From: "Alex Bennée" <alex.bennee@linaro.org>
To: "Emilio G. Cota" <cota@braap.org>
Cc: qemu-devel@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>,
Richard Henderson <richard.henderson@linaro.org>
Subject: Re: [Qemu-devel] [PATCH 11/16] translate-all: add page_collection assertions
Date: Thu, 29 Mar 2018 16:08:47 +0100 [thread overview]
Message-ID: <87r2o27wcg.fsf@linaro.org> (raw)
In-Reply-To: <1519709965-29833-12-git-send-email-cota@braap.org>
Emilio G. Cota <cota@braap.org> writes:
> The appended adds assertions to make sure we do not longjmp with page
> locks held. Some notes:
>
> - user-mode has nothing to check, since page_locks are !user-mode only.
>
> - The checks only apply to page collections, since these have relatively
> complex callers.
>
> - Some simple page_lock/unlock callers have been left unchecked --
> namely page_lock_tb, tb_phys_invalidate and tb_link_page.
As mentioned in the previous email I think there is a need for
assert_page_locked() at least for places currently still using
assert_memory_locked(). It could certainly be DEBUG_TCG only case
though.
Otherwise:
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> ---
> accel/tcg/cpu-exec.c | 1 +
> accel/tcg/translate-all.c | 22 ++++++++++++++++++++++
> include/exec/exec-all.h | 8 ++++++++
> 3 files changed, 31 insertions(+)
>
> diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
> index 8c68727..7c83887 100644
> --- a/accel/tcg/cpu-exec.c
> +++ b/accel/tcg/cpu-exec.c
> @@ -271,6 +271,7 @@ void cpu_exec_step_atomic(CPUState *cpu)
> tcg_debug_assert(!have_mmap_lock());
> #endif
> tb_lock_reset();
> + assert_page_collection_locked(false);
> }
>
> if (in_exclusive_region) {
> diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
> index 07527d5..82832ef 100644
> --- a/accel/tcg/translate-all.c
> +++ b/accel/tcg/translate-all.c
> @@ -605,6 +605,24 @@ void page_collection_unlock(struct page_collection *set)
> { }
> #else /* !CONFIG_USER_ONLY */
>
> +#ifdef CONFIG_DEBUG_TCG
> +static __thread bool page_collection_locked;
> +
> +void assert_page_collection_locked(bool val)
> +{
> + tcg_debug_assert(page_collection_locked == val);
> +}
> +
> +static inline void set_page_collection_locked(bool val)
> +{
> + page_collection_locked = val;
> +}
> +#else
> +static inline void set_page_collection_locked(bool val)
> +{
> +}
> +#endif /* !CONFIG_DEBUG_TCG */
> +
> static inline void page_lock(PageDesc *pd)
> {
> qemu_spin_lock(&pd->lock);
> @@ -677,6 +695,7 @@ static void do_page_entry_lock(struct page_entry *pe)
> page_lock(pe->pd);
> g_assert(!pe->locked);
> pe->locked = true;
> + set_page_collection_locked(true);
> }
>
> static gboolean page_entry_lock(gpointer key, gpointer value, gpointer data)
> @@ -769,6 +788,7 @@ page_collection_lock(tb_page_addr_t start, tb_page_addr_t end)
> set->tree = g_tree_new_full(tb_page_addr_cmp, NULL, NULL,
> page_entry_destroy);
> set->max = NULL;
> + assert_page_collection_locked(false);
>
> retry:
> g_tree_foreach(set->tree, page_entry_lock, NULL);
> @@ -787,6 +807,7 @@ page_collection_lock(tb_page_addr_t start, tb_page_addr_t end)
> page_trylock_add(set, tb->page_addr[1]))) {
> /* drop all locks, and reacquire in order */
> g_tree_foreach(set->tree, page_entry_unlock, NULL);
> + set_page_collection_locked(false);
> goto retry;
> }
> }
> @@ -799,6 +820,7 @@ void page_collection_unlock(struct page_collection *set)
> /* entries are unlocked and freed via page_entry_destroy */
> g_tree_destroy(set->tree);
> g_free(set);
> + set_page_collection_locked(false);
> }
>
> #endif /* !CONFIG_USER_ONLY */
> diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
> index aeaa127..7911e69 100644
> --- a/include/exec/exec-all.h
> +++ b/include/exec/exec-all.h
> @@ -431,6 +431,14 @@ void tb_lock(void);
> void tb_unlock(void);
> void tb_lock_reset(void);
>
> +#if !defined(CONFIG_USER_ONLY) && defined(CONFIG_DEBUG_TCG)
> +void assert_page_collection_locked(bool val);
> +#else
> +static inline void assert_page_collection_locked(bool val)
> +{
> +}
> +#endif
> +
> #if !defined(CONFIG_USER_ONLY)
>
> struct MemoryRegion *iotlb_to_region(CPUState *cpu,
--
Alex Bennée
next prev parent reply other threads:[~2018-03-29 15:08 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-27 5:39 [Qemu-devel] [PATCH 00/16] tcg: tb_lock removal redux v1 Emilio G. Cota
2018-02-27 5:39 ` [Qemu-devel] [PATCH 01/16] qht: require a default comparison function Emilio G. Cota
2018-02-28 19:02 ` Richard Henderson
2018-03-28 16:21 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 02/16] qht: return existing entry when qht_insert fails Emilio G. Cota
2018-02-28 19:10 ` Richard Henderson
2018-03-28 16:33 ` Alex Bennée
2018-04-05 17:10 ` Emilio G. Cota
2018-02-27 5:39 ` [Qemu-devel] [PATCH 03/16] tcg: track TBs with per-region BST's Emilio G. Cota
2018-02-28 20:53 ` Richard Henderson
2018-03-29 9:54 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 04/16] tcg: move tb_ctx.tb_phys_invalidate_count to tcg_ctx Emilio G. Cota
2018-02-28 20:55 ` Richard Henderson
2018-03-29 10:06 ` Alex Bennée
2018-04-05 17:18 ` Emilio G. Cota
2018-02-27 5:39 ` [Qemu-devel] [PATCH 05/16] translate-all: iterate over TBs in a page with PAGE_FOR_EACH_TB Emilio G. Cota
2018-02-28 21:40 ` Richard Henderson
2018-02-28 22:50 ` Emilio G. Cota
2018-02-28 22:53 ` Richard Henderson
2018-02-27 5:39 ` [Qemu-devel] [PATCH 06/16] translate-all: make l1_map lockless Emilio G. Cota
2018-02-28 22:15 ` Richard Henderson
2018-03-29 10:16 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 07/16] translate-all: remove hole in PageDesc Emilio G. Cota
2018-02-28 22:17 ` Richard Henderson
2018-03-29 10:17 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 08/16] translate-all: work page-by-page in tb_invalidate_phys_range_1 Emilio G. Cota
2018-02-28 22:23 ` Richard Henderson
2018-03-29 10:10 ` Alex Bennée
2018-03-29 10:17 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 09/16] translate-all: move tb_invalidate_phys_page_range up in the file Emilio G. Cota
2018-02-28 22:24 ` Richard Henderson
2018-03-29 10:08 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 10/16] translate-all: use per-page locking in !user-mode Emilio G. Cota
2018-03-29 14:55 ` Alex Bennée
2018-04-06 0:43 ` Emilio G. Cota
2018-02-27 5:39 ` [Qemu-devel] [PATCH 11/16] translate-all: add page_collection assertions Emilio G. Cota
2018-03-29 15:08 ` Alex Bennée [this message]
2018-02-27 5:39 ` [Qemu-devel] [PATCH 12/16] translate-all: discard TB when tb_link_page returns an existing matching TB Emilio G. Cota
2018-03-29 15:19 ` Alex Bennée
2018-04-06 1:23 ` Emilio G. Cota
2018-02-27 5:39 ` [Qemu-devel] [PATCH 13/16] translate-all: protect TB jumps with a per-destination-TB lock Emilio G. Cota
2018-02-27 11:33 ` Paolo Bonzini
2018-02-27 11:43 ` Laurent Desnogues
2018-02-27 14:31 ` Paolo Bonzini
2018-03-28 15:57 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 14/16] cputlb: remove tb_lock from tlb_flush functions Emilio G. Cota
2018-03-29 15:46 ` Alex Bennée
2018-02-27 5:39 ` [Qemu-devel] [PATCH 15/16] translate-all: remove tb_lock mention from cpu_restore_state_from_tb Emilio G. Cota
2018-03-29 16:06 ` Alex Bennée
2018-04-06 1:40 ` Emilio G. Cota
2018-02-27 5:39 ` [Qemu-devel] [PATCH 16/16] tcg: remove tb_lock Emilio G. Cota
2018-03-29 16:15 ` Alex Bennée
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87r2o27wcg.fsf@linaro.org \
--to=alex.bennee@linaro.org \
--cc=cota@braap.org \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.