Hi,
This is v3 of the ThreadSanitizer fixes. Changes from the last
version:
- added some more review tags
- made clear C11 undefined behaviour is the main issue
- added two minor fixes to atomic.h
- change type of tb_page_addr_t back to target_ulong
- dropped ui/vnc-enc-tight patch (already picked up an merged)
- dropped the blacklist patch (not needed with gcc)
- fixed a number of remaining issues with:
- TranslationBuffer access
- PageDesc access
A number of the patches fix fairly rare race conditions. In fact I had
to repeat my test case a number of times to trigger some of them:
retry.py -n 100 -c -- ./arm-linux-user/qemu-arm ./pigz.armhf \
-c -9 linux-4.6.3.tar > /dev/null 2> tsan-user-async.log
On a build with a light patch to reduce the size of the translation
buffer so we trigger lots of flushes.
With this series applied you can enable ThreadSanitizer with the
following command line:
./configure --extra-cflags="-g3 -O0 -fsanitize=thread -D__SANITIZE_THREAD__" \
--with-coroutine=gthread --disable-pie --enable-debug --enable-debug-info
breakdown:
-fsanitize=thread - enables sanitizer
--with-coroutine=gthread - tsan chokes on other forms of coroutine
--disable-pie - tsan no longer works with PIE
--enable-debug --enable-debug-info - better backtraces
Remaining work:
Running make check with the sanitzer enabled flags up a number of
warnings. I'm going to leave those for others to investigate as I need
to press on with the next MTTCG re-base ;-)
Alex Bennée (14):
atomic.h: fix __SANITIZE_THREAD__ build
atomic.h: comment on use of atomic_read/set
exec-all.h: revert tb_page_addr_t to target_ulong
tcg/optimize: move default return out of if statement
qom/object: update class cache atomically
qom/cpu: atomically clear the tb_jmp_cache
cpu: atomically modify cpu->exit_request
util/qht: atomically set b->hashes
linux-user/syscall: extend lock around cpu-list
qga/command: use QEMU atomic primitives
.travis.yml: add gcc sanitizer build
tcg: ensure cpu_tb_exec/tb_gen_code use atomic_read/write
tcg: update remaining TranslationBuffer fields atomically
translate-all: mark updates to PageDesc as atomic
Paolo Bonzini (1):
seqlock: use atomic writes for the sequence
.travis.yml | 45 ++++++++++++++++++++++++++
cpu-exec.c | 30 ++++++++---------
include/exec/exec-all.h | 13 +++++++-
include/qemu/atomic.h | 8 ++++-
include/qemu/seqlock.h | 4 +--
linux-user/syscall.c | 7 +++-
qga/commands.c | 17 +++++-----
qom/cpu.c | 10 ++++--
qom/object.c | 15 +++++----
tcg/optimize.c | 3 +-
translate-all.c | 86 +++++++++++++++++++++++++------------------------
util/qht.c | 10 +++---
12 files changed, 161 insertions(+), 87 deletions(-)
--
2.9.3
