Paolo Bonzini <pbonz...@redhat.com> writes: > On 30/09/2016 23:30, Alex Bennée wrote: >> Hi, >> >> This is v3 of the ThreadSanitizer fixes. Changes from the last >> version: >> >> - added some more review tags >> - made clear C11 undefined behaviour is the main issue >> - added two minor fixes to atomic.h >> - change type of tb_page_addr_t back to target_ulong >> - dropped ui/vnc-enc-tight patch (already picked up an merged) >> - dropped the blacklist patch (not needed with gcc) >> - fixed a number of remaining issues with: >> - TranslationBuffer access >> - PageDesc access >> >> A number of the patches fix fairly rare race conditions. In fact I had >> to repeat my test case a number of times to trigger some of them: >> >> retry.py -n 100 -c -- ./arm-linux-user/qemu-arm ./pigz.armhf \ >> -c -9 linux-4.6.3.tar > /dev/null 2> tsan-user-async.log >> >> On a build with a light patch to reduce the size of the translation >> buffer so we trigger lots of flushes. >> >> With this series applied you can enable ThreadSanitizer with the >> following command line: >> >> ./configure --extra-cflags="-g3 -O0 -fsanitize=thread >> -D__SANITIZE_THREAD__" \ >> --with-coroutine=gthread --disable-pie --enable-debug --enable-debug-info >> >> breakdown: >> -fsanitize=thread - enables sanitizer >> --with-coroutine=gthread - tsan chokes on other forms of coroutine >> --disable-pie - tsan no longer works with PIE >> --enable-debug --enable-debug-info - better backtraces >> >> Remaining work: >> >> Running make check with the sanitzer enabled flags up a number of >> warnings. I'm going to leave those for others to investigate as I need >> to press on with the next MTTCG re-base ;-) >> >> Alex Bennée (14): >> atomic.h: fix __SANITIZE_THREAD__ build >> atomic.h: comment on use of atomic_read/set >> exec-all.h: revert tb_page_addr_t to target_ulong >> tcg/optimize: move default return out of if statement >> qom/object: update class cache atomically >> qom/cpu: atomically clear the tb_jmp_cache >> cpu: atomically modify cpu->exit_request >> util/qht: atomically set b->hashes >> linux-user/syscall: extend lock around cpu-list >> qga/command: use QEMU atomic primitives >> .travis.yml: add gcc sanitizer build >> tcg: ensure cpu_tb_exec/tb_gen_code use atomic_read/write >> tcg: update remaining TranslationBuffer fields atomically >> translate-all: mark updates to PageDesc as atomic >> >> Paolo Bonzini (1): >> seqlock: use atomic writes for the sequence >> >> .travis.yml | 45 ++++++++++++++++++++++++++ >> cpu-exec.c | 30 ++++++++--------- >> include/exec/exec-all.h | 13 +++++++- >> include/qemu/atomic.h | 8 ++++- >> include/qemu/seqlock.h | 4 +-- >> linux-user/syscall.c | 7 +++- >> qga/commands.c | 17 +++++----- >> qom/cpu.c | 10 ++++-- >> qom/object.c | 15 +++++---- >> tcg/optimize.c | 3 +- >> translate-all.c | 86 >> +++++++++++++++++++++++++------------------------ >> util/qht.c | 10 +++--- >> 12 files changed, 161 insertions(+), 87 deletions(-) >> > > Queueing patches 1, 2 and 4-12.
OK. We can revisit the rest when we decide what the best plan of action is for 64-on-32 atomic accesses should be. -- Alex Bennée
