* [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
@ 2012-02-22 17:22 alexander_barabash
2012-02-22 17:24 ` Paolo Bonzini
2012-02-24 15:32 ` Anthony Liguori
0 siblings, 2 replies; 8+ messages in thread
From: alexander_barabash @ 2012-02-22 17:22 UTC (permalink / raw)
To: qemu-devel; +Cc: pbonzini, Alexander Barabash
From: Alexander Barabash <alexander_barabash@mentor.com>
In the old implementation, if the new value of the property links
to the same object, as the old value, that object is first unref-ed,
and then ref-ed. This leads to unintended deinitialization of that object.
In the new implementation, this is fixed.
Signed-off-by: Alexander Barabash <alexander_barabash@mentor.com>
---
qom/object.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/qom/object.c b/qom/object.c
index 941c291..e6591e1 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -892,6 +892,7 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
const char *name, Error **errp)
{
Object **child = opaque;
+ Object *old_target;
bool ambiguous = false;
const char *type;
char *path;
@@ -901,10 +902,8 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
visit_type_str(v, &path, name, errp);
- if (*child) {
- object_unref(*child);
- *child = NULL;
- }
+ old_target = *child;
+ *child = NULL;
if (strcmp(path, "") != 0) {
Object *target;
@@ -930,6 +929,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
}
g_free(path);
+
+ if (old_target != NULL) {
+ object_unref(old_target);
+ }
}
void object_property_add_link(Object *obj, const char *name,
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread* Re: [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
2012-02-22 17:22 [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref() alexander_barabash
@ 2012-02-22 17:24 ` Paolo Bonzini
2012-02-22 17:25 ` Alexander Barabash
2012-02-24 15:32 ` Anthony Liguori
1 sibling, 1 reply; 8+ messages in thread
From: Paolo Bonzini @ 2012-02-22 17:24 UTC (permalink / raw)
To: alexander_barabash; +Cc: qemu-devel
On 02/22/2012 06:22 PM, alexander_barabash@mentor.com wrote:
> From: Alexander Barabash <alexander_barabash@mentor.com>
>
> In the old implementation, if the new value of the property links
> to the same object, as the old value, that object is first unref-ed,
> and then ref-ed. This leads to unintended deinitialization of that object.
>
> In the new implementation, this is fixed.
>
> Signed-off-by: Alexander Barabash <alexander_barabash@mentor.com>
> ---
> qom/object.c | 11 +++++++----
> 1 files changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/qom/object.c b/qom/object.c
> index 941c291..e6591e1 100644
> --- a/qom/object.c
> +++ b/qom/object.c
> @@ -892,6 +892,7 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
> const char *name, Error **errp)
> {
> Object **child = opaque;
> + Object *old_target;
> bool ambiguous = false;
> const char *type;
> char *path;
> @@ -901,10 +902,8 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>
> visit_type_str(v, &path, name, errp);
>
> - if (*child) {
> - object_unref(*child);
> - *child = NULL;
> - }
> + old_target = *child;
> + *child = NULL;
>
> if (strcmp(path, "") != 0) {
> Object *target;
> @@ -930,6 +929,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
> }
>
> g_free(path);
> +
> + if (old_target != NULL) {
> + object_unref(old_target);
> + }
> }
>
> void object_property_add_link(Object *obj, const char *name,
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
2012-02-22 17:24 ` Paolo Bonzini
@ 2012-02-22 17:25 ` Alexander Barabash
2012-02-22 17:52 ` Eric Blake
0 siblings, 1 reply; 8+ messages in thread
From: Alexander Barabash @ 2012-02-22 17:25 UTC (permalink / raw)
To: Paolo Bonzini; +Cc: qemu-devel
On 02/22/2012 07:24 PM, Paolo Bonzini wrote:
> On 02/22/2012 06:22 PM, alexander_barabash@mentor.com wrote:
>> From: Alexander Barabash<alexander_barabash@mentor.com>
>>
>> In the old implementation, if the new value of the property links
>> to the same object, as the old value, that object is first unref-ed,
>> and then ref-ed. This leads to unintended deinitialization of that object.
>>
>> In the new implementation, this is fixed.
>>
>> Signed-off-by: Alexander Barabash<alexander_barabash@mentor.com>
>> ---
>> qom/object.c | 11 +++++++----
>> 1 files changed, 7 insertions(+), 4 deletions(-)
>>
>> diff --git a/qom/object.c b/qom/object.c
>> index 941c291..e6591e1 100644
>> --- a/qom/object.c
>> +++ b/qom/object.c
>> @@ -892,6 +892,7 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>> const char *name, Error **errp)
>> {
>> Object **child = opaque;
>> + Object *old_target;
>> bool ambiguous = false;
>> const char *type;
>> char *path;
>> @@ -901,10 +902,8 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>>
>> visit_type_str(v,&path, name, errp);
>>
>> - if (*child) {
>> - object_unref(*child);
>> - *child = NULL;
>> - }
>> + old_target = *child;
>> + *child = NULL;
>>
>> if (strcmp(path, "") != 0) {
>> Object *target;
>> @@ -930,6 +929,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>> }
>>
>> g_free(path);
>> +
>> + if (old_target != NULL) {
>> + object_unref(old_target);
>> + }
>> }
>>
>> void object_property_add_link(Object *obj, const char *name,
> Reviewed-by: Paolo Bonzini<pbonzini@redhat.com>
Sorry, I did not figure out yet how to add the "v2" to the subject line. ))
Alex
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
2012-02-22 17:25 ` Alexander Barabash
@ 2012-02-22 17:52 ` Eric Blake
0 siblings, 0 replies; 8+ messages in thread
From: Eric Blake @ 2012-02-22 17:52 UTC (permalink / raw)
To: Alexander Barabash; +Cc: Paolo Bonzini, qemu-devel
[-- Attachment #1: Type: text/plain, Size: 437 bytes --]
On 02/22/2012 10:25 AM, Alexander Barabash wrote:
> Sorry, I did not figure out yet how to add the "v2" to the subject line. ))
git send-email --subject-prefix=PATCHv2
or
git send-email --annotate, then in the editor that pops up, add v2 in
the appropriate place
there's probably other possibilities as well.
--
Eric Blake eblake@redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 620 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
2012-02-22 17:22 [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref() alexander_barabash
2012-02-22 17:24 ` Paolo Bonzini
@ 2012-02-24 15:32 ` Anthony Liguori
1 sibling, 0 replies; 8+ messages in thread
From: Anthony Liguori @ 2012-02-24 15:32 UTC (permalink / raw)
To: alexander_barabash; +Cc: pbonzini, qemu-devel
On 02/22/2012 11:22 AM, alexander_barabash@mentor.com wrote:
> From: Alexander Barabash<alexander_barabash@mentor.com>
>
> In the old implementation, if the new value of the property links
> to the same object, as the old value, that object is first unref-ed,
> and then ref-ed. This leads to unintended deinitialization of that object.
>
> In the new implementation, this is fixed.
>
> Signed-off-by: Alexander Barabash<alexander_barabash@mentor.com>
Applied. Thanks.
Regards,
Anthony Liguori
> ---
> qom/object.c | 11 +++++++----
> 1 files changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/qom/object.c b/qom/object.c
> index 941c291..e6591e1 100644
> --- a/qom/object.c
> +++ b/qom/object.c
> @@ -892,6 +892,7 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
> const char *name, Error **errp)
> {
> Object **child = opaque;
> + Object *old_target;
> bool ambiguous = false;
> const char *type;
> char *path;
> @@ -901,10 +902,8 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>
> visit_type_str(v,&path, name, errp);
>
> - if (*child) {
> - object_unref(*child);
> - *child = NULL;
> - }
> + old_target = *child;
> + *child = NULL;
>
> if (strcmp(path, "") != 0) {
> Object *target;
> @@ -930,6 +929,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
> }
>
> g_free(path);
> +
> + if (old_target != NULL) {
> + object_unref(old_target);
> + }
> }
>
> void object_property_add_link(Object *obj, const char *name,
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
@ 2012-02-22 17:13 alexander_barabash
2012-02-22 17:17 ` Paolo Bonzini
0 siblings, 1 reply; 8+ messages in thread
From: alexander_barabash @ 2012-02-22 17:13 UTC (permalink / raw)
To: qemu-devel; +Cc: pbonzini, Alexander Barabash
From: Alexander Barabash <alexander_barabash@mentor.com>
In the old implementation, if the new value of the property links
to the same object, as the old value, that object is first unref-ed,
and then ref-ed. This leads to unintended deinitialization of that object.
In the new implementation, this is fixed.
Signed-off-by: Alexander Barabash <alexander_barabash@mentor.com>
---
qom/object.c | 18 +++++++++++++-----
1 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/qom/object.c b/qom/object.c
index 941c291..d1b3ac7 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -892,19 +892,19 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
const char *name, Error **errp)
{
Object **child = opaque;
+ Object *old_target;
bool ambiguous = false;
const char *type;
char *path;
gchar *target_type;
+ bool clear_old_target = true;
type = object_property_get_type(obj, name, NULL);
visit_type_str(v, &path, name, errp);
- if (*child) {
- object_unref(*child);
- *child = NULL;
- }
+ old_target = *child;
+ *child = NULL;
if (strcmp(path, "") != 0) {
Object *target;
@@ -916,7 +916,11 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
if (ambiguous) {
error_set(errp, QERR_AMBIGUOUS_PATH, path);
} else if (target) {
- object_ref(target);
+ if (target != old_target) {
+ object_ref(target);
+ } else {
+ clear_old_target = false;
+ }
*child = target;
} else {
target = object_resolve_path(path, &ambiguous);
@@ -930,6 +934,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
}
g_free(path);
+
+ if (clear_old_target && (old_target != NULL)) {
+ object_unref(old_target);
+ }
}
void object_property_add_link(Object *obj, const char *name,
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread* Re: [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
2012-02-22 17:13 alexander_barabash
@ 2012-02-22 17:17 ` Paolo Bonzini
2012-02-22 17:19 ` Alexander Barabash
0 siblings, 1 reply; 8+ messages in thread
From: Paolo Bonzini @ 2012-02-22 17:17 UTC (permalink / raw)
To: alexander_barabash; +Cc: qemu-devel
On 02/22/2012 06:13 PM, alexander_barabash@mentor.com wrote:
> From: Alexander Barabash <alexander_barabash@mentor.com>
>
> In the old implementation, if the new value of the property links
> to the same object, as the old value, that object is first unref-ed,
> and then ref-ed. This leads to unintended deinitialization of that object.
>
> In the new implementation, this is fixed.
>
> Signed-off-by: Alexander Barabash <alexander_barabash@mentor.com>
> ---
> qom/object.c | 18 +++++++++++++-----
> 1 files changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/qom/object.c b/qom/object.c
> index 941c291..d1b3ac7 100644
> --- a/qom/object.c
> +++ b/qom/object.c
> @@ -892,19 +892,19 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
> const char *name, Error **errp)
> {
> Object **child = opaque;
> + Object *old_target;
> bool ambiguous = false;
> const char *type;
> char *path;
> gchar *target_type;
> + bool clear_old_target = true;
>
> type = object_property_get_type(obj, name, NULL);
>
> visit_type_str(v, &path, name, errp);
>
> - if (*child) {
> - object_unref(*child);
> - *child = NULL;
> - }
> + old_target = *child;
> + *child = NULL;
You can just remove the unref here...
> if (strcmp(path, "") != 0) {
> Object *target;
> @@ -916,7 +916,11 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
> if (ambiguous) {
> error_set(errp, QERR_AMBIGUOUS_PATH, path);
> } else if (target) {
> - object_ref(target);
> + if (target != old_target) {
> + object_ref(target);
... leave the unconditional ref to target here...
> + } else {
> + clear_old_target = false;
> + }
> *child = target;
> } else {
> target = object_resolve_path(path, &ambiguous);
> @@ -930,6 +934,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
> }
>
> g_free(path);
> +
> + if (clear_old_target && (old_target != NULL)) {
> + object_unref(old_target);
... and leave this unref on old_target, without the need for
clear_old_target.
> + }
> }
>
> void object_property_add_link(Object *obj, const char *name,
Paolo
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref().
2012-02-22 17:17 ` Paolo Bonzini
@ 2012-02-22 17:19 ` Alexander Barabash
0 siblings, 0 replies; 8+ messages in thread
From: Alexander Barabash @ 2012-02-22 17:19 UTC (permalink / raw)
To: Paolo Bonzini; +Cc: qemu-devel
On 02/22/2012 07:17 PM, Paolo Bonzini wrote:
> On 02/22/2012 06:13 PM, alexander_barabash@mentor.com wrote:
>> From: Alexander Barabash<alexander_barabash@mentor.com>
>>
>> In the old implementation, if the new value of the property links
>> to the same object, as the old value, that object is first unref-ed,
>> and then ref-ed. This leads to unintended deinitialization of that object.
>>
>> In the new implementation, this is fixed.
>>
>> Signed-off-by: Alexander Barabash<alexander_barabash@mentor.com>
>> ---
>> qom/object.c | 18 +++++++++++++-----
>> 1 files changed, 13 insertions(+), 5 deletions(-)
>>
>> diff --git a/qom/object.c b/qom/object.c
>> index 941c291..d1b3ac7 100644
>> --- a/qom/object.c
>> +++ b/qom/object.c
>> @@ -892,19 +892,19 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>> const char *name, Error **errp)
>> {
>> Object **child = opaque;
>> + Object *old_target;
>> bool ambiguous = false;
>> const char *type;
>> char *path;
>> gchar *target_type;
>> + bool clear_old_target = true;
>>
>> type = object_property_get_type(obj, name, NULL);
>>
>> visit_type_str(v,&path, name, errp);
>>
>> - if (*child) {
>> - object_unref(*child);
>> - *child = NULL;
>> - }
>> + old_target = *child;
>> + *child = NULL;
> You can just remove the unref here...
>
>> if (strcmp(path, "") != 0) {
>> Object *target;
>> @@ -916,7 +916,11 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>> if (ambiguous) {
>> error_set(errp, QERR_AMBIGUOUS_PATH, path);
>> } else if (target) {
>> - object_ref(target);
>> + if (target != old_target) {
>> + object_ref(target);
> ... leave the unconditional ref to target here...
>
>> + } else {
>> + clear_old_target = false;
>> + }
>> *child = target;
>> } else {
>> target = object_resolve_path(path,&ambiguous);
>> @@ -930,6 +934,10 @@ static void object_set_link_property(Object *obj, Visitor *v, void *opaque,
>> }
>>
>> g_free(path);
>> +
>> + if (clear_old_target&& (old_target != NULL)) {
>> + object_unref(old_target);
> ... and leave this unref on old_target, without the need for
> clear_old_target.
>
>> + }
>> }
>>
>> void object_property_add_link(Object *obj, const char *name,
> Paolo
Agreed.
Alex
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2012-02-24 15:32 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-02-22 17:22 [Qemu-devel] [PATCH] qom: In function object_set_link_property(), first call object_ref(), then object_unref() alexander_barabash
2012-02-22 17:24 ` Paolo Bonzini
2012-02-22 17:25 ` Alexander Barabash
2012-02-22 17:52 ` Eric Blake
2012-02-24 15:32 ` Anthony Liguori
-- strict thread matches above, loose matches on Subject: below --
2012-02-22 17:13 alexander_barabash
2012-02-22 17:17 ` Paolo Bonzini
2012-02-22 17:19 ` Alexander Barabash
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).