From 266ca11a0433643a3cc3146a9837d9f2b0bfbe3b Mon Sep 17 00:00:00 2001 From: Jason Baron Date: Wed, 2 May 2012 22:42:10 -0400 Subject: qdev: release parent properties on dc->init failure While looking into hot-plugging bridges, I can create a qemu segfault via: $ device_add pci-bridge Bridge chassis not specified. Each bridge is required to be assigned a unique chassis id > 0. ** ERROR:qom/object.c:389:object_delete: assertion failed: (obj->ref == 0) I'm proposing to fix this by adding a call to 'object_unparent()', before the call to qdev_free(). I see there is already a precedent for this usage pattern as seen in qdev_simple_unplug_cb(): /* can be used as ->unplug() callback for the simple cases */ int qdev_simple_unplug_cb(DeviceState *dev) { /* just zap it */ object_unparent(OBJECT(dev)); qdev_free(dev); return 0; } Signed-off-by: Jason Baron Signed-off-by: Michael S. Tsirkin --- hw/qdev.c | 1 + 1 file changed, 1 insertion(+) (limited to 'hw/qdev.c') diff --git a/hw/qdev.c b/hw/qdev.c index 6a8f6bda2b..af419b9c13 100644 --- a/hw/qdev.c +++ b/hw/qdev.c @@ -150,6 +150,7 @@ int qdev_init(DeviceState *dev) rc = dc->init(dev); if (rc < 0) { + object_unparent(OBJECT(dev)); qdev_free(dev); return rc; } -- cgit v1.2.3