From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:48243) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1b0TdR-0007yR-Vq for qemu-devel@nongnu.org; Wed, 11 May 2016 08:53:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1b0TdN-0000iL-GI for qemu-devel@nongnu.org; Wed, 11 May 2016 08:53:04 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41765) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1b0TdN-0000iF-7u for qemu-devel@nongnu.org; Wed, 11 May 2016 08:53:01 -0400 References: <1459870344-16773-1-git-send-email-alex.bennee@linaro.org> <1459870344-16773-6-git-send-email-alex.bennee@linaro.org> <5733295B.8090401@gmail.com> From: Paolo Bonzini Message-ID: <57332B24.9090304@redhat.com> Date: Wed, 11 May 2016 14:52:52 +0200 MIME-Version: 1.0 In-Reply-To: <5733295B.8090401@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [RFC v2 05/11] tcg: protect TBContext with tb_lock. List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Sergey Fedorov , =?UTF-8?Q?Alex_Benn=c3=a9e?= , mttcg@greensocs.com, fred.konrad@greensocs.com, a.rigo@virtualopensystems.com, cota@braap.org Cc: qemu-devel@nongnu.org, mark.burton@greensocs.com, jan.kiszka@siemens.com, rth@twiddle.net, peter.maydell@linaro.org, claudio.fontana@huawei.com, Peter Crosthwaite , "Michael S. Tsirkin" , Eduardo Habkost Just a couple answers/remarks. On 11/05/2016 14:45, Sergey Fedorov wrote: >> diff --git a/exec.c b/exec.c >> index 17f390e..c46c123 100644 >> --- a/exec.c >> +++ b/exec.c >> @@ -2111,6 +2111,9 @@ static void check_watchpoint(int offset, int len= , MemTxAttrs attrs, int flags) >> continue; >> } >> cpu->watchpoint_hit =3D wp; >> + >> + /* Unlocked by cpu_loop_exit or cpu_resume_from_signa= l. */ >=20 > In fact, neither cpu_resume_from_signal() nor cpu_loop_exit() unlocks > the lock by itself, it gets unlocked after sigsetjmp() returns via > siglongjmp() back to cpu_exec(). So maybe it would be more clear to say > something like "'tb_lock' gets unlocked after siglongjmp()"? Yes, or "cpu_exec() unlocks tb_lock after cpu_loop_exit or cpu_resume_from_signal". Something like that, anyway. >> void tb_flush(CPUState *cpu) >> { >> #if defined(DEBUG_FLUSH) >> @@ -1350,6 +1352,7 @@ void tb_invalidate_phys_page_range(tb_page_addr_= t start, tb_page_addr_t end, >> /* we remove all the TBs in the range [start, end[ */ >> /* XXX: see if in some cases it could be faster to invalidate all >> the code */ >> + tb_lock(); >=20 > Don't we need also protect a call to page_find() above? page_find() > calls page_find_alloc() which is noted to be called with 'tb_lock' held= . Only if alloc=3D1; page_find calls it with alloc=3D0. > However, it might depend on the way we treat 'mmap_lock' in system mode > emulation. It's just not there; generally speaking it's replaced with tb_lock. >> @ -1627,6 +1636,7 @@ void cpu_io_recompile(CPUState *cpu, uintptr_t re= taddr) >> target_ulong pc, cs_base; >> uint64_t flags; >> =20 >> + tb_lock(); >=20 > We don't have to take 'tb_lock' for nether tb_find_pc() nor > cpu_restore_state_from_tb() because the lock does not protect from > tb_flush() anyway. I think the lock should be taken just before the > first call to tb_phys_invalidate() in this function. Indeed, this dates back to when cpu_restore_state_from_tb did recompilati= on. In general, I don't have a big problem with slightly bigger critical sections than necessary, if they aren't in a hot path or they avoid repeated lock-unlock. Thanks, Paolo