From: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
To: Paolo Bonzini <pbonzini@redhat.com>,
qemu-devel <qemu-devel@nongnu.org>,
Markus Armbruster <armbru@redhat.com>,
Eduardo Habkost <ehabkost@redhat.com>
Subject: Re: QOM address space handling
Date: Fri, 18 Dec 2020 07:49:24 +0000 [thread overview]
Message-ID: <e3932dd6-545b-f329-f88f-e8c9694fc35e@ilande.co.uk> (raw)
In-Reply-To: <4d4b1f60-98b6-6a41-42e7-685b2059da4c@redhat.com>
On 10/11/2020 11:40, Paolo Bonzini wrote:
> On 10/11/20 12:14, Mark Cave-Ayland wrote:
>> There are 2 possible solutions here: 1) ensure QOM objects that add address spaces
>> during instance init have a corresponding instance finalize function to remove them
>> or 2) move the creation of address spaces from instance init to realize.
>>
>> Does anyone have any arguments for which solution is preferred?
>
> I slightly prefer (1) because there could be cases where you also create subdevices
> using that address space, and in order to set properties of subdevices before
> realize, you would have to create the subdevices in instance_init as well.
As discussed on IRC, I've been testing this approach but curiously found that if a
device init function contains address_space_init() then the corresponding finalize
function is never called during device-introspect-test.
Following on from Markus' comment about there being a refcounting issue, I spent a
few hours yesterday poking this and indeed that seems to be the problem here: the
generation of the flatview leaks references to the address space MemoryRegion.
Adding a bit of debugging to object.c's init and finalize paths in this particular
case shows that the call to address_space_init() in sun4u_iommu.c's iommu_init()
generates 3 references between the IOMMUMemoryRegion (iommu-sun4u) and its device
owner (sun4u-iommu) during flatview construction:
#0 memory_region_ref (mr=0x5555565f43b0) at ../softmmu/memory.c:1792
#1 0x0000555555a7050d in flatview_new (mr_root=0x5555565f43b0) at
../softmmu/memory.c:264
#2 0x0000555555a71d7d in generate_memory_topology (mr=0x5555565f43b0) at
../softmmu/memory.c:729
#3 0x0000555555a73290 in address_space_update_topology (as=0x5555565f4358) at
../softmmu/memory.c:1078
#4 0x0000555555a77f01 in address_space_init (as=0x5555565f4358, root=0x5555565f43b0,
name=0x555555e05eb1 "iommu-as") at ../softmmu/memory.c:2848
#0 memory_region_ref (mr=0x55555664ffb0) at ../softmmu/memory.c:1792
#1 0x0000555555a7063d in flatview_insert (view=0x555556609350, pos=0,
range=0x7fffffffe0d0) at ../softmmu/memory.c:283
#2 0x0000555555a71aad in render_memory_region (view=0x555556609350,
mr=0x55555664ffb0, base=0, clip=..., readonly=false, nonvolatile=false) at
../softmmu/memory.c:662
#3 0x0000555555a71e02 in generate_memory_topology (mr=0x55555664ffb0) at
../softmmu/memory.c:732
#4 0x0000555555a73284 in address_space_update_topology (as=0x55555664ff58) at
../softmmu/memory.c:1078
#5 0x0000555555a77ef5 in address_space_init (as=0x55555664ff58, root=0x55555664ffb0,
name=0x555555e05eb1 "iommu-as") at ../softmmu/memory.c:284
#0 memory_region_ref (mr=0x55555664ffb0) at ../softmmu/memory.c:1792
#1 0x0000555555b2479b in phys_section_add (map=0x5555565f6bd0,
section=0x7fffffffe100) at ../softmmu/physmem.c:1095
#2 0x0000555555b24b21 in register_multipage (fv=0x555556609350,
section=0x7fffffffe100) at ../softmmu/physmem.c:1158
#3 0x0000555555b24eea in flatview_add_to_dispatch (fv=0x555556609350,
section=0x7fffffffe1c0) at ../softmmu/physmem.c:1198
#4 0x0000555555a71e86 in generate_memory_topology (mr=0x55555664ffb0) at
../softmmu/memory.c:742
#5 0x0000555555a73284 in address_space_update_topology (as=0x55555664ff58) at
../softmmu/memory.c:1078
#6 0x0000555555a77ef5 in address_space_init (as=0x55555664ff58, root=0x55555664ffb0,
name=0x555555e05eb1 "iommu-as") at ../softmmu/memory.c:2848
Seemingly it is these references that prevent sun4u-iommu's finalize function from
being called by the final object_unref() once device-introspect-test for the
sun4u-iommu device is finished.
Any thoughts as to the best way to resolve this? Certainly one solution is to simply
move address_space_init()/address_space_destroy() from init/finalize to
realize/unrealize if Paolo's comment about needing to set up address spaces is no
longer valid, but then in this case is it possible to add an assert() to prevent
developers calling address_space_init() from an init function accidentally?
ATB,
Mark.
next prev parent reply other threads:[~2020-12-18 7:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-10 11:14 QOM address space handling Mark Cave-Ayland
2020-11-10 11:40 ` Paolo Bonzini
2020-12-18 7:49 ` Mark Cave-Ayland [this message]
2020-12-18 22:32 ` Eduardo Habkost
2020-12-20 9:25 ` Paolo Bonzini
2020-12-21 18:54 ` Eduardo Habkost
2020-12-21 19:16 ` Paolo Bonzini
2020-12-21 19:28 ` Eduardo Habkost
2020-11-10 15:03 ` Eduardo Habkost
2020-11-10 15:08 ` Paolo Bonzini
2020-11-10 17:46 ` Eduardo Habkost
2020-11-10 18:36 ` Eduardo Habkost
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e3932dd6-545b-f329-f88f-e8c9694fc35e@ilande.co.uk \
--to=mark.cave-ayland@ilande.co.uk \
--cc=armbru@redhat.com \
--cc=ehabkost@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.