We create at least one vCPU address space by default in
qemu_init_vcpu(), itself called in cpu_common_realizefn().
Since we don't have qemu_deinit_vcpu() helper (we probably
don't need any), simply destroy all the address spaces in
cpu_common_unrealizefn(), *after* the thread is destroyed.

Note: all targets were leaking the vCPU address spaces upon
vCPU unrealize (like hot-unplugged actions).

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
 hw/core/cpu-common.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c
index e5841c59df..35c0cc4dad 100644
--- a/hw/core/cpu-common.c
+++ b/hw/core/cpu-common.c
@@ -224,6 +224,11 @@ static void cpu_common_unrealizefn(DeviceState *dev)
 
     /* Destroy vCPU thread */
     cpu_remove_sync(cpu);
+
+    /* Destroy CPU address space */
+    for (unsigned idx = 0; idx < cpu->num_ases; idx++) {
+        cpu_address_space_destroy(cpu, idx);
+    }
 }
 
 static void cpu_common_initfn(Object *obj)
-- 
2.41.0

On 9/18/23 09:02, Philippe Mathieu-Daudé wrote:
> +++ b/hw/core/cpu-common.c
> @@ -224,6 +224,11 @@ static void cpu_common_unrealizefn(DeviceState *dev)
>   
>       /* Destroy vCPU thread */
>       cpu_remove_sync(cpu);
> +
> +    /* Destroy CPU address space */
> +    for (unsigned idx = 0; idx < cpu->num_ases; idx++) {
> +        cpu_address_space_destroy(cpu, idx);
> +    }


Merged with the previous patch, with the single call.


r~