mirror of
				https://github.com/qemu/qemu.git
				synced 2025-10-26 12:03:40 +00:00 
			
		
		
		
	 ea492b1245
			
		
	
	
		ea492b1245
		
	
	
	
	
		
			
			When running device-introspect-test, a memory leak occurred in the
digic_timer_init function, so use ptimer_free() in the finalize function to
avoid it.
ASAN shows memory leak stack:
Indirect leak of 288 byte(s) in 3 object(s) allocated from:
    #0 0xffffab97e1f0 in __interceptor_calloc (/lib64/libasan.so.5+0xee1f0)
    #1 0xffffab256800 in g_malloc0 (/lib64/libglib-2.0.so.0+0x56800)
    #2 0xaaabf555db78 in ptimer_init /qemu/hw/core/ptimer.c:432
    #3 0xaaabf5b04084 in digic_timer_init /qemu/hw/timer/digic-timer.c:142
    #4 0xaaabf6339f6c in object_initialize_with_type /qemu/qom/object.c:515
    #5 0xaaabf633ca04 in object_initialize_child_with_propsv /qemu/qom/object.c:564
    #6 0xaaabf633cc08 in object_initialize_child_with_props /qemu/qom/object.c:547
    #7 0xaaabf5b40e84 in digic_init /qemu/hw/arm/digic.c:46
    #8 0xaaabf6339f6c in object_initialize_with_type /qemu/qom/object.c:515
    #9 0xaaabf633a1e0 in object_new_with_type /qemu/qom/object.c:729
    #10 0xaaabf6375e40 in qmp_device_list_properties /qemu/qom/qom-qmp-cmds.c:153
    #11 0xaaabf653d8ec in qmp_marshal_device_list_properties /qemu/qapi/qapi-commands-qdev.c:59
    #12 0xaaabf6587d08 in do_qmp_dispatch_bh /qemu/qapi/qmp-dispatch.c:110
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Gan Qixin <ganqixin@huawei.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
		
	
			
		
			
				
	
	
		
			187 lines
		
	
	
		
			4.9 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			187 lines
		
	
	
		
			4.9 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /*
 | |
|  * QEMU model of the Canon DIGIC timer block.
 | |
|  *
 | |
|  * Copyright (C) 2013 Antony Pavlov <antonynpavlov@gmail.com>
 | |
|  *
 | |
|  * This model is based on reverse engineering efforts
 | |
|  * made by CHDK (http://chdk.wikia.com) and
 | |
|  * Magic Lantern (http://www.magiclantern.fm) projects
 | |
|  * contributors.
 | |
|  *
 | |
|  * See "Timer/Clock Module" docs here:
 | |
|  *   http://magiclantern.wikia.com/wiki/Register_Map
 | |
|  *
 | |
|  * The QEMU model of the OSTimer in PKUnity SoC by Guan Xuetao
 | |
|  * is used as a template.
 | |
|  *
 | |
|  * This program is free software; you can redistribute it and/or modify
 | |
|  * it under the terms of the GNU General Public License as published by
 | |
|  * the Free Software Foundation; either version 2 of the License, or
 | |
|  * (at your option) any later version.
 | |
|  *
 | |
|  * This program is distributed in the hope that it will be useful,
 | |
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 | |
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 | |
|  * GNU General Public License for more details.
 | |
|  *
 | |
|  */
 | |
| 
 | |
| #include "qemu/osdep.h"
 | |
| #include "hw/sysbus.h"
 | |
| #include "hw/ptimer.h"
 | |
| #include "qemu/module.h"
 | |
| #include "qemu/log.h"
 | |
| 
 | |
| #include "hw/timer/digic-timer.h"
 | |
| #include "migration/vmstate.h"
 | |
| 
 | |
| static const VMStateDescription vmstate_digic_timer = {
 | |
|     .name = "digic.timer",
 | |
|     .version_id = 1,
 | |
|     .minimum_version_id = 1,
 | |
|     .fields = (VMStateField[]) {
 | |
|         VMSTATE_PTIMER(ptimer, DigicTimerState),
 | |
|         VMSTATE_UINT32(control, DigicTimerState),
 | |
|         VMSTATE_UINT32(relvalue, DigicTimerState),
 | |
|         VMSTATE_END_OF_LIST()
 | |
|     }
 | |
| };
 | |
| 
 | |
| static void digic_timer_reset(DeviceState *dev)
 | |
| {
 | |
|     DigicTimerState *s = DIGIC_TIMER(dev);
 | |
| 
 | |
|     ptimer_transaction_begin(s->ptimer);
 | |
|     ptimer_stop(s->ptimer);
 | |
|     ptimer_transaction_commit(s->ptimer);
 | |
|     s->control = 0;
 | |
|     s->relvalue = 0;
 | |
| }
 | |
| 
 | |
| static uint64_t digic_timer_read(void *opaque, hwaddr offset, unsigned size)
 | |
| {
 | |
|     DigicTimerState *s = opaque;
 | |
|     uint64_t ret = 0;
 | |
| 
 | |
|     switch (offset) {
 | |
|     case DIGIC_TIMER_CONTROL:
 | |
|         ret = s->control;
 | |
|         break;
 | |
|     case DIGIC_TIMER_RELVALUE:
 | |
|         ret = s->relvalue;
 | |
|         break;
 | |
|     case DIGIC_TIMER_VALUE:
 | |
|         ret = ptimer_get_count(s->ptimer) & 0xffff;
 | |
|         break;
 | |
|     default:
 | |
|         qemu_log_mask(LOG_UNIMP,
 | |
|                       "digic-timer: read access to unknown register 0x"
 | |
|                       TARGET_FMT_plx "\n", offset);
 | |
|     }
 | |
| 
 | |
|     return ret;
 | |
| }
 | |
| 
 | |
| static void digic_timer_write(void *opaque, hwaddr offset,
 | |
|                               uint64_t value, unsigned size)
 | |
| {
 | |
|     DigicTimerState *s = opaque;
 | |
| 
 | |
|     switch (offset) {
 | |
|     case DIGIC_TIMER_CONTROL:
 | |
|         if (value & DIGIC_TIMER_CONTROL_RST) {
 | |
|             digic_timer_reset((DeviceState *)s);
 | |
|             break;
 | |
|         }
 | |
| 
 | |
|         ptimer_transaction_begin(s->ptimer);
 | |
|         if (value & DIGIC_TIMER_CONTROL_EN) {
 | |
|             ptimer_run(s->ptimer, 0);
 | |
|         }
 | |
| 
 | |
|         s->control = (uint32_t)value;
 | |
|         ptimer_transaction_commit(s->ptimer);
 | |
|         break;
 | |
| 
 | |
|     case DIGIC_TIMER_RELVALUE:
 | |
|         s->relvalue = extract32(value, 0, 16);
 | |
|         ptimer_transaction_begin(s->ptimer);
 | |
|         ptimer_set_limit(s->ptimer, s->relvalue, 1);
 | |
|         ptimer_transaction_commit(s->ptimer);
 | |
|         break;
 | |
| 
 | |
|     case DIGIC_TIMER_VALUE:
 | |
|         break;
 | |
| 
 | |
|     default:
 | |
|         qemu_log_mask(LOG_UNIMP,
 | |
|                       "digic-timer: read access to unknown register 0x"
 | |
|                       TARGET_FMT_plx "\n", offset);
 | |
|     }
 | |
| }
 | |
| 
 | |
| static const MemoryRegionOps digic_timer_ops = {
 | |
|     .read = digic_timer_read,
 | |
|     .write = digic_timer_write,
 | |
|     .impl = {
 | |
|         .min_access_size = 4,
 | |
|         .max_access_size = 4,
 | |
|     },
 | |
|     .endianness = DEVICE_NATIVE_ENDIAN,
 | |
| };
 | |
| 
 | |
| static void digic_timer_tick(void *opaque)
 | |
| {
 | |
|     /* Nothing to do on timer rollover */
 | |
| }
 | |
| 
 | |
| static void digic_timer_init(Object *obj)
 | |
| {
 | |
|     DigicTimerState *s = DIGIC_TIMER(obj);
 | |
| 
 | |
|     s->ptimer = ptimer_init(digic_timer_tick, NULL, PTIMER_POLICY_DEFAULT);
 | |
| 
 | |
|     /*
 | |
|      * FIXME: there is no documentation on Digic timer
 | |
|      * frequency setup so let it always run at 1 MHz
 | |
|      */
 | |
|     ptimer_transaction_begin(s->ptimer);
 | |
|     ptimer_set_freq(s->ptimer, 1 * 1000 * 1000);
 | |
|     ptimer_transaction_commit(s->ptimer);
 | |
| 
 | |
|     memory_region_init_io(&s->iomem, OBJECT(s), &digic_timer_ops, s,
 | |
|                           TYPE_DIGIC_TIMER, 0x100);
 | |
|     sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->iomem);
 | |
| }
 | |
| 
 | |
| static void digic_timer_finalize(Object *obj)
 | |
| {
 | |
|     DigicTimerState *s = DIGIC_TIMER(obj);
 | |
| 
 | |
|     ptimer_free(s->ptimer);
 | |
| }
 | |
| 
 | |
| static void digic_timer_class_init(ObjectClass *klass, void *class_data)
 | |
| {
 | |
|     DeviceClass *dc = DEVICE_CLASS(klass);
 | |
| 
 | |
|     dc->reset = digic_timer_reset;
 | |
|     dc->vmsd = &vmstate_digic_timer;
 | |
| }
 | |
| 
 | |
| static const TypeInfo digic_timer_info = {
 | |
|     .name = TYPE_DIGIC_TIMER,
 | |
|     .parent = TYPE_SYS_BUS_DEVICE,
 | |
|     .instance_size = sizeof(DigicTimerState),
 | |
|     .instance_init = digic_timer_init,
 | |
|     .instance_finalize = digic_timer_finalize,
 | |
|     .class_init = digic_timer_class_init,
 | |
| };
 | |
| 
 | |
| static void digic_timer_register_type(void)
 | |
| {
 | |
|     type_register_static(&digic_timer_info);
 | |
| }
 | |
| 
 | |
| type_init(digic_timer_register_type)
 |