From: Simon Marchi Date: Thu, 15 Aug 2019 15:56:14 +0000 (-0400) Subject: Fix: lib: increment refcount of bt_value_null when copying it X-Git-Url: http://git.efficios.com/?p=babeltrace.git;a=commitdiff_plain;h=d164ff16c5d8d303f2f9f3c295e66fff56a271a7 Fix: lib: increment refcount of bt_value_null when copying it Value copy functions must return a new reference. This is not done for bt_value_null_copy, which causes refcount imbalance when a null value gets copied. A bug caused by this can be triggered with: $ git:(3e3535450850) ✗ LIBBABELTRACE2_INIT_LOG_LEVEL=W ~/build/babeltrace/src/cli/babeltrace2 -c src.ctf.fs --params='yo=null,madame=null,la=null' ... 08-15 11:58:25.070 2757 2757 W LIB/VALUE bt_value_null_instance_release_func@value.c:72 Releasing the null value singleton: addr=0x7f070e1fc8e0 08-15 11:58:25.070 2757 2757 F LIB/VALUE bt_object_put_ref@object.h:367 Babeltrace 2 library precondition not satisfied; error is: 08-15 11:58:25.070 2757 2757 F LIB/VALUE bt_object_put_ref@object.h:367 Decrementing a reference count set to 0: addr=0x7f070e1fc8e0, ref-count=0 08-15 11:58:25.070 2757 2757 F LIB/VALUE bt_object_put_ref@object.h:367 Aborting... Change-Id: I338e6700201892cbe582719bf349041f316d78d8 Signed-off-by: Simon Marchi Reviewed-on: https://review.lttng.org/c/babeltrace/+/1942 Tested-by: jenkins Reviewed-by: Philippe Proulx --- diff --git a/src/lib/value.c b/src/lib/value.c index 77fc75b4..4009def7 100644 --- a/src/lib/value.c +++ b/src/lib/value.c @@ -136,6 +136,9 @@ void (* const destroy_funcs[])(struct bt_value *) = { static struct bt_value *bt_value_null_copy(const struct bt_value *null_obj) { + BT_ASSERT(null_obj == bt_value_null); + + bt_object_get_no_null_check(bt_value_null); return (void *) bt_value_null; }