From nobody Tue Apr 30 04:21:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1511169718340640.0364138736227; Mon, 20 Nov 2017 01:21:58 -0800 (PST) Received: from localhost ([::1]:56225 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eGiH2-0007TW-HU for importer@patchew.org; Mon, 20 Nov 2017 04:21:52 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59313) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eGiFO-0006Ah-Bt for qemu-devel@nongnu.org; Mon, 20 Nov 2017 04:20:16 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eGiFI-0005D5-E5 for qemu-devel@nongnu.org; Mon, 20 Nov 2017 04:20:10 -0500 Received: from 8.mo5.mail-out.ovh.net ([178.32.116.78]:42589) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eGiFI-0005CS-4x for qemu-devel@nongnu.org; Mon, 20 Nov 2017 04:20:04 -0500 Received: from player786.ha.ovh.net (b7.ovh.net [213.186.33.57]) by mo5.mail-out.ovh.net (Postfix) with ESMTP id A651214F623 for ; Mon, 20 Nov 2017 10:20:01 +0100 (CET) Received: from bahia.lan (gar31-1-82-66-74-139.fbx.proxad.net [82.66.74.139]) (Authenticated sender: groug@kaod.org) by player786.ha.ovh.net (Postfix) with ESMTPA id E57C9800A5; Mon, 20 Nov 2017 10:19:54 +0100 (CET) From: Greg Kurz To: qemu-devel@nongnu.org Date: Mon, 20 Nov 2017 10:19:54 +0100 Message-ID: <151116959472.32765.11476730637006052305.stgit@bahia.lan> User-Agent: StGit/0.17.1-46-g6855-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 11403114260610455918 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedttddrkeefgddtudcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 178.32.116.78 Subject: [Qemu-devel] [PATCH for-2.12 REPOST] spapr_cpu_core: instantiate CPUs separately X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Igor Mammedov , qemu-ppc@nongnu.org, David Gibson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 The current code assumes that only the CPU core object holds a reference on each individual CPU object, and happily frees their allocated memory when the core is unrealized. This is dangerous as some other code can legitimely keep a pointer to a CPU if it calls object_ref(), but it would end up with a dangling pointer. Let's allocate all CPUs with object_new() and let QOM frees them when their reference count reaches zero. This greatly simplify the code as we don't have to fiddle with the instance size anymore. Signed-off-by: Greg Kurz Acked-by: Igor Mammedov --- hw/ppc/spapr.c | 11 +++-------- hw/ppc/spapr_cpu_core.c | 19 +++++++------------ include/hw/ppc/spapr_cpu_core.h | 2 +- 3 files changed, 11 insertions(+), 21 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 174e7ff0678d..fc92b9d914a5 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -3173,12 +3173,10 @@ void spapr_core_release(DeviceState *dev) =20 if (smc->pre_2_10_has_unused_icps) { sPAPRCPUCore *sc =3D SPAPR_CPU_CORE(OBJECT(dev)); - sPAPRCPUCoreClass *scc =3D SPAPR_CPU_CORE_GET_CLASS(OBJECT(cc)); - size_t size =3D object_type_get_instance_size(scc->cpu_type); int i; =20 for (i =3D 0; i < cc->nr_threads; i++) { - CPUState *cs =3D CPU(sc->threads + i * size); + CPUState *cs =3D CPU(sc->threads[i]); =20 pre_2_10_vmstate_register_dummy_icp(cs->cpu_index); } @@ -3224,7 +3222,7 @@ static void spapr_core_plug(HotplugHandler *hotplug_d= ev, DeviceState *dev, sPAPRMachineClass *smc =3D SPAPR_MACHINE_CLASS(mc); sPAPRCPUCore *core =3D SPAPR_CPU_CORE(OBJECT(dev)); CPUCore *cc =3D CPU_CORE(dev); - CPUState *cs =3D CPU(core->threads); + CPUState *cs =3D CPU(core->threads[0]); sPAPRDRConnector *drc; Error *local_err =3D NULL; int smt =3D kvmppc_smt_threads(); @@ -3269,15 +3267,12 @@ static void spapr_core_plug(HotplugHandler *hotplug= _dev, DeviceState *dev, core_slot->cpu =3D OBJECT(dev); =20 if (smc->pre_2_10_has_unused_icps) { - sPAPRCPUCoreClass *scc =3D SPAPR_CPU_CORE_GET_CLASS(OBJECT(cc)); - size_t size =3D object_type_get_instance_size(scc->cpu_type); int i; =20 for (i =3D 0; i < cc->nr_threads; i++) { sPAPRCPUCore *sc =3D SPAPR_CPU_CORE(dev); - void *obj =3D sc->threads + i * size; =20 - cs =3D CPU(obj); + cs =3D CPU(sc->threads[i]); pre_2_10_vmstate_unregister_dummy_icp(cs->cpu_index); } } diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c index 3a4c17401226..588f9b45714a 100644 --- a/hw/ppc/spapr_cpu_core.c +++ b/hw/ppc/spapr_cpu_core.c @@ -79,13 +79,11 @@ const char *spapr_get_cpu_core_type(const char *cpu_typ= e) static void spapr_cpu_core_unrealizefn(DeviceState *dev, Error **errp) { sPAPRCPUCore *sc =3D SPAPR_CPU_CORE(OBJECT(dev)); - sPAPRCPUCoreClass *scc =3D SPAPR_CPU_CORE_GET_CLASS(OBJECT(dev)); - size_t size =3D object_type_get_instance_size(scc->cpu_type); CPUCore *cc =3D CPU_CORE(dev); int i; =20 for (i =3D 0; i < cc->nr_threads; i++) { - void *obj =3D sc->threads + i * size; + Object *obj =3D OBJECT(sc->threads[i]); DeviceState *dev =3D DEVICE(obj); CPUState *cs =3D CPU(dev); PowerPCCPU *cpu =3D POWERPC_CPU(cs); @@ -146,9 +144,8 @@ static void spapr_cpu_core_realize(DeviceState *dev, Er= ror **errp) sPAPRCPUCore *sc =3D SPAPR_CPU_CORE(OBJECT(dev)); sPAPRCPUCoreClass *scc =3D SPAPR_CPU_CORE_GET_CLASS(OBJECT(dev)); CPUCore *cc =3D CPU_CORE(OBJECT(dev)); - size_t size; Error *local_err =3D NULL; - void *obj; + Object *obj; int i, j; =20 if (!spapr) { @@ -156,18 +153,16 @@ static void spapr_cpu_core_realize(DeviceState *dev, = Error **errp) return; } =20 - size =3D object_type_get_instance_size(scc->cpu_type); - sc->threads =3D g_malloc0(size * cc->nr_threads); + sc->threads =3D g_new(PowerPCCPU *, cc->nr_threads); for (i =3D 0; i < cc->nr_threads; i++) { char id[32]; CPUState *cs; PowerPCCPU *cpu; =20 - obj =3D sc->threads + i * size; + obj =3D object_new(scc->cpu_type); =20 - object_initialize(obj, size, scc->cpu_type); cs =3D CPU(obj); - cpu =3D POWERPC_CPU(cs); + cpu =3D sc->threads[i] =3D POWERPC_CPU(obj); cs->cpu_index =3D cc->core_id + i; cpu->vcpu_id =3D (cc->core_id * spapr->vsmt / smp_threads) + i; if (kvm_enabled() && !kvm_vcpu_id_is_valid(cpu->vcpu_id)) { @@ -192,7 +187,7 @@ static void spapr_cpu_core_realize(DeviceState *dev, Er= ror **errp) } =20 for (j =3D 0; j < cc->nr_threads; j++) { - obj =3D sc->threads + j * size; + obj =3D OBJECT(sc->threads[j]); =20 spapr_cpu_core_realize_child(obj, spapr, &local_err); if (local_err) { @@ -203,7 +198,7 @@ static void spapr_cpu_core_realize(DeviceState *dev, Er= ror **errp) =20 err: while (--i >=3D 0) { - obj =3D sc->threads + i * size; + obj =3D OBJECT(sc->threads[i]); object_unparent(obj); } g_free(sc->threads); diff --git a/include/hw/ppc/spapr_cpu_core.h b/include/hw/ppc/spapr_cpu_cor= e.h index f2d48d6a6786..1129f344aa0c 100644 --- a/include/hw/ppc/spapr_cpu_core.h +++ b/include/hw/ppc/spapr_cpu_core.h @@ -28,7 +28,7 @@ typedef struct sPAPRCPUCore { CPUCore parent_obj; =20 /*< public >*/ - void *threads; + PowerPCCPU **threads; int node_id; } sPAPRCPUCore; =20