From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39915)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <alex.bennee@linaro.org>) id 1bqzn3-0007Lg-7a
	for qemu-devel@nongnu.org; Mon, 03 Oct 2016 05:44:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <alex.bennee@linaro.org>) id 1bqzmy-00045r-SH
	for qemu-devel@nongnu.org; Mon, 03 Oct 2016 05:44:04 -0400
Received: from mail-wm0-x231.google.com ([2a00:1450:400c:c09::231]:37253)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <alex.bennee@linaro.org>) id 1bqzmy-00045V-Im
	for qemu-devel@nongnu.org; Mon, 03 Oct 2016 05:44:00 -0400
Received: by mail-wm0-x231.google.com with SMTP id b201so69773783wmb.0
	for <qemu-devel@nongnu.org>; Mon, 03 Oct 2016 02:44:00 -0700 (PDT)
References: <20160930213106.20186-1-alex.bennee@linaro.org>
	<c59f9d15-43a0-f265-b33a-f9c500eb2922@redhat.com>
From: Alex =?utf-8?Q?Benn=C3=A9e?= <alex.bennee@linaro.org>
In-reply-to: <c59f9d15-43a0-f265-b33a-f9c500eb2922@redhat.com>
Date: Mon, 03 Oct 2016 10:43:58 +0100
Message-ID: <87eg3xu5r5.fsf@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Subject: Re: [Qemu-devel] [PATCH v3 00/15] A number of fixes for
 ThreadSanitizer
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-devel@nongnu.org, mttcg@listserver.greensocs.com, peter.maydell@linaro.org, claudio.fontana@huawei.com, nikunj@linux.vnet.ibm.com, jan.kiszka@siemens.com, mark.burton@greensocs.com, a.rigo@virtualopensystems.com, cota@braap.org, serge.fdrv@gmail.com, bobby.prani@gmail.com, rth@twiddle.net, fred.konrad@greensocs.com


Paolo Bonzini <pbonzini@redhat.com> writes:

> On 30/09/2016 23:30, Alex Bennée wrote:
>> Hi,
>>
>> This is v3 of the ThreadSanitizer fixes. Changes from the last
>> version:
>>
>>   - added some more review tags
>>   - made clear C11 undefined behaviour is the main issue
>>   - added two minor fixes to atomic.h
>>   - change type of tb_page_addr_t back to target_ulong
>>   - dropped ui/vnc-enc-tight patch (already picked up an merged)
>>   - dropped the blacklist patch (not needed with gcc)
>>   - fixed a number of remaining issues with:
>>     - TranslationBuffer access
>>     - PageDesc access
>>
>> A number of the patches fix fairly rare race conditions. In fact I had
>> to repeat my test case a number of times to trigger some of them:
>>
>>   retry.py -n 100 -c -- ./arm-linux-user/qemu-arm ./pigz.armhf \
>>     -c -9 linux-4.6.3.tar > /dev/null 2> tsan-user-async.log
>>
>> On a build with a light patch to reduce the size of the translation
>> buffer so we trigger lots of flushes.
>>
>> With this series applied you can enable ThreadSanitizer with the
>> following command line:
>>
>>   ./configure --extra-cflags="-g3 -O0 -fsanitize=thread -D__SANITIZE_THREAD__" \
>>     --with-coroutine=gthread --disable-pie --enable-debug --enable-debug-info
>>
>> breakdown:
>>   -fsanitize=thread - enables sanitizer
>>   --with-coroutine=gthread - tsan chokes on other forms of coroutine
>>   --disable-pie - tsan no longer works with PIE
>>   --enable-debug --enable-debug-info - better backtraces
>>
>> Remaining work:
>>
>> Running make check with the sanitzer enabled flags up a number of
>> warnings. I'm going to leave those for others to investigate as I need
>> to press on with the next MTTCG re-base ;-)
>>
>> Alex Bennée (14):
>>   atomic.h: fix __SANITIZE_THREAD__ build
>>   atomic.h: comment on use of atomic_read/set
>>   exec-all.h: revert tb_page_addr_t to target_ulong
>>   tcg/optimize: move default return out of if statement
>>   qom/object: update class cache atomically
>>   qom/cpu: atomically clear the tb_jmp_cache
>>   cpu: atomically modify cpu->exit_request
>>   util/qht: atomically set b->hashes
>>   linux-user/syscall: extend lock around cpu-list
>>   qga/command: use QEMU atomic primitives
>>   .travis.yml: add gcc sanitizer build
>>   tcg: ensure cpu_tb_exec/tb_gen_code use atomic_read/write
>>   tcg: update remaining TranslationBuffer fields atomically
>>   translate-all: mark updates to PageDesc as atomic
>>
>> Paolo Bonzini (1):
>>   seqlock: use atomic writes for the sequence
>>
>>  .travis.yml             | 45 ++++++++++++++++++++++++++
>>  cpu-exec.c              | 30 ++++++++---------
>>  include/exec/exec-all.h | 13 +++++++-
>>  include/qemu/atomic.h   |  8 ++++-
>>  include/qemu/seqlock.h  |  4 +--
>>  linux-user/syscall.c    |  7 +++-
>>  qga/commands.c          | 17 +++++-----
>>  qom/cpu.c               | 10 ++++--
>>  qom/object.c            | 15 +++++----
>>  tcg/optimize.c          |  3 +-
>>  translate-all.c         | 86 +++++++++++++++++++++++++------------------------
>>  util/qht.c              | 10 +++---
>>  12 files changed, 161 insertions(+), 87 deletions(-)
>>
>
> Queueing patches 1, 2 and 4-12.

OK. We can revisit the rest when we decide what the best plan of action
is for 64-on-32 atomic accesses should be.

--
Alex Bennée