aboutsummaryrefslogtreecommitdiff
path: root/qom
diff options
context:
space:
mode:
authorAlexander Barabash <alexander_barabash@mentor.com>2012-02-22 19:22:26 +0200
committerAnthony Liguori <aliguori@us.ibm.com>2012-02-22 13:24:30 -0600
commitf0cdc966fb8998bc6acc15fbd360e52061495557 (patch)
treeea0db3d4a80842fee1e2f560acf085688ba4eacd /qom
parentadbbdf2484b74a4216e4b481ec6146e3ea0061e4 (diff)
downloadqemu-f0cdc966fb8998bc6acc15fbd360e52061495557.zip
qemu-f0cdc966fb8998bc6acc15fbd360e52061495557.tar.gz
qemu-f0cdc966fb8998bc6acc15fbd360e52061495557.tar.bz2
qom: In function object_set_link_property(), first call object_ref(), then object_unref().
In the old implementation, if the new value of the property links to the same object, as the old value, that object is first unref-ed, and then ref-ed. This leads to unintended deinitialization of that object. In the new implementation, this is fixed. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alexander Barabash <alexander_barabash@mentor.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Diffstat (limited to 'qom')
-rw-r--r--qom/object.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/qom/object.c b/qom/object.c
index d858c04..aa037d2 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -892,6 +892,7 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
const char *name, Error **errp)
{
Object **child = opaque;
+ Object *old_target;
bool ambiguous = false;
const char *type;
char *path;
@@ -901,10 +902,8 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
visit_type_str(v, &path, name, errp);
- if (*child) {
- object_unref(*child);
- *child = NULL;
- }
+ old_target = *child;
+ *child = NULL;
if (strcmp(path, "") != 0) {
Object *target;
@@ -930,6 +929,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
}
g_free(path);
+
+ if (old_target != NULL) {
+ object_unref(old_target);
+ }
}
void object_property_add_link(Object *obj, const char *name,