mirror of
https://github.com/xemu-project/xemu.git
synced 2024-11-24 20:19:44 +00:00
2da6e36b33
When building with --enable-sanitizers we get: Direct leak of 32 byte(s) in 2 object(s) allocated from: #0 0x5618479ec7cf in malloc (qemu-system-aarch64+0x233b7cf) #1 0x7f675745f958 in g_malloc (/lib64/libglib-2.0.so.0+0x58958) #2 0x561847f02ca2 in usb_packet_init hw/usb/core.c:531:5 #3 0x561848df4df4 in usb_ehci_init hw/usb/hcd-ehci.c:2575:5 #4 0x561847c119ac in ehci_sysbus_init hw/usb/hcd-ehci-sysbus.c:73:5 #5 0x56184a5bdab8 in object_init_with_type qom/object.c:375:9 #6 0x56184a5bd955 in object_init_with_type qom/object.c:371:9 #7 0x56184a5a2bda in object_initialize_with_type qom/object.c:517:5 #8 0x56184a5a24d5 in object_initialize qom/object.c:536:5 #9 0x56184a5a2f6c in object_initialize_child_with_propsv qom/object.c:566:5 #10 0x56184a5a2e60 in object_initialize_child_with_props qom/object.c:549:10 #11 0x56184a5a3a1e in object_initialize_child_internal qom/object.c:603:5 #12 0x561849542d18 in npcm7xx_init hw/arm/npcm7xx.c:427:5 Similarly to commitd710e1e7bd
("usb: ehci: fix memory leak in ehci"), fix by calling usb_ehci_finalize() to free the USBPacket. Fixes:7341ea075c
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20210323183701.281152-1-f4bug@amsat.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
306 lines
8.6 KiB
C
306 lines
8.6 KiB
C
/*
|
|
* QEMU USB EHCI Emulation
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include "qemu/osdep.h"
|
|
#include "hw/qdev-properties.h"
|
|
#include "hw/usb/hcd-ehci.h"
|
|
#include "migration/vmstate.h"
|
|
#include "qemu/module.h"
|
|
|
|
static const VMStateDescription vmstate_ehci_sysbus = {
|
|
.name = "ehci-sysbus",
|
|
.version_id = 2,
|
|
.minimum_version_id = 1,
|
|
.fields = (VMStateField[]) {
|
|
VMSTATE_STRUCT(ehci, EHCISysBusState, 2, vmstate_ehci, EHCIState),
|
|
VMSTATE_END_OF_LIST()
|
|
}
|
|
};
|
|
|
|
static Property ehci_sysbus_properties[] = {
|
|
DEFINE_PROP_UINT32("maxframes", EHCISysBusState, ehci.maxframes, 128),
|
|
DEFINE_PROP_BOOL("companion-enable", EHCISysBusState, ehci.companion_enable,
|
|
false),
|
|
DEFINE_PROP_END_OF_LIST(),
|
|
};
|
|
|
|
static void usb_ehci_sysbus_realize(DeviceState *dev, Error **errp)
|
|
{
|
|
SysBusDevice *d = SYS_BUS_DEVICE(dev);
|
|
EHCISysBusState *i = SYS_BUS_EHCI(dev);
|
|
EHCIState *s = &i->ehci;
|
|
|
|
usb_ehci_realize(s, dev, errp);
|
|
sysbus_init_irq(d, &s->irq);
|
|
}
|
|
|
|
static void usb_ehci_sysbus_reset(DeviceState *dev)
|
|
{
|
|
SysBusDevice *d = SYS_BUS_DEVICE(dev);
|
|
EHCISysBusState *i = SYS_BUS_EHCI(d);
|
|
EHCIState *s = &i->ehci;
|
|
|
|
ehci_reset(s);
|
|
}
|
|
|
|
static void ehci_sysbus_init(Object *obj)
|
|
{
|
|
SysBusDevice *d = SYS_BUS_DEVICE(obj);
|
|
EHCISysBusState *i = SYS_BUS_EHCI(obj);
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_GET_CLASS(obj);
|
|
EHCIState *s = &i->ehci;
|
|
|
|
s->capsbase = sec->capsbase;
|
|
s->opregbase = sec->opregbase;
|
|
s->portscbase = sec->portscbase;
|
|
s->portnr = sec->portnr;
|
|
s->as = &address_space_memory;
|
|
|
|
usb_ehci_init(s, DEVICE(obj));
|
|
sysbus_init_mmio(d, &s->mem);
|
|
}
|
|
|
|
static void ehci_sysbus_finalize(Object *obj)
|
|
{
|
|
EHCISysBusState *i = SYS_BUS_EHCI(obj);
|
|
EHCIState *s = &i->ehci;
|
|
|
|
usb_ehci_finalize(s);
|
|
}
|
|
|
|
static void ehci_sysbus_class_init(ObjectClass *klass, void *data)
|
|
{
|
|
DeviceClass *dc = DEVICE_CLASS(klass);
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(klass);
|
|
|
|
sec->portscbase = 0x44;
|
|
sec->portnr = NB_PORTS;
|
|
|
|
dc->realize = usb_ehci_sysbus_realize;
|
|
dc->vmsd = &vmstate_ehci_sysbus;
|
|
device_class_set_props(dc, ehci_sysbus_properties);
|
|
dc->reset = usb_ehci_sysbus_reset;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_type_info = {
|
|
.name = TYPE_SYS_BUS_EHCI,
|
|
.parent = TYPE_SYS_BUS_DEVICE,
|
|
.instance_size = sizeof(EHCISysBusState),
|
|
.instance_init = ehci_sysbus_init,
|
|
.instance_finalize = ehci_sysbus_finalize,
|
|
.abstract = true,
|
|
.class_init = ehci_sysbus_class_init,
|
|
.class_size = sizeof(SysBusEHCIClass),
|
|
};
|
|
|
|
static void ehci_platform_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
|
|
DeviceClass *dc = DEVICE_CLASS(oc);
|
|
|
|
sec->capsbase = 0x0;
|
|
sec->opregbase = 0x20;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_platform_type_info = {
|
|
.name = TYPE_PLATFORM_EHCI,
|
|
.parent = TYPE_SYS_BUS_EHCI,
|
|
.class_init = ehci_platform_class_init,
|
|
};
|
|
|
|
static void ehci_exynos4210_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
|
|
DeviceClass *dc = DEVICE_CLASS(oc);
|
|
|
|
sec->capsbase = 0x0;
|
|
sec->opregbase = 0x10;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_exynos4210_type_info = {
|
|
.name = TYPE_EXYNOS4210_EHCI,
|
|
.parent = TYPE_SYS_BUS_EHCI,
|
|
.class_init = ehci_exynos4210_class_init,
|
|
};
|
|
|
|
static void ehci_aw_h3_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
|
|
DeviceClass *dc = DEVICE_CLASS(oc);
|
|
|
|
sec->capsbase = 0x0;
|
|
sec->opregbase = 0x10;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_aw_h3_type_info = {
|
|
.name = TYPE_AW_H3_EHCI,
|
|
.parent = TYPE_SYS_BUS_EHCI,
|
|
.class_init = ehci_aw_h3_class_init,
|
|
};
|
|
|
|
static void ehci_npcm7xx_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
|
|
DeviceClass *dc = DEVICE_CLASS(oc);
|
|
|
|
sec->capsbase = 0x0;
|
|
sec->opregbase = 0x10;
|
|
sec->portscbase = 0x44;
|
|
sec->portnr = 1;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_npcm7xx_type_info = {
|
|
.name = TYPE_NPCM7XX_EHCI,
|
|
.parent = TYPE_SYS_BUS_EHCI,
|
|
.class_init = ehci_npcm7xx_class_init,
|
|
};
|
|
|
|
static void ehci_tegra2_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
|
|
DeviceClass *dc = DEVICE_CLASS(oc);
|
|
|
|
sec->capsbase = 0x100;
|
|
sec->opregbase = 0x140;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_tegra2_type_info = {
|
|
.name = TYPE_TEGRA2_EHCI,
|
|
.parent = TYPE_SYS_BUS_EHCI,
|
|
.class_init = ehci_tegra2_class_init,
|
|
};
|
|
|
|
static void ehci_ppc4xx_init(Object *o)
|
|
{
|
|
EHCISysBusState *s = SYS_BUS_EHCI(o);
|
|
|
|
s->ehci.companion_enable = true;
|
|
}
|
|
|
|
static void ehci_ppc4xx_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
|
|
DeviceClass *dc = DEVICE_CLASS(oc);
|
|
|
|
sec->capsbase = 0x0;
|
|
sec->opregbase = 0x10;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_ppc4xx_type_info = {
|
|
.name = TYPE_PPC4xx_EHCI,
|
|
.parent = TYPE_SYS_BUS_EHCI,
|
|
.class_init = ehci_ppc4xx_class_init,
|
|
.instance_init = ehci_ppc4xx_init,
|
|
};
|
|
|
|
/*
|
|
* Faraday FUSBH200 USB 2.0 EHCI
|
|
*/
|
|
|
|
/**
|
|
* FUSBH200EHCIRegs:
|
|
* @FUSBH200_REG_EOF_ASTR: EOF/Async. Sleep Timer Register
|
|
* @FUSBH200_REG_BMCSR: Bus Monitor Control/Status Register
|
|
*/
|
|
enum FUSBH200EHCIRegs {
|
|
FUSBH200_REG_EOF_ASTR = 0x34,
|
|
FUSBH200_REG_BMCSR = 0x40,
|
|
};
|
|
|
|
static uint64_t fusbh200_ehci_read(void *opaque, hwaddr addr, unsigned size)
|
|
{
|
|
EHCIState *s = opaque;
|
|
hwaddr off = s->opregbase + s->portscbase + 4 * s->portnr + addr;
|
|
|
|
switch (off) {
|
|
case FUSBH200_REG_EOF_ASTR:
|
|
return 0x00000041;
|
|
case FUSBH200_REG_BMCSR:
|
|
/* High-Speed, VBUS valid, interrupt level-high active */
|
|
return (2 << 9) | (1 << 8) | (1 << 3);
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void fusbh200_ehci_write(void *opaque, hwaddr addr, uint64_t val,
|
|
unsigned size)
|
|
{
|
|
}
|
|
|
|
static const MemoryRegionOps fusbh200_ehci_mmio_ops = {
|
|
.read = fusbh200_ehci_read,
|
|
.write = fusbh200_ehci_write,
|
|
.valid.min_access_size = 4,
|
|
.valid.max_access_size = 4,
|
|
.endianness = DEVICE_LITTLE_ENDIAN,
|
|
};
|
|
|
|
static void fusbh200_ehci_init(Object *obj)
|
|
{
|
|
EHCISysBusState *i = SYS_BUS_EHCI(obj);
|
|
FUSBH200EHCIState *f = FUSBH200_EHCI(obj);
|
|
EHCIState *s = &i->ehci;
|
|
|
|
memory_region_init_io(&f->mem_vendor, OBJECT(f), &fusbh200_ehci_mmio_ops, s,
|
|
"fusbh200", 0x4c);
|
|
memory_region_add_subregion(&s->mem,
|
|
s->opregbase + s->portscbase + 4 * s->portnr,
|
|
&f->mem_vendor);
|
|
}
|
|
|
|
static void fusbh200_ehci_class_init(ObjectClass *oc, void *data)
|
|
{
|
|
SysBusEHCIClass *sec = SYS_BUS_EHCI_CLASS(oc);
|
|
DeviceClass *dc = DEVICE_CLASS(oc);
|
|
|
|
sec->capsbase = 0x0;
|
|
sec->opregbase = 0x10;
|
|
sec->portscbase = 0x20;
|
|
sec->portnr = 1;
|
|
set_bit(DEVICE_CATEGORY_USB, dc->categories);
|
|
}
|
|
|
|
static const TypeInfo ehci_fusbh200_type_info = {
|
|
.name = TYPE_FUSBH200_EHCI,
|
|
.parent = TYPE_SYS_BUS_EHCI,
|
|
.instance_size = sizeof(FUSBH200EHCIState),
|
|
.instance_init = fusbh200_ehci_init,
|
|
.class_init = fusbh200_ehci_class_init,
|
|
};
|
|
|
|
static void ehci_sysbus_register_types(void)
|
|
{
|
|
type_register_static(&ehci_type_info);
|
|
type_register_static(&ehci_platform_type_info);
|
|
type_register_static(&ehci_exynos4210_type_info);
|
|
type_register_static(&ehci_aw_h3_type_info);
|
|
type_register_static(&ehci_npcm7xx_type_info);
|
|
type_register_static(&ehci_tegra2_type_info);
|
|
type_register_static(&ehci_ppc4xx_type_info);
|
|
type_register_static(&ehci_fusbh200_type_info);
|
|
}
|
|
|
|
type_init(ehci_sysbus_register_types)
|