[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] pci: cleanly backout of pci_qdev_init()
|
From: |
Blue Swirl |
|
Subject: |
Re: [Qemu-devel] [PATCH] pci: cleanly backout of pci_qdev_init() |
|
Date: |
Tue, 11 May 2010 21:17:57 +0300 |
On 5/10/10, Alex Williamson <address@hidden> wrote:
> If the init function of a device fails, as might happen with device
> assignment, we never undo the work done by do_pci_register_device().
> This not only causes a bit of a memory leak, but also leaves a bogus
> pointer in the bus devices array that can cause a segfault or
> garbage data from 'info pci'.
>
> Signed-off-by: Alex Williamson <address@hidden>
> ---
>
> hw/pci.c | 17 ++++++++++++-----
> 1 files changed, 12 insertions(+), 5 deletions(-)
>
> diff --git a/hw/pci.c b/hw/pci.c
> index f167436..3d3560e 100644
> --- a/hw/pci.c
> +++ b/hw/pci.c
> @@ -625,6 +625,14 @@ static PCIDevice *do_pci_register_device(PCIDevice
> *pci_dev, PCIBus *bus,
> return pci_dev;
> }
>
> +static void do_pci_unregister_device(PCIDevice *pci_dev)
> +{
> + qemu_free_irqs(pci_dev->irq);
> + pci_dev->bus->devices[pci_dev->devfn] = NULL;
> + pci_config_free(pci_dev);
> + return;
Isn't this 'return' useless?
> +}
> +
> PCIDevice *pci_register_device(PCIBus *bus, const char *name,
> int instance_size, int devfn,
> PCIConfigReadFunc *config_read,
> @@ -680,10 +688,7 @@ static int pci_unregister_device(DeviceState *dev)
> return ret;
>
> pci_unregister_io_regions(pci_dev);
> -
> - qemu_free_irqs(pci_dev->irq);
> - pci_dev->bus->devices[pci_dev->devfn] = NULL;
> - pci_config_free(pci_dev);
> + do_pci_unregister_device(pci_dev);
> return 0;
> }
>
> @@ -1652,8 +1657,10 @@ static int pci_qdev_init(DeviceState *qdev,
> DeviceInfo *base)
> if (pci_dev == NULL)
> return -1;
> rc = info->init(pci_dev);
> - if (rc != 0)
> + if (rc != 0) {
> + do_pci_unregister_device(pci_dev);
> return rc;
> + }
>
> /* rom loading */
> if (pci_dev->romfile == NULL && info->romfile != NULL)
>
>
>