vhost internals involves multiple locks to protect data access by
multiple threads.

This series is a try at using clang thread safety checks [1] to catch
issues during compilation: spinlock and rwlock are wrapped into vhost types
and annotations are put all over the code.


Patch 1 is a fix from Maxime that I had to take in the series so
that the CI won't fail.

Patch 2 annotates existing manipulations of the access_lock vq lock.
It does the minimal stuff, more annotations are used/introduced later
in the series.

Patch 4 is an example of extending the work by annotating the async field.
This patch raised the issues fixed in patch 3.

Patch 5 further extends this by annotating rwlocks used in IOTLB.
This raised two suspicious call sites (in vdpa and vhost_crypto code,
see added FIXME). Because of a limitation in the check, the IOTLB lock is
changed to be always taken. I don't expect a big impact, but this needs a
confirmation.


This is still a work in progress.
Those annotations are quite heavy to maintain because the full path of
code must be annotated, but I think it would be worth using.


1: https://clang.llvm.org/docs/ThreadSafetyAnalysis.html

-- 
David Marchand

David Marchand (4):
  vhost: annotate virtqueue access lock
  vhost: fix async access
  vhost: annotate async locking requirement
  vhost: annotate IOTLB locks

Maxime Coquelin (1):
  vhost: fix missing virtqueue lock protection

 lib/vhost/iotlb.c        |  36 ++++-----
 lib/vhost/iotlb.h        |  24 ------
 lib/vhost/meson.build    |   3 +
 lib/vhost/vdpa.c         |   1 +
 lib/vhost/vhost.c        |  85 ++++++++++----------
 lib/vhost/vhost.h        | 169 +++++++++++++++++++++++++++++++++++----
 lib/vhost/vhost_crypto.c |   7 ++
 lib/vhost/vhost_user.c   |  32 +++++---
 lib/vhost/virtio_net.c   |  96 ++++++++++++++++------
 9 files changed, 320 insertions(+), 133 deletions(-)

-- 
2.23.0

Reply via email to