From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:46637)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1S0FvM-0001H0-D4
	for qemu-devel@nongnu.org; Wed, 22 Feb 2012 12:24:20 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1S0FvG-0001pT-LN
	for qemu-devel@nongnu.org; Wed, 22 Feb 2012 12:24:16 -0500
Received: from mx1.redhat.com ([209.132.183.28]:64704)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1S0FvG-0001pI-Ew
	for qemu-devel@nongnu.org; Wed, 22 Feb 2012 12:24:10 -0500
Message-ID: <4F4524B3.7020500@redhat.com>
Date: Wed, 22 Feb 2012 18:24:03 +0100
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <1329931346-28207-1-git-send-email-alexander_barabash@mentor.com>
In-Reply-To: <1329931346-28207-1-git-send-email-alexander_barabash@mentor.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] qom: In function
 object_set_link_property(), first call object_ref(), then object_unref().
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: alexander_barabash@mentor.com
Cc: qemu-devel@nongnu.org

On 02/22/2012 06:22 PM, alexander_barabash@mentor.com wrote:
> From: Alexander Barabash <alexander_barabash@mentor.com>
> 
> In the old implementation, if the new value of the property links
> to the same object, as the old value, that object is first unref-ed,
> and then ref-ed. This leads to unintended deinitialization of that object.
> 
> In the new implementation, this is fixed.
> 
> Signed-off-by: Alexander Barabash <alexander_barabash@mentor.com>
> ---
>  qom/object.c |   11 +++++++----
>  1 files changed, 7 insertions(+), 4 deletions(-)
> 
> diff --git a/qom/object.c b/qom/object.c
> index 941c291..e6591e1 100644
> --- a/qom/object.c
> +++ b/qom/object.c
> @@ -892,6 +892,7 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>                                       const char *name, Error **errp)
>  {
>      Object **child = opaque;
> +    Object *old_target;
>      bool ambiguous = false;
>      const char *type;
>      char *path;
> @@ -901,10 +902,8 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>  
>      visit_type_str(v, &path, name, errp);
>  
> -    if (*child) {
> -        object_unref(*child);
> -        *child = NULL;
> -    }
> +    old_target = *child;
> +    *child = NULL;
>  
>      if (strcmp(path, "") != 0) {
>          Object *target;
> @@ -930,6 +929,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>      }
>  
>      g_free(path);
> +
> +    if (old_target != NULL) {
> +        object_unref(old_target);
> +    }
>  }
>  
>  void object_property_add_link(Object *obj, const char *name,

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>