On 15/12/2017 14:30, Dr. David Alan Gilbert wrote: >> Also it seems that we have a race in current code where >> region_del() unrefs memory region first and then by the >> commit time memory region could be gone since old flatview >> is unreffed before commit callback is called, but guest still >> uses old memory map until vhost_set_mem_table() is complete. >> We probably should unref deleted(old) sections after >> guest gets new memmap. > > Will they really get cleaned up before the commit() returns? > There's no rcu like thing guarding it?
The memory subsystem only keeps them alive until before commmit() is invoked. Paolo
