Hello Akihiko,
On 9/17/25 14:56, Akihiko Odaki wrote:
Based-on: <20250917-subregion-v1-0-bef37d9b4...@rsg.ci.i.u-tokyo.ac.jp>
("[PATCH 00/14] Fix memory region use-after-finalization")
Make AddressSpaces QOM objects to ensure that they are destroyed when
their owners are finalized and also to get a unique path for debugging
output.
Suggested by BALATON Zoltan:
https://lore.kernel.org/qemu-devel/cd21698f-db77-eb75-6966-d559fdcab...@eik.bme.hu/
Signed-off-by: Akihiko Odaki <od...@rsg.ci.i.u-tokyo.ac.jp>
I wonder if this is going to fix an issue I was seeing a while ago
in the FSI models. I couldn't find a clean way to avoid corrupting
memory because of how the address_space was created and later on
destroyed. See below,
Thanks,
C.
from hw/fsi/ :
typedef struct OPBus {
BusState bus;
MemoryRegion mr;
AddressSpace as;
} OPBus;
typedef struct AspeedAPB2OPBState {
...
OPBus opb[ASPEED_FSI_NUM];
...
}
static void fsi_aspeed_apb2opb_realize(DeviceState *dev, Error **errp)
{
SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
AspeedAPB2OPBState *s = ASPEED_APB2OPB(dev);
int i;
/*
* TODO: The OPBus model initializes the OPB address space in
* the .instance_init handler and this is problematic for test
* device-introspect-test. To avoid a memory corruption and a QEMU
* crash, qbus_init() should be called from realize(). Something to
* improve. Possibly, OPBus could also be removed.
*/
for (i = 0; i < ASPEED_FSI_NUM; i++) {
qbus_init(&s->opb[i], sizeof(s->opb[i]), TYPE_OP_BUS, DEVICE(s),
NULL);
}
....
static void fsi_opb_init(Object *o)
{
OPBus *opb = OP_BUS(o);
memory_region_init(&opb->mr, 0, TYPE_FSI_OPB, UINT32_MAX);
address_space_init(&opb->as, &opb->mr, TYPE_FSI_OPB);
}
