Re: [RFC 0/2] tls: add macros for coroutine-safe TLS variables

From: Stefan Hajnoczi <stefanha@redhat.com>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: fweimer@redhat.com, Kevin Wolf <kwolf@redhat.com>,
	Thomas Huth <thuth@redhat.com>,
	"open list:Block layer core" <qemu-block@nongnu.org>,
	QEMU Developers <qemu-devel@nongnu.org>,
	Fam Zheng <fam@euphon.net>, Warner Losh <imp@bsdimp.com>,
	sguelton@redhat.com
Subject: Re: [RFC 0/2] tls: add macros for coroutine-safe TLS variables
Date: Wed, 27 Oct 2021 13:34:04 +0100	[thread overview]
Message-ID: <YXlHPITntxlYsT6B@stefanha-x1.localdomain> (raw)
In-Reply-To: <4b8a5b71-0ec2-7c2c-6929-de303ec29a53@linaro.org>

[-- Attachment #1: Type: text/plain, Size: 1230 bytes --]

On Tue, Oct 26, 2021 at 10:10:44AM -0700, Richard Henderson wrote:
> On 10/26/21 9:34 AM, Stefan Hajnoczi wrote:
> > On Tue, Oct 26, 2021 at 08:10:16AM -0700, Richard Henderson wrote:
> > > On 10/26/21 6:22 AM, Stefan Hajnoczi wrote:
> > > > If "safe" TLS variables are opt-in then we'll likely have obscure bugs
> > > > when code changes to access a TLS variable that was previously never
> > > > accessed from a coroutine. There is no compiler error and no way to
> > > > detect this. When it happens debugging it is painful.
> > > 
> > > Co-routines are never used in user-only builds.
> > 
> > If developers have the choice of using __thread then bugs can slip
> > through.
> 
> Huh?  How.  No, really.

If there is no checkpatch.pl error then more instances of __thread will
slip in. Not everyone in the QEMU community will be aware of this issue,
so it's likely that code with __thread will get merged.

Subsystems that use coroutines today include block, 9p, mpqemu, io
channels, migration, colo, and monitor commands.

I understand that qemu-user is particularly unlikely to use coroutines.
Thomas' suggestion sounds good to me. Let's allow __thread only in
subsystems where it's safe.

Stefan

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]