From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47501) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YIhEz-0000B7-PB for qemu-devel@nongnu.org; Tue, 03 Feb 2015 12:26:25 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YIhEw-0005CH-Gj for qemu-devel@nongnu.org; Tue, 03 Feb 2015 12:26:21 -0500 Received: from mx1.redhat.com ([209.132.183.28]:40736) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YIhEw-0005C7-7y for qemu-devel@nongnu.org; Tue, 03 Feb 2015 12:26:18 -0500 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id t13HQHcV024965 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for ; Tue, 3 Feb 2015 12:26:17 -0500 Message-ID: <1422984376.22865.456.camel@redhat.com> From: Alex Williamson Date: Tue, 03 Feb 2015 10:26:16 -0700 In-Reply-To: <54D0F675.8070000@redhat.com> References: <1422967705-1374-1-git-send-email-pbonzini@redhat.com> <1422976808.22865.452.camel@redhat.com> <54D0F675.8070000@redhat.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH] vfio: free dynamically-allocated data in instance_finalize List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paolo Bonzini Cc: qemu-devel@nongnu.org On Tue, 2015-02-03 at 17:25 +0100, Paolo Bonzini wrote: > > On 03/02/2015 16:20, Alex Williamson wrote: > > On Tue, 2015-02-03 at 13:48 +0100, Paolo Bonzini wrote: > >> In order to enable out-of-BQL address space lookup, destruction of > >> devices needs to be split in two phases. > >> > >> Unrealize is the first phase; once it complete no new accesses will > >> be started, but there may still be pending memory accesses can still > >> be completed. > >> > >> The second part is freeing the device, which only happens once all memory > >> accesses are complete. At this point the reference count has dropped to > >> zero, an RCU grace period must have completed (because the RCU-protected > >> FlatViews hold a reference to the device via memory_region_ref). This is > >> when instance_finalize is called. > >> > >> Freeing data belongs in an instance_finalize callback, because the > >> dynamically allocated memory can still be used after unrealize by the > >> pending memory accesses. > >> > >> In the case of VFIO, the unrealize callback is too early to munmap the > >> BARs. The munmap must be delayed until memory accesses are complete. > >> To do this, split vfio_unmap_bars in two. The removal step, now called > >> vfio_unregister_bars, remains in vfio_exitfn. The reclamation step > >> is vfio_unmap_bars and is moved to the instance_finalize callback. > >> > >> Similarly, quirk MemoryRegions have to be removed during > >> vfio_unregister_bars, but freeing the data structure must be delayed > >> to vfio_unmap_bars. > >> > >> Cc: Alex Williamson > >> Signed-off-by: Paolo Bonzini > >> --- > >> This patch is part of the third installment 3 of the RCU work. > >> Sending it out separately for Alex to review it. > >> > >> hw/vfio/pci.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------- > >> 1 file changed, 68 insertions(+), 10 deletions(-) > > > > Looks good to me. I don't see any external dependencies, so do you want > > me to pull this in through my branch? Thanks, > > Yes, please. Hmm, except qemu segfaults in whatever sanity test/capabilities probing happens when the VM is first opened. I haven't figured out how to capture that instance in gdb yet.