qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v3 17/19] target-i386: fix apic object leak when

From: Eduardo Habkost
Subject: Re: [Qemu-devel] [PATCH v3 17/19] target-i386: fix apic object leak when CPU is deleted
Date: Wed, 13 Jul 2016 12:04:44 -0300
User-agent: Mutt/1.6.1 (2016-04-27) 
On Wed, Jul 06, 2016 at 08:20:53AM +0200, Igor Mammedov wrote:
> Signed-off-by: Igor Mammedov <address@hidden>
> ---
>  target-i386/cpu.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/target-i386/cpu.c b/target-i386/cpu.c
> index 04c0b79..2fa445d 100644
> --- a/target-i386/cpu.c
> +++ b/target-i386/cpu.c
> @@ -2765,6 +2765,7 @@ static void x86_cpu_apic_create(X86CPU *cpu, Error 
> **errp)
>  
>      object_property_add_child(OBJECT(cpu), "lapic",
>                                OBJECT(cpu->apic_state), &error_abort);
> +    object_unref(OBJECT(cpu->apic_state));

What kind of event can trigger object_unparent() or
object_del_property() on "lapic"? Can we guarantee that the child
property will never be deleted by any other code, only by
x86_cpu_unrealizefn() and object_finalize(cpu)?

Because with this change, deleting the property will leave us
with with a dangling cpu->apic_state pointer.

>  
>      qdev_prop_set_uint8(cpu->apic_state, "id", cpu->apic_id);
>      /* TODO: convert to link<> */
> -- 
> 2.7.0
> 

-- 
Eduardo
reply via email to
[Prev in Thread] Current Thread [Next in Thread]