From: Avi Kivity <avi@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, "Jan Kiszka" <jan.kiszka@siemens.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Liu Ping Fan" <qemulist@gmail.com>,
qemu-devel@nongnu.org, "Blue Swirl" <blauwirbel@gmail.com>,
"Anthony Liguori" <anthony@codemonkey.ws>,
"Stefan Hajnoczi" <stefanha@gmail.com>,
"Andreas Färber" <afaerber@suse.de>
Subject: Re: [PATCH 13/15] hotplug: introduce qdev_unplug_complete() to remove device from views
Date: Wed, 08 Aug 2012 13:07:27 +0300 [thread overview]
Message-ID: <50223A5F.5060206@redhat.com> (raw)
In-Reply-To: <502236D8.3040902@redhat.com>
On 08/08/2012 12:52 PM, Paolo Bonzini wrote:
> Il 08/08/2012 08:25, Liu Ping Fan ha scritto:
>> +void qdev_unplug_complete(DeviceState *dev, Error **errp)
>> +{
>> + /* isolate from mem view */
>> + qdev_unmap(dev);
>> + qemu_lock_devtree();
>> + /* isolate from device tree */
>> + qdev_unset_parent(dev);
>> + qemu_unlock_devtree();
>> + object_unref(OBJECT(dev));
>
> Rather than deferring the free, you should defer the unref. Otherwise
> the following can happen when you have "real" RCU access to the memory
> map on the read-side:
>
> VCPU thread I/O thread
> =====================================================================
> get MMIO request
> rcu_read_lock()
> walk memory map
> qdev_unmap()
> lock_devtree()
> ...
> unlock_devtree
> unref dev -> refcnt=0, free enqueued
> ref()
> rcu_read_unlock()
> free()
> <dangling pointer!>
unref should follow either synchronize_rcu(), or be in a call_rcu()
callback (deferring the unref). IMO synchronize_rcu() is sufficient
here, unplug is a truly slow path, esp. on real hardware.
--
error compiling committee.c: too many arguments to function
WARNING: multiple messages have this Message-ID (diff)
From: Avi Kivity <avi@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, "Jan Kiszka" <jan.kiszka@siemens.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Liu Ping Fan" <qemulist@gmail.com>,
qemu-devel@nongnu.org, "Blue Swirl" <blauwirbel@gmail.com>,
"Anthony Liguori" <anthony@codemonkey.ws>,
"Stefan Hajnoczi" <stefanha@gmail.com>,
"Andreas Färber" <afaerber@suse.de>
Subject: Re: [Qemu-devel] [PATCH 13/15] hotplug: introduce qdev_unplug_complete() to remove device from views
Date: Wed, 08 Aug 2012 13:07:27 +0300 [thread overview]
Message-ID: <50223A5F.5060206@redhat.com> (raw)
In-Reply-To: <502236D8.3040902@redhat.com>
On 08/08/2012 12:52 PM, Paolo Bonzini wrote:
> Il 08/08/2012 08:25, Liu Ping Fan ha scritto:
>> +void qdev_unplug_complete(DeviceState *dev, Error **errp)
>> +{
>> + /* isolate from mem view */
>> + qdev_unmap(dev);
>> + qemu_lock_devtree();
>> + /* isolate from device tree */
>> + qdev_unset_parent(dev);
>> + qemu_unlock_devtree();
>> + object_unref(OBJECT(dev));
>
> Rather than deferring the free, you should defer the unref. Otherwise
> the following can happen when you have "real" RCU access to the memory
> map on the read-side:
>
> VCPU thread I/O thread
> =====================================================================
> get MMIO request
> rcu_read_lock()
> walk memory map
> qdev_unmap()
> lock_devtree()
> ...
> unlock_devtree
> unref dev -> refcnt=0, free enqueued
> ref()
> rcu_read_unlock()
> free()
> <dangling pointer!>
unref should follow either synchronize_rcu(), or be in a call_rcu()
callback (deferring the unref). IMO synchronize_rcu() is sufficient
here, unplug is a truly slow path, esp. on real hardware.
--
error compiling committee.c: too many arguments to function
next prev parent reply other threads:[~2012-08-08 10:07 UTC|newest]
Thread overview: 154+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-08 6:25 [PATCH 0/15 v2] prepare unplug out of protection of global lock Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 6:25 ` [PATCH 01/15] atomic: introduce atomic operations Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 8:55 ` Paolo Bonzini
2012-08-08 8:55 ` [Qemu-devel] " Paolo Bonzini
2012-08-08 9:02 ` Avi Kivity
2012-08-08 9:02 ` [Qemu-devel] " Avi Kivity
2012-08-08 9:05 ` 陳韋任 (Wei-Ren Chen)
2012-08-08 9:05 ` 陳韋任 (Wei-Ren Chen)
2012-08-08 9:15 ` Avi Kivity
2012-08-08 9:15 ` [Qemu-devel] " Avi Kivity
2012-08-08 9:21 ` Peter Maydell
2012-08-08 9:21 ` Peter Maydell
2012-08-08 13:09 ` Stefan Hajnoczi
2012-08-08 13:09 ` Stefan Hajnoczi
2012-08-08 13:18 ` Paolo Bonzini
2012-08-08 13:18 ` Paolo Bonzini
2012-08-08 13:32 ` Peter Maydell
2012-08-08 13:32 ` [Qemu-devel] " Peter Maydell
2012-08-08 13:49 ` Paolo Bonzini
2012-08-08 13:49 ` [Qemu-devel] " Paolo Bonzini
2012-08-08 14:00 ` Avi Kivity
2012-08-08 14:00 ` [Qemu-devel] " Avi Kivity
2012-08-08 6:25 ` [PATCH 02/15] qom: using atomic ops to re-implement object_ref Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 6:25 ` [PATCH 03/15] qom: introduce reclaimer to release obj Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:05 ` Avi Kivity
2012-08-08 9:05 ` [Qemu-devel] " Avi Kivity
2012-08-08 9:07 ` Paolo Bonzini
2012-08-08 9:07 ` [Qemu-devel] " Paolo Bonzini
2012-08-08 9:15 ` Avi Kivity
2012-08-08 9:15 ` [Qemu-devel] " Avi Kivity
2012-08-09 7:33 ` liu ping fan
2012-08-09 7:33 ` [Qemu-devel] " liu ping fan
2012-08-09 7:49 ` Paolo Bonzini
2012-08-09 7:49 ` [Qemu-devel] " Paolo Bonzini
2012-08-09 8:18 ` Avi Kivity
2012-08-09 8:18 ` [Qemu-devel] " Avi Kivity
2012-08-10 6:43 ` liu ping fan
2012-08-10 6:43 ` [Qemu-devel] " liu ping fan
2012-08-08 9:35 ` Paolo Bonzini
2012-08-08 9:35 ` [Qemu-devel] " Paolo Bonzini
2012-08-09 7:38 ` liu ping fan
2012-08-09 7:38 ` [Qemu-devel] " liu ping fan
2012-08-08 6:25 ` [PATCH 04/15] memory: MemoryRegion topology must be stable when updating Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:13 ` Avi Kivity
2012-08-08 9:13 ` [Qemu-devel] " Avi Kivity
2012-08-09 7:28 ` liu ping fan
2012-08-09 7:28 ` [Qemu-devel] " liu ping fan
2012-08-09 8:24 ` Avi Kivity
2012-08-09 8:24 ` [Qemu-devel] " Avi Kivity
2012-08-10 6:44 ` liu ping fan
2012-08-10 6:44 ` [Qemu-devel] " liu ping fan
2012-08-13 18:28 ` Marcelo Tosatti
2012-08-13 18:28 ` [Qemu-devel] " Marcelo Tosatti
2012-08-08 19:17 ` Blue Swirl
2012-08-08 19:17 ` [Qemu-devel] " Blue Swirl
2012-08-09 7:28 ` liu ping fan
2012-08-09 7:28 ` [Qemu-devel] " liu ping fan
2012-08-09 17:09 ` Blue Swirl
2012-08-09 17:09 ` [Qemu-devel] " Blue Swirl
2012-08-08 6:25 ` [PATCH 05/15] memory: introduce life_ops to MemoryRegion Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:18 ` Avi Kivity
2012-08-08 9:18 ` [Qemu-devel] " Avi Kivity
2012-08-08 6:25 ` [PATCH 06/15] memory: use refcnt to manage MemoryRegion Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:20 ` Avi Kivity
2012-08-08 9:20 ` [Qemu-devel] " Avi Kivity
2012-08-09 7:27 ` liu ping fan
2012-08-09 7:27 ` [Qemu-devel] " liu ping fan
2012-08-09 8:38 ` Avi Kivity
2012-08-09 8:38 ` [Qemu-devel] " Avi Kivity
2012-08-10 6:44 ` liu ping fan
2012-08-10 6:44 ` [Qemu-devel] " liu ping fan
2012-08-12 8:43 ` Avi Kivity
2012-08-12 8:43 ` [Qemu-devel] " Avi Kivity
2012-08-08 6:25 ` [PATCH 07/15] memory: inc/dec mr's ref when adding/removing from mem view Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 6:25 ` [PATCH 08/15] memory: introduce PhysMap to present snapshot of toploygy Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:27 ` Avi Kivity
2012-08-08 9:27 ` [Qemu-devel] " Avi Kivity
2012-08-08 19:18 ` Blue Swirl
2012-08-08 19:18 ` [Qemu-devel] " Blue Swirl
2012-08-09 7:29 ` liu ping fan
2012-08-09 7:29 ` [Qemu-devel] " liu ping fan
2012-08-08 6:25 ` [PATCH 09/15] memory: prepare flatview and radix-tree for rcu style access Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:41 ` Avi Kivity
2012-08-08 9:41 ` [Qemu-devel] " Avi Kivity
2012-08-11 1:58 ` liu ping fan
2012-08-11 1:58 ` [Qemu-devel] " liu ping fan
2012-08-11 10:06 ` liu ping fan
2012-08-11 10:06 ` [Qemu-devel] " liu ping fan
2012-08-08 19:23 ` Blue Swirl
2012-08-08 19:23 ` [Qemu-devel] " Blue Swirl
2012-08-09 7:29 ` liu ping fan
2012-08-09 7:29 ` [Qemu-devel] " liu ping fan
2012-08-08 6:25 ` [PATCH 10/15] memory: change tcg related code to using PhysMap Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 6:25 ` [PATCH 11/15] lock: introduce global lock for device tree Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:41 ` Paolo Bonzini
2012-08-08 9:41 ` [Qemu-devel] " Paolo Bonzini
2012-08-09 7:28 ` liu ping fan
2012-08-09 7:28 ` [Qemu-devel] " liu ping fan
2012-08-09 7:41 ` Paolo Bonzini
2012-08-09 7:41 ` [Qemu-devel] " Paolo Bonzini
2012-08-08 9:42 ` Avi Kivity
2012-08-08 9:42 ` [Qemu-devel] " Avi Kivity
2012-08-09 7:27 ` liu ping fan
2012-08-09 7:27 ` [Qemu-devel] " liu ping fan
2012-08-09 8:31 ` Avi Kivity
2012-08-09 8:31 ` [Qemu-devel] " Avi Kivity
2012-08-08 6:25 ` [PATCH 12/15] qdev: using devtree lock to protect device's accessing Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:33 ` Peter Maydell
2012-08-08 9:33 ` [Qemu-devel] " Peter Maydell
2012-08-08 6:25 ` [PATCH 13/15] hotplug: introduce qdev_unplug_complete() to remove device from views Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:52 ` Paolo Bonzini
2012-08-08 9:52 ` [Qemu-devel] " Paolo Bonzini
2012-08-08 10:07 ` Avi Kivity [this message]
2012-08-08 10:07 ` Avi Kivity
2012-08-09 7:28 ` liu ping fan
2012-08-09 7:28 ` [Qemu-devel] " liu ping fan
2012-08-09 8:00 ` Paolo Bonzini
2012-08-09 8:00 ` [Qemu-devel] " Paolo Bonzini
2012-08-10 6:42 ` liu ping fan
2012-08-10 6:42 ` [Qemu-devel] " liu ping fan
2012-08-13 18:53 ` Marcelo Tosatti
2012-08-13 18:53 ` [Qemu-devel] " Marcelo Tosatti
2012-08-13 18:51 ` Marcelo Tosatti
2012-08-13 18:51 ` [Qemu-devel] " Marcelo Tosatti
2012-08-08 6:25 ` [PATCH 14/15] qom: object_unref call reclaimer Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:40 ` Paolo Bonzini
2012-08-08 9:40 ` [Qemu-devel] " Paolo Bonzini
2012-08-13 18:56 ` Marcelo Tosatti
2012-08-13 18:56 ` [Qemu-devel] " Marcelo Tosatti
2012-08-08 6:25 ` [PATCH 15/15] e1000: using new interface--unmap to unplug Liu Ping Fan
2012-08-08 6:25 ` [Qemu-devel] " Liu Ping Fan
2012-08-08 9:56 ` Paolo Bonzini
2012-08-08 9:56 ` [Qemu-devel] " Paolo Bonzini
2012-08-09 7:28 ` liu ping fan
2012-08-09 7:28 ` [Qemu-devel] " liu ping fan
2012-08-09 7:40 ` Paolo Bonzini
2012-08-09 7:40 ` [Qemu-devel] " Paolo Bonzini
2012-08-10 6:43 ` liu ping fan
2012-08-10 6:43 ` [Qemu-devel] " liu ping fan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50223A5F.5060206@redhat.com \
--to=avi@redhat.com \
--cc=afaerber@suse.de \
--cc=anthony@codemonkey.ws \
--cc=blauwirbel@gmail.com \
--cc=jan.kiszka@siemens.com \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemulist@gmail.com \
--cc=stefanha@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.