From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:54768) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Td6Wn-0004AP-Lj for qemu-devel@nongnu.org; Mon, 26 Nov 2012 16:47:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Td6Wm-0003GN-Ju for qemu-devel@nongnu.org; Mon, 26 Nov 2012 16:47:45 -0500 Received: from e28smtp08.in.ibm.com ([122.248.162.8]:50222) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Td6Wm-0003GC-0A for qemu-devel@nongnu.org; Mon, 26 Nov 2012 16:47:44 -0500 Received: from /spool/local by e28smtp08.in.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 27 Nov 2012 03:17:38 +0530 Received: from d28av04.in.ibm.com (d28av04.in.ibm.com [9.184.220.66]) by d28relay02.in.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id qAQLlNoD27525332 for ; Tue, 27 Nov 2012 03:17:23 +0530 Received: from d28av04.in.ibm.com (loopback [127.0.0.1]) by d28av04.in.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id qAR3HDDl028612 for ; Tue, 27 Nov 2012 14:17:14 +1100 From: Anthony Liguori In-Reply-To: <1353660436-8897-1-git-send-email-pbonzini@redhat.com> References: <1353660436-8897-1-git-send-email-pbonzini@redhat.com> Date: Mon, 26 Nov 2012 15:47:16 -0600 Message-ID: <87zk24ox3v.fsf@codemonkey.ws> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: [Qemu-devel] [PATCH 1.3 0/5] QOM/qdev lifetime fixes List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paolo Bonzini , qemu-devel@nongnu.org Cc: peter.maydell@linaro.org, Liu Ping Fan Paolo Bonzini writes: > These patches fix problems in the handling of freeing QOM/qdev > objects. Together, they fix hot-unplug of USB mass storage devices, > which crashed with an assertion failure. > > I'm not 100% sure, but I think we were always leaking the scsi-disk in > pre-QOM days. Now we're freeing it properly, and the assertion proves it. > > However, I don't like particularly the assertion in object_delete. Once > we're sure we've fixed all bugs, we should remove it, because it prevents > a fully correct tracking of references. > > In this case, for example, there is still one reference to the scsi-disk > in the MSDState's scsi_dev member. We don't have neither an object_ref > nor an object_unref for it, so it happens to work. If we had an > object_ref, the matching object_unref would be in dc->exit. But then > we'd trip on the assertion failure again, because the SCSI bus is removed > (thus calling qdev_free on the scsi-dev) before dc->exit is called. > > I have more patches to actually make the reference count of devices > and buses fully correct, but they are even more scary than these, so > they should wait for 1.4. > Applied. Thanks. My patches didn't fix Peter's problem but yours do, I figured we'd take your version in 1.3 and then for 1.4 I can attempt to rework them. Regards, Anthony Liguori > Paolo Bonzini (5): > qom: fix refcount of non-heap-allocated objects > qdev: move bus removal to object_unparent > qom: make object_delete usable for statically-allocated objects > qdev: simplify (de)allocation of buses > qom: make object_finalize static > > hw/qdev-core.h | 5 ----- > hw/qdev.c | 26 ++++++++++++++------------ > hw/pci.c | 2 +- > hw/sysbus.c | 2 +- > include/qemu/object.h | 29 ++++++++++++++++++++--------- > qom/object.c | 12 +++++++++--- > 6 files changed, 45 insertions(+), 31 deletions(-) > > -- > 1.8.0