From: Kevin Wolf <kwolf@redhat.com>
To: "Marc-André Lureau" <marcandre.lureau@gmail.com>
Cc: Stefan Hajnoczi <stefanha@gmail.com>, qemu-devel <qemu-devel@nongnu.org>
Subject: Re: Your clang TSA patches
Date: Tue, 9 May 2023 10:45:25 +0200 [thread overview]
Message-ID: <ZFoIJRIqpwZAVlDY@redhat.com> (raw)
In-Reply-To: <CAJ+F1CJXaE+1O_93QuAiZ8Zddhc9hRp2X3Umc1whSqrPDXxEyg@mail.gmail.com>
Am 09.05.2023 um 09:00 hat Marc-André Lureau geschrieben:
> Hi Stefan
>
> On Mon, May 8, 2023 at 6:54 PM Stefan Hajnoczi <stefanha@gmail.com> wrote:
>
> > Hi Marc-André,
> > clang's Thread Safety Analysis is being used more in the QEMU block
> > layer and a few limitations have been hit:
> > 1. Mutexes that are struct fields are not supported (only global mutexes
> > work).
> > 2. Analysis does not extend across function pointers. See
> > GRAPH_RDLOCK_PTR for a workaround that is currently used.
> >
> > (There was a third limitation that I don't remember. Maybe Kevin
> > remembers.)
> >
> > I heard you had clang or LLVM patches in that past that improve TSA.
> > Did your patches address these things? Any idea how hard it is to fix
> > these limitations?
>
> I don't remember much about that work, I didn't spend that much time on it,
> and it was 5y ago already!
>
> My WIP branch is still available:
> https://github.com/elmarco/clang/commits/qemu-ta
>
> it seems I was trying to modify clang to support TSA annotations on
> typedef and function pointers, and warn on unmatching. I have no idea
> if this is still relevant. I remember dropping the effort at that time
> because of lack of interest or help in both projects.
TSA support for functions pointers would be very helpful for the work
we're currently doing in the context of multiqueue support. Function
pointers are essentially where the compiler checks break down for us and
we have to cover these parts manually during review. And we have
function pointers in almost every call path (mostly those in BlockDriver
these days, but also some callbacks passed to functions, like BHs).
Does "unmatching" mean that it checks that the TSA annotations in
prototypes and the actual function declaration agree? If so, that would
be nice, too. For now, I've settled on annotating only the header file
for public functions, which works, but it's harder to read.
The third limitation Stefan couldn't remember is lack of support for
__attribute__((cleanup)), which is used by the lock guard macros. This
one is pretty annoying and means that I'm using the guards less than I
would like.
Stefan's first point, not supporting mutexes in struct fields, is a
major limitation of TSA with C, too, but it doesn't actually affect the
current work in QEMU where we're dealing with a single global lock. Of
course, if it were supported, we would certainly have uses for that,
too.
Kevin
next prev parent reply other threads:[~2023-05-09 8:46 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-08 14:53 Your clang TSA patches Stefan Hajnoczi
2023-05-09 7:00 ` Marc-André Lureau
2023-05-09 8:45 ` Kevin Wolf [this message]
2023-05-09 10:54 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZFoIJRIqpwZAVlDY@redhat.com \
--to=kwolf@redhat.com \
--cc=marcandre.lureau@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).