1. 04 Jul, 2013 7 commits
    • Paolo Bonzini's avatar
      exec: move qemu_ram_addr_from_host_nofail to cputlb.c · 7443b437
      Paolo Bonzini authored
      After the next patch it would not be used elsewhere anyway.  Also,
      the _nofail and the standard versions of this function return different
      things, which is confusing.  Removing the function from the public headers
      limits the confusion.
      Reviewed-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    • Paolo Bonzini's avatar
      exec: check MRU in qemu_ram_addr_from_host · 23887b79
      Paolo Bonzini authored
      This function is not used outside the iothread mutex, so it
      can use ram_list.mru_block.
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    • Paolo Bonzini's avatar
      memory: add ref/unref calls · dfde4e6e
      Paolo Bonzini authored
      Add ref/unref calls at the following places:
      - places where memory regions are stashed by a listener and
        used outside the BQL (including in Xen or KVM).
      - memory_region_find callsites
      - creation of aliases and containers (only the aliased/contained
        region gets a reference to avoid loops)
      - around calls to del_subregion/add_subregion, where the region
        could disappear after the first call
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    • Paolo Bonzini's avatar
      exec: simplify destruction of the phys map · b7e95164
      Paolo Bonzini authored
      Do not bother visiting the radix tree when an address space is destroyed.
      After the previous patch, this has become a pointless exercise.  When
      called from address_space_destroy_dispatch, all you're doing is zeroing
      out a structure that will be freed as soon as you come back.  When called
      from mem_begin, when phys_page_set_level will call phys_map_node_alloc the
      radix tree's array will be zeroed too.
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    • Paolo Bonzini's avatar
      memory: destroy phys_sections one by one · 058bc4b5
      Paolo Bonzini authored
      phys_sections_clear is invoked after the dispatch tree has been
      destroyed.  This leaves a window where phys_sections_nb > 0 but the
      subpages are not valid anymore, which is a recipe for use-after-free
      Move the destruction of subpages in phys_sections_clear.  We will
      still destroy the subpages when an address space is cleaned up,
      because address_space_destroy will clear as->root and commit the
      change before it calls address_space_destroy_dispatch.
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    • Paolo Bonzini's avatar
    • Jan Kiszka's avatar
      ioport: Switch dispatching to memory core layer · b40acf99
      Jan Kiszka authored
      The current ioport dispatcher is a complex beast, mostly due to the
      need to deal with old portio interface users. But we can overcome it
      without converting all portio users by embedding the required base
      address of a MemoryRegionPortio access into that data structure. That
      removes the need to have the additional MemoryRegionIORange structure
      in the loop on every access.
      To handle old portio memory ops, we simply install dispatching handlers
      for portio memory regions when registering them with the memory core.
      This removes the need for the old_portio field.
      We can drop the additional aliasing of ioport regions and also the
      special address space listener. cpu_in and cpu_out now simply call
      address_space_read/write. And we can concentrate portio handling in a
      single source file.
      Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
  2. 28 Jun, 2013 3 commits
  3. 27 Jun, 2013 1 commit
  4. 26 Jun, 2013 1 commit
  5. 20 Jun, 2013 14 commits
  6. 29 May, 2013 14 commits