Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* move Coverity builds to Gitlab CI
* fix two memory leaks
* bug fixes
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmXrVMMUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroPWywgAqobH+9HsUdwzAqvtjZ6Qw8cQZ8jM
# egGn9SF6he3cArFem8d2sDVuvI3XZrpiwd3Zxi8HVW9l2ePzD6lIJjkKfRpK+srd
# API5F3isfcfWcfWLvsjWrzV7MYjpW2+aPGDJ9heazjye3tuEtDEeq/rkgbvfvwyj
# HfEZQLPsw2QbaviuZutklhYqiRWOXsb46+Y+5+PlfnVkYe7VQlAKgkbTXvbN6Xd9
# 1yX4OyKRa1aDHNYVvaNsnyppDUhniEPRF5rNcRvynMxPTFrXIhcD9p6bzhMp+Ot7
# lVAEI87TdnS+sbrIEKzHU8PkfW/Lz8WLdcKo48jj2///g0FxATWMuLG25w==
# =PzGZ
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 08 Mar 2024 18:11:15 GMT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
gitlab-ci: add manual job to run Coverity
run-coverity-scan: add --check-upload-only option
mips: do not list individual devices from configs/
oslib-posix: fix memory leak in touch_all_pages
hw/intc/apic: fix memory leak
hw/scsi/lsi53c895a: stop script on phase mismatch
meson: Remove --warn-common ldflag
system/qdev-monitor: move drain_call_rcu call under if (!dev) in qmp_device_add()
hw/scsi/lsi53c895a: add timer to scripts processing
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
diff --git a/.gitlab-ci.d/base.yml b/.gitlab-ci.d/base.yml
index ef173a3..2dd8a9b 100644
--- a/.gitlab-ci.d/base.yml
+++ b/.gitlab-ci.d/base.yml
@@ -41,6 +41,10 @@
- if: '$CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_COMMIT_TAG'
when: never
+ # Scheduled runs on mainline don't get pipelines except for the special Coverity job
+ - if: '$CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_PIPELINE_SOURCE == "schedule"'
+ when: never
+
# Cirrus jobs can't run unless the creds / target repo are set
- if: '$QEMU_JOB_CIRRUS && ($CIRRUS_GITHUB_REPO == null || $CIRRUS_API_TOKEN == null)'
when: never
diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml
index a1c0303..c7d92fc 100644
--- a/.gitlab-ci.d/buildtest.yml
+++ b/.gitlab-ci.d/buildtest.yml
@@ -659,7 +659,7 @@
--disable-pie
--disable-qom-cast-debug
--disable-strip
- TARGETS: avr-softmmu mips64-softmmu s390x-softmmu sh4-softmmu
+ TARGETS: avr-softmmu s390x-softmmu sh4-softmmu
sparc64-softmmu hexagon-linux-user i386-linux-user s390x-linux-user
MAKE_CHECK_ARGS: check
@@ -729,3 +729,40 @@
- public
variables:
QEMU_JOB_PUBLISH: 1
+
+coverity:
+ image: $CI_REGISTRY_IMAGE/qemu/fedora:$QEMU_CI_CONTAINER_TAG
+ stage: build
+ allow_failure: true
+ timeout: 3h
+ needs:
+ - job: amd64-fedora-container
+ optional: true
+ before_script:
+ - dnf install -y curl wget
+ script:
+ # would be nice to cancel the job if over quota (https://gitlab.com/gitlab-org/gitlab/-/issues/256089)
+ # for example:
+ # curl --request POST --header "PRIVATE-TOKEN: $CI_JOB_TOKEN" "${CI_SERVER_URL}/api/v4/projects/${CI_PROJECT_ID}/jobs/${CI_JOB_ID}/cancel
+ - 'scripts/coverity-scan/run-coverity-scan --check-upload-only || { exitcode=$?; if test $exitcode = 1; then
+ exit 0;
+ else
+ exit $exitcode;
+ fi; };
+ scripts/coverity-scan/run-coverity-scan --update-tools-only > update-tools.log 2>&1 || { cat update-tools.log; exit 1; };
+ scripts/coverity-scan/run-coverity-scan --no-update-tools'
+ rules:
+ - if: '$COVERITY_TOKEN == null'
+ when: never
+ - if: '$COVERITY_EMAIL == null'
+ when: never
+ # Never included on upstream pipelines, except for schedules
+ - if: '$CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_PIPELINE_SOURCE == "schedule"'
+ when: on_success
+ - if: '$CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM'
+ when: never
+ # Forks don't get any pipeline unless QEMU_CI=1 or QEMU_CI=2 is set
+ - if: '$QEMU_CI != "1" && $QEMU_CI != "2"'
+ when: never
+ # Always manual on forks even if $QEMU_CI == "2"
+ - when: manual
diff --git a/.gitlab-ci.d/opensbi.yml b/.gitlab-ci.d/opensbi.yml
index fd293e6..42f137d 100644
--- a/.gitlab-ci.d/opensbi.yml
+++ b/.gitlab-ci.d/opensbi.yml
@@ -24,6 +24,10 @@
- if: '$QEMU_CI == "1" && $CI_PROJECT_NAMESPACE != "qemu-project" && $CI_COMMIT_MESSAGE =~ /opensbi/i'
when: manual
+ # Scheduled runs on mainline don't get pipelines except for the special Coverity job
+ - if: '$CI_PROJECT_NAMESPACE == $QEMU_CI_UPSTREAM && $CI_PIPELINE_SOURCE == "schedule"'
+ when: never
+
# Run if any files affecting the build output are touched
- changes:
- .gitlab-ci.d/opensbi.yml
diff --git a/configs/devices/mips-softmmu/common.mak b/configs/devices/mips-softmmu/common.mak
index 1a85384..416a5d3 100644
--- a/configs/devices/mips-softmmu/common.mak
+++ b/configs/devices/mips-softmmu/common.mak
@@ -1,28 +1,8 @@
# Common mips*-softmmu CONFIG defines
-CONFIG_ISA_BUS=y
-CONFIG_PCI=y
-CONFIG_PCI_DEVICES=y
-CONFIG_VGA_ISA=y
-CONFIG_VGA_MMIO=y
-CONFIG_VGA_CIRRUS=y
-CONFIG_VMWARE_VGA=y
-CONFIG_SERIAL=y
-CONFIG_SERIAL_ISA=y
-CONFIG_PARALLEL=y
-CONFIG_I8254=y
-CONFIG_PCSPK=y
-CONFIG_PCKBD=y
-CONFIG_FDC=y
-CONFIG_I8257=y
-CONFIG_IDE_ISA=y
-CONFIG_PFLASH_CFI01=y
-CONFIG_I8259=y
-CONFIG_MC146818RTC=y
-CONFIG_MIPS_CPS=y
-CONFIG_MIPS_ITU=y
+# Uncomment the following lines to disable these optional devices:
+# CONFIG_PCI_DEVICES=n
+# CONFIG_TEST_DEVICES=n
+
CONFIG_MALTA=y
-CONFIG_PCNET_PCI=y
CONFIG_MIPSSIM=y
-CONFIG_SMBUS_EEPROM=y
-CONFIG_TEST_DEVICES=y
diff --git a/configs/devices/mips64el-softmmu/default.mak b/configs/devices/mips64el-softmmu/default.mak
index d5188f7..88a37cf 100644
--- a/configs/devices/mips64el-softmmu/default.mak
+++ b/configs/devices/mips64el-softmmu/default.mak
@@ -3,8 +3,5 @@
include ../mips-softmmu/common.mak
CONFIG_FULOONG=y
CONFIG_LOONGSON3V=y
-CONFIG_ATI_VGA=y
-CONFIG_RTL8139_PCI=y
CONFIG_JAZZ=y
-CONFIG_VT82C686=y
CONFIG_MIPS_BOSTON=y
diff --git a/hw/display/Kconfig b/hw/display/Kconfig
index 07acb37..234c7de 100644
--- a/hw/display/Kconfig
+++ b/hw/display/Kconfig
@@ -55,7 +55,7 @@
config VMWARE_VGA
bool
- default y if PCI_DEVICES && PC_PCI
+ default y if PCI_DEVICES && (PC_PCI || MIPS)
depends on PCI
select VGA
diff --git a/hw/intc/apic.c b/hw/intc/apic.c
index 1d887d6..4186c57 100644
--- a/hw/intc/apic.c
+++ b/hw/intc/apic.c
@@ -291,14 +291,13 @@
uint8_t delivery_mode, uint8_t vector_num,
uint8_t trigger_mode)
{
- uint32_t *deliver_bitmask = g_malloc(max_apic_words * sizeof(uint32_t));
+ g_autofree uint32_t *deliver_bitmask = g_new(uint32_t, max_apic_words);
trace_apic_deliver_irq(dest, dest_mode, delivery_mode, vector_num,
trigger_mode);
apic_get_delivery_bitmask(deliver_bitmask, dest, dest_mode);
apic_bus_deliver(deliver_bitmask, delivery_mode, vector_num, trigger_mode);
- g_free(deliver_bitmask);
}
bool is_x2apic_mode(DeviceState *dev)
@@ -662,7 +661,7 @@
APICCommonState *s = APIC(dev);
APICCommonState *apic_iter;
uint32_t deliver_bitmask_size = max_apic_words * sizeof(uint32_t);
- uint32_t *deliver_bitmask = g_malloc(deliver_bitmask_size);
+ g_autofree uint32_t *deliver_bitmask = g_new(uint32_t, max_apic_words);
uint32_t current_apic_id;
if (is_x2apic_mode(dev)) {
@@ -708,7 +707,6 @@
}
apic_bus_deliver(deliver_bitmask, delivery_mode, vector_num, trigger_mode);
- g_free(deliver_bitmask);
}
static bool apic_check_pic(APICCommonState *s)
diff --git a/hw/mips/Kconfig b/hw/mips/Kconfig
index e57db4f..5c83ef4 100644
--- a/hw/mips/Kconfig
+++ b/hw/mips/Kconfig
@@ -1,8 +1,15 @@
config MALTA
bool
+ imply PCNET_PCI
+ imply PCI_DEVICES
+ imply TEST_DEVICES
select FDC37M81X
select GT64120
+ select MIPS_CPS
select PIIX
+ select PFLASH_CFI01
+ select SERIAL
+ select SMBUS_EEPROM
config MIPSSIM
bool
@@ -31,17 +38,26 @@
config FULOONG
bool
+ imply PCI_DEVICES
+ imply TEST_DEVICES
+ imply ATI_VGA
+ imply RTL8139_PCI
select PCI_BONITO
+ select SMBUS_EEPROM
select VT82C686
config LOONGSON3V
bool
+ imply PCI_DEVICES
+ imply TEST_DEVICES
+ imply VIRTIO_PCI
+ imply VIRTIO_NET
imply VIRTIO_VGA
imply QXL if SPICE
+ imply USB_OHCI_PCI
select SERIAL
select GOLDFISH_RTC
select LOONGSON_LIOINTC
- select PCI_DEVICES
select PCI_EXPRESS_GENERIC_BRIDGE
select MSI_NONBROKEN
select FW_CFG_MIPS
@@ -53,6 +69,8 @@
config MIPS_BOSTON
bool
+ imply PCI_DEVICES
+ imply TEST_DEVICES
select FITLOADER
select MIPS_CPS
select PCI_EXPRESS_XILINX
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index d607a5f..59b88af 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -188,7 +188,7 @@
#define LSI_TAG_VALID (1 << 16)
/* Maximum instructions to process. */
-#define LSI_MAX_INSN 10000
+#define LSI_MAX_INSN 100
typedef struct lsi_request {
SCSIRequest *req;
@@ -205,6 +205,7 @@
LSI_WAIT_RESELECT, /* Wait Reselect instruction has been issued */
LSI_DMA_SCRIPTS, /* processing DMA from lsi_execute_script */
LSI_DMA_IN_PROGRESS, /* DMA operation is in progress */
+ LSI_WAIT_SCRIPTS, /* SCRIPTS stopped because of instruction count limit */
};
enum {
@@ -224,6 +225,7 @@
MemoryRegion ram_io;
MemoryRegion io_io;
AddressSpace pci_io_as;
+ QEMUTimer *scripts_timer;
int carry; /* ??? Should this be an a visible register somewhere? */
int status;
@@ -415,6 +417,7 @@
s->sbr = 0;
assert(QTAILQ_EMPTY(&s->queue));
assert(!s->current);
+ timer_del(s->scripts_timer);
}
static int lsi_dma_40bit(LSIState *s)
@@ -570,8 +573,9 @@
s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
}
-static void lsi_bad_phase(LSIState *s, int out, int new_phase)
+static int lsi_bad_phase(LSIState *s, int out, int new_phase)
{
+ int ret = 0;
/* Trigger a phase mismatch. */
if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
@@ -584,8 +588,10 @@
trace_lsi_bad_phase_interrupt();
lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
lsi_stop_script(s);
+ ret = 1;
}
lsi_set_phase(s, new_phase);
+ return ret;
}
@@ -789,7 +795,7 @@
static void lsi_command_complete(SCSIRequest *req, size_t resid)
{
LSIState *s = LSI53C895A(req->bus->qbus.parent);
- int out;
+ int out, stop = 0;
out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
trace_lsi_command_complete(req->status);
@@ -797,7 +803,10 @@
s->command_complete = 2;
if (s->waiting && s->dbc != 0) {
/* Raise phase mismatch for short transfers. */
- lsi_bad_phase(s, out, PHASE_ST);
+ stop = lsi_bad_phase(s, out, PHASE_ST);
+ if (stop) {
+ s->waiting = 0;
+ }
} else {
lsi_set_phase(s, PHASE_ST);
}
@@ -807,7 +816,9 @@
lsi_request_free(s, s->current);
scsi_req_unref(req);
}
- lsi_resume_script(s);
+ if (!stop) {
+ lsi_resume_script(s);
+ }
}
/* Callback to indicate that the SCSI layer has completed a transfer. */
@@ -1127,6 +1138,12 @@
}
}
+static void lsi_scripts_timer_start(LSIState *s)
+{
+ trace_lsi_scripts_timer_start();
+ timer_mod(s->scripts_timer, qemu_clock_get_us(QEMU_CLOCK_VIRTUAL) + 500);
+}
+
static void lsi_execute_script(LSIState *s)
{
PCIDevice *pci_dev = PCI_DEVICE(s);
@@ -1136,6 +1153,11 @@
int insn_processed = 0;
static int reentrancy_level;
+ if (s->waiting == LSI_WAIT_SCRIPTS) {
+ timer_del(s->scripts_timer);
+ s->waiting = LSI_NOWAIT;
+ }
+
reentrancy_level++;
s->istat1 |= LSI_ISTAT1_SRUN;
@@ -1143,8 +1165,8 @@
/*
* Some windows drivers make the device spin waiting for a memory location
* to change. If we have executed more than LSI_MAX_INSN instructions then
- * assume this is the case and force an unexpected device disconnect. This
- * is apparently sufficient to beat the drivers into submission.
+ * assume this is the case and start a timer. Until the timer fires, the
+ * host CPU has a chance to run and change the memory location.
*
* Another issue (CVE-2023-0330) can occur if the script is programmed to
* trigger itself again and again. Avoid this problem by stopping after
@@ -1152,13 +1174,8 @@
* which should be enough for all valid use cases).
*/
if (++insn_processed > LSI_MAX_INSN || reentrancy_level > 8) {
- if (!(s->sien0 & LSI_SIST0_UDC)) {
- qemu_log_mask(LOG_GUEST_ERROR,
- "lsi_scsi: inf. loop with UDC masked");
- }
- lsi_script_scsi_interrupt(s, LSI_SIST0_UDC, 0);
- lsi_disconnect(s);
- trace_lsi_execute_script_stop();
+ s->waiting = LSI_WAIT_SCRIPTS;
+ lsi_scripts_timer_start(s);
reentrancy_level--;
return;
}
@@ -2197,6 +2214,9 @@
return -EINVAL;
}
+ if (s->waiting == LSI_WAIT_SCRIPTS) {
+ lsi_scripts_timer_start(s);
+ }
return 0;
}
@@ -2294,6 +2314,15 @@
.cancel = lsi_request_cancelled
};
+static void scripts_timer_cb(void *opaque)
+{
+ LSIState *s = opaque;
+
+ trace_lsi_scripts_timer_triggered();
+ s->waiting = LSI_NOWAIT;
+ lsi_execute_script(s);
+}
+
static void lsi_scsi_realize(PCIDevice *dev, Error **errp)
{
LSIState *s = LSI53C895A(dev);
@@ -2313,6 +2342,7 @@
"lsi-ram", 0x2000);
memory_region_init_io(&s->io_io, OBJECT(s), &lsi_io_ops, s,
"lsi-io", 256);
+ s->scripts_timer = timer_new_us(QEMU_CLOCK_VIRTUAL, scripts_timer_cb, s);
/*
* Since we use the address-space API to interact with ram_io, disable the
@@ -2337,6 +2367,7 @@
LSIState *s = LSI53C895A(dev);
address_space_destroy(&s->pci_io_as);
+ timer_del(s->scripts_timer);
}
static void lsi_class_init(ObjectClass *klass, void *data)
diff --git a/hw/scsi/trace-events b/hw/scsi/trace-events
index d72f741..f0f2a98 100644
--- a/hw/scsi/trace-events
+++ b/hw/scsi/trace-events
@@ -302,6 +302,8 @@
lsi_awoken(void) "Woken by SIGP"
lsi_reg_read(const char *name, int offset, uint8_t ret) "Read reg %s 0x%x = 0x%02x"
lsi_reg_write(const char *name, int offset, uint8_t val) "Write reg %s 0x%x = 0x%02x"
+lsi_scripts_timer_triggered(void) "SCRIPTS timer triggered"
+lsi_scripts_timer_start(void) "SCRIPTS timer started"
# virtio-scsi.c
virtio_scsi_cmd_req(int lun, uint32_t tag, uint8_t cmd) "virtio_scsi_cmd_req lun=%u tag=0x%x cmd=0x%x"
diff --git a/meson.build b/meson.build
index c59ca49..f9dbe76 100644
--- a/meson.build
+++ b/meson.build
@@ -476,11 +476,6 @@
qemu_ldflags += cc.get_supported_link_arguments('-Wl,--dynamicbase', '-Wl,--high-entropy-va')
endif
-# Exclude --warn-common with TSan to suppress warnings from the TSan libraries.
-if host_os != 'sunos' and not get_option('tsan')
- qemu_ldflags += cc.get_supported_link_arguments('-Wl,--warn-common')
-endif
-
if get_option('fuzzing')
# Specify a filter to only instrument code that is directly related to
# virtual-devices.
diff --git a/scripts/coverity-scan/run-coverity-scan b/scripts/coverity-scan/run-coverity-scan
index d56c9b6..43cf770 100755
--- a/scripts/coverity-scan/run-coverity-scan
+++ b/scripts/coverity-scan/run-coverity-scan
@@ -28,6 +28,7 @@
# project settings, if you have maintainer access there.
# Command line options:
+# --check-upload-only : return success if upload is possible
# --dry-run : run the tools, but don't actually do the upload
# --docker : create and work inside a container
# --docker-engine : specify the container engine to use (docker/podman/auto);
@@ -57,18 +58,18 @@
# putting it in a file and using --tokenfile. Everything else has
# a reasonable default if this is run from a git tree.
-check_upload_permissions() {
- # Check whether we can do an upload to the server; will exit the script
- # with status 1 if the check failed (usually a bad token);
- # will exit the script with status 0 if the check indicated that we
- # can't upload yet (ie we are at quota)
- # Assumes that COVERITY_TOKEN, PROJNAME and DRYRUN have been initialized.
+upload_permitted() {
+ # Check whether we can do an upload to the server; will exit *the script*
+ # with status 99 if the check failed (usually a bad token);
+ # will return from the function with status 1 if the check indicated
+ # that we can't upload yet (ie we are at quota)
+ # Assumes that COVERITY_TOKEN and PROJNAME have been initialized.
echo "Checking upload permissions..."
if ! up_perm="$(wget https://scan.coverity.com/api/upload_permitted --post-data "token=$COVERITY_TOKEN&project=$PROJNAME" -q -O -)"; then
echo "Coverity Scan API access denied: bad token?"
- exit 1
+ exit 99
fi
# Really up_perm is a JSON response with either
@@ -76,25 +77,40 @@
# We do some hacky string parsing instead of properly parsing it.
case "$up_perm" in
*upload_permitted*true*)
- echo "Coverity Scan: upload permitted"
+ return 0
;;
*next_upload_permitted_at*)
- if [ "$DRYRUN" = yes ]; then
- echo "Coverity Scan: upload quota reached, continuing dry run"
- else
- echo "Coverity Scan: upload quota reached; stopping here"
- # Exit success as this isn't a build error.
- exit 0
- fi
+ return 1
;;
*)
echo "Coverity Scan upload check: unexpected result $up_perm"
- exit 1
+ exit 99
;;
esac
}
+check_upload_permissions() {
+ # Check whether we can do an upload to the server; will exit the script
+ # with status 99 if the check failed (usually a bad token);
+ # will exit the script with status 0 if the check indicated that we
+ # can't upload yet (ie we are at quota)
+ # Assumes that COVERITY_TOKEN, PROJNAME and DRYRUN have been initialized.
+
+ if upload_permitted; then
+ echo "Coverity Scan: upload permitted"
+ else
+ if [ "$DRYRUN" = yes ]; then
+ echo "Coverity Scan: upload quota reached, continuing dry run"
+ else
+ echo "Coverity Scan: upload quota reached; stopping here"
+ # Exit success as this isn't a build error.
+ exit 0
+ fi
+ fi
+}
+
+
build_docker_image() {
# build docker container including the coverity-scan tools
echo "Building docker container..."
@@ -152,9 +168,14 @@
DRYRUN=no
UPDATE=yes
DOCKER=no
+PROJNAME=QEMU
while [ "$#" -ge 1 ]; do
case "$1" in
+ --check-upload-only)
+ shift
+ DRYRUN=check
+ ;;
--dry-run)
shift
DRYRUN=yes
@@ -251,6 +272,11 @@
exit 1
fi
+if [ "$DRYRUN" = check ]; then
+ upload_permitted
+ exit $?
+fi
+
if [ -z "$COVERITY_BUILD_CMD" ]; then
NPROC=$(nproc)
COVERITY_BUILD_CMD="make -j$NPROC"
@@ -266,7 +292,6 @@
SRCDIR="$PWD"
fi
-PROJNAME=QEMU
TARBALL=cov-int.tar.xz
if [ "$UPDATE" = only ]; then
diff --git a/system/qdev-monitor.c b/system/qdev-monitor.c
index a13db76..874d651 100644
--- a/system/qdev-monitor.c
+++ b/system/qdev-monitor.c
@@ -858,19 +858,18 @@
return;
}
dev = qdev_device_add(opts, errp);
-
- /*
- * Drain all pending RCU callbacks. This is done because
- * some bus related operations can delay a device removal
- * (in this case this can happen if device is added and then
- * removed due to a configuration error)
- * to a RCU callback, but user might expect that this interface
- * will finish its job completely once qmp command returns result
- * to the user
- */
- drain_call_rcu();
-
if (!dev) {
+ /*
+ * Drain all pending RCU callbacks. This is done because
+ * some bus related operations can delay a device removal
+ * (in this case this can happen if device is added and then
+ * removed due to a configuration error)
+ * to a RCU callback, but user might expect that this interface
+ * will finish its job completely once qmp command returns result
+ * to the user
+ */
+ drain_call_rcu();
+
qemu_opts_del(opts);
return;
}
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index 3c379f9..e764416 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -467,11 +467,13 @@
* preallocating synchronously.
*/
if (context->num_threads == 1 && !async) {
+ ret = 0;
if (qemu_madvise(area, hpagesize * numpages,
QEMU_MADV_POPULATE_WRITE)) {
- return -errno;
+ ret = -errno;
}
- return 0;
+ g_free(context);
+ return ret;
}
touch_fn = do_madv_populate_write_pages;
} else {
