static void eth_cleanup(VLANClientState *nc) { struct fs_eth *eth = DO_UPCAST(NICState, nc, nc)->opaque; cpu_unregister_io_memory(eth->ethregs); /* Disconnect the client. */ eth->dma_out->client.push = NULL; eth->dma_out->client.opaque = NULL; eth->dma_in->client.opaque = NULL; eth->dma_in->client.pull = NULL; qemu_free(eth); }
SkinScreen* skin_reload_configuration(SkinScreen *skin, const char *file) { SkinConfig *old_config; old_config = skin->config; skin->config = (SkinConfig*) qemu_mallocz(sizeof(SkinConfig)); if (skin_load_file(skin, file)) { qemu_free(skin->config); skin->config = old_config; return NULL; } skin_layout_free(old_config->landscape); skin_layout_free(old_config->portrait); qemu_free(old_config); qemu_free(skin->path); skin->path = (char *)qemu_malloc(strlen(file) + 1); strcpy(skin->path, file); return skin; }
void migrate_fd_release(MigrationState *mig_state) { FdMigrationState *s = migrate_to_fms(mig_state); DPRINTF("releasing state\n"); if (s->state == MIG_STATE_ACTIVE) { s->state = MIG_STATE_CANCELLED; notifier_list_notify(&migration_state_notifiers); migrate_fd_cleanup(s); } qemu_free(s); }
/* Initialize the MSI-X structures. Note: if MSI-X is supported, BAR size is * modified, it should be retrieved with msix_bar_size. */ int msix_init(struct PCIDevice *dev, unsigned short nentries, MemoryRegion *bar, unsigned bar_nr, unsigned bar_size) { int ret; /* Nothing to do if MSI is not supported by interrupt controller */ if (!msix_supported) return -ENOTSUP; if (nentries > MSIX_MAX_ENTRIES) return -EINVAL; dev->msix_entry_used = qemu_mallocz(MSIX_MAX_ENTRIES * sizeof *dev->msix_entry_used); dev->msix_table_page = qemu_mallocz(MSIX_PAGE_SIZE); msix_mask_all(dev, nentries); memory_region_init_io(&dev->msix_mmio, &msix_mmio_ops, dev, "msix", MSIX_PAGE_SIZE); dev->msix_entries_nr = nentries; ret = msix_add_config(dev, nentries, bar_nr, bar_size); if (ret) goto err_config; dev->cap_present |= QEMU_PCI_CAP_MSIX; msix_mmio_setup(dev, bar); return 0; err_config: dev->msix_entries_nr = 0; memory_region_destroy(&dev->msix_mmio); qemu_free(dev->msix_table_page); dev->msix_table_page = NULL; qemu_free(dev->msix_entry_used); dev->msix_entry_used = NULL; return ret; }
static VirtIOBlockReq *virtio_blk_get_request(VirtIOBlock *s) { VirtIOBlockReq *req = virtio_blk_alloc_request(s); if (req != NULL) { if (!virtqueue_pop(s->vq, &req->elem)) { qemu_free(req); return NULL; } } return req; }
static int buffered_close(void *opaque) { QEMUFileBuffered *s = opaque; int ret; DPRINTF("closing\n"); while (!s->has_error && s->buffer_size) { buffered_flush(s); if (s->freeze_output) s->wait_for_unfreeze(s); } ret = s->close(s->opaque); qemu_del_timer(s->timer); qemu_free_timer(s->timer); qemu_free(s->buffer); qemu_free(s); return ret; }
/* * Get the list and pass to each layer to find out whether * to send the data or not */ ssize_t v9fs_list_xattr(FsContext *ctx, const char *path, void *value, size_t vsize) { ssize_t size = 0; void *ovalue = value; XattrOperations *xops; char *orig_value, *orig_value_start; ssize_t xattr_len, parsed_len = 0, attr_len; /* Get the actual len */ xattr_len = llistxattr(rpath(ctx, path), value, 0); if (xattr_len <= 0) { return xattr_len; } /* Now fetch the xattr and find the actual size */ orig_value = qemu_malloc(xattr_len); xattr_len = llistxattr(rpath(ctx, path), orig_value, xattr_len); /* store the orig pointer */ orig_value_start = orig_value; while (xattr_len > parsed_len) { xops = get_xattr_operations(ctx->xops, orig_value); if (!xops) { goto next_entry; } if (!value) { size += xops->listxattr(ctx, path, orig_value, value, vsize); } else { size = xops->listxattr(ctx, path, orig_value, value, vsize); if (size < 0) { goto err_out; } value += size; vsize -= size; } next_entry: /* Got the next entry */ attr_len = strlen(orig_value) + 1; parsed_len += attr_len; orig_value += attr_len; } if (value) { size = value - ovalue; } err_out: qemu_free(orig_value_start); return size; }
MigrationState *exec_start_outgoing_migration(const char *command, int64_t bandwidth_limit, int detach) { FdMigrationState *s; FILE *f; s = qemu_mallocz(sizeof(*s)); f = popen(command, "w"); if (f == NULL) { dprintf("Unable to popen exec target\n"); goto err_after_alloc; } s->fd = fileno(f); if (s->fd == -1) { dprintf("Unable to retrieve file descriptor for popen'd handle\n"); goto err_after_open; } if (fcntl(s->fd, F_SETFD, O_NONBLOCK) == -1) { dprintf("Unable to set nonblocking mode on file descriptor\n"); goto err_after_open; } s->opaque = qemu_popen(f, "w"); s->close = exec_close; s->get_error = file_errno; s->write = file_write; s->mig_state.cancel = migrate_fd_cancel; s->mig_state.get_status = migrate_fd_get_status; s->mig_state.release = migrate_fd_release; s->state = MIG_STATE_ACTIVE; s->mon_resume = NULL; s->bandwidth_limit = bandwidth_limit; if (!detach) migrate_fd_monitor_suspend(s); migrate_fd_connect(s); return &s->mig_state; err_after_open: pclose(f); err_after_alloc: qemu_free(s); return NULL; }
static void vreader_emul_delete(VReaderEmul *vreader_emul) { if (vreader_emul == NULL) { return; } if (vreader_emul->slot) { PK11_FreeSlot(vreader_emul->slot); } if (vreader_emul->type_params) { g_free(vreader_emul->type_params); } qemu_free(vreader_emul); }
static void virtio_blk_flush_complete(void *opaque, int ret) { VirtIOBlockReq *req = opaque; if (ret) { if (virtio_blk_handle_rw_error(req, -ret, 0)) { return; } } virtio_blk_req_complete(req, VIRTIO_BLK_S_OK); bdrv_acct_done(req->dev->bs, &req->acct); qemu_free(req); }
void *qemu_realloc(void *ptr, size_t size) { size_t old_size, copy; void *new_ptr; if (!ptr) return qemu_malloc(size); old_size = *(size_t *)((char *)ptr - 16); copy = old_size < size ? old_size : size; new_ptr = qemu_malloc(size); memcpy(new_ptr, ptr, copy); qemu_free(ptr); return new_ptr; }
static void qemu_rbd_close(BlockDriverState *bs) { BDRVRBDState *s = bs->opaque; close(s->fds[0]); close(s->fds[1]); qemu_aio_set_fd_handler(s->fds[RBD_FD_READ], NULL , NULL, NULL, NULL, NULL); rbd_close(s->image); rados_ioctx_destroy(s->io_ctx); qemu_free(s->snap); rados_shutdown(s->cluster); }
static void usb_host_handle_destroy(USBDevice *dev) { USBHostDevice *s = (USBHostDevice *)dev; int i; if (!s) return; for (i = 0; i < s->num_interfaces; i++) usb_release_interface(s->udev, i); usb_close(s->udev); s->udev = NULL; qemu_free(s); }
static void *load_at(int fd, int offset, int size) { void *ptr; if (lseek(fd, offset, SEEK_SET) < 0) return NULL; ptr = qemu_malloc(size); if (!ptr) return NULL; if (read(fd, ptr, size) != size) { qemu_free(ptr); return NULL; } return ptr; }
int qcow2_snapshot_delete(BlockDriverState *bs, const char *snapshot_id) { BDRVQcowState *s = bs->opaque; QCowSnapshot *sn; int snapshot_index, ret; if (bs->read_only) return -EACCES; snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_id); if (snapshot_index < 0) return -ENOENT; sn = &s->snapshots[snapshot_index]; ret = qcow2_update_snapshot_refcount(bs, sn->l1_table_offset, sn->l1_size, -1); if (ret < 0) return ret; /* must update the copied flag on the current cluster offsets */ ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); if (ret < 0) return ret; qcow2_free_clusters(bs, sn->l1_table_offset, sn->l1_size * sizeof(uint64_t)); qemu_free(sn->id_str); qemu_free(sn->name); memmove(sn, sn + 1, (s->nb_snapshots - snapshot_index - 1) * sizeof(*sn)); s->nb_snapshots--; ret = qcow_write_snapshots(bs); if (ret < 0) { /* XXX: restore snapshot if error ? */ return ret; } #ifdef DEBUG_ALLOC qcow2_check_refcounts(bs); #endif return 0; }
static int parallels_open(BlockDriverState *bs, const char *filename, int flags) { BDRVParallelsState *s = (BDRVParallelsState *)bs->opaque; int fd, i; struct parallels_header ph; fd = open(filename, O_RDWR | O_BINARY | O_LARGEFILE); if (fd < 0) { fd = open(filename, O_RDONLY | O_BINARY | O_LARGEFILE); if (fd < 0) return -1; } bs->read_only = 1; // no write support yet s->fd = fd; if (read(fd, &ph, sizeof(ph)) != sizeof(ph)) goto fail; if (memcmp(ph.magic, HEADER_MAGIC, 16) || (le32_to_cpu(ph.version) != HEADER_VERSION)) { goto fail; } bs->total_sectors = le32_to_cpu(ph.nb_sectors); if (lseek(s->fd, 64, SEEK_SET) != 64) goto fail; s->tracks = le32_to_cpu(ph.tracks); s->catalog_size = le32_to_cpu(ph.catalog_entries); s->catalog_bitmap = (uint32_t *)qemu_malloc(s->catalog_size * 4); if (!s->catalog_bitmap) goto fail; if (read(s->fd, s->catalog_bitmap, s->catalog_size * 4) != s->catalog_size * 4) goto fail; for (i = 0; i < s->catalog_size; i++) le32_to_cpus(&s->catalog_bitmap[i]); return 0; fail: if (s->catalog_bitmap) qemu_free(s->catalog_bitmap); close(fd); return -1; }
MigrationState *fd_start_outgoing_migration(Monitor *mon, const char *fdname, int64_t bandwidth_limit, int detach, int blk, int inc) { FdMigrationState *s; s = qemu_mallocz(sizeof(*s)); s->fd = monitor_get_fd(mon, fdname); if (s->fd == -1) { DPRINTF("fd_migration: invalid file descriptor identifier\n"); goto err_after_alloc; } if (fcntl(s->fd, F_SETFL, O_NONBLOCK) == -1) { DPRINTF("Unable to set nonblocking mode on file descriptor\n"); goto err_after_open; } s->get_error = fd_errno; s->write = fd_write; s->close = fd_close; s->mig_state.cancel = migrate_fd_cancel; s->mig_state.get_status = migrate_fd_get_status; s->mig_state.release = migrate_fd_release; s->mig_state.blk = blk; s->mig_state.shared = inc; s->state = MIG_STATE_ACTIVE; s->mon = NULL; s->bandwidth_limit = bandwidth_limit; if (!detach) { migrate_fd_monitor_suspend(s, mon); } migrate_fd_connect(s); return &s->mig_state; err_after_open: close(s->fd); err_after_alloc: qemu_free(s); return NULL; }
char* qemu_get_string(QEMUFile *f) { int slen = qemu_get_be32(f); char* str; if (slen == 0) return NULL; str = qemu_malloc(slen+1); if (qemu_get_buffer(f, (uint8_t*)str, slen) != slen) { qemu_free(str); return NULL; } str[slen] = '\0'; return str; }
static void qloopio_free(void* impl) { QLoopIo* io = impl; if (io->ready) qloopio_removePending(io); /* remove from global list */ qlooper_delIo(io->looper, io); /* make QEMU forget about this fd */ qemu_set_fd_handler(io->fd, NULL, NULL, NULL); io->fd = -1; qemu_free(io); }
void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice *vdev) { int i; for (i = 0; i < hdev->nvqs; ++i) { vhost_virtqueue_cleanup(hdev, vdev, hdev->vqs + i, i); } vhost_client_sync_dirty_bitmap(&hdev->client, 0, (target_phys_addr_t)~0x0ull); hdev->started = false; qemu_free(hdev->log); hdev->log_size = 0; }
static void qloopio_free(void* impl) { QLoopIo* io = impl; if (io->ready) qloopio_removePending(io); qlooper_delIo(io->looper, io); qemu_set_fd_handler(io->fd, NULL, NULL, NULL); io->fd = -1; qemu_free(io); }
static void close_guest_eventfds(IVShmemState *s, int posn) { int i, guest_curr_max; guest_curr_max = s->peers[posn].nb_eventfds; for (i = 0; i < guest_curr_max; i++) { kvm_set_ioeventfd_mmio_long(s->peers[posn].eventfds[i], s->mmio_addr + DOORBELL, (posn << 16) | i, 0); close(s->peers[posn].eventfds[i]); } qemu_free(s->peers[posn].eventfds); s->peers[posn].nb_eventfds = 0; }
static int qemu_rbd_set_conf(rados_t cluster, const char *conf) { char *p, *buf; char name[RBD_MAX_CONF_NAME_SIZE]; char value[RBD_MAX_CONF_VAL_SIZE]; int ret = 0; buf = qemu_strdup(conf); p = buf; while (p) { ret = qemu_rbd_next_tok(name, sizeof(name), p, '=', "conf option name", &p); if (ret < 0) { break; } if (!p) { error_report("conf option %s has no value", name); ret = -EINVAL; break; } ret = qemu_rbd_next_tok(value, sizeof(value), p, ':', "conf option value", &p); if (ret < 0) { break; } if (strcmp(name, "conf")) { ret = rados_conf_set(cluster, name, value); if (ret < 0) { error_report("invalid conf option %s", name); ret = -EINVAL; break; } } else { ret = rados_conf_read_file(cluster, value); if (ret < 0) { error_report("error reading conf file %s", value); break; } } } qemu_free(buf); return ret; }
static void virtio_blk_rw_complete(void *opaque, int ret) { VirtIOBlockReq *req = opaque; trace_virtio_blk_rw_complete(req, ret); if (ret) { int is_read = !(req->out->type & VIRTIO_BLK_T_OUT); if (virtio_blk_handle_rw_error(req, -ret, is_read)) return; } virtio_blk_req_complete(req, VIRTIO_BLK_S_OK); bdrv_acct_done(req->dev->bs, &req->acct); qemu_free(req); }
static void _uiCmdProxy_brightness_change_callback(void* opaque, const char* light, int brightness) { const size_t cmd_size = sizeof(UICmdChangeDispBrightness) + strlen(light) + 1; UICmdChangeDispBrightness* cmd = (UICmdChangeDispBrightness*)qemu_malloc(cmd_size); cmd->brightness = brightness; strcpy(cmd->light, light); _uiCmdProxy_send_command(AUICMD_CHANGE_DISP_BRIGHTNESS, cmd, cmd_size); qemu_free(cmd); }
static void dump_snapshots(BlockDriverState *bs) { QEMUSnapshotInfo *sn_tab, *sn; int nb_sns, i; char buf[256]; nb_sns = bdrv_snapshot_list(bs, &sn_tab); if (nb_sns <= 0) return; printf("Snapshot list:\n"); printf("%s\n", bdrv_snapshot_dump(buf, sizeof(buf), NULL)); for(i = 0; i < nb_sns; i++) { sn = &sn_tab[i]; printf("%s\n", bdrv_snapshot_dump(buf, sizeof(buf), sn)); } qemu_free(sn_tab); }
static void usb_host_handle_destroy(USBDevice *dev) { USBHostDevice *s = (USBHostDevice *)dev; s->closing = 1; qemu_set_fd_handler(s->fd, NULL, NULL, NULL); hostdev_unlink(s); async_complete(s); if (s->fd >= 0) close(s->fd); qemu_free(s); }
void postLinuxRead(CPUX86State *env, void* user_data) { //fprintf(stderr, "postLinuxRead: ENTERED HERE.\n"); PLinuxReadWriteData data = (PLinuxReadWriteData)user_data; //fprintf(stderr, "postLinuxRead: FileDescriptor %08x, Buffer %08x, Size %08x\n", data->FileDescriptor, data->BufferAddr, data->BufferSize); ReadBufferAndPrint(env, data->BufferAddr, data->BufferSize, "stdinp-"); // remove return address target_ulong bp_addr = env->eip; if(!qebek_bp_remove(bp_addr, env->cr[3], env->regs[R_EBP])) { fprintf(stderr, "postNtReadFile: failed to remove postcall interception.\n"); } qemu_free(data); }
void memcheck_guest_free(target_ulong guest_address) { MallocFree desc; MallocDescEx pulled; int pull_res; ProcDesc* proc; // Copy free descriptor from guest to emulator. memcheck_get_free_descriptor(&desc, guest_address); proc = get_process_from_pid(desc.free_pid); if (proc == NULL) { ME("memcheck: Unable to obtain process for pid=%u on free", desc.free_pid); memcheck_fail_free(guest_address); return; } // Pull matching entry from the map. pull_res = procdesc_pull_malloc(proc, desc.ptr, &pulled); if (pull_res) { av_invalid_pointer(proc, desc.ptr, 1); memcheck_fail_free(guest_address); return; } // Make sure that ptr has expected value if (desc.ptr != mallocdesc_get_user_ptr(&pulled.malloc_desc)) { if (trace_flags & TRACE_CHECK_INVALID_PTR_ENABLED) { printf("memcheck: Access violation is detected in process %s[pid=%u]:\n", proc->image_path, proc->pid); printf(" INVALID POINTER 0x%08X is used in 'free' operation.\n" " This pointer is unexpected for 'free' operation, as allocation\n" " descriptor found for this pointer in the process' allocation map\n" " suggests that 0x%08X is the pointer to be used to free this block.\n" " Allocation descriptor matching the pointer:\n", desc.ptr, (uint32_t)mallocdesc_get_user_ptr(&pulled.malloc_desc)); memcheck_dump_malloc_desc(&pulled, 1, 0); } } if (pulled.call_stack != NULL) { qemu_free(pulled.call_stack); } }
static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb) { if (req->elem.out_num < 1 || req->elem.in_num < 1) { fprintf(stderr, "virtio-blk missing headers\n"); exit(1); } if (req->elem.out_sg[0].iov_len < sizeof(*req->out) || req->elem.in_sg[req->elem.in_num - 1].iov_len < sizeof(*req->in)) { fprintf(stderr, "virtio-blk header not in correct element\n"); exit(1); } req->out = (void *)req->elem.out_sg[0].iov_base; req->in = (void *)req->elem.in_sg[req->elem.in_num - 1].iov_base; if (req->out->type & VIRTIO_BLK_T_FLUSH) { virtio_blk_handle_flush(mrb->blkreq, &mrb->num_writes, req, &mrb->old_bs); } else if (req->out->type & VIRTIO_BLK_T_SCSI_CMD) { virtio_blk_handle_scsi(req); } else if (req->out->type & VIRTIO_BLK_T_GET_ID) { VirtIOBlock *s = req->dev; /* * NB: per existing s/n string convention the string is * terminated by '\0' only when shorter than buffer. */ strncpy(req->elem.in_sg[0].iov_base, s->blk->serial ? s->blk->serial : "", MIN(req->elem.in_sg[0].iov_len, VIRTIO_BLK_ID_BYTES)); virtio_blk_req_complete(req, VIRTIO_BLK_S_OK); qemu_free(req); } else if (req->out->type & VIRTIO_BLK_T_OUT) { qemu_iovec_init_external(&req->qiov, &req->elem.out_sg[1], req->elem.out_num - 1); virtio_blk_handle_write(mrb->blkreq, &mrb->num_writes, req, &mrb->old_bs); } else { qemu_iovec_init_external(&req->qiov, &req->elem.in_sg[0], req->elem.in_num - 1); virtio_blk_handle_read(req); } }