On 11/07/2018 21:59, Eduardo Habkost wrote: > > What exactly guarantees there will be no other references to > (e.g.) `&s->control` when `s` is freed? > > We know the references added by object_initialize(), > object_property_add_child() and qdev_set_parent_bus() will be > dropped, but what about other code calling object_ref()?
That would be a bug. This is in fact the reason why memory_region_ref/unref exists---to take the reference on the "outer" device object rather than the contained memory region object. It's not pretty though. I've thought of generalizing the pattern to Object (object_ref adds a reference to the container rather than the contained object, and finalize takes care of finalizing the contained object too), but I'm a bit wary of doing it since it would complicate things further and (except for MemoryRegions) it hasn't been a problem in practice. Paolo
