From: "Alex Bennée" <alex.bennee@linaro.org>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-devel@nongnu.org, Richard Henderson <rth@twiddle.net>,
"Emilio G . Cota" <cota@braap.org>
Subject: Re: [Qemu-devel] [PATCH] cpu-exec: Exit exclusive region on longjmp from step_atomic
Date: Thu, 02 Nov 2017 16:00:22 +0000 [thread overview]
Message-ID: <87wp38hdrd.fsf@linaro.org> (raw)
In-Reply-To: <1509634273-29111-1-git-send-email-peter.maydell@linaro.org>
Peter Maydell <peter.maydell@linaro.org> writes:
> Commit ac03ee5331612e44be narrowed the scope of the exclusive
> region so it only covers when we're executing the TB, not when
> we're generating it. However it missed that there is more than
> one execution path out of cpu_tb_exec -- if the atomic insn
> causes an exception then the code will longjmp out, skipping
> the code to end the exclusive region. This causes QEMU to hang
> the next time the CPU calls start_exclusive(), waiting for
> itself to exit the region.
>
> Move the "end the region" code out to the end of the
> function so that it is run for both normal exit and also
> for exit-via-longjmp.
>
> (For some reason this only reproduces for me with a clang
> optimized build, not a gcc debug build.)
>
> Fixes: ac03ee5331612e44beb393df2b578c951d27dc0d
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> accel/tcg/cpu-exec.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
> index 4318441..ac316bb 100644
> --- a/accel/tcg/cpu-exec.c
> +++ b/accel/tcg/cpu-exec.c
> @@ -256,9 +256,6 @@ void cpu_exec_step_atomic(CPUState *cpu)
> trace_exec_tb(tb, pc);
> cpu_tb_exec(cpu, tb);
> cc->cpu_exec_exit(cpu);
> - parallel_cpus = true;
> -
> - end_exclusive();
> } else {
> /* We may have exited due to another problem here, so we need
> * to reset any tb_locks we may have taken but didn't release.
> @@ -270,6 +267,9 @@ void cpu_exec_step_atomic(CPUState *cpu)
> #endif
> tb_lock_reset();
> }
> +
> + parallel_cpus = true;
> + end_exclusive();
We assume sigsetjmp can never fail - we either set the jump or are
returning from a longjmp back. So we can never be in the position of
having not been through start_exclusive?
What happens for example if we fault during translation?
--
Alex Bennée
next prev parent reply other threads:[~2017-11-02 16:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-02 14:51 [Qemu-devel] [PATCH] cpu-exec: Exit exclusive region on longjmp from step_atomic Peter Maydell
2017-11-02 16:00 ` Alex Bennée [this message]
2017-11-02 16:17 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wp38hdrd.fsf@linaro.org \
--to=alex.bennee@linaro.org \
--cc=cota@braap.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.