On Wed, Jul 25, 2012 at 3:03 PM, Stefan Hajnoczi <stefa...@gmail.com> wrote:
> On Wed, Jul 25, 2012 at 4:31 AM, Liu Ping Fan <qemul...@gmail.com> wrote:
>> From: Liu Ping Fan <pingf...@linux.vnet.ibm.com>
>>
>> iohandler/bh/timer may use DeviceState when its refcnt=0,
>> postpone the reclaimer till they have done with it.
>>
>> Signed-off-by: Liu Ping Fan <pingf...@linux.vnet.ibm.com>
>> ---
>> include/qemu/object.h | 2 +-
>> main-loop.c | 4 ++++
>> main-loop.h | 2 ++
>> qemu-tool.c | 4 ++++
>> qom/Makefile.objs | 2 +-
>> qom/object.c | 7 ++++++-
>> qom/reclaimer.c | 41 +++++++++++++++++++++++++++++++++++++++++
>> 7 files changed, 59 insertions(+), 3 deletions(-)
>> create mode 100644 qom/reclaimer.c
>>
>> diff --git a/include/qemu/object.h b/include/qemu/object.h
>> index 8b17776..b233ee4 100644
>> --- a/include/qemu/object.h
>> +++ b/include/qemu/object.h
>> @@ -958,5 +958,5 @@ int object_child_foreach(Object *obj, int (*fn)(Object
>> *child, void *opaque),
>> */
>> Object *container_get(Object *root, const char *path);
>>
>> -
>> +void qemu_reclaimer_enqueue(Object *obj);
>> #endif
>> diff --git a/main-loop.c b/main-loop.c
>> index eb3b6e6..f9cecc5 100644
>> --- a/main-loop.c
>> +++ b/main-loop.c
>> @@ -505,5 +505,9 @@ int main_loop_wait(int nonblocking)
>> them. */
>> qemu_bh_poll();
>>
>> + /* ref to device from iohandler/bh/timer do not obey the rules, so delay
>> + * reclaiming until now.
>> + */
>> + qemu_device_reclaimer();
>> return ret;
>> }
>> diff --git a/main-loop.h b/main-loop.h
>> index cedddf5..1a59a6d 100644
>> --- a/main-loop.h
>> +++ b/main-loop.h
>> @@ -367,4 +367,6 @@ void qemu_bh_schedule_idle(QEMUBH *bh);
>> int qemu_bh_poll(void);
>> void qemu_bh_update_timeout(uint32_t *timeout);
>>
>> +void qemu_device_reclaimer(void);
>> +
>> #endif
>> diff --git a/qemu-tool.c b/qemu-tool.c
>> index 318c5fc..34d959b 100644
>> --- a/qemu-tool.c
>> +++ b/qemu-tool.c
>> @@ -75,6 +75,10 @@ void qemu_mutex_unlock_iothread(void)
>> {
>> }
>>
>> +void qemu_device_reclaimer(void)
>> +{
>> +}
>> +
>> int use_icount;
>>
>> void qemu_clock_warp(QEMUClock *clock)
>> diff --git a/qom/Makefile.objs b/qom/Makefile.objs
>> index 5ef060a..a579261 100644
>> --- a/qom/Makefile.objs
>> +++ b/qom/Makefile.objs
>> @@ -1,4 +1,4 @@
>> -qom-obj-y = object.o container.o qom-qobject.o
>> +qom-obj-y = object.o container.o qom-qobject.o reclaimer.o
>> qom-obj-twice-y = cpu.o
>> common-obj-y = $(qom-obj-twice-y)
>> user-obj-y = $(qom-obj-twice-y)
>> diff --git a/qom/object.c b/qom/object.c
>> index 00bb3b0..227d966 100644
>> --- a/qom/object.c
>> +++ b/qom/object.c
>> @@ -649,7 +649,12 @@ void object_unref(Object *obj)
>>
>> /* parent always holds a reference to its children */
>> if (obj->ref == 0) {
>> - object_finalize(obj);
>> + /* fixme, maybe introduce obj->finalze to make this more elegant */
>> + if (object_dynamic_cast(obj, "TYPE_DEVICE") != NULL) {
>
> hw/qdev.h:#define TYPE_DEVICE "device"
>
> This should be object_dynamic_cast(obj, TYPE_DEVICE).
>
Yes, thanks.
> Stefan
