qemu/hw
Klaus Jensen 3a69cadbef hw/block/nvme: fix ref counting in nvme_format_ns
Max noticed that since blk_aio_pwrite_zeroes() may invoke the callback
before returning, the callbacks will never see *count == 0 and thus
never free the count variable or decrement num_formats causing a CQE to
never be posted.

Coverity (CID 1451082) also picked up on the fact that count would not
be free'ed if the namespace was of zero size.

Fix both of these issues by explicitly checking *count and finalize for
the given namespace if --(*count) is zero. Enqueing a CQE if there are
no AIOs outstanding after this case is already handled by nvme_format()
by inspecting *num_formats.

Reported-by: Max Reitz <mreitz@redhat.com>
Reported-by: Coverity (CID 1451082)
Fixes: dc04d25e2f ("hw/block/nvme: add support for the format nvm command")
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
2021-03-29 18:46:57 +02:00
..
9pfs hw/9pfs/9p-synth: Replaced qemu_mutex_lock with QEMU_LOCK_GUARD 2021-03-16 11:41:49 +01:00
acpi acpi: Set proper maximum size for "etc/acpi/rsdp" blob 2021-03-22 18:58:19 -04:00
adc clock: Add ClockEvent parameter to callbacks 2021-03-08 17:20:01 +00:00
alpha vl: extract softmmu/datadir.c 2020-12-10 12:15:18 -05:00
arm acpi: Move maximum size logic into acpi_add_rom_blob() 2021-03-22 18:58:19 -04:00
audio hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
avr hw/avr/arduino: List board schematic links 2021-03-15 00:39:52 +01:00
block hw/block/nvme: fix ref counting in nvme_format_ns 2021-03-29 18:46:57 +02:00
char target-arm queue: 2021-03-23 21:15:17 +00:00
core hw/core/loader: Add new function rom_ptr_for_as() 2021-03-23 11:47:31 +00:00
cpu cpu/core: Register core-id and nr-threads as class properties 2020-09-22 16:48:29 -04:00
cris hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
display edid: prefer standard timings 2021-03-23 12:37:13 +01:00
dma target-arm queue: 2021-03-10 13:57:31 +00:00
gpio hw: gpio: implement gpio-pwr driver for qemu reset/poweroff 2021-01-29 10:47:28 +00:00
hppa hw: Use the PCI_SLOT() macro from 'hw/pci/pci.h' 2021-01-04 23:24:44 +01:00
hyperv qdev: Move softmmu properties to qdev-properties-system.h 2020-12-18 15:20:17 -05:00
i2c hw/i2c/npcm7xx_smbus: Simplify npcm7xx_smbus_init() 2021-03-05 15:17:34 +00:00
i386 acpi: Move setters/getters of oem fields to X86MachineState 2021-03-22 18:58:19 -04:00
ide hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
input Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
intc * fixes for i386 TCG paging 2021-03-19 18:01:17 +00:00
ipack Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
ipmi Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
isa hw/southbridge: Add missing Kconfig dependency VT82C686 on USB_UHCI 2021-03-15 17:00:59 +01:00
lm32 hw/lm32/Kconfig: Have MILKYMIST select LM32_DEVICES 2021-03-09 22:37:08 +01:00
m68k m68k: add Virtual M68k Machine 2021-03-15 21:03:06 +01:00
mem memory: add a sparse memory device for fuzzing 2021-03-16 14:30:30 -04:00
microblaze hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
mips hw/mips/gt64xxx: Trace accesses to ISD registers 2021-03-13 20:29:36 +01:00
misc hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
moxie moxie: do not use ram_size global 2020-12-10 12:15:08 -05:00
net hw/net: virtio-net: Initialize nc->do_not_pad to true 2021-03-22 17:34:31 +08:00
nios2 * New -action option and set-action QMP command (Alejandro) 2020-12-15 21:24:31 +00:00
nubus meson: convert hw/nubus 2020-08-21 06:30:25 -04:00
nvram sysemu: Let VMChangeStateHandler take boolean 'running' argument 2021-03-09 23:13:57 +01:00
openrisc target/openrisc: Move pic_cpu code into CPU object proper 2020-12-15 12:04:30 +00:00
pci pci: introduce acpi-index property for PCI device 2021-03-22 18:58:19 -04:00
pci-bridge Kconfig: Compile PXB for ARM_VIRT 2021-01-17 06:42:54 -05:00
pci-host hw/pci-host: Introduce SH_PCI Kconfig entry 2021-03-06 16:18:42 +01:00
pcmcia pxa2xx: Move QOM macros to header 2020-08-27 14:04:55 -04:00
ppc hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
rdma pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
remote multi-process: perform device reset in the remote process 2021-02-10 09:23:28 +00:00
riscv hw/riscv: microchip_pfsoc: Map EMMC/SD mux register 2021-03-22 21:54:40 -04:00
rtc goldfish_rtc: re-arm the alarm after migration 2021-03-04 09:43:29 -05:00
rx qtest: delete superfluous inclusions of qtest.h 2021-03-09 06:03:53 +01:00
s390x s390x: modularize virtio-gpu-ccw 2021-03-26 09:33:50 +01:00
scsi hw/scsi: remove 'scsi-disk' device 2021-03-18 09:22:55 +00:00
sd hw/sd: sdhci: Reset the data pointer of s->fifo_buffer[] when a different block size is programmed 2021-03-22 16:56:22 +01:00
sh4 hw/sh4/sh7750_regs: Replace link to license by its full content 2021-03-06 16:19:03 +01:00
smbios i386: do not use ram_size global 2020-12-10 12:15:08 -05:00
sparc hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
sparc64 hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
ssi hw/ssi: xilinx_spips: Remove DMA related dead codes from zynqmp_spips 2021-03-10 13:54:51 +00:00
timer hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
tpm tpm: put some tpm devices into the correct category 2021-02-20 12:36:19 +01:00
tricore tricore: added triboard with tc27x_soc 2021-03-14 14:41:55 +01:00
unicore32 meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
usb hw/usb/hcd-ehci: Fix crash when showing help of EHCI devices 2021-03-26 11:10:49 +01:00
vfio vfio/migrate: Move switch of dirty tracking into vfio_memory_listener 2021-03-16 10:06:44 -06:00
virtio virtio-pmem: fix virtio_pmem_resp assign problem 2021-03-22 10:17:53 -04:00
watchdog clock: Add ClockEvent parameter to callbacks 2021-03-08 17:20:01 +00:00
xen pci: add romsize property 2021-02-05 08:52:58 -05:00
xenpv meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
xtensa vl: make qemu_get_machine_opts static 2020-12-15 12:51:55 -05:00
Kconfig semihosting: Move hw/semihosting/ -> semihosting/ 2021-03-10 15:34:12 +00:00
meson.build semihosting: Move hw/semihosting/ -> semihosting/ 2021-03-10 15:34:12 +00:00