From nobody Tue Feb 10 05:41:36 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1499206091678648.4620911469309; Tue, 4 Jul 2017 15:08:11 -0700 (PDT) Received: from localhost ([::1]:43122 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dSVzO-0001ta-C3 for importer@patchew.org; Tue, 04 Jul 2017 18:08:10 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:48214) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dSVvM-0006up-Ra for qemu-devel@nongnu.org; Tue, 04 Jul 2017 18:04:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dSVvL-000877-Bv for qemu-devel@nongnu.org; Tue, 04 Jul 2017 18:04:00 -0400 Received: from mx1.redhat.com ([209.132.183.28]:45164) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dSVvL-00086p-2m for qemu-devel@nongnu.org; Tue, 04 Jul 2017 18:03:59 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0E4357D0EF; Tue, 4 Jul 2017 22:03:58 +0000 (UTC) Received: from localhost (unknown [10.36.112.12]) by smtp.corp.redhat.com (Postfix) with ESMTP id 630735D722; Tue, 4 Jul 2017 22:03:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 0E4357D0EF Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=marcandre.lureau@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 0E4357D0EF From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= To: qemu-devel@nongnu.org Date: Wed, 5 Jul 2017 00:03:12 +0200 Message-Id: <20170704220346.29244-2-marcandre.lureau@redhat.com> In-Reply-To: <20170704220346.29244-1-marcandre.lureau@redhat.com> References: <20170704220346.29244-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 04 Jul 2017 22:03:58 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH 01/35] WIP: coroutine: annotate coroutine with clang thread safety attributes X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stefan Hajnoczi , Stefan Weil Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" It is possible to use clang -Wthread-safety to do some basic coroutine checks: http://lists.llvm.org/pipermail/cfe-dev/2017-June/054372.html https://clang.llvm.org/docs/ThreadSafetyAnalysis.html This will basically check that you don't call accidentally a coroutine function from a non-coroutine, as this may crash at run time if the coroutine function yields. I had to modify clang to support annotations on typedef and function pointers, and check some function assignments/arguments. The end result is quire far from ready for upstream review, but could serve as basis for more checks or work. (https://github.com/elmarco/clang qemu-ta branch) Signed-off-by: Marc-Andr=C3=A9 Lureau --- include/qemu/coroutine.h | 31 ++++++++++++++++++++++++++++++- util/coroutine-sigaltstack.c | 2 ++ util/coroutine-ucontext.c | 2 ++ util/coroutine-win32.c | 2 ++ util/qemu-coroutine.c | 2 ++ 5 files changed, 38 insertions(+), 1 deletion(-) diff --git a/include/qemu/coroutine.h b/include/qemu/coroutine.h index a4509bd977..35ff394f51 100644 --- a/include/qemu/coroutine.h +++ b/include/qemu/coroutine.h @@ -28,6 +28,34 @@ * These functions are re-entrant and may be used outside the global mutex. */ =20 +/* clang thread-safety attributes, used for static analysis of the CFG */ +#if defined(__clang__) && (!defined(SWIG)) +#define THREAD_ANNOTATION_ATTRIBUTE__(x) __attribute__((x)) +#else +#define THREAD_ANNOTATION_ATTRIBUTE__(x) +#endif + +#define TAA_ROLE \ + THREAD_ANNOTATION_ATTRIBUTE__(capability("role")) + +#define TAA_REQUIRES(...) \ + THREAD_ANNOTATION_ATTRIBUTE__(requires_capability(__VA_ARGS__)) + +#define TAA_ACQUIRE(R) \ + THREAD_ANNOTATION_ATTRIBUTE__(acquire_capability(R)) + +#define TAA_RELEASE(R) \ + THREAD_ANNOTATION_ATTRIBUTE__(release_capability(R)) + +#define TAA_NO_ANALYSYS \ + THREAD_ANNOTATION_ATTRIBUTE__(no_thread_safety_analysis) + +typedef int TAA_ROLE coroutine_role; +extern coroutine_role _coroutine_fn; + +static inline void co_role_acquire(coroutine_role R) TAA_ACQUIRE(R) TAA_NO= _ANALYSYS {} +static inline void co_role_release(coroutine_role R) TAA_RELEASE(R) TAA_NO= _ANALYSYS {} + /** * Mark a function that executes in coroutine context * @@ -42,7 +70,8 @@ * .... * } */ -#define coroutine_fn + +#define coroutine_fn TAA_REQUIRES(_coroutine_fn) =20 typedef struct Coroutine Coroutine; =20 diff --git a/util/coroutine-sigaltstack.c b/util/coroutine-sigaltstack.c index f6fc49a0e5..05d1a378d1 100644 --- a/util/coroutine-sigaltstack.c +++ b/util/coroutine-sigaltstack.c @@ -98,7 +98,9 @@ static void coroutine_bootstrap(CoroutineSigAltStack *sel= f, Coroutine *co) } =20 while (true) { + co_role_acquire(_coroutine_fn); co->entry(co->entry_arg); + co_role_release(_coroutine_fn); qemu_coroutine_switch(co, co->caller, COROUTINE_TERMINATE); } } diff --git a/util/coroutine-ucontext.c b/util/coroutine-ucontext.c index 6621f3f692..010fbaedf1 100644 --- a/util/coroutine-ucontext.c +++ b/util/coroutine-ucontext.c @@ -76,7 +76,9 @@ static void coroutine_trampoline(int i0, int i1) } =20 while (true) { + co_role_acquire(_coroutine_fn); co->entry(co->entry_arg); + co_role_release(_coroutine_fn); qemu_coroutine_switch(co, co->caller, COROUTINE_TERMINATE); } } diff --git a/util/coroutine-win32.c b/util/coroutine-win32.c index de6bd4fd3e..75a3bed543 100644 --- a/util/coroutine-win32.c +++ b/util/coroutine-win32.c @@ -64,7 +64,9 @@ static void CALLBACK coroutine_trampoline(void *co_) Coroutine *co =3D co_; =20 while (true) { + co_role_acquire(_coroutine_fn); co->entry(co->entry_arg); + co_role_release(_coroutine_fn); qemu_coroutine_switch(co, co->caller, COROUTINE_TERMINATE); } } diff --git a/util/qemu-coroutine.c b/util/qemu-coroutine.c index d6095c1d5a..efa0f20e69 100644 --- a/util/qemu-coroutine.c +++ b/util/qemu-coroutine.c @@ -25,6 +25,8 @@ enum { POOL_BATCH_SIZE =3D 64, }; =20 +coroutine_role _coroutine_fn; + /** Free list to speed up creation */ static QSLIST_HEAD(, Coroutine) release_pool =3D QSLIST_HEAD_INITIALIZER(p= ool); static unsigned int release_pool_size; --=20 2.13.1.395.gf7b71de06