[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] qdev: fix use-after-free in the error path of q
|
From: |
Andreas Färber |
|
Subject: |
Re: [Qemu-devel] [PATCH] qdev: fix use-after-free in the error path of qdev_init_nofail |
|
Date: |
Wed, 27 Jun 2012 16:07:29 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20120421 Thunderbird/12.0 |
Am 27.06.2012 15:44, schrieb Anthony Liguori:
> On 06/27/2012 08:14 AM, Andreas Färber wrote:
>> This together with the semantics discussions we're having makes me think
>> we should attack "QOM'ifying" qdev sooner than later. I.e., reviewing
>> what naming, chaining, etc. we can already change to align the
>> TYPE_DEVICE-derived types with the generic QOM infrastructure.
>
> We really ought to find all uses of qdev_init_nofail() or
> qdev_try_init() (including the sysbus et al derivatives) and add
> explicit qdev_free() calls in the error handling case such that we can
> remove the qdev_free() calls that are done automatically in the init
> function.
I strongly disagree: We should instead rip out qdev_free() and use
object_delete(). "free" vs. "delete" is still a qdev'ism, no need to
make things worse.
No disagreement on adding explicit QOM-style calls.
Regards,
Andreas
>
> Destructing an object automagically in a virtual method is pretty darn
> evil and really promotes these sort of problems.
>
> Regards,
>
> Anthony Liguori
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg