Paolo Bonzini <pbonz...@redhat.com> writes:
> If msi_init fails, the thread has already been created and the
> mutex/condvar are not destroyed. Initialize everything only
> after the point where pci_edu_realize cannot fail.
>
> Reported-by: Markus Armbruster <arm...@redhat.com>
> Cc: Peter Xu <pet...@redhat.com>
> Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
> ---
> hw/misc/edu.c | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/hw/misc/edu.c b/hw/misc/edu.c
> index 401039c100..01acacf142 100644
> --- a/hw/misc/edu.c
> +++ b/hw/misc/edu.c
> @@ -343,6 +343,12 @@ static void pci_edu_realize(PCIDevice *pdev, Error
> **errp)
> EduState *edu = DO_UPCAST(EduState, pdev, pdev);
> uint8_t *pci_conf = pdev->config;
>
> + pci_config_set_interrupt_pin(pci_conf, 1);
> +
> + if (msi_init(pdev, 0, 1, true, false, errp)) {
> + return;
> + }
> +
> timer_init_ms(&edu->dma_timer, QEMU_CLOCK_VIRTUAL, edu_dma_timer, edu);
>
> qemu_mutex_init(&edu->thr_mutex);
> @@ -350,12 +356,6 @@ static void pci_edu_realize(PCIDevice *pdev, Error
> **errp)
> qemu_thread_create(&edu->thread, "edu", edu_fact_thread,
> edu, QEMU_THREAD_JOINABLE);
>
> - pci_config_set_interrupt_pin(pci_conf, 1);
> -
> - if (msi_init(pdev, 0, 1, true, false, errp)) {
> - return;
> - }
> -
> memory_region_init_io(&edu->mmio, OBJECT(edu), &edu_mmio_ops, edu,
> "edu-mmio", 1 << 20);
> pci_register_bar(pdev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &edu->mmio);
Reviewed-by: Markus Armbruster <arm...@redhat.com>
