Il 13/05/2013 14:07, Peter Maydell ha scritto: > On 13 May 2013 12:48, David Gibson <da...@gibson.dropbear.id.au> wrote: >> On Mon, May 13, 2013 at 12:10:10PM +0100, Peter Maydell wrote: >>> Hmm, is this the ideal semantics? Typically the owner of the >>> MemoryListener isn't the owner of the AddressSpace so it isn't >>> necessarily in a position to guarantee that it can unregister >>> the listener before the address space is destroyed. In fact >>> as the listener API is currently documented, the filter >>> argument is just an optimisation to save the callbacks having >>> to filter out irrelevant information themselves. >> >> If so, then it's broken by design. There's no guarantee that after an >> AddressSpace is destroyed another one won't be created at the same >> address (in fact, depending on your malloc() implementation, it could >> be very likely). So references by pointer to an object *must* be >> removed before the object itself is freed. > > Mmm. Looking through the code it turns out we don't actually > make use of the ability to pass NULL as a filter (except in > target-arm/kvm.c which was just me being lazy and not passing > in the system address space). Perhaps we should just drop that > capability, at which point you have a clearer "you are listening > on one AS and you must make sure you arrange to unregister before > that AS goes away" API definition?
Yes, that could be an idea. Paolo
