From: "Philippe Mathieu-Daudé" <philmd@linaro.org>
To: Nicholas Piggin <npiggin@gmail.com>, qemu-ppc@nongnu.org
Cc: Richard Henderson <richard.henderson@linaro.org>,
Paolo Bonzini <pbonzini@redhat.com>,
qemu-devel@nongnu.org
Subject: Re: [PATCH 0/3] target/ppc: fix tlb flushing race
Date: Thu, 28 Mar 2024 14:20:12 +0100 [thread overview]
Message-ID: <51e36448-5212-40cb-8135-078a3c1b96c8@linaro.org> (raw)
In-Reply-To: <D05BGFTTYF1C.1PG514RTVTZTD@wheely>
On 28/3/24 11:37, Nicholas Piggin wrote:
> On Thu Mar 28, 2024 at 8:15 PM AEST, Nicholas Piggin wrote:
>> On Thu Mar 28, 2024 at 6:12 PM AEST, Nicholas Piggin wrote:
>>> On Thu Mar 28, 2024 at 3:31 PM AEST, Nicholas Piggin wrote:
>>>> ppc broadcast tlb flushes should be synchronised with other vCPUs,
>>>> like all other architectures that support such operations seem to
>>>> be doing.
>>>>
>>>> Fixing ppc removes the last caller of the non-synced TLB flush
>>>> variants, we can remove some dead code. I'd like to merge patch 1
>>>> for 9.0, and hold patches 2 and 3 until 9.1 to avoid churn (unless
>>>> someone prefers to remove the dead code asap).
>>>
>>> Hmm, turns out to not be so simple, this in parts reverts
>>> the fix in commit 4ddc104689b.
Please mention that in the patch.
> Do other architectures
>>> that use the _synced TLB flush variants have that same problem
>>> with the TLB flush not actually flushing until the TB ends,
>>> I wonder?
>>
>> Huh, I can reproduce that original problem with a little test
>> case (which I will upstream into kvm-unit-tests).
>>
>> async_run_on_cpu(this_cpu) seems to flush before the next TB, but
>> async_safe_run_on_cpu(this_cpu) does not? How does it execute it
>> without exiting from the TB?
>
> Duh, it's because the non-_synced tlb flush variants don't use
> that for running on this CPU, they just call it directly.
>
> Okay that all makes sense now. I think this series plus the
> below are good then. Also it's possible some other archs that
> use _all_cpus_synced() (arm, riscv, s390x) _may_ be racy. I
> had a quick look at sfence.vma and ipte, and AFAIKS they're
> supposed to take immediate effect after they execute.
>
> Thanks,
> Nick
>
prev parent reply other threads:[~2024-03-28 13:20 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-28 5:31 [PATCH 0/3] target/ppc: fix tlb flushing race Nicholas Piggin
2024-03-28 5:31 ` [PATCH 1/3] target/ppc: Fix broadcast tlbie synchronisation Nicholas Piggin
2024-03-28 13:18 ` Philippe Mathieu-Daudé
2024-03-28 5:31 ` [PATCH 2/3] tcg/cputlb: Remove non-synced variants of global TLB flushes Nicholas Piggin
2024-03-28 13:18 ` Philippe Mathieu-Daudé
2024-03-28 5:31 ` [PATCH 3/3] tcg/cputlb: remove other-cpu capability from TLB flushing Nicholas Piggin
2024-03-28 8:12 ` [PATCH 0/3] target/ppc: fix tlb flushing race Nicholas Piggin
2024-03-28 10:15 ` Nicholas Piggin
2024-03-28 10:37 ` Nicholas Piggin
2024-03-28 13:20 ` Philippe Mathieu-Daudé [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51e36448-5212-40cb-8135-078a3c1b96c8@linaro.org \
--to=philmd@linaro.org \
--cc=npiggin@gmail.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.