From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:48697)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1VLsHk-0004qG-E0
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 06:13:38 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1VLsHe-0005Ng-Ge
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 06:13:32 -0400
Received: from mx1.redhat.com ([209.132.183.28]:18960)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1VLsHe-0005MF-8I
	for qemu-devel@nongnu.org; Tue, 17 Sep 2013 06:13:26 -0400
Received: from int-mx01.intmail.prod.int.phx2.redhat.com
	(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r8HADPe2023329
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <qemu-devel@nongnu.org>; Tue, 17 Sep 2013 06:13:25 -0400
Message-ID: <52382B50.8090908@redhat.com>
Date: Tue, 17 Sep 2013 12:13:36 +0200
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <1378211609-16121-1-git-send-email-pbonzini@redhat.com>
	<1378211609-16121-18-git-send-email-pbonzini@redhat.com>
	<20130917092733.GE18186@redhat.com>
In-Reply-To: <20130917092733.GE18186@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 17/38] e1000: use instance_finalize instead
	of exit
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: qemu-devel@nongnu.org

Il 17/09/2013 11:27, Michael S. Tsirkin ha scritto:
>> >  static void
>> > -pci_e1000_uninit(PCIDevice *dev)
>> > +pci_e1000_instance_finalize(Object *obj)
>> >  {
>> > -    E1000State *d = E1000(dev);
>> > +    E1000State *d = E1000(obj);
>> >  
>> >      timer_del(d->autoneg_timer);
>> >      timer_free(d->autoneg_timer);
> So this looks wrong.
> This cancels timers after pci device has been destroyed,
> so meanwhile timers can run and send interrupts.

There are definitely cases where the timer deals with pending I/O and
has to run after the device has been removed from guest access.  This is
_not_ yet the point of destruction; the connection to the host backend
still exists in particular (it is only dropped by
object_property_del_all, which is called right after instance_finalize).

It should not be a problem for a device to raise an interrupt after
pci_do_unregister_device; it should go nowhere.  If it is passed to the
guest, it's a bug that we have to fix.

Paolo