From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:38411) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z8WMN-0004WC-4n for qemu-devel@nongnu.org; Fri, 26 Jun 2015 12:20:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Z8WMK-0003yM-Fa for qemu-devel@nongnu.org; Fri, 26 Jun 2015 12:20:11 -0400 Received: from mail-wi0-x234.google.com ([2a00:1450:400c:c05::234]:33632) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z8WMK-0003xR-8Y for qemu-devel@nongnu.org; Fri, 26 Jun 2015 12:20:08 -0400 Received: by wiwl6 with SMTP id l6so49529665wiw.0 for ; Fri, 26 Jun 2015 09:20:07 -0700 (PDT) Sender: Paolo Bonzini References: <1435330053-18733-1-git-send-email-fred.konrad@greensocs.com> <1435330053-18733-6-git-send-email-fred.konrad@greensocs.com> From: Paolo Bonzini Message-ID: <558D7BB4.2070004@redhat.com> Date: Fri, 26 Jun 2015 18:20:04 +0200 MIME-Version: 1.0 In-Reply-To: <1435330053-18733-6-git-send-email-fred.konrad@greensocs.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [RFC PATCH V6 05/18] protect TBContext with tb_lock. List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: fred.konrad@greensocs.com, qemu-devel@nongnu.org, mttcg@listserver.greensocs.com Cc: peter.maydell@linaro.org, a.spyridakis@virtualopensystems.com, mark.burton@greensocs.com, agraf@suse.de, alistair.francis@xilinx.com, guillaume.delbergue@greensocs.com, alex.bennee@linaro.org On 26/06/2015 16:47, fred.konrad@greensocs.com wrote: > @@ -273,8 +274,9 @@ static TranslationBlock *tb_find_slow(CPUArchState *env, > ptb1 = &tcg_ctx.tb_ctx.tb_phys_hash[h]; > for(;;) { > tb = *ptb1; > - if (!tb) > - goto not_found; > + if (!tb) { > + return tb; > + } You are dereferencing tb outside the lock. You need a smp_read_barrier_depends() here, and a smp_wmb() at the beginning of tb_link_page. Paolo > if (tb->pc == pc &&