On Fri, Jun 19, 2015 at 12:44:26PM +0200, Paolo Bonzini wrote: > > > On 19/06/2015 12:14, Michael S. Tsirkin wrote: > > On Fri, Jun 19, 2015 at 10:52:47AM +0200, Paolo Bonzini wrote: > >> > >> > >> On 19/06/2015 10:05, Michael S. Tsirkin wrote: > >>>> No, only destruction of the memory region frees it. address_space_map > >>>> takes a reference to the memory region and address_space_unmap releases it. > >>>> > >>>> Paolo > >>> > >>> Confused. So can we call mmap(MAP_NORESERVE) in address_space_unmap > >>> after we detect refcount is 0? > >> > >> No, because in the meanwhile another DIMM could have been hotplugged > >> at the same place where the old one was. This is legal: > >> > >> user guest QEMU > >> ---------------------------------------------------------------------------------------- > >> start I/O > >> '---------------> address_space_map > >> device_del > >> '-------------------> receives SCI > >> executes _EJ0 > >> '---------------> memory_region_del_subregion > >> object_unparent > > > > So guest started DMA into memory, then ejected this memory while DMA > > is in progress? > > Yes. There is nothing that forbids doing that. > > Paolo Can we simply defer the next device_add using a hva until all IO completes? > >> device_add > >> '-----------------------------------------> device_set_realized > >> hotplug_handler_plug > >> pc_machine_device_plug_cb > >> pc_dimm_plug > >> memory_region_add_subregion > >> > >> I/O finishes > >> address_space_unmap > >> > >> Surprise removal similarly could be done in QEMU, but it will hold to > >> some resources for as long as the device backends need them. > >> > >> Paolo -- To unsubscribe from this list: send the line "unsubscribe kvm" in
