From patchwork Thu Jul 4 15:13:25 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 256976 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id E624C2C008F for ; Fri, 5 Jul 2013 02:55:58 +1000 (EST) Received: from localhost ([::1]:49590 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UulSg-000413-3q for incoming@patchwork.ozlabs.org; Thu, 04 Jul 2013 11:28:46 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44874) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UulFl-0001RA-FF for qemu-devel@nongnu.org; Thu, 04 Jul 2013 11:15:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1UulFj-0005Ps-Rj for qemu-devel@nongnu.org; Thu, 04 Jul 2013 11:15:25 -0400 Received: from mail-wi0-x232.google.com ([2a00:1450:400c:c05::232]:38764) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1UulFj-0005Pm-Ko for qemu-devel@nongnu.org; Thu, 04 Jul 2013 11:15:23 -0400 Received: by mail-wi0-f178.google.com with SMTP id k10so1343462wiv.5 for ; Thu, 04 Jul 2013 08:15:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:subject:date:message-id:x-mailer:in-reply-to :references; bh=4NCE2l40q+N2caUtBSutuwJNX6RoRtb/V13X7Fdmrqc=; b=JKhKxdPftHNsrHeWro0x9wVjIAfdzpQuF9nfufwDOQgq3FFiSkyj6zsM+/l+whiirj 8vQ3wfyJYwDYZV+5KVK75eWnfJckUgDu6xrUQCu1THizOzXWye8BPbVXuI+99A+/fQhf TSrsQhAfhlz65zr9hCHHkBtQ3xhwlSdi04VyyIiWJpVKTtZb29k/ZIIuVU4vSIDCSqWp IUM30KX+HH8QbATrkwbVt3HitNwUHgFbJJ9GErfKkduSr+rQJmQCrUEqDAzNsAvMqc6I t7ZSyEs3zCjUEhiUXQOPJE9OKQVyu+xsR1x3kTnfDL+ok5pGXNOSm6g5PSRnZO9torqc amLA== X-Received: by 10.180.73.68 with SMTP id j4mr5162082wiv.10.1372950923043; Thu, 04 Jul 2013 08:15:23 -0700 (PDT) Received: from playground.station (net-37-117-148-210.cust.dsl.vodafone.it. [37.117.148.210]) by mx.google.com with ESMTPSA id d8sm4212546wiz.0.2013.07.04.08.15.20 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Thu, 04 Jul 2013 08:15:22 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Date: Thu, 4 Jul 2013 17:13:25 +0200 Message-Id: <1372950842-32422-30-git-send-email-pbonzini@redhat.com> X-Mailer: git-send-email 1.8.1.4 In-Reply-To: <1372950842-32422-1-git-send-email-pbonzini@redhat.com> References: <1372950842-32422-1-git-send-email-pbonzini@redhat.com> X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2a00:1450:400c:c05::232 Subject: [Qemu-devel] [PATCH 29/66] memory: ref/unref memory across address_space_map/unmap X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org The iothread mutex might be released between map and unmap, so the mapped region might disappear. Reviewed-by: Jan Kiszka Signed-off-by: Paolo Bonzini --- exec.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/exec.c b/exec.c index a994bc8..b339c23 100644 --- a/exec.c +++ b/exec.c @@ -1986,6 +1986,7 @@ void cpu_physical_memory_write_rom(hwaddr addr, } typedef struct { + MemoryRegion *mr; void *buffer; hwaddr addr; hwaddr len; @@ -2083,6 +2084,9 @@ void *address_space_map(AddressSpace *as, bounce.buffer = qemu_memalign(TARGET_PAGE_SIZE, TARGET_PAGE_SIZE); bounce.addr = addr; bounce.len = l; + + memory_region_ref(mr); + bounce.mr = mr; if (!is_write) { address_space_read(as, addr, bounce.buffer, l); } @@ -2109,6 +2113,7 @@ void *address_space_map(AddressSpace *as, } } + memory_region_ref(mr); *plen = done; return qemu_ram_ptr_length(raddr + base, plen); } @@ -2121,10 +2126,12 @@ void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len, int is_write, hwaddr access_len) { if (buffer != bounce.buffer) { + MemoryRegion *mr; + ram_addr_t addr1; + + mr = qemu_ram_addr_from_host(buffer, &addr1); + assert(mr != NULL); if (is_write) { - ram_addr_t addr1; - MemoryRegion *mr = qemu_ram_addr_from_host(buffer, &addr1); - assert(mr != NULL); while (access_len) { unsigned l; l = TARGET_PAGE_SIZE; @@ -2138,6 +2145,7 @@ void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len, if (xen_enabled()) { xen_invalidate_map_cache_entry(buffer); } + memory_region_unref(mr); return; } if (is_write) { @@ -2145,6 +2153,7 @@ void address_space_unmap(AddressSpace *as, void *buffer, hwaddr len, } qemu_vfree(bounce.buffer); bounce.buffer = NULL; + memory_region_unref(bounce.mr); cpu_notify_map_clients(); }