From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:33340) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1StsJu-0008Dt-J6 for qemu-devel@nongnu.org; Tue, 24 Jul 2012 23:31:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1StsJt-0004HM-GI for qemu-devel@nongnu.org; Tue, 24 Jul 2012 23:31:30 -0400 Received: from mail-pb0-f45.google.com ([209.85.160.45]:37536) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1StsJt-0004GK-9q for qemu-devel@nongnu.org; Tue, 24 Jul 2012 23:31:29 -0400 Received: by mail-pb0-f45.google.com with SMTP id ro12so656664pbb.4 for ; Tue, 24 Jul 2012 20:31:28 -0700 (PDT) From: Liu Ping Fan Date: Wed, 25 Jul 2012 11:31:07 +0800 Message-Id: <1343187070-27371-3-git-send-email-qemulist@gmail.com> In-Reply-To: <1343187070-27371-1-git-send-email-qemulist@gmail.com> References: <1343187070-27371-1-git-send-email-qemulist@gmail.com> Subject: [Qemu-devel] [PATCH 2/5] exec.c: use refcnt to protect device during dispatching List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, Stefan Hajnoczi , Marcelo Tosatti , Avi Kivity , Anthony Liguori , Jan Kiszka From: Liu Ping Fan acquire device's refcnt with qemu_device_tree_mutex rwlock, so we can safely handle it when mmio dispatch. If in radix-tree, leaf is subpage, then move further step to acquire opaque which is the type --DeiveState. Signed-off-by: Liu Ping Fan --- exec.c | 38 ++++++++++++++++++++++++++++++++++++++ memory.h | 2 ++ 2 files changed, 40 insertions(+), 0 deletions(-) diff --git a/exec.c b/exec.c index 8244d54..d2a6d08 100644 --- a/exec.c +++ b/exec.c @@ -3032,6 +3032,30 @@ static void subpage_write(void *opaque, target_phys_addr_t addr, io_mem_write(section->mr, addr, value, len); } +static MemoryRegionSection *subpage_get_backend(subpage_t *mmio, + target_phys_addr_t addr) +{ + MemoryRegionSection *section; + unsigned int idx = SUBPAGE_IDX(addr); + + section = &phys_sections[mmio->sub_section[idx]]; + return section; +} + +void *get_backend(MemoryRegion* mr, target_phys_addr_t addr) +{ + MemoryRegionSection *p; + Object *ret; + + if (mr->subpage) { + p = subpage_get_backend(mr->opaque, addr); + ret = OBJECT(p->mr->opaque); + } else { + ret = OBJECT(mr->opaque); + } + return ret; +} + static const MemoryRegionOps subpage_ops = { .read = subpage_read, .write = subpage_write, @@ -3396,13 +3420,25 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, uint32_t val; target_phys_addr_t page; MemoryRegionSection *section; + Object *bk; while (len > 0) { page = addr & TARGET_PAGE_MASK; l = (page + TARGET_PAGE_SIZE) - addr; if (l > len) l = len; + + qemu_rwlock_rdlock_devtree(); section = phys_page_find(page >> TARGET_PAGE_BITS); + if (!(memory_region_is_ram(section->mr) || + memory_region_is_romd(section->mr)) && !is_write) { + bk = get_backend(section->mr, addr); + object_ref(bk); + } else if (!memory_region_is_ram(section->mr) && is_write) { + bk = get_backend(section->mr, addr); + object_ref(bk); + } + qemu_rwlock_unlock_devtree(); if (is_write) { if (!memory_region_is_ram(section->mr)) { @@ -3426,6 +3462,7 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, io_mem_write(section->mr, addr1, val, 1); l = 1; } + object_unref(bk); } else if (!section->readonly) { ram_addr_t addr1; addr1 = memory_region_get_ram_addr(section->mr) @@ -3464,6 +3501,7 @@ void cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf, stb_p(buf, val); l = 1; } + object_unref(bk); } else { /* RAM case */ ptr = qemu_get_ram_ptr(section->mr->ram_addr diff --git a/memory.h b/memory.h index 740c48e..e5a86dc 100644 --- a/memory.h +++ b/memory.h @@ -748,6 +748,8 @@ void memory_global_dirty_log_stop(void); void mtree_info(fprintf_function mon_printf, void *f); +void *get_backend(MemoryRegion* mr, target_phys_addr_t addr); + #endif #endif -- 1.7.4.4