From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38487) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1V2Kyz-0006Rg-8n for qemu-devel@nongnu.org; Thu, 25 Jul 2013 08:49:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1V2Kyv-0007OW-5D for qemu-devel@nongnu.org; Thu, 25 Jul 2013 08:49:25 -0400 Received: from mx1.redhat.com ([209.132.183.28]:22660) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1V2Kyu-0007ON-Oj for qemu-devel@nongnu.org; Thu, 25 Jul 2013 08:49:21 -0400 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r6PCnKuH009262 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 25 Jul 2013 08:49:20 -0400 Date: Thu, 25 Jul 2013 08:49:17 -0400 From: Jeff Cody Message-ID: <20130725124917.GA19682@localhost.localdomain> References: <1374742906-4489-1-git-send-email-famz@redhat.com> <1374742906-4489-6-git-send-email-famz@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1374742906-4489-6-git-send-email-famz@redhat.com> Subject: Re: [Qemu-devel] [PATCH 5/8] block: use BlockDriverState refcnt for device attach/detach List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Fam Zheng Cc: kwolf@redhat.com, pbonzini@redhat.com, qemu-devel@nongnu.org, stefanha@redhat.com On Thu, Jul 25, 2013 at 05:01:43PM +0800, Fam Zheng wrote: > Signed-off-by: Fam Zheng > --- > block.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/block.c b/block.c > index dfa4be0..ce4d94b 100644 > --- a/block.c > +++ b/block.c > @@ -1620,11 +1620,13 @@ int bdrv_attach_dev(BlockDriverState *bs, void *dev) > return -EBUSY; > } > bs->dev = dev; > + bdrv_ref(bs); > bdrv_iostatus_reset(bs); > return 0; > } > > -/* TODO qdevified devices don't use this, remove when devices are qdevified */ > +/* Attach a bs to dev, and increase its refcnt. > + * TODO qdevified devices don't use this, remove when devices are qdevified */ > void bdrv_attach_dev_nofail(BlockDriverState *bs, void *dev) > { > if (bdrv_attach_dev(bs, dev) < 0) { > @@ -1632,10 +1634,13 @@ void bdrv_attach_dev_nofail(BlockDriverState *bs, void *dev) > } > } > > +/* Detach bs from device. This decreases its refcnt, and may consequently > + * deletes it make bs an invalid pointer */ > void bdrv_detach_dev(BlockDriverState *bs, void *dev) > /* TODO change to DeviceState *dev when all users are qdevified */ > { > assert(bs->dev == dev); > + bdrv_unref(bs); > bs->dev = NULL; > bs->dev_ops = NULL; > bs->dev_opaque = NULL; This won't work, since we are dereferencing bs shortly after (potentially) freeing it. I would say just move the bdrv_unref() to the end of the function, but I have another concern as well. If bs is freed, then BDS pointer is now invalid, but not NULL. So there is no way for callers of bdrv_detach_dev() to know if the BDS pointer they passed into bdrv_detach_dev() is still valid; in fact, I think some call bdrv_close(bs) afterwards (piix). Qdev also still uses it, although just for pointer comparison and not dereferencing. Jeff > -- > 1.8.3.2 > >