From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50078) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aubz6-0004gu-Ac for qemu-devel@nongnu.org; Mon, 25 Apr 2016 04:35:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aubz3-00021g-4Y for qemu-devel@nongnu.org; Mon, 25 Apr 2016 04:35:12 -0400 Received: from mail-wm0-x22c.google.com ([2a00:1450:400c:c09::22c]:36571) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aubz2-00020c-Mp for qemu-devel@nongnu.org; Mon, 25 Apr 2016 04:35:09 -0400 Received: by mail-wm0-x22c.google.com with SMTP id v188so88508311wme.1 for ; Mon, 25 Apr 2016 01:35:07 -0700 (PDT) References: <1461283583-2833-1-git-send-email-cota@braap.org> <87eg9xu2nq.fsf@linaro.org> <20160424032008.GA29999@flamenco> From: Alex =?utf-8?Q?Benn=C3=A9e?= In-reply-to: <20160424032008.GA29999@flamenco> Date: Mon, 25 Apr 2016 09:35:04 +0100 Message-ID: <87lh42ulvr.fsf@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Subject: Re: [Qemu-devel] [RFC] translate-all: protect code_gen_buffer with RCU List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Emilio G. Cota" Cc: QEMU Developers , MTTCG Devel , Paolo Bonzini , Peter Crosthwaite , Richard Henderson , Sergey Fedorov Emilio G. Cota writes: > On Fri, Apr 22, 2016 at 15:41:13 +0100, Alex Bennée wrote: >> Emilio G. Cota writes: > (snip) >> > Known issues: >> > - Basically compile-tested only, since I've only run this with >> > single-threaded TCG; I also tried running it with linux-user, >> > but in order to trigger tb_flush I had to make code_gen_buffer >> > so small that the CPU calling tb_flush would immediately fill >> > the 2nd buffer, triggering the assert. If you have a working >> > multi-threaded workload that would be good to test this, please >> > let me know. >> >> With my latest mttcg unit tests: >> >> ./arm-softmmu/qemu-system-arm -machine virt,accel=tcg -cpu cortex-a15 \ >> -device virtio-serial-device -device virtconsole,chardev=ctd \ >> -chardev testdev,id=ctd -display none -serial stdio \ >> -kernel arm/tcg-test.flat -smp 4 -tcg mttcg=on \ >> -append "tight smc irq mod=1 rounds=100000" -name arm,debug-threads=on > > This is useful. Never mind the need for testing linux-user, I can test > both code paths (i.e. dynamic allocation and static buf) with qemu-system > by simply defining USE_STATIC_CODE_GEN_BUFFER. > > After applying a modified version of this patch (that I'll send in > a jiffy) to your enable-mttcg-for-armv7-v1 branch (reverting first > "translate-all: introduces tb_flush_safe"), I can easily trigger > this error when setting a low enough TB size, e.g. -tb-size 32: > > CPU1: online and setting up with pattern 0xa0b78cbf > CPU2: online and setting up with pattern 0x22287c45 > CPU3: online and setting up with pattern 0x6262c5c5 > CPU0: online and setting up with pattern 0xa65e7ad6 > qemu: flush code_size=10622184 nb_tbs=83886 avg_tb_size=126 > qemu: flush code_size=10469016 nb_tbs=83886 avg_tb_size=124 > qemu: flush code_size=10492920 nb_tbs=83886 avg_tb_size=125 > qemu: flush code_size=10477464 nb_tbs=83886 avg_tb_size=124 > qemu: flush code_size=10495800 nb_tbs=83886 avg_tb_size=125 > PASS: smc: irq: 0 errors, IRQs not checked > Unhandled exception 3 (pabt) > Exception frame registers: > pc : [] lr : [<40010700>] psr: a0000153 > sp : 400ac5c0 ip : 400ab4e8 fp : 40032ca8 > r10: 00000000 r9 : 00000000 r8 : 00000000 > r7 : 00000000 r6 : 00000000 r5 : 00000000 r4 : 00000000 > r3 : 00000000 r2 : 00000000 r1 : e59f2028 r0 : 00000000 > Flags: NzCv IRQs on FIQs off Mode SVC_32 > Control: 00c5107d Table: 40060000 DAC: 00000000 > IFAR: e59f2028 IFSR: 00000205 > > Any input on where to look would be appreciated. Thanks, I'll have a look and see if I can replicate. > > Emilio -- Alex Bennée