diff options
author | Paolo Bonzini <pbonzini@redhat.com> | 2015-02-10 10:25:44 -0700 |
---|---|---|
committer | Alex Williamson <alex.williamson@redhat.com> | 2015-02-10 10:25:44 -0700 |
commit | 6e48e8f9e0f5b6b15c41f6f8a68c9bf330147d45 (patch) | |
tree | 581914a4756e758a24b878dcb953d6e758ea19df | |
parent | a2f2d288b5a06e6c680c387c9980d91363f59c61 (diff) | |
download | qemu-6e48e8f9e0f5b6b15c41f6f8a68c9bf330147d45.zip qemu-6e48e8f9e0f5b6b15c41f6f8a68c9bf330147d45.tar.gz qemu-6e48e8f9e0f5b6b15c41f6f8a68c9bf330147d45.tar.bz2 |
memory: unregister AddressSpace MemoryListener within BQL
address_space_destroy_dispatch is called from an RCU callback and hence
outside the iothread mutex (BQL). However, after address_space_destroy
no new accesses can hit the destroyed AddressSpace so it is not necessary
to observe changes to the memory map. Move the memory_listener_unregister
call earlier, to make it thread-safe again.
Reported-by: Alex Williamson <alex.williamson@redhat.com>
Fixes: 374f2981d1f10bc4307f250f24b2a7ddb9b14be0
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
-rw-r--r-- | exec.c | 6 | ||||
-rw-r--r-- | include/exec/memory-internal.h | 1 | ||||
-rw-r--r-- | memory.c | 1 |
3 files changed, 7 insertions, 1 deletions
@@ -2059,11 +2059,15 @@ void address_space_init_dispatch(AddressSpace *as) memory_listener_register(&as->dispatch_listener, as); } +void address_space_unregister(AddressSpace *as) +{ + memory_listener_unregister(&as->dispatch_listener); +} + void address_space_destroy_dispatch(AddressSpace *as) { AddressSpaceDispatch *d = as->dispatch; - memory_listener_unregister(&as->dispatch_listener); g_free(d); as->dispatch = NULL; } diff --git a/include/exec/memory-internal.h b/include/exec/memory-internal.h index 25c43c0..fb467ac 100644 --- a/include/exec/memory-internal.h +++ b/include/exec/memory-internal.h @@ -23,6 +23,7 @@ typedef struct AddressSpaceDispatch AddressSpaceDispatch; void address_space_init_dispatch(AddressSpace *as); +void address_space_unregister(AddressSpace *as); void address_space_destroy_dispatch(AddressSpace *as); extern const MemoryRegionOps unassigned_mem_ops; @@ -1978,6 +1978,7 @@ void address_space_destroy(AddressSpace *as) as->root = NULL; memory_region_transaction_commit(); QTAILQ_REMOVE(&address_spaces, as, address_spaces_link); + address_space_unregister(as); /* At this point, as->dispatch and as->current_map are dummy * entries that the guest should never use. Wait for the old |