qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Use-after-free during unrealize in system_reset

From: Paolo Bonzini
Subject: Re: [Qemu-devel] Use-after-free during unrealize in system_reset
Date: Fri, 06 Jun 2014 11:52:46 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 
Il 06/06/2014 11:03, Stefan Hajnoczi ha scritto:

commit 5c21ce77d7e5643089ceec556c0408445d017f32
Author: Bandan Das <address@hidden>
Date:   Wed Mar 12 21:02:12 2014 +0100

    qdev: Realize buses on device realization

    Integrate (un)realization of child buses with realization/unrealization
    of the device hosting them. Code in device_unparent() is reordered for
    unrealization of buses to work as part of device unrealization.

    That way no changes need to be made to bus instantiation.

    Signed-off-by: Bandan Das <address@hidden>
    Signed-off-by: Andreas Färber <address@hidden>


This hunk seems wrong.  Bandan, what was the reason for it?


@@ -841,13 +858,13 @@ static void device_unparent(Object *obj)
     QObject *event_data;
     bool have_realized = dev->realized;

+    if (dev->realized) {
+        object_property_set_bool(obj, false, "realized", NULL);
+    }
     while (dev->num_child_bus) {
         bus = QLIST_FIRST(&dev->child_bus);
         object_unparent(OBJECT(bus));
     }
-    if (dev->realized) {
-        object_property_set_bool(obj, false, "realized", NULL);
-    }
     if (dev->parent_bus) {
         bus_remove_child(dev->parent_bus, dev);
         object_unref(OBJECT(dev->parent_bus));



Paolo
reply via email to
[Prev in Thread] Current Thread [Next in Thread]