aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIgor Mammedov <imammedo@redhat.com>2017-02-28 12:08:15 +0000
committerPeter Maydell <peter.maydell@linaro.org>2017-02-28 12:08:15 +0000
commitdbb74759fae6f521709e16e19cbb7d6fb2307700 (patch)
treeb04dbc8f373c3194018a08915dd69c60b07cc0bd
parent241999bf4c0dd75d300ceee46f7ad28b3a39fe97 (diff)
downloadqemu-dbb74759fae6f521709e16e19cbb7d6fb2307700.zip
qemu-dbb74759fae6f521709e16e19cbb7d6fb2307700.tar.gz
qemu-dbb74759fae6f521709e16e19cbb7d6fb2307700.tar.bz2
hw/arm/virt: fix cpu object reference leak
object_new(FOO) returns an object with ref_cnt == 1 and following object_property_set_bool(cpuobj, true, "realized", NULL) set parent of cpuobj to '/machine/unattached' which makes ref_cnt == 2. Since machvirt_init() doesn't take ownership of cpuobj returned by object_new() it should explicitly drop reference to cpuobj when dangling pointer is about to go out of scope like it's done pc_new_cpu() to avoid object leak. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-id: 1487253461-269218-1-git-send-email-imammedo@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-rw-r--r--hw/arm/virt.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index f3440f2..0c270b8 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -1378,6 +1378,7 @@ static void machvirt_init(MachineState *machine)
}
object_property_set_bool(cpuobj, true, "realized", NULL);
+ object_unref(cpuobj);
}
fdt_add_timer_nodes(vms);
fdt_add_cpu_nodes(vms);