Fixes some issues with #187 (#206)

* Add ability to remove memory mapping.

* Add ability to remove ROM.

* Fix MDA use-after-free.

* Fix IBM PC Fixed Disk Adapter use-after-free.

---------

Co-authored-by: Marek Knápek <knapek.mar@gmail.com>

includes/private/flash/rom.h

@@ -13,6 +13,7 @@ typedef struct rom_t {
 int rom_init(rom_t *rom, char *fn, uint32_t address, int size, int mask, int file_offset, uint32_t flags);
 int rom_init_interleaved(rom_t *rom, char *fn_low, char *fn_high, uint32_t address, int size, int mask, int file_offset,
                          uint32_t flags);
+void rom_deinit(rom_t *rom);
 
 uint8_t rom_read(uint32_t addr, void *p);
 uint16_t rom_readw(uint32_t addr, void *p);

includes/private/memory/mem.h

@@ -42,6 +42,7 @@ void mem_mapping_add(mem_mapping_t *mapping, uint32_t base, uint32_t size, uint8
                      uint16_t (*read_w)(uint32_t addr, void *p), uint32_t (*read_l)(uint32_t addr, void *p),
                      void (*write_b)(uint32_t addr, uint8_t val, void *p), void (*write_w)(uint32_t addr, uint16_t val, void *p),
                      void (*write_l)(uint32_t addr, uint32_t val, void *p), uint8_t *exec, uint32_t flags, void *p);
+void mem_mapping_remove(mem_mapping_t *mapping);
 void mem_mapping_set_handler(mem_mapping_t *mapping, uint8_t (*read_b)(uint32_t addr, void *p),
                              uint16_t (*read_w)(uint32_t addr, void *p), uint32_t (*read_l)(uint32_t addr, void *p),
                              void (*write_b)(uint32_t addr, uint8_t val, void *p),

src/flash/rom.c

@@ -1,3 +1,4 @@
+#include <assert.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include "ibm.h"
@@ -104,3 +105,10 @@ int rom_init_interleaved(rom_t *rom, char *fn_low, char *fn_high, uint32_t addre
 
         return 0;
 }
+
+void rom_deinit(rom_t *rom)
+{
+    assert(rom);
+
+    mem_mapping_remove(&rom->mapping);
+}

src/memory/mem.c

@@ -5,6 +5,7 @@
         - c386sx16 BIOS fails checksum
 */
 
+#include <assert.h>
 #include <stdlib.h>
 #include <string.h>
 #include "ibm.h"
@@ -1144,6 +1145,26 @@ void mem_mapping_add(mem_mapping_t *mapping, uint32_t base, uint32_t size, uint8
         mem_mapping_recalc(mapping->base, mapping->size);
 }
 
+void mem_mapping_remove(mem_mapping_t *mapping)
+{
+    mem_mapping_t *prev;
+    mem_mapping_t *dest;
+
+    assert(mapping);
+    assert(mapping != &base_mapping);
+
+    prev = &base_mapping;
+    dest = prev->next;
+    while(dest != mapping)
+    {
+        prev = dest;
+        dest = dest->next;
+    }
+    prev->next = mapping->next;
+    
+    mem_mapping_recalc(mapping->base, mapping->size);
+}
+
 void mem_mapping_set_handler(mem_mapping_t *mapping, uint8_t (*read_b)(uint32_t addr, void *p),
                              uint16_t (*read_w)(uint32_t addr, void *p), uint32_t (*read_l)(uint32_t addr, void *p),
                              void (*write_b)(uint32_t addr, uint8_t val, void *p),

src/mfm/mfm_xebec.c

@@ -766,6 +766,7 @@ static void *xebec_init() {
 static void xebec_close(void *p) {
         xebec_t *xebec = (xebec_t *)p;
 
+        rom_deinit(&xebec->bios_rom);
         hdd_close(&xebec->drives[0].hdd_file);
         hdd_close(&xebec->drives[1].hdd_file);
 

src/video/vid_mda.c

@@ -279,6 +279,7 @@ void mda_setcol(int chr, int blink, int fg, uint8_t cga_ink) { mdacols[chr][blin
 void mda_close(void *p) {
         mda_t *mda = (mda_t *)p;
 
+        mem_mapping_remove(&mda->mapping);
         free(mda->vram);
         free(mda);
 }