On Sat, Jul 02, 2016 at 08:09:35 +0100, Alex Bennée wrote:
>
> Emilio G. Cota <[email protected]> writes:
>
> > On Fri, Jul 01, 2016 at 17:16:09 +0100, Alex Bennée wrote:
> >> From: Sergey Fedorov <[email protected]>
> > (snip)
> >> @@ -333,7 +338,7 @@ static inline TranslationBlock *tb_find_fast(CPUState
> >> *cpu,
> >> is executed. */
> >> cpu_get_tb_cpu_state(env, &pc, &cs_base, &flags);
> >> tb_lock();
> >> - tb = cpu->tb_jmp_cache[tb_jmp_cache_hash_func(pc)];
> >> + tb = atomic_read(&cpu->tb_jmp_cache[tb_jmp_cache_hash_func(pc)]);
> >> if (unlikely(!tb || tb->pc != pc || tb->cs_base != cs_base ||
> >> tb->flags != flags)) {
> >> tb = tb_find_slow(cpu, pc, cs_base, flags);
> >> diff --git a/translate-all.c b/translate-all.c
> >> index eaa95e4..1fcfe79 100644
> >> --- a/translate-all.c
> >> +++ b/translate-all.c
> >> @@ -1004,11 +1004,16 @@ void tb_phys_invalidate(TranslationBlock *tb,
> >> tb_page_addr_t page_addr)
> >> invalidate_page_bitmap(p);
> >> }
> >>
> >> + /* Ensure that we won't find the TB in the shared hash table
> >> + * if we con't see it in CPU's local cache.
> >
> > s/con't/can't/
> >
> >> + * Pairs with smp_rmb() in tb_find_slow(). */
> >> + smp_wmb();
> >
> > This fence is already embedded in qht_remove, since it internally
> > calls seqlock_write_end() on a successful removal, so we could get
> > away with a comment instead of emitting a redundant fence.
> > However, if qht ever changed its implementation this would have
> > to be taken into account. So I'd be OK with emitting the
> > fence here too.
> >
> >> +
> >> /* remove the TB from the hash list */
> >> h = tb_jmp_cache_hash_func(tb->pc);
> >> CPU_FOREACH(cpu) {
> >> if (cpu->tb_jmp_cache[h] == tb) {
> >
> > Missing atomic_read here: if (atomic_read(cpu->tb_jmp_cache[...])) {
>
> Oops, good catch.
My mistake. An atomic_read here isn't needed: as the commit message
points out, we only need atomic_read when tb_lock isn't held. In this
case tb_lock is held, so we only use atomic accesses for writing
to the array.
E.
