linux-user: Fix exit syscall with QOM CPU

For QOM'ified CPUs we cannot g_free() CPUArchState, we must
object_delete() the object it is embedded into.

Fixes LP#982321 (invalid free() while executing pacman with qemu-arm).

Reported-by: Serge Schneider <serge@xecdesign.com>
Reported-by: Russell Keith Davis <russell@russelldavis.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Serge Schneider <serge@xecdesign.com>
Tested-by: Russell Keith Davis <russell@russelldavis.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 8a92162..7128618 100644 (file)
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -5045,7 +5045,11 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
                         NULL, NULL, 0);
           }
           thread_env = NULL;
+#ifdef ENV_GET_CPU
+          object_delete(OBJECT(ENV_GET_CPU(cpu_env)));
+#else
           g_free(cpu_env);
+#endif
           g_free(ts);
           pthread_exit(NULL);
       }