From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:55437)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1Utj1K-0006Dk-C6
	for qemu-devel@nongnu.org; Mon, 01 Jul 2013 14:40:16 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1Utj1I-0000qK-SX
	for qemu-devel@nongnu.org; Mon, 01 Jul 2013 14:40:14 -0400
Received: from goliath.siemens.de ([192.35.17.28]:30632)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1Utiz4-0007pv-12
	for qemu-devel@nongnu.org; Mon, 01 Jul 2013 14:37:54 -0400
Message-ID: <51D1CC7F.5030306@siemens.com>
Date: Mon, 01 Jul 2013 20:37:51 +0200
From: Jan Kiszka <jan.kiszka@siemens.com>
MIME-Version: 1.0
References: <1372438702-20491-1-git-send-email-pbonzini@redhat.com>
	<1372438702-20491-12-git-send-email-pbonzini@redhat.com>
In-Reply-To: <1372438702-20491-12-git-send-email-pbonzini@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH v2 11/11] memory: ref/unref memory across
	address_space_map/unmap
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: "peter.maydell@linaro.org" <peter.maydell@linaro.org>, "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>

On 2013-06-28 18:58, Paolo Bonzini wrote:
> The iothread mutex might be released between map and unmap, so the
> mapped region might disappear.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>  exec.c | 14 ++++++++++++--
>  1 file changed, 12 insertions(+), 2 deletions(-)
> 
> diff --git a/exec.c b/exec.c
> index ea79aea..d28403b 100644
> --- a/exec.c
> +++ b/exec.c
> @@ -1994,6 +1994,7 @@ void cpu_physical_memory_write_rom(hwaddr addr,
>  }
>  
>  typedef struct {
> +    MemoryRegion *mr;
>      void *buffer;
>      hwaddr addr;
>      hwaddr len;
> @@ -2091,6 +2092,9 @@ void *address_space_map(AddressSpace *as,
>          bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, TARGET_PAGE_SIZE);
>          bounce.addr = addr;
>          bounce.len = l;
> +
> +        memory_region_ref(mr);
> +        bounce.mr = mr;
>          if (!is_write) {
>              address_space_read(as, addr, bounce.buffer, l);
>          }
> @@ -2117,6 +2121,7 @@ void *address_space_map(AddressSpace *as,
>          }
>      }
>  
> +    memory_region_ref(mr);
>      *plen = done;
>      return qemu_ram_ptr_length(raddr + base, plen);
>  }
> @@ -2129,9 +2134,12 @@ void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
>                           int is_write, hwaddr access_len)
>  {
>      if (buffer != bounce.buffer) {
> +        MemoryRegion *mr;
> +        ram_addr_t addr1;
> +
> +        mr = qemu_ram_addr_from_host(buffer, &addr1);
> +        assert(mr);
>          if (is_write) {
> -            ram_addr_t addr1;
> -            qemu_ram_addr_from_host(buffer, &addr1);
>              while (access_len) {
>                  unsigned l;
>                  l = TARGET_PAGE_SIZE;
> @@ -2145,6 +2153,7 @@ void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
>          if (xen_enabled()) {
>              xen_invalidate_map_cache_entry(buffer);
>          }
> +        memory_region_unref(mr);
>          return;
>      }
>      if (is_write) {
> @@ -2152,6 +2161,7 @@ void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len,
>      }
>      qemu_vfree(bounce.buffer);
>      bounce.buffer = NULL;
> +    memory_region_unref(bounce.mr);
>      cpu_notify_map_clients();
>  }
>  
> 

Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com>

Jan

-- 
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux