Apparently, none of the bus owner give a reference to the hotplug
handler property, do not unref it on bus release.
Furthermore, a bus is allowed to be its own hotplug handler, which can
be seen in qbus_set_bus_hotplug_handler() function. However, in this
case, the reference can't be given to the property, or this will create
a cyclic dependency and the bus will never be free.
Each bus owner should manage the lifecycle of the hotplug handler.
Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
Reviewed-by: Paolo Bonzini <pbonz...@redhat.com>
---
hw/acpi/piix4.c | 2 ++
hw/core/bus.c | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/acpi/piix4.c b/hw/acpi/piix4.c
index 6d99fe407c..a553a7e110 100644
--- a/hw/acpi/piix4.c
+++ b/hw/acpi/piix4.c
@@ -440,6 +440,8 @@ static void piix4_update_bus_hotplug(PCIBus *pci_bus, void
*opaque)
{
PIIX4PMState *s = opaque;
+ /* pci_bus cannot outlive PIIX4PMState, because /machine keeps it alive
+ * and it's not hot-unpluggable */
qbus_set_hotplug_handler(BUS(pci_bus), DEVICE(s), &error_abort);
}
diff --git a/hw/core/bus.c b/hw/core/bus.c
index cf383fc1af..4651f24486 100644
--- a/hw/core/bus.c
+++ b/hw/core/bus.c
@@ -197,7 +197,7 @@ static void qbus_initfn(Object *obj)
TYPE_HOTPLUG_HANDLER,
(Object **)&bus->hotplug_handler,
object_property_allow_set_link,
- OBJ_PROP_LINK_UNREF_ON_RELEASE,
+ 0,
NULL);
object_property_add_bool(obj, "realized",
bus_get_realized, bus_set_realized, NULL);
--
2.12.0.rc2.3.gc93709801
