Commit 08324de90d for qemu.org
commit 08324de90d1036326fb562daa89e8af335132a85
Author: Trieu Huynh <vikingtc4@gmail.com>
Date: Wed Mar 18 23:14:13 2026 +0900
hw/pci/msix: fix error handling for msix_init callers
Check return value of msix_init() and return early on
failure instead of continuing with invalid state.
- Use ret < 0 to handle negative return value.
- Use errp parameter to handle failure instead of NULL.
- No functional changes.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/413
Signed-off-by: Trieu Huynh <vikingtc4@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20260318141415.8538-5-vikingtc4@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff --git a/hw/net/igbvf.c b/hw/net/igbvf.c
index 48d56e43ac..9a165c7063 100644
--- a/hw/net/igbvf.c
+++ b/hw/net/igbvf.c
@@ -260,7 +260,7 @@ static void igbvf_pci_realize(PCIDevice *dev, Error **errp)
ret = msix_init(dev, IGBVF_MSIX_VEC_NUM, &s->msix, IGBVF_MSIX_BAR_IDX, 0,
&s->msix, IGBVF_MSIX_BAR_IDX, 0x2000, 0x70, errp);
- if (ret) {
+ if (ret < 0) {
return;
}
diff --git a/hw/net/rocker/rocker.c b/hw/net/rocker/rocker.c
index 4a7056bd45..910dce901b 100644
--- a/hw/net/rocker/rocker.c
+++ b/hw/net/rocker/rocker.c
@@ -1228,7 +1228,7 @@ static int rocker_msix_init(Rocker *r, Error **errp)
&r->msix_bar,
ROCKER_PCI_MSIX_BAR_IDX, ROCKER_PCI_MSIX_PBA_OFFSET,
0, errp);
- if (err) {
+ if (err < 0) {
return err;
}
diff --git a/hw/pci/msix.c b/hw/pci/msix.c
index b35476d057..1b23eaf100 100644
--- a/hw/pci/msix.c
+++ b/hw/pci/msix.c
@@ -432,7 +432,7 @@ int msix_init_exclusive_bar(PCIDevice *dev, uint32_t nentries,
0, &dev->msix_exclusive_bar,
bar_nr, bar_pba_offset,
0, errp);
- if (ret) {
+ if (ret < 0) {
return ret;
}
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index f62e420a91..a29742d449 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -2380,11 +2380,17 @@ static void megasas_scsi_realize(PCIDevice *dev, Error **errp)
memory_region_init_io(&s->queue_io, OBJECT(s), &megasas_queue_ops, s,
"megasas-queue", 0x40000);
- if (megasas_use_msix(s) &&
- msix_init(dev, 15, &s->mmio_io, b->mmio_bar, 0x2000,
- &s->mmio_io, b->mmio_bar, 0x3800, 0x68, NULL)) {
- /* TODO: check msix_init's error, and should fail on msix=on */
- s->msix = ON_OFF_AUTO_OFF;
+ if (megasas_use_msix(s)) {
+ ret = msix_init(dev, 15, &s->mmio_io, b->mmio_bar, 0x2000,
+ &s->mmio_io, b->mmio_bar, 0x3800, 0x68,
+ s->msix == ON_OFF_AUTO_ON ? errp : NULL);
+
+ if (ret < 0) {
+ if (s->msix == ON_OFF_AUTO_ON) {
+ return;
+ }
+ s->msix = ON_OFF_AUTO_OFF;
+ }
}
if (pci_is_express(dev)) {
diff --git a/hw/usb/hcd-xhci-pci.c b/hw/usb/hcd-xhci-pci.c
index aa570506fc..c5446a4a5e 100644
--- a/hw/usb/hcd-xhci-pci.c
+++ b/hw/usb/hcd-xhci-pci.c
@@ -173,11 +173,17 @@ static void usb_xhci_pci_realize(struct PCIDevice *dev, Error **errp)
}
if (s->msix != ON_OFF_AUTO_OFF) {
- /* TODO check for errors, and should fail when msix=on */
- msix_init(dev, s->xhci.numintrs,
- &s->xhci.mem, 0, OFF_MSIX_TABLE,
- &s->xhci.mem, 0, OFF_MSIX_PBA,
- 0x90, NULL);
+ ret = msix_init(dev, s->xhci.numintrs,
+ &s->xhci.mem, 0, OFF_MSIX_TABLE,
+ &s->xhci.mem, 0, OFF_MSIX_PBA,
+ 0x90, s->msix == ON_OFF_AUTO_ON ? errp : NULL);
+
+ if (ret < 0) {
+ if (s->msix == ON_OFF_AUTO_ON) {
+ return;
+ }
+ s->msix = ON_OFF_AUTO_OFF;
+ }
}
s->xhci.as = pci_get_address_space(dev);
}