hw: do not pass NULL to memory_region_init from instance_init
This causes the region to outlive the object, because it attaches the region to /machine. This is not nice for the "realize" method, but much worse for "instance_init" because it can cause dangling pointers after a simple object_new/object_unref pair. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1443689999-12182-3-git-send-email-armbru@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com>
This commit is contained in:
parent
2e2b8eb70f
commit
81e0ab48dd
@ -1958,7 +1958,7 @@ static void pxa2xx_fir_instance_init(Object *obj)
|
||||
PXA2xxFIrState *s = PXA2XX_FIR(obj);
|
||||
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
|
||||
|
||||
memory_region_init_io(&s->iomem, NULL, &pxa2xx_fir_ops, s,
|
||||
memory_region_init_io(&s->iomem, obj, &pxa2xx_fir_ops, s,
|
||||
"pxa2xx-fir", 0x1000);
|
||||
sysbus_init_mmio(sbd, &s->iomem);
|
||||
sysbus_init_irq(sbd, &s->irq);
|
||||
|
@ -280,12 +280,12 @@ static void cg3_initfn(Object *obj)
|
||||
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
|
||||
CG3State *s = CG3(obj);
|
||||
|
||||
memory_region_init_ram(&s->rom, NULL, "cg3.prom", FCODE_MAX_ROM_SIZE,
|
||||
memory_region_init_ram(&s->rom, obj, "cg3.prom", FCODE_MAX_ROM_SIZE,
|
||||
&error_fatal);
|
||||
memory_region_set_readonly(&s->rom, true);
|
||||
sysbus_init_mmio(sbd, &s->rom);
|
||||
|
||||
memory_region_init_io(&s->reg, NULL, &cg3_reg_ops, s, "cg3.reg",
|
||||
memory_region_init_io(&s->reg, obj, &cg3_reg_ops, s, "cg3.reg",
|
||||
CG3_REG_SIZE);
|
||||
sysbus_init_mmio(sbd, &s->reg);
|
||||
}
|
||||
|
@ -944,7 +944,7 @@ static void tcx_initfn(Object *obj)
|
||||
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
|
||||
TCXState *s = TCX(obj);
|
||||
|
||||
memory_region_init_ram(&s->rom, NULL, "tcx.prom", FCODE_MAX_ROM_SIZE,
|
||||
memory_region_init_ram(&s->rom, OBJECT(s), "tcx.prom", FCODE_MAX_ROM_SIZE,
|
||||
&error_fatal);
|
||||
memory_region_set_readonly(&s->rom, true);
|
||||
sysbus_init_mmio(sbd, &s->rom);
|
||||
|
@ -79,7 +79,7 @@ static void intdbg_control_init(Object *obj)
|
||||
SysBusDevice *sd = SYS_BUS_DEVICE(obj);
|
||||
IntegratorDebugState *s = INTEGRATOR_DEBUG(obj);
|
||||
|
||||
memory_region_init_io(&s->iomem, NULL, &intdbg_control_ops,
|
||||
memory_region_init_io(&s->iomem, obj, &intdbg_control_ops,
|
||||
NULL, "dbg-leds", 0x1000000);
|
||||
sysbus_init_mmio(sd, &s->iomem);
|
||||
}
|
||||
|
@ -713,7 +713,7 @@ static void cuda_initfn(Object *obj)
|
||||
CUDAState *s = CUDA(obj);
|
||||
int i;
|
||||
|
||||
memory_region_init_io(&s->mem, NULL, &cuda_ops, s, "cuda", 0x2000);
|
||||
memory_region_init_io(&s->mem, obj, &cuda_ops, s, "cuda", 0x2000);
|
||||
sysbus_init_mmio(d, &s->mem);
|
||||
sysbus_init_irq(d, &s->irq);
|
||||
|
||||
|
@ -105,10 +105,10 @@ static void macio_escc_legacy_setup(MacIOState *macio_state)
|
||||
0xF0, 0xE0,
|
||||
};
|
||||
|
||||
memory_region_init(escc_legacy, NULL, "escc-legacy", 256);
|
||||
memory_region_init(escc_legacy, OBJECT(macio_state), "escc-legacy", 256);
|
||||
for (i = 0; i < ARRAY_SIZE(maps); i += 2) {
|
||||
MemoryRegion *port = g_new(MemoryRegion, 1);
|
||||
memory_region_init_alias(port, NULL, "escc-legacy-port",
|
||||
memory_region_init_alias(port, OBJECT(macio_state), "escc-legacy-port",
|
||||
macio_state->escc_mem, maps[i+1], 0x2);
|
||||
memory_region_add_subregion(escc_legacy, maps[i], port);
|
||||
}
|
||||
@ -330,7 +330,7 @@ static void macio_instance_init(Object *obj)
|
||||
MacIOState *s = MACIO(obj);
|
||||
MemoryRegion *dbdma_mem;
|
||||
|
||||
memory_region_init(&s->bar, NULL, "macio", 0x80000);
|
||||
memory_region_init(&s->bar, obj, "macio", 0x80000);
|
||||
|
||||
object_initialize(&s->cuda, sizeof(s->cuda), TYPE_CUDA);
|
||||
qdev_set_parent_bus(DEVICE(&s->cuda), sysbus_get_default());
|
||||
|
@ -163,7 +163,7 @@ static void pxa2xx_pcmcia_initfn(Object *obj)
|
||||
sysbus_init_mmio(sbd, &s->container_mem);
|
||||
|
||||
/* Socket I/O Memory Space */
|
||||
memory_region_init_io(&s->iomem, NULL, &pxa2xx_pcmcia_io_ops, s,
|
||||
memory_region_init_io(&s->iomem, obj, &pxa2xx_pcmcia_io_ops, s,
|
||||
"pxa2xx-pcmcia-io", 0x04000000);
|
||||
memory_region_add_subregion(&s->container_mem, 0x00000000,
|
||||
&s->iomem);
|
||||
@ -171,13 +171,13 @@ static void pxa2xx_pcmcia_initfn(Object *obj)
|
||||
/* Then next 64 MB is reserved */
|
||||
|
||||
/* Socket Attribute Memory Space */
|
||||
memory_region_init_io(&s->attr_iomem, NULL, &pxa2xx_pcmcia_attr_ops, s,
|
||||
memory_region_init_io(&s->attr_iomem, obj, &pxa2xx_pcmcia_attr_ops, s,
|
||||
"pxa2xx-pcmcia-attribute", 0x04000000);
|
||||
memory_region_add_subregion(&s->container_mem, 0x08000000,
|
||||
&s->attr_iomem);
|
||||
|
||||
/* Socket Common Memory Space */
|
||||
memory_region_init_io(&s->common_iomem, NULL, &pxa2xx_pcmcia_common_ops, s,
|
||||
memory_region_init_io(&s->common_iomem, obj, &pxa2xx_pcmcia_common_ops, s,
|
||||
"pxa2xx-pcmcia-common", 0x04000000);
|
||||
memory_region_add_subregion(&s->container_mem, 0x0c000000,
|
||||
&s->common_iomem);
|
||||
|
Loading…
Reference in New Issue
Block a user