From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1I0wXC-0005Bl-Um for qemu-devel@nongnu.org; Wed, 20 Jun 2007 05:31:31 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1I0wXB-0005BH-KO for qemu-devel@nongnu.org; Wed, 20 Jun 2007 05:31:30 -0400 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1I0wXB-0005BA-A1 for qemu-devel@nongnu.org; Wed, 20 Jun 2007 05:31:29 -0400 Received: from partizan.velesys.com ([213.184.230.195]) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1I0wXA-00007L-9W for qemu-devel@nongnu.org; Wed, 20 Jun 2007 05:31:29 -0400 Received: from localhost (partizan [10.0.5.24]) by partizan.velesys.com (paritzan.velesys.com) with ESMTP id 15FD3D68D8C for ; Wed, 20 Jun 2007 12:32:16 +0300 (EEST) Received: from partizan.velesys.com ([10.0.5.24]) by localhost (partizan.velesys.com [10.0.5.24]) (amavisd-new, port 10024) with ESMTP id RjVUtXX9nqpz for ; Wed, 20 Jun 2007 12:32:14 +0300 (EEST) Received: from localhost.localdomain (unknown [10.0.0.74]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by partizan.velesys.com (paritzan.velesys.com) with ESMTP id CF02FD68D8B for ; Wed, 20 Jun 2007 12:32:14 +0300 (EEST) Date: Wed, 20 Jun 2007 12:32:04 +0300 From: "Kirill A. Shutemov" Subject: Re: [Qemu-devel] qemu-user mmap not thread-safe? Message-ID: <20070620093204.GA15103@localhost.localdomain> References: <4655A880.2000801@suse.de> <200705241645.58693.paul@codesourcery.com> <4677E260.2080002@suse.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="IrhDeMKUP4DT/M7F" Content-Disposition: inline In-Reply-To: <4677E260.2080002@suse.de> Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org --IrhDeMKUP4DT/M7F Content-Type: multipart/mixed; boundary="SLDf9lqlvOQaIe6s" Content-Disposition: inline --SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On [Tue, 19.06.2007 16:03], Alexander Graf wrote: > Paul Brook wrote: > > On Thursday 24 May 2007, Alexander Graf wrote: > > =20 > >> Hi, > >> > >> while playing around with TLS on i386 i came across this problem which > >> occurs even when no TLS is used at all. If two threads just malloc() > >> memory all the time I get a segmentation fault after a short time. Mig= ht > >> this be a serious bug? > >> =20 > > > > qemu is not even vaguely threadsafe. > > > > Paul > > > > > > =20 > Hi, >=20 > I somehow narrowed the problem down to x86_64. As soon as I use > qemu-i386 on i386 or ppc the memory mapping tables are OK. When using > x86_64 as host they are broken. Could this be a generic 64-bit host > problem? I doubt that this actually has to do too much with the > threading itself, because it works fine on other platforms. On x86_64 mmap() sometimes return address above 4G. It is problem if target= =20 system is 32-bit. I use attached patch to solve it. --=20 Regards, Kirill A. Shutemov + Belarus, Minsk + Velesys LLC, http://www.velesys.com/ + ALT Linux Team, http://www.altlinux.com/ --SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="qemu-0.8.2-alt-mmap.patch" Content-Transfer-Encoding: quoted-printable diff -uNr qemu-0.8.2.orig/linux-user/mmap.c qemu-0.8.2/linux-user/mmap.c --- qemu-0.8.2.orig/linux-user/mmap.c 2007-01-16 16:05:33 +0200 +++ qemu-0.8.2/linux-user/mmap.c 2007-01-16 16:27:28 +0200 @@ -27,6 +27,10 @@ =20 #include "qemu.h" =20 +#if !defined(MAP_32BIT) +#define MAP_32BIT 0 +#endif + //#define DEBUG_MMAP =20 /* NOTE: all the constants are the HOST ones, but addresses are target. */ @@ -116,7 +120,7 @@ if (prot1 =3D=3D 0) { /* no page was there, so we allocate one */ ret =3D (long)mmap(host_start, qemu_host_page_size, prot,=20 - flags | MAP_ANONYMOUS, -1, 0); + flags | MAP_ANONYMOUS | MAP_32BIT, -1, 0); if (ret =3D=3D -1) return ret; prot1 =3D prot; @@ -217,7 +221,8 @@ abort(); host_len =3D HOST_PAGE_ALIGN(len) + qemu_host_page_size - TARG= ET_PAGE_SIZE; real_start =3D (long)mmap(g2h(real_start), host_len, PROT_NONE= ,=20 - MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + MAP_PRIVATE | MAP_ANONYMOUS | MAP_32BIT + , -1, 0); if (real_start =3D=3D -1) return real_start; real_end =3D real_start + host_len; @@ -234,7 +239,7 @@ host_offset =3D offset & qemu_host_page_mask; host_len =3D len + offset - host_offset; host_start =3D (long)mmap(real_start ? g2h(real_start) : NULL, - host_len, prot, flags, fd, host_offset= ); + host_len, prot, flags | MAP_32BIT, fd,= host_offset); if (host_start =3D=3D -1) return host_start; /* update start so that it points to the file position at 'off= set' */ @@ -312,7 +317,7 @@ else offset1 =3D offset + real_start - start; ret =3D (long)mmap(g2h(real_start), real_end - real_start,=20 - prot, flags, fd, offset1); + prot, flags | MAP_32BIT, fd, offset1); if (ret =3D=3D -1) return ret; } @@ -388,7 +393,7 @@ int prot; =20 /* XXX: use 5 args syscall */ - new_addr =3D (long)mremap(g2h(old_addr), old_size, new_size, flags); + new_addr =3D (long)mremap(g2h(old_addr), old_size, new_size, flags | M= AP_32BIT); if (new_addr =3D=3D -1) return new_addr; new_addr =3D h2g(new_addr); --SLDf9lqlvOQaIe6s-- --IrhDeMKUP4DT/M7F Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGePQrbWYnhzC5v6oRAnp/AJ9Z7Vh7dZzTwv0+7h9PKpmHqJe5VACfWV3P uYLQbHqxYrX6VvKd8CZmPoU= =pR9B -----END PGP SIGNATURE----- --IrhDeMKUP4DT/M7F--