From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:49292) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtVug-0001X8-2r for qemu-devel@nongnu.org; Fri, 03 Feb 2012 22:03:43 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RtVuf-00064V-1W for qemu-devel@nongnu.org; Fri, 03 Feb 2012 22:03:41 -0500 Received: from mail-pw0-f45.google.com ([209.85.160.45]:50631) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RtVue-00064R-Rt for qemu-devel@nongnu.org; Fri, 03 Feb 2012 22:03:41 -0500 Received: by pbaa11 with SMTP id a11so4431708pba.4 for ; Fri, 03 Feb 2012 19:03:40 -0800 (PST) Message-ID: <4F2CA008.2040402@codemonkey.ws> Date: Fri, 03 Feb 2012 21:03:36 -0600 From: Anthony Liguori MIME-Version: 1.0 References: <1328201142-26145-1-git-send-email-pbonzini@redhat.com> <1328201142-26145-2-git-send-email-pbonzini@redhat.com> <4F2BEED5.3050904@codemonkey.ws> <4F2C7B7B.60801@redhat.com> In-Reply-To: <4F2C7B7B.60801@redhat.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 01/16] qdev: fix hot-unplug List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paolo Bonzini Cc: qemu-devel@nongnu.org On 02/03/2012 06:27 PM, Paolo Bonzini wrote: > On 02/03/2012 03:27 PM, Anthony Liguori wrote: >> On 02/02/2012 10:45 AM, Paolo Bonzini wrote: >>> The reference that is returned by qdev_device_add is never given >>> back, so that device_del does not cause the refcount to go to zero >>> (and thus does nothing). >>> >>> Signed-off-by: Paolo Bonzini >> >> This isn't needed in qom-upstream.14. Here's why: >> >> object_init does not increase the reference count >> >> object_property_add_child increases the reference count >> object_new increases the reference count >> >> object_delete decrements the reference count >> object_property_del_child decreases the reference count >> >> object_delete calls object_property_del_child(obj->parent, obj) >> >> qdev_device_add calls object_new and object_property_add_child >> -> ref == 2 >> >> qdev_device_del calls object_delete >> -> ref -= 2 >> >> In qom-upstream.13, object_delete wasn't calling >> object_property_del_child which is why you saw the behavior you did. >> This problem would still exist with a composed device so dropping the >> reference here isn't enough. > > I trust you for now. :) > > It really seems like my patch is obviously correct so, if it's not needed > anymore there may be another bug elsewhere that masks it. There's no object_ref() in qdev_device_add(). The 2 references come from adding a child link to /peripheral and via object_new(). object_free() drops a reference (it's called in qdev_device_del()) and in the process of calling object_free(), it also calls object_unparent() which will drop the reference from the parent. I'm not thrilled about the way reference counting is done now. Perhaps we should do a gobject style floating reference... Regards, Anthony Liguori > > Paolo > >