[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] hw/arm/bcm283x: Fix crash with device_add bcm28

From: Paolo Bonzini
Subject: Re: [Qemu-devel] [PATCH] hw/arm/bcm283x: Fix crash with device_add bcm2837 on unsupported machines
Date: Wed, 11 Jul 2018 19:20:42 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0

On 09/07/2018 23:03, Thomas Huth wrote:
> The problem is that qdev_set_parent_bus() from instance_init adds a link
> to the child devices which is not valid anymore after the device init
> failed. Thus the qdev_set_parent_bus() must rather be done in the realize
> function instead.

The theoretical behavior should be:

- realize fails

- object_unparent is called on the device that failed to realize (see
qdev_device_add).  object_unparent calls device_unparent

- after device_unparent finishes, the last reference to the device has
been dropped and the device is freed

- object finalization releases all properties

- this includes child properties, so for each child device
object_unparent is called

- again device_unparent is called (for the child) and this removes the
child from the bus.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]