TYPE_OR_IRQ); - object_property_add_child(obj, "ppc-irq-orgate", - OBJECT(&s->ppc_irq_orgate), &error_abort); - object_initialize(&s->sec_resp_splitter, sizeof(s->sec_resp_splitter), - TYPE_SPLIT_IRQ); - object_property_add_child(obj, "sec-resp-splitter", - OBJECT(&s->sec_resp_splitter), &error_abort); + sysbus_init_child_obj(obj, "timer0", &s->timer0, sizeof(s->timer0), + TYPE_CMSDK_APB_TIMER); + sysbus_init_child_obj(obj, "timer1", &s->timer1, sizeof(s->timer1), + TYPE_CMSDK_APB_TIMER); + sysbus_init_child_obj(obj, "dualtimer", &s->dualtimer, sizeof(s->dualt= imer), + TYPE_UNIMPLEMENTED_DEVICE); + object_initialize_child(obj, "ppc-irq-orgate", &s->ppc_irq_orgate, + sizeof(s->ppc_irq_orgate), TYPE_OR_IRQ, + &error_abort, NULL); + object_initialize_child(obj, "sec-resp-splitter", &s->sec_resp_splitte= r, + sizeof(s->sec_resp_splitter), TYPE_SPLIT_IRQ, + &error_abort, NULL); for (i =3D 0; i < ARRAY_SIZE(s->ppc_irq_splitter); i++) { char *name =3D g_strdup_printf("ppc-irq-splitter-%d", i); SplitIRQ *splitter =3D &s->ppc_irq_splitter[i]; =20 - object_initialize(splitter, sizeof(*splitter), TYPE_SPLIT_IRQ); - object_property_add_child(obj, name, OBJECT(splitter), &error_abor= t); + object_initialize_child(obj, name, splitter, sizeof(*splitter), + TYPE_SPLIT_IRQ, &error_abort, NULL); + g_free(name); } - init_sysbus_child(obj, "s32ktimer", &s->s32ktimer, sizeof(s->s32ktimer= ), - TYPE_UNIMPLEMENTED_DEVICE); + sysbus_init_child_obj(obj, "s32ktimer", &s->s32ktimer, sizeof(s->s32kt= imer), + TYPE_UNIMPLEMENTED_DEVICE); } =20 static void iotkit_exp_irq(void *opaque, int n, int level) diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c index 661be88..7a5330f 100644 --- a/hw/intc/armv7m_nvic.c +++ b/hw/intc/armv7m_nvic.c @@ -2296,9 +2296,8 @@ static void armv7m_nvic_instance_init(Object *obj) NVICState *nvic =3D NVIC(obj); SysBusDevice *sbd =3D SYS_BUS_DEVICE(obj); =20 - object_initialize(&nvic->systick[M_REG_NS], - sizeof(nvic->systick[M_REG_NS]), TYPE_SYSTICK); - qdev_set_parent_bus(DEVICE(&nvic->systick[M_REG_NS]), sysbus_get_defau= lt()); + sysbus_init_child_obj(obj, "systick-reg-ns", &nvic->systick[M_REG_NS], + sizeof(nvic->systick[M_REG_NS]), TYPE_SYSTICK); /* We can't initialize the secure systick here, as we don't know * yet if we need it. */ --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746360001749.1594622170572; Mon, 16 Jul 2018 06:06:00 -0700 (PDT) Received: from localhost ([::1]:51279 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3CQ-0005Q1-Pl for importer@patchew.org; Mon, 16 Jul 2018 09:05:58 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43475) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36Y-0001ER-KF for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:55 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36X-000275-09 for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:54 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:58814 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36Q-00023e-P8; Mon, 16 Jul 2018 08:59:46 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3CE79400225D; Mon, 16 Jul 2018 12:59:46 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9C5FC1C589; Mon, 16 Jul 2018 12:59:44 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:22 +0200 Message-Id: <1531745974-17187-6-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Mon, 16 Jul 2018 12:59:46 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Mon, 16 Jul 2018 12:59:46 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 05/17] hw/cpu/a15mpcore: Fix introspection problem with the a15mpcore_priv device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" There is a memory management problem when introspecting the a15mpcore_priv device. It can be seen with valgrind when running QEMU like this: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'a15mpcore_priv'}}"\ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 12, "major": 2}, "package": "build-all"}, "capabilities": []}} {"return": {}} {"return": [{"name": "num-cpu", "type": "uint32"}, {"name": "num-irq", "type": "uint32"}, {"name": "a15mp-priv-container[0]", "type": "child"}]} =3D=3D24978=3D=3D Invalid read of size 8 =3D=3D24978=3D=3D at 0x618EBA: qdev_print (qdev-monitor.c:686) =3D=3D24978=3D=3D by 0x618EBA: qbus_print (qdev-monitor.c:719) [...] Use the new sysbus_init_child_obj() function to make sure that we get the reference counting of the child objects right. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis --- hw/cpu/a15mpcore.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/hw/cpu/a15mpcore.c b/hw/cpu/a15mpcore.c index bc05152..43c1079 100644 --- a/hw/cpu/a15mpcore.c +++ b/hw/cpu/a15mpcore.c @@ -35,15 +35,13 @@ static void a15mp_priv_initfn(Object *obj) { SysBusDevice *sbd =3D SYS_BUS_DEVICE(obj); A15MPPrivState *s =3D A15MPCORE_PRIV(obj); - DeviceState *gicdev; =20 memory_region_init(&s->container, obj, "a15mp-priv-container", 0x8000); sysbus_init_mmio(sbd, &s->container); =20 - object_initialize(&s->gic, sizeof(s->gic), gic_class_name()); - gicdev =3D DEVICE(&s->gic); - qdev_set_parent_bus(gicdev, sysbus_get_default()); - qdev_prop_set_uint32(gicdev, "revision", 2); + sysbus_init_child_obj(obj, "gic", &s->gic, sizeof(s->gic), + gic_class_name()); + qdev_prop_set_uint32(DEVICE(&s->gic), "revision", 2); } =20 static void a15mp_priv_realize(DeviceState *dev, Error **errp) --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746564851296.98191046788634; Mon, 16 Jul 2018 06:09:24 -0700 (PDT) Received: from localhost ([::1]:51298 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3FV-0007qp-Ob for importer@patchew.org; Mon, 16 Jul 2018 09:09:09 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43497) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36Z-0001G9-SW for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36Y-00028G-Tl for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:55 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:38014 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36S-00024R-Iz; Mon, 16 Jul 2018 08:59:48 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EA55341C1B; Mon, 16 Jul 2018 12:59:47 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 73D5B1C589; Mon, 16 Jul 2018 12:59:46 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:23 +0200 Message-Id: <1531745974-17187-7-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Mon, 16 Jul 2018 12:59:48 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Mon, 16 Jul 2018 12:59:48 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 06/17] hw/arm/msf2-soc: Fix introspection problem with the "msf2-soc" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Valgrind currently reports a problem when running QEMU like this: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'msf2-soc'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D23097=3D=3D Invalid read of size 8 =3D=3D23097=3D=3D at 0x6192AA: qdev_print (qdev-monitor.c:686) =3D=3D23097=3D=3D by 0x6192AA: qbus_print (qdev-monitor.c:719) [...] Use the new sysbus_init_child_obj() function to make sure that the child objects are cleaned up correctly when the parent gets destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/arm/msf2-soc.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/hw/arm/msf2-soc.c b/hw/arm/msf2-soc.c index edb3ba8..dbefade 100644 --- a/hw/arm/msf2-soc.c +++ b/hw/arm/msf2-soc.c @@ -68,19 +68,18 @@ static void m2sxxx_soc_initfn(Object *obj) MSF2State *s =3D MSF2_SOC(obj); int i; =20 - object_initialize(&s->armv7m, sizeof(s->armv7m), TYPE_ARMV7M); - qdev_set_parent_bus(DEVICE(&s->armv7m), sysbus_get_default()); + sysbus_init_child_obj(obj, "armv7m", &s->armv7m, sizeof(s->armv7m), + TYPE_ARMV7M); =20 - object_initialize(&s->sysreg, sizeof(s->sysreg), TYPE_MSF2_SYSREG); - qdev_set_parent_bus(DEVICE(&s->sysreg), sysbus_get_default()); + sysbus_init_child_obj(obj, "sysreg", &s->sysreg, sizeof(s->sysreg), + TYPE_MSF2_SYSREG); =20 - object_initialize(&s->timer, sizeof(s->timer), TYPE_MSS_TIMER); - qdev_set_parent_bus(DEVICE(&s->timer), sysbus_get_default()); + sysbus_init_child_obj(obj, "timer", &s->timer, sizeof(s->timer), + TYPE_MSS_TIMER); =20 for (i =3D 0; i < MSF2_NUM_SPIS; i++) { - object_initialize(&s->spi[i], sizeof(s->spi[i]), + sysbus_init_child_obj(obj, "spi[*]", &s->spi[i], sizeof(s->spi[i]), TYPE_MSS_SPI); - qdev_set_parent_bus(DEVICE(&s->spi[i]), sysbus_get_default()); } } =20 --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746387496213.19088378247932; Mon, 16 Jul 2018 06:06:27 -0700 (PDT) Received: from localhost ([::1]:51285 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3Cs-0005ox-BP for importer@patchew.org; Mon, 16 Jul 2018 09:06:26 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43500) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36Z-0001GA-TJ for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36Y-000289-Rc for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:55 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48754 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36U-00025I-8L; Mon, 16 Jul 2018 08:59:50 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C03E2401EF09; Mon, 16 Jul 2018 12:59:49 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2D5C01C589; Mon, 16 Jul 2018 12:59:48 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:24 +0200 Message-Id: <1531745974-17187-8-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:49 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:49 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 07/17] hw/cpu/a9mpcore: Fix introspection problems with the "a9mpcore_priv" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Running QEMU with valgrind indicates a problem here: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'a9mpcore_priv'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D30996=3D=3D Invalid read of size 8 =3D=3D30996=3D=3D at 0x6185DA: qdev_print (qdev-monitor.c:686) =3D=3D30996=3D=3D by 0x6185DA: qbus_print (qdev-monitor.c:719) =3D=3D30996=3D=3D by 0x452B38: handle_hmp_command (monitor.c:3446) [...] Use the new sysbus_init_child_obj() function to make sure that the objects are cleaned up correctly when the parent gets destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis --- hw/cpu/a9mpcore.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/hw/cpu/a9mpcore.c b/hw/cpu/a9mpcore.c index f17f292..a5b8678 100644 --- a/hw/cpu/a9mpcore.c +++ b/hw/cpu/a9mpcore.c @@ -27,20 +27,18 @@ static void a9mp_priv_initfn(Object *obj) memory_region_init(&s->container, obj, "a9mp-priv-container", 0x2000); sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->container); =20 - object_initialize(&s->scu, sizeof(s->scu), TYPE_A9_SCU); - qdev_set_parent_bus(DEVICE(&s->scu), sysbus_get_default()); + sysbus_init_child_obj(obj, "scu", &s->scu, sizeof(s->scu), TYPE_A9_SCU= ); =20 - object_initialize(&s->gic, sizeof(s->gic), TYPE_ARM_GIC); - qdev_set_parent_bus(DEVICE(&s->gic), sysbus_get_default()); + sysbus_init_child_obj(obj, "gic", &s->gic, sizeof(s->gic), TYPE_ARM_GI= C); =20 - object_initialize(&s->gtimer, sizeof(s->gtimer), TYPE_A9_GTIMER); - qdev_set_parent_bus(DEVICE(&s->gtimer), sysbus_get_default()); + sysbus_init_child_obj(obj, "gtimer", &s->gtimer, sizeof(s->gtimer), + TYPE_A9_GTIMER); =20 - object_initialize(&s->mptimer, sizeof(s->mptimer), TYPE_ARM_MPTIMER); - qdev_set_parent_bus(DEVICE(&s->mptimer), sysbus_get_default()); + sysbus_init_child_obj(obj, "mptimer", &s->mptimer, sizeof(s->mptimer), + TYPE_ARM_MPTIMER); =20 - object_initialize(&s->wdt, sizeof(s->wdt), TYPE_ARM_MPTIMER); - qdev_set_parent_bus(DEVICE(&s->wdt), sysbus_get_default()); + sysbus_init_child_obj(obj, "wdt", &s->wdt, sizeof(s->wdt), + TYPE_ARM_MPTIMER); } =20 static void a9mp_priv_realize(DeviceState *dev, Error **errp) --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746737223397.867437384348; Mon, 16 Jul 2018 06:12:17 -0700 (PDT) Received: from localhost ([::1]:51325 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3IW-0002MR-4O for importer@patchew.org; Mon, 16 Jul 2018 09:12:16 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43524) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36b-0001I5-6E for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:58 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36Z-00028o-Ub for qemu-devel@nongnu.org; Mon, 16 Jul 2018 08:59:57 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48584 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36W-00026T-4f; Mon, 16 Jul 2018 08:59:52 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9761081A4EBC; Mon, 16 Jul 2018 12:59:51 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 03FA31C589; Mon, 16 Jul 2018 12:59:49 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:25 +0200 Message-Id: <1531745974-17187-9-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 16 Jul 2018 12:59:51 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 16 Jul 2018 12:59:51 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 08/17] hw/arm/fsl-imx6: Fix introspection problems with the "fsl, imx6" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Running QEMU with valgrind indicates a problem here: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'fsl,imx6'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D32417=3D=3D Invalid read of size 8 =3D=3D32417=3D=3D at 0x618A7A: qdev_print (qdev-monitor.c:686) =3D=3D32417=3D=3D by 0x618A7A: qbus_print (qdev-monitor.c:719) =3D=3D32417=3D=3D by 0x452B38: handle_hmp_command (monitor.c:3446) [...] Use the new sysbus_init_child_obj() and object_initialize_child() to make sure that the objects are removed correctly when the parent gets destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/arm/fsl-imx6.c | 56 ++++++++++++++++++++-------------------------------= ---- 1 file changed, 20 insertions(+), 36 deletions(-) diff --git a/hw/arm/fsl-imx6.c b/hw/arm/fsl-imx6.c index 4f51bd9..7b7b97f 100644 --- a/hw/arm/fsl-imx6.c +++ b/hw/arm/fsl-imx6.c @@ -38,73 +38,57 @@ static void fsl_imx6_init(Object *obj) int i; =20 for (i =3D 0; i < MIN(smp_cpus, FSL_IMX6_NUM_CPUS); i++) { - object_initialize(&s->cpu[i], sizeof(s->cpu[i]), - "cortex-a9-" TYPE_ARM_CPU); snprintf(name, NAME_SIZE, "cpu%d", i); - object_property_add_child(obj, name, OBJECT(&s->cpu[i]), NULL); + object_initialize_child(obj, name, &s->cpu[i], sizeof(s->cpu[i]), + "cortex-a9-" TYPE_ARM_CPU, &error_abort, N= ULL); } =20 - object_initialize(&s->a9mpcore, sizeof(s->a9mpcore), TYPE_A9MPCORE_PRI= V); - qdev_set_parent_bus(DEVICE(&s->a9mpcore), sysbus_get_default()); - object_property_add_child(obj, "a9mpcore", OBJECT(&s->a9mpcore), NULL); + sysbus_init_child_obj(obj, "a9mpcore", &s->a9mpcore, sizeof(s->a9mpcor= e), + TYPE_A9MPCORE_PRIV); =20 - object_initialize(&s->ccm, sizeof(s->ccm), TYPE_IMX6_CCM); - qdev_set_parent_bus(DEVICE(&s->ccm), sysbus_get_default()); - object_property_add_child(obj, "ccm", OBJECT(&s->ccm), NULL); + sysbus_init_child_obj(obj, "ccm", &s->ccm, sizeof(s->ccm), TYPE_IMX6_C= CM); =20 - object_initialize(&s->src, sizeof(s->src), TYPE_IMX6_SRC); - qdev_set_parent_bus(DEVICE(&s->src), sysbus_get_default()); - object_property_add_child(obj, "src", OBJECT(&s->src), NULL); + sysbus_init_child_obj(obj, "src", &s->src, sizeof(s->src), TYPE_IMX6_S= RC); =20 for (i =3D 0; i < FSL_IMX6_NUM_UARTS; i++) { - object_initialize(&s->uart[i], sizeof(s->uart[i]), TYPE_IMX_SERIAL= ); - qdev_set_parent_bus(DEVICE(&s->uart[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "uart%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->uart[i]), NULL); + sysbus_init_child_obj(obj, name, &s->uart[i], sizeof(s->uart[i]), + TYPE_IMX_SERIAL); } =20 - object_initialize(&s->gpt, sizeof(s->gpt), TYPE_IMX6_GPT); - qdev_set_parent_bus(DEVICE(&s->gpt), sysbus_get_default()); - object_property_add_child(obj, "gpt", OBJECT(&s->gpt), NULL); + sysbus_init_child_obj(obj, "gpt", &s->gpt, sizeof(s->gpt), TYPE_IMX6_G= PT); =20 for (i =3D 0; i < FSL_IMX6_NUM_EPITS; i++) { - object_initialize(&s->epit[i], sizeof(s->epit[i]), TYPE_IMX_EPIT); - qdev_set_parent_bus(DEVICE(&s->epit[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "epit%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->epit[i]), NULL); + sysbus_init_child_obj(obj, name, &s->epit[i], sizeof(s->epit[i]), + TYPE_IMX_EPIT); } =20 for (i =3D 0; i < FSL_IMX6_NUM_I2CS; i++) { - object_initialize(&s->i2c[i], sizeof(s->i2c[i]), TYPE_IMX_I2C); - qdev_set_parent_bus(DEVICE(&s->i2c[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "i2c%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->i2c[i]), NULL); + sysbus_init_child_obj(obj, name, &s->i2c[i], sizeof(s->i2c[i]), + TYPE_IMX_I2C); } =20 for (i =3D 0; i < FSL_IMX6_NUM_GPIOS; i++) { - object_initialize(&s->gpio[i], sizeof(s->gpio[i]), TYPE_IMX_GPIO); - qdev_set_parent_bus(DEVICE(&s->gpio[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "gpio%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->gpio[i]), NULL); + sysbus_init_child_obj(obj, name, &s->gpio[i], sizeof(s->gpio[i]), + TYPE_IMX_GPIO); } =20 for (i =3D 0; i < FSL_IMX6_NUM_ESDHCS; i++) { - object_initialize(&s->esdhc[i], sizeof(s->esdhc[i]), TYPE_IMX_USDH= C); - qdev_set_parent_bus(DEVICE(&s->esdhc[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "sdhc%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->esdhc[i]), NULL); + sysbus_init_child_obj(obj, name, &s->esdhc[i], sizeof(s->esdhc[i]), + TYPE_IMX_USDHC); } =20 for (i =3D 0; i < FSL_IMX6_NUM_ECSPIS; i++) { - object_initialize(&s->spi[i], sizeof(s->spi[i]), TYPE_IMX_SPI); - qdev_set_parent_bus(DEVICE(&s->spi[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "spi%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->spi[i]), NULL); + sysbus_init_child_obj(obj, name, &s->spi[i], sizeof(s->spi[i]), + TYPE_IMX_SPI); } =20 - object_initialize(&s->eth, sizeof(s->eth), TYPE_IMX_ENET); - qdev_set_parent_bus(DEVICE(&s->eth), sysbus_get_default()); - object_property_add_child(obj, "eth", OBJECT(&s->eth), NULL); + sysbus_init_child_obj(obj, "eth", &s->eth, sizeof(s->eth), TYPE_IMX_EN= ET); } =20 static void fsl_imx6_realize(DeviceState *dev, Error **errp) --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746981902107.56283588400447; Mon, 16 Jul 2018 06:16:21 -0700 (PDT) Received: from localhost ([::1]:51382 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3MS-0005dF-Lv for importer@patchew.org; Mon, 16 Jul 2018 09:16:20 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43620) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36i-0001Ox-Dx for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36h-0002Cm-0Y for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:04 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48770 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36a-00028m-6p; Mon, 16 Jul 2018 08:59:56 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A460F401EF09; Mon, 16 Jul 2018 12:59:55 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id CF74E1C589; Mon, 16 Jul 2018 12:59:51 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:26 +0200 Message-Id: <1531745974-17187-10-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:55 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:55 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 09/17] hw/arm/fsl-imx7: Fix introspection problems with the "fsl, imx7" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Running QEMU with valgrind indicates a problem here: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'fsl,imx7'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D27284=3D=3D Invalid read of size 8 =3D=3D27284=3D=3D at 0x618F7A: qdev_print (qdev-monitor.c:686) =3D=3D27284=3D=3D by 0x618F7A: qbus_print (qdev-monitor.c:719) =3D=3D27284=3D=3D by 0x452B38: handle_hmp_command (monitor.c:3446) [...] Use the new sysbus_init_child_obj() and object_initialize_child() to make sure that the objects are removed correctly when the parent gets destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/arm/fsl-imx7.c | 97 +++++++++++++++++++--------------------------------= ---- 1 file changed, 33 insertions(+), 64 deletions(-) diff --git a/hw/arm/fsl-imx7.c b/hw/arm/fsl-imx7.c index 44fde03..d5e2685 100644 --- a/hw/arm/fsl-imx7.c +++ b/hw/arm/fsl-imx7.c @@ -30,157 +30,126 @@ =20 static void fsl_imx7_init(Object *obj) { - BusState *sysbus =3D sysbus_get_default(); FslIMX7State *s =3D FSL_IMX7(obj); char name[NAME_SIZE]; int i; =20 =20 for (i =3D 0; i < MIN(smp_cpus, FSL_IMX7_NUM_CPUS); i++) { - object_initialize(&s->cpu[i], sizeof(s->cpu[i]), - ARM_CPU_TYPE_NAME("cortex-a7")); snprintf(name, NAME_SIZE, "cpu%d", i); - object_property_add_child(obj, name, OBJECT(&s->cpu[i]), - &error_fatal); + object_initialize_child(obj, name, &s->cpu[i], sizeof(s->cpu[i]), + ARM_CPU_TYPE_NAME("cortex-a7"), &error_abo= rt, + NULL); } =20 /* * A7MPCORE */ - object_initialize(&s->a7mpcore, sizeof(s->a7mpcore), TYPE_A15MPCORE_PR= IV); - qdev_set_parent_bus(DEVICE(&s->a7mpcore), sysbus); - object_property_add_child(obj, "a7mpcore", - OBJECT(&s->a7mpcore), &error_fatal); + sysbus_init_child_obj(obj, "a7mpcore", &s->a7mpcore, sizeof(s->a7mpcor= e), + TYPE_A15MPCORE_PRIV); =20 /* * GPIOs 1 to 7 */ for (i =3D 0; i < FSL_IMX7_NUM_GPIOS; i++) { - object_initialize(&s->gpio[i], sizeof(s->gpio[i]), - TYPE_IMX_GPIO); - qdev_set_parent_bus(DEVICE(&s->gpio[i]), sysbus); snprintf(name, NAME_SIZE, "gpio%d", i); - object_property_add_child(obj, name, - OBJECT(&s->gpio[i]), &error_fatal); + sysbus_init_child_obj(obj, name, &s->gpio[i], sizeof(s->gpio[i]), + TYPE_IMX_GPIO); } =20 /* * GPT1, 2, 3, 4 */ for (i =3D 0; i < FSL_IMX7_NUM_GPTS; i++) { - object_initialize(&s->gpt[i], sizeof(s->gpt[i]), TYPE_IMX7_GPT); - qdev_set_parent_bus(DEVICE(&s->gpt[i]), sysbus); snprintf(name, NAME_SIZE, "gpt%d", i); - object_property_add_child(obj, name, OBJECT(&s->gpt[i]), - &error_fatal); + sysbus_init_child_obj(obj, name, &s->gpt[i], sizeof(s->gpt[i]), + TYPE_IMX7_GPT); } =20 /* * CCM */ - object_initialize(&s->ccm, sizeof(s->ccm), TYPE_IMX7_CCM); - qdev_set_parent_bus(DEVICE(&s->ccm), sysbus); - object_property_add_child(obj, "ccm", OBJECT(&s->ccm), &error_fatal); + sysbus_init_child_obj(obj, "ccm", &s->ccm, sizeof(s->ccm), TYPE_IMX7_C= CM); =20 /* * Analog */ - object_initialize(&s->analog, sizeof(s->analog), TYPE_IMX7_ANALOG); - qdev_set_parent_bus(DEVICE(&s->analog), sysbus); - object_property_add_child(obj, "analog", OBJECT(&s->analog), &error_fa= tal); + sysbus_init_child_obj(obj, "analog", &s->analog, sizeof(s->analog), + TYPE_IMX7_ANALOG); =20 /* * GPCv2 */ - object_initialize(&s->gpcv2, sizeof(s->gpcv2), TYPE_IMX_GPCV2); - qdev_set_parent_bus(DEVICE(&s->gpcv2), sysbus); - object_property_add_child(obj, "gpcv2", OBJECT(&s->gpcv2), &error_fata= l); + sysbus_init_child_obj(obj, "gpcv2", &s->gpcv2, sizeof(s->gpcv2), + TYPE_IMX_GPCV2); =20 for (i =3D 0; i < FSL_IMX7_NUM_ECSPIS; i++) { - object_initialize(&s->spi[i], sizeof(s->spi[i]), TYPE_IMX_SPI); - qdev_set_parent_bus(DEVICE(&s->spi[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "spi%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->spi[i]), NULL); + sysbus_init_child_obj(obj, name, &s->spi[i], sizeof(s->spi[i]), + TYPE_IMX_SPI); } =20 =20 for (i =3D 0; i < FSL_IMX7_NUM_I2CS; i++) { - object_initialize(&s->i2c[i], sizeof(s->i2c[i]), TYPE_IMX_I2C); - qdev_set_parent_bus(DEVICE(&s->i2c[i]), sysbus_get_default()); snprintf(name, NAME_SIZE, "i2c%d", i + 1); - object_property_add_child(obj, name, OBJECT(&s->i2c[i]), NULL); + sysbus_init_child_obj(obj, name, &s->i2c[i], sizeof(s->i2c[i]), + TYPE_IMX_I2C); } =20 /* * UART */ for (i =3D 0; i < FSL_IMX7_NUM_UARTS; i++) { - object_initialize(&s->uart[i], sizeof(s->uart[i]), TYPE_IMX_SE= RIAL); - qdev_set_parent_bus(DEVICE(&s->uart[i]), sysbus); snprintf(name, NAME_SIZE, "uart%d", i); - object_property_add_child(obj, name, OBJECT(&s->uart[i]), - &error_fatal); + sysbus_init_child_obj(obj, name, &s->uart[i], sizeof(s->uart[i= ]), + TYPE_IMX_SERIAL); } =20 /* * Ethernet */ for (i =3D 0; i < FSL_IMX7_NUM_ETHS; i++) { - object_initialize(&s->eth[i], sizeof(s->eth[i]), TYPE_IMX_ENET= ); - qdev_set_parent_bus(DEVICE(&s->eth[i]), sysbus); snprintf(name, NAME_SIZE, "eth%d", i); - object_property_add_child(obj, name, OBJECT(&s->eth[i]), - &error_fatal); + sysbus_init_child_obj(obj, name, &s->eth[i], sizeof(s->eth[i]), + TYPE_IMX_ENET); } =20 /* * SDHCI */ for (i =3D 0; i < FSL_IMX7_NUM_USDHCS; i++) { - object_initialize(&s->usdhc[i], sizeof(s->usdhc[i]), - TYPE_IMX_USDHC); - qdev_set_parent_bus(DEVICE(&s->usdhc[i]), sysbus); snprintf(name, NAME_SIZE, "usdhc%d", i); - object_property_add_child(obj, name, OBJECT(&s->usdhc[i]), - &error_fatal); + sysbus_init_child_obj(obj, name, &s->usdhc[i], sizeof(s->usdhc= [i]), + TYPE_IMX_USDHC); } =20 /* * SNVS */ - object_initialize(&s->snvs, sizeof(s->snvs), TYPE_IMX7_SNVS); - qdev_set_parent_bus(DEVICE(&s->snvs), sysbus); - object_property_add_child(obj, "snvs", OBJECT(&s->snvs), &error_fatal); + sysbus_init_child_obj(obj, "snvs", &s->snvs, sizeof(s->snvs), + TYPE_IMX7_SNVS); =20 /* * Watchdog */ for (i =3D 0; i < FSL_IMX7_NUM_WDTS; i++) { - object_initialize(&s->wdt[i], sizeof(s->wdt[i]), TYPE_IMX2_WDT= ); - qdev_set_parent_bus(DEVICE(&s->wdt[i]), sysbus); snprintf(name, NAME_SIZE, "wdt%d", i); - object_property_add_child(obj, name, OBJECT(&s->wdt[i]), - &error_fatal); + sysbus_init_child_obj(obj, name, &s->wdt[i], sizeof(s->wdt[i]), + TYPE_IMX2_WDT); } =20 /* * GPR */ - object_initialize(&s->gpr, sizeof(s->gpr), TYPE_IMX7_GPR); - qdev_set_parent_bus(DEVICE(&s->gpr), sysbus); - object_property_add_child(obj, "gpr", OBJECT(&s->gpr), &error_fatal); + sysbus_init_child_obj(obj, "gpr", &s->gpr, sizeof(s->gpr), TYPE_IMX7_G= PR); =20 - object_initialize(&s->pcie, sizeof(s->pcie), TYPE_DESIGNWARE_PCIE_HOST= ); - qdev_set_parent_bus(DEVICE(&s->pcie), sysbus); - object_property_add_child(obj, "pcie", OBJECT(&s->pcie), &error_fatal); + sysbus_init_child_obj(obj, "pcie", &s->pcie, sizeof(s->pcie), + TYPE_DESIGNWARE_PCIE_HOST); =20 for (i =3D 0; i < FSL_IMX7_NUM_USBS; i++) { - object_initialize(&s->usb[i], - sizeof(s->usb[i]), TYPE_CHIPIDEA); - qdev_set_parent_bus(DEVICE(&s->usb[i]), sysbus); snprintf(name, NAME_SIZE, "usb%d", i); - object_property_add_child(obj, name, - OBJECT(&s->usb[i]), &error_fatal); + sysbus_init_child_obj(obj, name, &s->usb[i], sizeof(s->usb[i]), + TYPE_CHIPIDEA); } } =20 --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746949229845.3860581275145; Mon, 16 Jul 2018 06:15:49 -0700 (PDT) Received: from localhost ([::1]:51377 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3Lw-0005AI-3q for importer@patchew.org; Mon, 16 Jul 2018 09:15:48 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43669) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36o-0001Tj-6j for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36i-0002Ew-89 for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:10 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48780 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36c-00029o-1H; Mon, 16 Jul 2018 08:59:58 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7A639401EF11; Mon, 16 Jul 2018 12:59:57 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id DBCF71C589; Mon, 16 Jul 2018 12:59:55 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:27 +0200 Message-Id: <1531745974-17187-11-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:57 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:57 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 10/17] hw/arm/fsl-imx25: Fix introspection problem with the "fsl, imx25" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Running QEMU with valgrind indicates a problem here: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'fsl,imx25'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D26724=3D=3D Invalid read of size 8 =3D=3D26724=3D=3D at 0x6190DA: qdev_print (qdev-monitor.c:686) =3D=3D26724=3D=3D by 0x6190DA: qbus_print (qdev-monitor.c:719) [...] Use the new sysbus_init_child_obj() to make sure that the objects are cleaned up correctly when the parent gets destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/arm/fsl-imx25.c | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/hw/arm/fsl-imx25.c b/hw/arm/fsl-imx25.c index 37056f9..bd07040 100644 --- a/hw/arm/fsl-imx25.c +++ b/hw/arm/fsl-imx25.c @@ -39,38 +39,36 @@ static void fsl_imx25_init(Object *obj) =20 object_initialize(&s->cpu, sizeof(s->cpu), "arm926-" TYPE_ARM_CPU); =20 - object_initialize(&s->avic, sizeof(s->avic), TYPE_IMX_AVIC); - qdev_set_parent_bus(DEVICE(&s->avic), sysbus_get_default()); + sysbus_init_child_obj(obj, "avic", &s->avic, sizeof(s->avic), + TYPE_IMX_AVIC); =20 - object_initialize(&s->ccm, sizeof(s->ccm), TYPE_IMX25_CCM); - qdev_set_parent_bus(DEVICE(&s->ccm), sysbus_get_default()); + sysbus_init_child_obj(obj, "ccm", &s->ccm, sizeof(s->ccm), TYPE_IMX25_= CCM); =20 for (i =3D 0; i < FSL_IMX25_NUM_UARTS; i++) { - object_initialize(&s->uart[i], sizeof(s->uart[i]), TYPE_IMX_SERIAL= ); - qdev_set_parent_bus(DEVICE(&s->uart[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "uart[*]", &s->uart[i], sizeof(s->uart[= i]), + TYPE_IMX_SERIAL); } =20 for (i =3D 0; i < FSL_IMX25_NUM_GPTS; i++) { - object_initialize(&s->gpt[i], sizeof(s->gpt[i]), TYPE_IMX25_GPT); - qdev_set_parent_bus(DEVICE(&s->gpt[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "gpt[*]", &s->gpt[i], sizeof(s->gpt[i]), + TYPE_IMX25_GPT); } =20 for (i =3D 0; i < FSL_IMX25_NUM_EPITS; i++) { - object_initialize(&s->epit[i], sizeof(s->epit[i]), TYPE_IMX_EPIT); - qdev_set_parent_bus(DEVICE(&s->epit[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "epit[*]", &s->epit[i], sizeof(s->epit[= i]), + TYPE_IMX_EPIT); } =20 - object_initialize(&s->fec, sizeof(s->fec), TYPE_IMX_FEC); - qdev_set_parent_bus(DEVICE(&s->fec), sysbus_get_default()); + sysbus_init_child_obj(obj, "fec", &s->fec, sizeof(s->fec), TYPE_IMX_FE= C); =20 for (i =3D 0; i < FSL_IMX25_NUM_I2CS; i++) { - object_initialize(&s->i2c[i], sizeof(s->i2c[i]), TYPE_IMX_I2C); - qdev_set_parent_bus(DEVICE(&s->i2c[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "i2c[*]", &s->i2c[i], sizeof(s->i2c[i]), + TYPE_IMX_I2C); } =20 for (i =3D 0; i < FSL_IMX25_NUM_GPIOS; i++) { - object_initialize(&s->gpio[i], sizeof(s->gpio[i]), TYPE_IMX_GPIO); - qdev_set_parent_bus(DEVICE(&s->gpio[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "gpio[*]", &s->gpio[i], sizeof(s->gpio[= i]), + TYPE_IMX_GPIO); } } =20 --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746917276956.3541264152673; Mon, 16 Jul 2018 06:15:17 -0700 (PDT) Received: from localhost ([::1]:51353 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3LK-0004gy-VX for importer@patchew.org; Mon, 16 Jul 2018 09:15:11 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43667) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36o-0001Th-0x for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36i-0002F6-AH for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:10 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48792 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36d-0002Au-SM; Mon, 16 Jul 2018 08:59:59 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 53DDD401EF09; Mon, 16 Jul 2018 12:59:59 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id B22AA1C589; Mon, 16 Jul 2018 12:59:57 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:28 +0200 Message-Id: <1531745974-17187-12-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:59 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 12:59:59 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 11/17] hw/arm/fsl-imx31: Fix introspection problem with the "fsl, imx31" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Running QEMU with valgrind indicates a problem here: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'fsl,imx31'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D26172=3D=3D Invalid read of size 8 =3D=3D26172=3D=3D at 0x6191FA: qdev_print (qdev-monitor.c:686) =3D=3D26172=3D=3D by 0x6191FA: qbus_print (qdev-monitor.c:719) [...] Use the new sysbus_init_child_obj() to make sure that the objects are cleaned up correctly when the parent gets destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/arm/fsl-imx31.c | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/hw/arm/fsl-imx31.c b/hw/arm/fsl-imx31.c index 891850c..ec8239a 100644 --- a/hw/arm/fsl-imx31.c +++ b/hw/arm/fsl-imx31.c @@ -36,33 +36,31 @@ static void fsl_imx31_init(Object *obj) =20 object_initialize(&s->cpu, sizeof(s->cpu), "arm1136-" TYPE_ARM_CPU); =20 - object_initialize(&s->avic, sizeof(s->avic), TYPE_IMX_AVIC); - qdev_set_parent_bus(DEVICE(&s->avic), sysbus_get_default()); + sysbus_init_child_obj(obj, "avic", &s->avic, sizeof(s->avic), + TYPE_IMX_AVIC); =20 - object_initialize(&s->ccm, sizeof(s->ccm), TYPE_IMX31_CCM); - qdev_set_parent_bus(DEVICE(&s->ccm), sysbus_get_default()); + sysbus_init_child_obj(obj, "ccm", &s->ccm, sizeof(s->ccm), TYPE_IMX31_= CCM); =20 for (i =3D 0; i < FSL_IMX31_NUM_UARTS; i++) { - object_initialize(&s->uart[i], sizeof(s->uart[i]), TYPE_IMX_SERIAL= ); - qdev_set_parent_bus(DEVICE(&s->uart[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "uart[*]", &s->uart[i], sizeof(s->uart[= i]), + TYPE_IMX_SERIAL); } =20 - object_initialize(&s->gpt, sizeof(s->gpt), TYPE_IMX31_GPT); - qdev_set_parent_bus(DEVICE(&s->gpt), sysbus_get_default()); + sysbus_init_child_obj(obj, "gpt", &s->gpt, sizeof(s->gpt), TYPE_IMX31_= GPT); =20 for (i =3D 0; i < FSL_IMX31_NUM_EPITS; i++) { - object_initialize(&s->epit[i], sizeof(s->epit[i]), TYPE_IMX_EPIT); - qdev_set_parent_bus(DEVICE(&s->epit[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "epit[*]", &s->epit[i], sizeof(s->epit[= i]), + TYPE_IMX_EPIT); } =20 for (i =3D 0; i < FSL_IMX31_NUM_I2CS; i++) { - object_initialize(&s->i2c[i], sizeof(s->i2c[i]), TYPE_IMX_I2C); - qdev_set_parent_bus(DEVICE(&s->i2c[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "i2c[*]", &s->i2c[i], sizeof(s->i2c[i]), + TYPE_IMX_I2C); } =20 for (i =3D 0; i < FSL_IMX31_NUM_GPIOS; i++) { - object_initialize(&s->gpio[i], sizeof(s->gpio[i]), TYPE_IMX_GPIO); - qdev_set_parent_bus(DEVICE(&s->gpio[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "gpio[*]", &s->gpio[i], sizeof(s->gpio[= i]), + TYPE_IMX_GPIO); } } =20 --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 15317471690377.8725031798393275; Mon, 16 Jul 2018 06:19:29 -0700 (PDT) Received: from localhost ([::1]:51436 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3PT-0007wK-QZ for importer@patchew.org; Mon, 16 Jul 2018 09:19:27 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43724) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36t-0001ah-2v for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36p-0002Og-BR for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:15 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48804 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36f-0002CC-QP; Mon, 16 Jul 2018 09:00:01 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2CD6E401EF11; Mon, 16 Jul 2018 13:00:01 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 89E571C589; Mon, 16 Jul 2018 12:59:59 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:29 +0200 Message-Id: <1531745974-17187-13-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 13:00:01 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Mon, 16 Jul 2018 13:00:01 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 12/17] hw/cpu/arm11mpcore: Fix introspection problem with 'arm11mpcore_priv' X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Valgrind reports an error here: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'arm11mpcore_priv'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D3145=3D=3D Invalid read of size 8 =3D=3D3145=3D=3D at 0x61873A: qdev_print (qdev-monitor.c:686) =3D=3D3145=3D=3D by 0x61873A: qbus_print (qdev-monitor.c:719) [...] Use sysbus_init_child_obj() to fix it. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis --- hw/cpu/arm11mpcore.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/hw/cpu/arm11mpcore.c b/hw/cpu/arm11mpcore.c index eb24465..8aead37 100644 --- a/hw/cpu/arm11mpcore.c +++ b/hw/cpu/arm11mpcore.c @@ -121,19 +121,17 @@ static void mpcore_priv_initfn(Object *obj) "mpcore-priv-container", 0x2000); sysbus_init_mmio(sbd, &s->container); =20 - object_initialize(&s->scu, sizeof(s->scu), TYPE_ARM11_SCU); - qdev_set_parent_bus(DEVICE(&s->scu), sysbus_get_default()); + sysbus_init_child_obj(obj, "scu", &s->scu, sizeof(s->scu), TYPE_ARM11_= SCU); =20 - object_initialize(&s->gic, sizeof(s->gic), TYPE_ARM_GIC); - qdev_set_parent_bus(DEVICE(&s->gic), sysbus_get_default()); + sysbus_init_child_obj(obj, "gic", &s->gic, sizeof(s->gic), TYPE_ARM_GI= C); /* Request the legacy 11MPCore GIC behaviour: */ qdev_prop_set_uint32(DEVICE(&s->gic), "revision", 0); =20 - object_initialize(&s->mptimer, sizeof(s->mptimer), TYPE_ARM_MPTIMER); - qdev_set_parent_bus(DEVICE(&s->mptimer), sysbus_get_default()); + sysbus_init_child_obj(obj, "mptimer", &s->mptimer, sizeof(s->mptimer), + TYPE_ARM_MPTIMER); =20 - object_initialize(&s->wdtimer, sizeof(s->wdtimer), TYPE_ARM_MPTIMER); - qdev_set_parent_bus(DEVICE(&s->wdtimer), sysbus_get_default()); + sysbus_init_child_obj(obj, "wdtimer", &s->wdtimer, sizeof(s->wdtimer), + TYPE_ARM_MPTIMER); } =20 static Property mpcore_priv_properties[] =3D { --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531746655666973.0661656190716; Mon, 16 Jul 2018 06:10:55 -0700 (PDT) Received: from localhost ([::1]:51313 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3HC-0001KI-GO for importer@patchew.org; Mon, 16 Jul 2018 09:10:54 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43753) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36z-0001i1-Fm for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36t-0002SM-RN for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:21 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35432 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36i-0002Fn-SW; Mon, 16 Jul 2018 09:00:04 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 54B007C6A9; Mon, 16 Jul 2018 13:00:04 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 619FD1C589; Mon, 16 Jul 2018 13:00:01 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:30 +0200 Message-Id: <1531745974-17187-14-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:04 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:04 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 13/17] hw/*/realview: Fix introspection problem with 'realview_mpcore' & 'realview_gic' X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'realview_mpcore'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D2654=3D=3D Invalid read of size 8 =3D=3D2654=3D=3D at 0x61878A: qdev_print (qdev-monitor.c:686) =3D=3D2654=3D=3D by 0x61878A: qbus_print (qdev-monitor.c:719) =3D=3D2654=3D=3D by 0x452B38: handle_hmp_command (monitor.c:3446) =3D=3D2654=3D=3D by 0x452D70: qmp_human_monitor_command (monitor.c:821) [...] Use sysbus_init_child_obj() to fix it. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/cpu/realview_mpcore.c | 8 ++++---- hw/intc/realview_gic.c | 7 ++----- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/hw/cpu/realview_mpcore.c b/hw/cpu/realview_mpcore.c index 39d4ebe..9d3f837 100644 --- a/hw/cpu/realview_mpcore.c +++ b/hw/cpu/realview_mpcore.c @@ -101,14 +101,14 @@ static void mpcore_rirq_init(Object *obj) SysBusDevice *privbusdev; int i; =20 - object_initialize(&s->priv, sizeof(s->priv), TYPE_ARM11MPCORE_PRIV); - qdev_set_parent_bus(DEVICE(&s->priv), sysbus_get_default()); + sysbus_init_child_obj(obj, "a11priv", &s->priv, sizeof(s->priv), + TYPE_ARM11MPCORE_PRIV); privbusdev =3D SYS_BUS_DEVICE(&s->priv); sysbus_init_mmio(sbd, sysbus_mmio_get_region(privbusdev, 0)); =20 for (i =3D 0; i < 4; i++) { - object_initialize(&s->gic[i], sizeof(s->gic[i]), TYPE_REALVIEW_GIC= ); - qdev_set_parent_bus(DEVICE(&s->gic[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "gic[*]", &s->gic[i], sizeof(s->gic[i]), + TYPE_REALVIEW_GIC); } } =20 diff --git a/hw/intc/realview_gic.c b/hw/intc/realview_gic.c index 50bbab6..7f2ff85 100644 --- a/hw/intc/realview_gic.c +++ b/hw/intc/realview_gic.c @@ -54,16 +54,13 @@ static void realview_gic_init(Object *obj) { SysBusDevice *sbd =3D SYS_BUS_DEVICE(obj); RealViewGICState *s =3D REALVIEW_GIC(obj); - DeviceState *gicdev; =20 memory_region_init(&s->container, OBJECT(s), "realview-gic-container", 0x2000); sysbus_init_mmio(sbd, &s->container); =20 - object_initialize(&s->gic, sizeof(s->gic), TYPE_ARM_GIC); - gicdev =3D DEVICE(&s->gic); - qdev_set_parent_bus(gicdev, sysbus_get_default()); - qdev_prop_set_uint32(gicdev, "num-cpu", 1); + sysbus_init_child_obj(obj, "gic", &s->gic, sizeof(s->gic), TYPE_ARM_GI= C); + qdev_prop_set_uint32(DEVICE(&s->gic), "num-cpu", 1); } =20 static void realview_gic_class_init(ObjectClass *oc, void *data) --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531747216176141.62743497747886; Mon, 16 Jul 2018 06:20:16 -0700 (PDT) Received: from localhost ([::1]:51453 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3QA-00007m-0B for importer@patchew.org; Mon, 16 Jul 2018 09:20:10 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43745) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff36x-0001db-4i for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36s-0002Rk-G6 for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:19 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:48628 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36k-0002Gb-Nx; Mon, 16 Jul 2018 09:00:07 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2C4DC8163C5F; Mon, 16 Jul 2018 13:00:06 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8CDF61C589; Mon, 16 Jul 2018 13:00:04 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:31 +0200 Message-Id: <1531745974-17187-15-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 16 Jul 2018 13:00:06 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Mon, 16 Jul 2018 13:00:06 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 14/17] hw/arm/allwinner-a10: Fix introspection problem with 'allwinner-a10' X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Valgrind complains: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'allwinner-a10'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D32519=3D=3D Invalid read of size 8 =3D=3D32519=3D=3D at 0x61869A: qdev_print (qdev-monitor.c:686) =3D=3D32519=3D=3D by 0x61869A: qbus_print (qdev-monitor.c:719) =3D=3D32519=3D=3D by 0x452B38: handle_hmp_command (monitor.c:3446) [...] Use object_initialize_child() and sysbus_init_child_obj() to fix the issue. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth --- hw/arm/allwinner-a10.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/hw/arm/allwinner-a10.c b/hw/arm/allwinner-a10.c index c5fbc65..9fe875c 100644 --- a/hw/arm/allwinner-a10.c +++ b/hw/arm/allwinner-a10.c @@ -27,20 +27,19 @@ static void aw_a10_init(Object *obj) { AwA10State *s =3D AW_A10(obj); =20 - object_initialize(&s->cpu, sizeof(s->cpu), "cortex-a8-" TYPE_ARM_CPU); - object_property_add_child(obj, "cpu", OBJECT(&s->cpu), NULL); + object_initialize_child(obj, "cpu", &s->cpu, sizeof(s->cpu), + "cortex-a8-" TYPE_ARM_CPU, &error_abort, NULL); =20 - object_initialize(&s->intc, sizeof(s->intc), TYPE_AW_A10_PIC); - qdev_set_parent_bus(DEVICE(&s->intc), sysbus_get_default()); + sysbus_init_child_obj(obj, "intc", &s->intc, sizeof(s->intc), + TYPE_AW_A10_PIC); =20 - object_initialize(&s->timer, sizeof(s->timer), TYPE_AW_A10_PIT); - qdev_set_parent_bus(DEVICE(&s->timer), sysbus_get_default()); + sysbus_init_child_obj(obj, "timer", &s->timer, sizeof(s->timer), + TYPE_AW_A10_PIT); =20 - object_initialize(&s->emac, sizeof(s->emac), TYPE_AW_EMAC); - qdev_set_parent_bus(DEVICE(&s->emac), sysbus_get_default()); + sysbus_init_child_obj(obj, "emac", &s->emac, sizeof(s->emac), TYPE_AW_= EMAC); =20 - object_initialize(&s->sata, sizeof(s->sata), TYPE_ALLWINNER_AHCI); - qdev_set_parent_bus(DEVICE(&s->sata), sysbus_get_default()); + sysbus_init_child_obj(obj, "sata", &s->sata, sizeof(s->sata), + TYPE_ALLWINNER_AHCI); } =20 static void aw_a10_realize(DeviceState *dev, Error **errp) --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531747333199617.8612116550361; Mon, 16 Jul 2018 06:22:13 -0700 (PDT) Received: from localhost ([::1]:51471 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3S1-0001dB-QE for importer@patchew.org; Mon, 16 Jul 2018 09:22:05 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43776) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff375-0001nW-E2 for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:28 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36z-0002U1-BR for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:27 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35440 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36m-0002HZ-Ij; Mon, 16 Jul 2018 09:00:08 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 03F837C6A9; Mon, 16 Jul 2018 13:00:08 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 641771C589; Mon, 16 Jul 2018 13:00:06 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:32 +0200 Message-Id: <1531745974-17187-16-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:08 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:08 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 15/17] hw/arm/stm32f205_soc: Fix introspection problem with 'stm32f205-soc' device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Valgrind complains: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'stm32f205-soc'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" | \ valgrind -q aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp= stdio [...] =3D=3D28531=3D=3D Invalid read of size 8 =3D=3D28531=3D=3D at 0x6185BA: qdev_print (qdev-monitor.c:686) =3D=3D28531=3D=3D by 0x6185BA: qbus_print (qdev-monitor.c:719) =3D=3D28531=3D=3D by 0x452B38: handle_hmp_command (monitor.c:3446) [...] Fix it with the new sysbus_init_child_obj() function. Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis Reviewed-by: Eduardo Habkost Reviewed-by: Peter Maydell --- hw/arm/stm32f205_soc.c | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/hw/arm/stm32f205_soc.c b/hw/arm/stm32f205_soc.c index 2b2135d..c486d06 100644 --- a/hw/arm/stm32f205_soc.c +++ b/hw/arm/stm32f205_soc.c @@ -49,36 +49,32 @@ static void stm32f205_soc_initfn(Object *obj) STM32F205State *s =3D STM32F205_SOC(obj); int i; =20 - object_initialize(&s->armv7m, sizeof(s->armv7m), TYPE_ARMV7M); - qdev_set_parent_bus(DEVICE(&s->armv7m), sysbus_get_default()); + sysbus_init_child_obj(obj, "armv7m", &s->armv7m, sizeof(s->armv7m), + TYPE_ARMV7M); =20 - object_initialize(&s->syscfg, sizeof(s->syscfg), TYPE_STM32F2XX_SYSCFG= ); - qdev_set_parent_bus(DEVICE(&s->syscfg), sysbus_get_default()); + sysbus_init_child_obj(obj, "syscfg", &s->syscfg, sizeof(s->syscfg), + TYPE_STM32F2XX_SYSCFG); =20 for (i =3D 0; i < STM_NUM_USARTS; i++) { - object_initialize(&s->usart[i], sizeof(s->usart[i]), - TYPE_STM32F2XX_USART); - qdev_set_parent_bus(DEVICE(&s->usart[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "usart[*]", &s->usart[i], + sizeof(s->usart[i]), TYPE_STM32F2XX_USART); } =20 for (i =3D 0; i < STM_NUM_TIMERS; i++) { - object_initialize(&s->timer[i], sizeof(s->timer[i]), - TYPE_STM32F2XX_TIMER); - qdev_set_parent_bus(DEVICE(&s->timer[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "timer[*]", &s->timer[i], + sizeof(s->timer[i]), TYPE_STM32F2XX_TIMER); } =20 s->adc_irqs =3D OR_IRQ(object_new(TYPE_OR_IRQ)); =20 for (i =3D 0; i < STM_NUM_ADCS; i++) { - object_initialize(&s->adc[i], sizeof(s->adc[i]), - TYPE_STM32F2XX_ADC); - qdev_set_parent_bus(DEVICE(&s->adc[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "adc[*]", &s->adc[i], sizeof(s->adc[i]), + TYPE_STM32F2XX_ADC); } =20 for (i =3D 0; i < STM_NUM_SPIS; i++) { - object_initialize(&s->spi[i], sizeof(s->spi[i]), - TYPE_STM32F2XX_SPI); - qdev_set_parent_bus(DEVICE(&s->spi[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "spi[*]", &s->spi[i], sizeof(s->spi[i]), + TYPE_STM32F2XX_SPI); } } =20 --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531747347160597.1831749283369; Mon, 16 Jul 2018 06:22:27 -0700 (PDT) Received: from localhost ([::1]:51472 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3SL-0001vH-PW for importer@patchew.org; Mon, 16 Jul 2018 09:22:25 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43778) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff375-0001nj-O3 for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:33 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff370-0002UV-J5 for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:27 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35456 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36o-0002L3-BM; Mon, 16 Jul 2018 09:00:10 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CE61D7DAC6; Mon, 16 Jul 2018 13:00:09 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3B1111C589; Mon, 16 Jul 2018 13:00:08 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:33 +0200 Message-Id: <1531745974-17187-17-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:09 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:09 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 16/17] hw/display/xlnx_dp: Move problematic code from instance_init to realize X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Paolo Bonzini aux_create_slave() calls qdev_init_nofail() which in turn "realizes" the corresponding object. This is unlike qdev_create(), and it is wrong because qdev_init_nofail() must not be called from an instance_init function. Move qdev_init_nofail() and the subsequent aux_map_slave into the caller's realize function. There are two more bugs that needs to be fixed here, too, where the objects are created but not added as children. Therefore when you call object_unparent on them, nothing happens. In particular dpcd and edid give you an infinite loop in bus_unparent, because device_unparent is not called and does not remove them from the list of devices on the bus. Reported-by: Thomas Huth Signed-off-by: Paolo Bonzini [thuth: Added Paolo's fixup for the dpcd and edid unparenting] Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis Reviewed-by: Peter Maydell --- hw/display/xlnx_dp.c | 8 +++++++- hw/misc/auxbus.c | 18 ++++++++++++------ include/hw/misc/auxbus.h | 14 +++++++++++++- 3 files changed, 32 insertions(+), 8 deletions(-) diff --git a/hw/display/xlnx_dp.c b/hw/display/xlnx_dp.c index 5130122..6439bd0 100644 --- a/hw/display/xlnx_dp.c +++ b/hw/display/xlnx_dp.c @@ -1234,9 +1234,12 @@ static void xlnx_dp_init(Object *obj) /* * Initialize DPCD and EDID.. */ - s->dpcd =3D DPCD(aux_create_slave(s->aux_bus, "dpcd", 0x00000)); + s->dpcd =3D DPCD(aux_create_slave(s->aux_bus, "dpcd")); + object_property_add_child(OBJECT(s), "dpcd", OBJECT(s->dpcd), NULL); + s->edid =3D I2CDDC(qdev_create(BUS(aux_get_i2c_bus(s->aux_bus)), "i2c-= ddc")); i2c_set_slave_address(I2C_SLAVE(s->edid), 0x50); + object_property_add_child(OBJECT(s), "edid", OBJECT(s->edid), NULL); =20 fifo8_create(&s->rx_fifo, 16); fifo8_create(&s->tx_fifo, 16); @@ -1248,6 +1251,9 @@ static void xlnx_dp_realize(DeviceState *dev, Error *= *errp) DisplaySurface *surface; struct audsettings as; =20 + qdev_init_nofail(DEVICE(s->dpcd)); + aux_map_slave(AUX_SLAVE(s->dpcd), 0x0000); + s->console =3D graphic_console_init(dev, 0, &xlnx_dp_gfx_ops, s); surface =3D qemu_console_surface(s->console); xlnx_dpdma_set_host_data_location(s->dpdma, DP_GRAPHIC_DMA_CHANNEL, diff --git a/hw/misc/auxbus.c b/hw/misc/auxbus.c index b8a8721..0e56d9a 100644 --- a/hw/misc/auxbus.c +++ b/hw/misc/auxbus.c @@ -32,6 +32,7 @@ #include "hw/misc/auxbus.h" #include "hw/i2c/i2c.h" #include "monitor/monitor.h" +#include "qapi/error.h" =20 #ifndef DEBUG_AUX #define DEBUG_AUX 0 @@ -63,9 +64,14 @@ static void aux_bus_class_init(ObjectClass *klass, void = *data) AUXBus *aux_init_bus(DeviceState *parent, const char *name) { AUXBus *bus; + Object *auxtoi2c; =20 bus =3D AUX_BUS(qbus_create(TYPE_AUX_BUS, parent, name)); - bus->bridge =3D AUXTOI2C(qdev_create(BUS(bus), TYPE_AUXTOI2C)); + auxtoi2c =3D object_new_with_props(TYPE_AUXTOI2C, OBJECT(bus), "i2c", + &error_abort, NULL); + qdev_set_parent_bus(DEVICE(auxtoi2c), BUS(bus)); + + bus->bridge =3D AUXTOI2C(auxtoi2c); =20 /* Memory related. */ bus->aux_io =3D g_malloc(sizeof(*bus->aux_io)); @@ -74,9 +80,11 @@ AUXBus *aux_init_bus(DeviceState *parent, const char *na= me) return bus; } =20 -static void aux_bus_map_device(AUXBus *bus, AUXSlave *dev, hwaddr addr) +void aux_map_slave(AUXSlave *aux_dev, hwaddr addr) { - memory_region_add_subregion(bus->aux_io, addr, dev->mmio); + DeviceState *dev =3D DEVICE(aux_dev); + AUXBus *bus =3D AUX_BUS(qdev_get_parent_bus(dev)); + memory_region_add_subregion(bus->aux_io, addr, aux_dev->mmio); } =20 static bool aux_bus_is_bridge(AUXBus *bus, DeviceState *dev) @@ -260,15 +268,13 @@ static void aux_slave_dev_print(Monitor *mon, DeviceS= tate *dev, int indent) memory_region_size(s->mmio)); } =20 -DeviceState *aux_create_slave(AUXBus *bus, const char *type, uint32_t addr) +DeviceState *aux_create_slave(AUXBus *bus, const char *type) { DeviceState *dev; =20 dev =3D DEVICE(object_new(type)); assert(dev); qdev_set_parent_bus(dev, &bus->qbus); - qdev_init_nofail(dev); - aux_bus_map_device(AUX_BUS(qdev_get_parent_bus(dev)), AUX_SLAVE(dev), = addr); return dev; } =20 diff --git a/include/hw/misc/auxbus.h b/include/hw/misc/auxbus.h index 68ade8a..c15b444 100644 --- a/include/hw/misc/auxbus.h +++ b/include/hw/misc/auxbus.h @@ -123,6 +123,18 @@ I2CBus *aux_get_i2c_bus(AUXBus *bus); */ void aux_init_mmio(AUXSlave *aux_slave, MemoryRegion *mmio); =20 -DeviceState *aux_create_slave(AUXBus *bus, const char *name, uint32_t addr= ); +/* aux_create_slave: Create a new device on an AUX bus + * + * @bus The AUX bus for the new device. + * @name The type of the device to be created. + */ +DeviceState *aux_create_slave(AUXBus *bus, const char *name); + +/* aux_map_slave: Map the mmio for an AUX slave on the bus. + * + * @dev The AUX slave. + * @addr The address for the slave's mmio. + */ +void aux_map_slave(AUXSlave *dev, hwaddr addr); =20 #endif /* HW_MISC_AUXBUS_H */ --=20 1.8.3.1 From nobody Tue Nov 4 21:21:18 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531747395492530.2526940889625; Mon, 16 Jul 2018 06:23:15 -0700 (PDT) Received: from localhost ([::1]:51474 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff3T8-0002dl-5S for importer@patchew.org; Mon, 16 Jul 2018 09:23:14 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43768) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ff374-0001mB-00 for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:33 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ff36x-0002TL-4v for qemu-devel@nongnu.org; Mon, 16 Jul 2018 09:00:26 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35462 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ff36q-0002QU-BX; Mon, 16 Jul 2018 09:00:12 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A5CE67A7E8; Mon, 16 Jul 2018 13:00:11 +0000 (UTC) Received: from thh440s.str.redhat.com (dhcp-200-180.str.redhat.com [10.33.200.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1175D1C589; Mon, 16 Jul 2018 13:00:09 +0000 (UTC) From: Thomas Huth To: qemu-devel@nongnu.org, Peter Maydell , Paolo Bonzini Date: Mon, 16 Jul 2018 14:59:34 +0200 Message-Id: <1531745974-17187-18-git-send-email-thuth@redhat.com> In-Reply-To: <1531745974-17187-1-git-send-email-thuth@redhat.com> References: <1531745974-17187-1-git-send-email-thuth@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:11 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Mon, 16 Jul 2018 13:00:11 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'thuth@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v3 17/17] hw/arm/xlnx-zynqmp: Fix crash when introspecting the "xlnx, zynqmp" device X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Eduardo Habkost , Alistair Francis , Markus Armbruster , Subbaraya Sundeep , Beniamino Galvani , qemu-arm@nongnu.org, "Edgar E. Iglesias" , =?UTF-8?q?Andreas=20F=C3=A4rber?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" QEMU currently crashes when e.g. doing something like this: echo "{'execute':'qmp_capabilities'} {'execute':'device-list-properties'," \ "'arguments':{'typename':'xlnx,zynqmp'}}" \ "{'execute': 'human-monitor-command', " \ "'arguments': {'command-line': 'info qtree'}}" \ | aarch64-softmmu/qemu-system-aarch64 -M none,accel=3Dqtest -qmp stdio Use the new object_initialize_child() and sysbus_init_child_obj() functions to get the refernce counting of the child objects right, so that they are properly cleaned up when the parent gets destroyed. Reviewed-by: Richard Henderson Reviewed-by: Paolo Bonzini Reviewed-by: Eduardo Habkost Signed-off-by: Thomas Huth Reviewed-by: Alistair Francis --- hw/arm/xlnx-zynqmp.c | 61 ++++++++++++++++++++++++------------------------= ---- 1 file changed, 28 insertions(+), 33 deletions(-) diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c index 29df35f..8de4868 100644 --- a/hw/arm/xlnx-zynqmp.c +++ b/hw/arm/xlnx-zynqmp.c @@ -166,64 +166,59 @@ static void xlnx_zynqmp_init(Object *obj) int num_apus =3D MIN(smp_cpus, XLNX_ZYNQMP_NUM_APU_CPUS); =20 for (i =3D 0; i < num_apus; i++) { - object_initialize(&s->apu_cpu[i], sizeof(s->apu_cpu[i]), - "cortex-a53-" TYPE_ARM_CPU); - object_property_add_child(obj, "apu-cpu[*]", OBJECT(&s->apu_cpu[i]= ), - &error_abort); + object_initialize_child(obj, "apu-cpu[*]", &s->apu_cpu[i], + sizeof(s->apu_cpu[i]), + "cortex-a53-" TYPE_ARM_CPU, &error_abort, = NULL); } =20 - object_initialize(&s->gic, sizeof(s->gic), gic_class_name()); - qdev_set_parent_bus(DEVICE(&s->gic), sysbus_get_default()); + sysbus_init_child_obj(obj, "gic", &s->gic, sizeof(s->gic), + gic_class_name()); =20 for (i =3D 0; i < XLNX_ZYNQMP_NUM_GEMS; i++) { - object_initialize(&s->gem[i], sizeof(s->gem[i]), TYPE_CADENCE_GEM); - qdev_set_parent_bus(DEVICE(&s->gem[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "gem[*]", &s->gem[i], sizeof(s->gem[i]), + TYPE_CADENCE_GEM); } =20 for (i =3D 0; i < XLNX_ZYNQMP_NUM_UARTS; i++) { - object_initialize(&s->uart[i], sizeof(s->uart[i]), TYPE_CADENCE_UA= RT); - qdev_set_parent_bus(DEVICE(&s->uart[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "uart[*]", &s->uart[i], sizeof(s->uart[= i]), + TYPE_CADENCE_UART); } =20 - object_initialize(&s->sata, sizeof(s->sata), TYPE_SYSBUS_AHCI); - qdev_set_parent_bus(DEVICE(&s->sata), sysbus_get_default()); + sysbus_init_child_obj(obj, "sata", &s->sata, sizeof(s->sata), + TYPE_SYSBUS_AHCI); =20 for (i =3D 0; i < XLNX_ZYNQMP_NUM_SDHCI; i++) { - object_initialize(&s->sdhci[i], sizeof(s->sdhci[i]), - TYPE_SYSBUS_SDHCI); - qdev_set_parent_bus(DEVICE(&s->sdhci[i]), - sysbus_get_default()); + sysbus_init_child_obj(obj, "sdhci[*]", &s->sdhci[i], + sizeof(s->sdhci[i]), TYPE_SYSBUS_SDHCI); } =20 for (i =3D 0; i < XLNX_ZYNQMP_NUM_SPIS; i++) { - object_initialize(&s->spi[i], sizeof(s->spi[i]), - TYPE_XILINX_SPIPS); - qdev_set_parent_bus(DEVICE(&s->spi[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "spi[*]", &s->spi[i], sizeof(s->spi[i]), + TYPE_XILINX_SPIPS); } =20 - object_initialize(&s->qspi, sizeof(s->qspi), TYPE_XLNX_ZYNQMP_QSPIPS); - qdev_set_parent_bus(DEVICE(&s->qspi), sysbus_get_default()); + sysbus_init_child_obj(obj, "qspi", &s->qspi, sizeof(s->qspi), + TYPE_XLNX_ZYNQMP_QSPIPS); =20 - object_initialize(&s->dp, sizeof(s->dp), TYPE_XLNX_DP); - qdev_set_parent_bus(DEVICE(&s->dp), sysbus_get_default()); + sysbus_init_child_obj(obj, "xxxdp", &s->dp, sizeof(s->dp), TYPE_XLNX_D= P); =20 - object_initialize(&s->dpdma, sizeof(s->dpdma), TYPE_XLNX_DPDMA); - qdev_set_parent_bus(DEVICE(&s->dpdma), sysbus_get_default()); + sysbus_init_child_obj(obj, "dp-dma", &s->dpdma, sizeof(s->dpdma), + TYPE_XLNX_DPDMA); =20 - object_initialize(&s->ipi, sizeof(s->ipi), TYPE_XLNX_ZYNQMP_IPI); - qdev_set_parent_bus(DEVICE(&s->ipi), sysbus_get_default()); + sysbus_init_child_obj(obj, "ipi", &s->ipi, sizeof(s->ipi), + TYPE_XLNX_ZYNQMP_IPI); =20 - object_initialize(&s->rtc, sizeof(s->rtc), TYPE_XLNX_ZYNQMP_RTC); - qdev_set_parent_bus(DEVICE(&s->rtc), sysbus_get_default()); + sysbus_init_child_obj(obj, "rtc", &s->rtc, sizeof(s->rtc), + TYPE_XLNX_ZYNQMP_RTC); =20 for (i =3D 0; i < XLNX_ZYNQMP_NUM_GDMA_CH; i++) { - object_initialize(&s->gdma[i], sizeof(s->gdma[i]), TYPE_XLNX_ZDMA); - qdev_set_parent_bus(DEVICE(&s->gdma[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "gdma[*]", &s->gdma[i], sizeof(s->gdma[= i]), + TYPE_XLNX_ZDMA); } =20 for (i =3D 0; i < XLNX_ZYNQMP_NUM_ADMA_CH; i++) { - object_initialize(&s->adma[i], sizeof(s->adma[i]), TYPE_XLNX_ZDMA); - qdev_set_parent_bus(DEVICE(&s->adma[i]), sysbus_get_default()); + sysbus_init_child_obj(obj, "adma[*]", &s->adma[i], sizeof(s->adma[= i]), + TYPE_XLNX_ZDMA); } } =20 --=20 1.8.3.1