Google Git
Sign in
qemu / qemu / b09995aef1d4a5879000a196a82e37b0511c8e03^! / .
commitb09995aef1d4a5879000a196a82e37b0511c8e03[log] [tgz]
authorPaolo Bonzini <pbonzini@redhat.com>Fri Jan 25 14:12:37 2013 +0100
committerAnthony Liguori <aliguori@us.ibm.com>Fri Feb 01 15:53:11 2013 -0600
tree5e9019b61486cb07a7707633f209fa630863dc7d
parentdc7389b79a15082fa4824bd3de966499f3b8cb2a [diff]
qdev: drop extra references at creation time

qdev_free and qbus_free have to do unparent+unref, because nobody else
drops the initial reference (the one included by object_initialize)
before them.

For device_init_func and do_device_add, this is trivially correct,
since the DeviceState goes out of scope.

For qdev_create, qdev_try_create and qbus_init, it is a bit more tricky.
What we are doing here is just assuming that the caller knows what it's
doing, and won't call qdev_free/qbus_free while the device is still there.
This is a pretty reasonable assumption and (behind the scenes) is also
what GObject/GTK does.  GTK actually has a "floating reference" that
goes away as soon as the caller does gtk_container_add or something
like that, but in the end qbus_init and qdev_try_create are already
adding the new object to its qdev parent!  So in the end the two solutions
are the same.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

diff --git a/hw/qdev-monitor.c b/hw/qdev-monitor.c
index 4e2a92b..4f9a6eb 100644
--- a/hw/qdev-monitor.c
+++ b/hw/qdev-monitor.c

@@ -591,6 +591,7 @@
 {
     Error *local_err = NULL;
     QemuOpts *opts;
+    DeviceState *dev;
 
     opts = qemu_opts_from_qdict(qemu_find_opts("device"), qdict, &local_err);
     if (error_is_set(&local_err)) {
@@ -602,10 +603,12 @@
         qemu_opts_del(opts);
         return 0;
     }
-    if (!qdev_device_add(opts)) {
+    dev = qdev_device_add(opts);
+    if (!dev) {
         qemu_opts_del(opts);
         return -1;
     }
+    object_unref(OBJECT(dev));
     return 0;
 }
 

diff --git a/hw/qdev.c b/hw/qdev.c
index 09f5969..8258757 100644
--- a/hw/qdev.c
+++ b/hw/qdev.c

@@ -143,7 +143,7 @@
     }
 
     qdev_set_parent_bus(dev, bus);
-
+    object_unref(OBJECT(dev));
     return dev;
 }
 
@@ -268,7 +268,6 @@
 void qdev_free(DeviceState *dev)
 {
     object_unparent(OBJECT(dev));
-    object_unref(OBJECT(dev));
 }
 
 void qdev_machine_creation_done(void)
@@ -428,6 +427,7 @@
         QLIST_INSERT_HEAD(&bus->parent->child_bus, bus, sibling);
         bus->parent->num_child_bus++;
         object_property_add_child(OBJECT(bus->parent), bus->name, OBJECT(bus), NULL);
+        object_unref(OBJECT(bus));
     } else if (bus != sysbus_get_default()) {
         /* TODO: once all bus devices are qdevified,
            only reset handler for main_system_bus should be registered here. */
@@ -474,7 +474,6 @@
 void qbus_free(BusState *bus)
 {
     object_unparent(OBJECT(bus));
-    object_unref(OBJECT(bus));
 }
 
 static char *bus_get_fw_dev_path(BusState *bus, DeviceState *dev)

diff --git a/vl.c b/vl.c
index f094f04..3155989 100644
--- a/vl.c
+++ b/vl.c

@@ -2236,6 +2236,7 @@
     dev = qdev_device_add(opts);
     if (!dev)
         return -1;
+    object_unref(OBJECT(dev));
     return 0;
 }