diff options
author | Jason Baron <jbaron@redhat.com> | 2012-05-02 22:42:10 -0400 |
---|---|---|
committer | Michael S. Tsirkin <mst@redhat.com> | 2012-06-11 22:55:13 +0300 |
commit | 266ca11a0433643a3cc3146a9837d9f2b0bfbe3b (patch) | |
tree | 9a3023ed9ae8e85d8f9c03c159fe9e4d8ccbfd6a /hw | |
parent | 44701ab71ad854e6be567a6294f4665f36651076 (diff) | |
download | qemu-266ca11a0433643a3cc3146a9837d9f2b0bfbe3b.zip qemu-266ca11a0433643a3cc3146a9837d9f2b0bfbe3b.tar.gz qemu-266ca11a0433643a3cc3146a9837d9f2b0bfbe3b.tar.bz2 |
qdev: release parent properties on dc->init failure
While looking into hot-plugging bridges, I can create a qemu segfault via:
$ device_add pci-bridge
Bridge chassis not specified. Each bridge is required to be assigned a unique chassis id > 0.
**
ERROR:qom/object.c:389:object_delete: assertion failed: (obj->ref == 0)
I'm proposing to fix this by adding a call to 'object_unparent()', before the
call to qdev_free(). I see there is already a precedent for this usage pattern as
seen in qdev_simple_unplug_cb():
/* can be used as ->unplug() callback for the simple cases */
int qdev_simple_unplug_cb(DeviceState *dev)
{
/* just zap it */
object_unparent(OBJECT(dev));
qdev_free(dev);
return 0;
}
Signed-off-by: Jason Baron <jbaron@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Diffstat (limited to 'hw')
-rw-r--r-- | hw/qdev.c | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -150,6 +150,7 @@ int qdev_init(DeviceState *dev) rc = dc->init(dev); if (rc < 0) { + object_unparent(OBJECT(dev)); qdev_free(dev); return rc; } |