On Thu, Sep 04, 2014 at 07:41:32PM +0800, arei.gong...@huawei.com wrote: > From: Gonglei <arei.gong...@huawei.com> > > object_initialize() leaves the object with a refcount of 1. > object_property_add_child() adds its own reference which is dropped > again when the property is deleted. > > The upshot of this is that we always have a refcount >= 1. Upon hot > unplug the virtio-net child is not finalized! > > Drop our reference after the child property has been added to the > parent. > > Signed-off-by: Gonglei <arei.gong...@huawei.com> > --- > Stefan had post virtio-blk in commit c5d49db4, but virtio-net has > the same problem. Maybe the other virtio devices have too. > --- > hw/virtio/virtio-pci.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c > index ddb5da1..78dcd68 100644 > --- a/hw/virtio/virtio-pci.c > +++ b/hw/virtio/virtio-pci.c > @@ -1456,6 +1456,7 @@ static void virtio_net_pci_instance_init(Object *obj) > VirtIONetPCI *dev = VIRTIO_NET_PCI(obj); > object_initialize(&dev->vdev, sizeof(dev->vdev), TYPE_VIRTIO_NET); > object_property_add_child(obj, "virtio-backend", OBJECT(&dev->vdev), > NULL); > + object_unref(OBJECT(&dev->vdev)); > } > > static const TypeInfo virtio_net_pci_info = {
You just copied my commit but didn't consider all the work I did before to make virtio-blk safe. Similar work is necessary for virtio-net. Before it is okay to finalize the virtio-net (dev->vdev) object, you need to audit virtio-pci and virtio-net to make sure all resources and qdev properties are freed once and only once. In the case of virtio-net, the qdev properties are duplicated so both virtio-net-pci and virtio-net point qdev properties at the same fields in virtio-net. For example, the "tx" string property will be double-freed with your patch. You can use the alias properties that I introduced to avoid duplicating qdev properties for virtio-net. Stefan
pgpQ6lwgbPdE_.pgp
Description: PGP signature