From: "Emilio G. Cota" <cota@braap.org>
To: Robert Foley <robert.foley@linaro.org>
Cc: Fam Zheng <fam@euphon.net>,
peter.puhov@linaro.org, alex.bennee@linaro.org,
qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@redhat.com>
Subject: Re: [PATCH 14/19] util/async: Fixed tsan warnings
Date: Sat, 23 May 2020 16:12:46 -0400 [thread overview]
Message-ID: <20200523201246.GF382220@sff> (raw)
In-Reply-To: <20200522160755.886-15-robert.foley@linaro.org>
On Fri, May 22, 2020 at 12:07:50 -0400, Robert Foley wrote:
> For example:
> Atomic write of size 8 at 0x7b4800113c28 by main thread (mutexes: write M30):
> #0 __tsan_atomic64_exchange <null> (qemu-system-aarch64+0x386f85)
> #1 aio_bh_poll util/async.c:146:5 (qemu-system-aarch64+0xcd1f61)
> #2 aio_dispatch util/aio-posix.c:380:5 (qemu-system-aarch64+0xcd8abb)
> #3 aio_ctx_dispatch util/async.c:298:5 (qemu-system-aarch64+0xcd31b0)
> #4 g_main_context_dispatch <null> (libglib-2.0.so.0+0x4c416)
> #5 qemu_main_loop softmmu/vl.c:1664:9 (qemu-system-aarch64+0x5cc6d6)
> #6 main softmmu/main.c:49:5 (qemu-system-aarch64+0xc62857)
>
> Previous read of size 8 at 0x7b4800113c28 by thread T3 (mutexes: write M81):
> #0 aio_bh_enqueue util/async.c:81:9 (qemu-system-aarch64+0xcd2267)
> #1 qemu_bh_schedule util/async.c:181:5 (qemu-system-aarch64+0xcd2267)
> #2 worker_thread util/thread-pool.c:113:9 (qemu-system-aarch64+0xcd473c)
> #3 qemu_thread_start util/qemu-thread-posix.c:519:9 (qemu-system-aarch64+0xcde280)
>
> Cc: Stefan Hajnoczi <stefanha@redhat.com>
> Cc: Fam Zheng <fam@euphon.net>
> Signed-off-by: Robert Foley <robert.foley@linaro.org>
> ---
> util/async.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/util/async.c b/util/async.c
> index 1319eee3bc..51e306bf0c 100644
> --- a/util/async.c
> +++ b/util/async.c
> @@ -33,6 +33,7 @@
> #include "block/raw-aio.h"
> #include "qemu/coroutine_int.h"
> #include "trace.h"
> +#include "qemu/tsan.h"
>
> /***********************************************************/
> /* bottom halves (can be seen as timers which expire ASAP) */
> @@ -76,10 +77,12 @@ static void aio_bh_enqueue(QEMUBH *bh, unsigned new_flags)
> * 2. ctx is loaded before the callback has a chance to execute and bh
> * could be freed.
> */
> + TSAN_ANNOTATE_IGNORE_WRITES_BEGIN();
Why do we need these annotations here? It looks like the fix for the
race in the commit message is below (i.e. atomic_read).
In general, I'd expect annotations to come with a comment, since
they should be used sparingly. That is, the assumption is that
tsan is almost always right.
> old_flags = atomic_fetch_or(&bh->flags, BH_PENDING | new_flags);
> if (!(old_flags & BH_PENDING)) {
> QSLIST_INSERT_HEAD_ATOMIC(&ctx->bh_list, bh, next);
> }
> + TSAN_ANNOTATE_IGNORE_WRITES_END();
>
> aio_notify(ctx);
> }
> @@ -143,7 +146,9 @@ int aio_bh_poll(AioContext *ctx)
> BHListSlice *s;
> int ret = 0;
>
> + TSAN_ANNOTATE_IGNORE_WRITES_BEGIN();
> QSLIST_MOVE_ATOMIC(&slice.bh_list, &ctx->bh_list);
> + TSAN_ANNOTATE_IGNORE_WRITES_END();
ditto
> QSIMPLEQ_INSERT_TAIL(&ctx->bh_slice_list, &slice, next);
>
> while ((s = QSIMPLEQ_FIRST(&ctx->bh_slice_list))) {
> @@ -280,14 +285,16 @@ aio_ctx_check(GSource *source)
> aio_notify_accept(ctx);
>
> QSLIST_FOREACH_RCU(bh, &ctx->bh_list, next) {
> - if ((bh->flags & (BH_SCHEDULED | BH_DELETED)) == BH_SCHEDULED) {
> + if ((atomic_read(&bh->flags) & (BH_SCHEDULED | BH_DELETED))
> + == BH_SCHEDULED) {
> return true;
> }
> }
>
> QSIMPLEQ_FOREACH(s, &ctx->bh_slice_list, next) {
> QSLIST_FOREACH_RCU(bh, &s->bh_list, next) {
> - if ((bh->flags & (BH_SCHEDULED | BH_DELETED)) == BH_SCHEDULED) {
> + if ((atomic_read(&bh->flags) & (BH_SCHEDULED | BH_DELETED))
> + == BH_SCHEDULED) {
This hunk like the real fix. Also, I'd put "fix race" in the commit
title as opposed to "fix warning" since fixing races is the goal, not
fixing warnings.
Thanks,
Emilio
next prev parent reply other threads:[~2020-05-23 20:13 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-22 16:07 [PATCH 00/19] Add Thread Sanitizer support to QEMU Robert Foley
2020-05-22 16:07 ` [PATCH 01/19] configure: add --enable-tsan flag + fiber annotations for coroutine-ucontext Robert Foley
2020-05-23 16:55 ` Philippe Mathieu-Daudé
2020-05-26 12:38 ` Robert Foley
2020-06-17 14:24 ` Stefan Hajnoczi
2020-06-17 15:56 ` Alex Bennée
2020-06-17 21:27 ` Robert Foley
2020-05-22 16:07 ` [PATCH 02/19] cpu: convert queued work to a QSIMPLEQ Robert Foley
2020-05-24 10:20 ` Philippe Mathieu-Daudé
2020-05-26 15:01 ` Robert Foley
2020-05-22 16:07 ` [PATCH 03/19] thread: add qemu_spin_destroy Robert Foley
2020-05-22 16:07 ` [PATCH 04/19] cputlb: destroy CPUTLB with tlb_destroy Robert Foley
2020-05-22 16:07 ` [PATCH 05/19] qht: call qemu_spin_destroy for head buckets Robert Foley
2020-05-22 16:07 ` [PATCH 06/19] tcg: call qemu_spin_destroy for tb->jmp_lock Robert Foley
2020-05-22 16:07 ` [PATCH 07/19] translate-all: call qemu_spin_destroy for PageDesc Robert Foley
2020-05-22 16:07 ` [PATCH 08/19] thread: add tsan annotations to QemuSpin Robert Foley
2020-05-22 16:07 ` [PATCH 09/19] tests/docker: Added docker build support for TSan Robert Foley
2020-05-22 16:07 ` [PATCH 10/19] include/qemu: Added tsan.h for annotations Robert Foley
2020-05-23 17:20 ` Emilio G. Cota
2020-05-23 21:37 ` Emilio G. Cota
2020-05-22 16:07 ` [PATCH 11/19] accel/tcg: Fixed tsan warnings related to parallel_cpus Robert Foley
2020-05-23 17:21 ` Emilio G. Cota
2020-05-22 16:07 ` [PATCH 12/19] configure: added tsan support for blacklist Robert Foley
2020-05-23 17:27 ` Emilio G. Cota
2020-05-26 14:07 ` Robert Foley
2020-05-22 16:07 ` [PATCH 13/19] accel/tcg: Fixed tsan warnings Robert Foley
2020-05-23 20:06 ` Emilio G. Cota
2020-05-26 15:14 ` Robert Foley
2020-05-26 18:47 ` Paolo Bonzini
2020-05-22 16:07 ` [PATCH 14/19] util/async: " Robert Foley
2020-05-23 20:12 ` Emilio G. Cota [this message]
2020-05-26 15:19 ` Robert Foley
2020-05-26 10:32 ` Stefan Hajnoczi
2020-05-26 15:21 ` Robert Foley
2020-05-22 16:07 ` [PATCH 15/19] qht: Fix " Robert Foley
2020-05-23 20:44 ` Emilio G. Cota
2020-05-22 16:07 ` [PATCH 16/19] util: fixed tsan warnings in thread_pool.c Robert Foley
2020-05-26 20:18 ` Paolo Bonzini
2020-05-22 16:07 ` [PATCH 17/19] util: Added tsan annotate for thread name Robert Foley
2020-05-23 20:29 ` Emilio G. Cota
2020-05-22 16:07 ` [PATCH 18/19] target/arm: Fix tsan warning in cpu.c Robert Foley
2020-05-22 17:44 ` Peter Maydell
2020-05-22 21:33 ` Robert Foley
2020-05-22 22:36 ` Peter Maydell
2020-05-23 17:18 ` Emilio G. Cota
2020-05-26 14:01 ` Robert Foley
2020-05-22 16:07 ` [PATCH 19/19] docs: Added details on TSan to testing.rst Robert Foley
2020-05-23 20:29 ` Emilio G. Cota
2020-05-22 21:07 ` [PATCH 00/19] Add Thread Sanitizer support to QEMU no-reply
2020-05-23 21:36 ` Emilio G. Cota
2020-05-26 15:18 ` Robert Foley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200523201246.GF382220@sff \
--to=cota@braap.org \
--cc=alex.bennee@linaro.org \
--cc=fam@euphon.net \
--cc=peter.puhov@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=robert.foley@linaro.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).