From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:46433) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UZmLd-0000MI-2K for qemu-devel@nongnu.org; Tue, 07 May 2013 14:10:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UZmLb-0000zq-RJ for qemu-devel@nongnu.org; Tue, 07 May 2013 14:10:45 -0400 Received: from thoth.sbs.de ([192.35.17.2]:34334) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UZmLb-0000zV-H4 for qemu-devel@nongnu.org; Tue, 07 May 2013 14:10:43 -0400 Message-ID: <51894399.5060103@siemens.com> Date: Tue, 07 May 2013 20:10:33 +0200 From: Jan Kiszka MIME-Version: 1.0 References: <1367936238-12196-1-git-send-email-pbonzini@redhat.com> <1367936238-12196-41-git-send-email-pbonzini@redhat.com> <5189415B.5070108@siemens.com> In-Reply-To: <5189415B.5070108@siemens.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 40/40] memory: add reference counting to FlatView List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paolo Bonzini Cc: "aik@ozlabs.ru" , "david@gibson.dropbear.id.au" , "qemu-devel@nongnu.org" , "stefanha@redhat.com" , "qemulist@gmail.com" On 2013-05-07 20:00, Jan Kiszka wrote: > On 2013-05-07 16:17, Paolo Bonzini wrote: >> With this change, a FlatView can be used even after a concurrent >> update has replaced it. Because we do not have RCU, we use a >> mutex to protect the small critical sections that read/write the >> as->current_map pointer. Accesses to the FlatView can be done >> outside the mutex. >> >> If a MemoryRegion will be used after the FlatView is unref-ed (or after >> a MemoryListener callback is returned), a reference has to be added to >> that MemoryRegion. For example, memory_region_find adds a reference to >> the MemoryRegion that it returns. > > For my understanding: Every lookup, e.g. triggered by address_space_rw, > will briefly reference the FlatView of that address space and drop that > reference again after referencing the target memory region. > > Provided that is true: If we run that lookup on an address space that > happens to be modified in parallel, the lookup may actually cause the > final deref and, thus, release of the FlatView - even if the target > memory region was totally unrelated to the ongoing change. That could > make a hot-path pay the price of an action a slow path caused. Not > really a beautiful concept. Even if the FlatView finalization is a > simple free() (that is the minimum), we would pull the memory allocator > into code paths that might try hard to keep a safe distance for the sake > of predictability. A mitigation could be to off-load the finalization to a bottom-half e.g., ie. let the main iothread do the dirty work. Similar to the RCU handler off-loading of the kernel. There is just a theoretical risk that we pile up finalization requests and run out of memory. But all that is pretty complicated and not really elegant. Better avoid the ref/unref over hot-paths for objects of such broad scope like the FlatView. Jan -- Siemens AG, Corporate Technology, CT RTC ITP SDP-DE Corporate Competence Center Embedded Linux