mirror of https://gitee.com/openkylin/qemu.git
io: fix possible double free of task error object
If a QIOTask has an error set and the calling code uses qio_task_propagate_error() to steal the reference to that Error object, the task would not clear its own reference. This would lead to a double-free when qio_task_free runs, if the caller had (correctly) freed the Error object they now owned. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
parent
c7f1cf01b8
commit
80fb34eda0
|
@ -157,6 +157,7 @@ bool qio_task_propagate_error(QIOTask *task,
|
|||
{
|
||||
if (task->err) {
|
||||
error_propagate(errp, task->err);
|
||||
task->err = NULL;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
|
@ -127,7 +127,7 @@ static void test_task_failure(void)
|
|||
g_assert(data.source == obj);
|
||||
g_assert(data.err == err);
|
||||
g_assert(data.freed == false);
|
||||
|
||||
error_free(data.err);
|
||||
}
|
||||
|
||||
|
||||
|
@ -238,6 +238,8 @@ static void test_task_thread_failure(void)
|
|||
g_assert(data.source == obj);
|
||||
g_assert(data.err != NULL);
|
||||
|
||||
error_free(data.err);
|
||||
|
||||
self = g_thread_self();
|
||||
|
||||
/* Make sure the test_task_thread_worker actually got
|
||||
|
|
Loading…
Reference in New Issue