From 4013e52e76cb56a657c58fe03334d72d1ab1824b Mon Sep 17 00:00:00 2001

From: David Hildenbrand <david@redhat.com>

Date: Fri, 21 Dec 2018 15:36:11 +0000

Subject: [PATCH 09/22] s390x/tcg: fix locking problem with

 tcg_s390_tod_updated

RH-Author: David Hildenbrand <david@redhat.com>

Message-id: <20181221153614.27961-10-david@redhat.com>

Patchwork-id: 83754

O-Subject: [RHEL-8.0 qemu-kvm v2 PATCH 09/12] s390x/tcg: fix locking problem with tcg_s390_tod_updated

Bugzilla: 1653569

RH-Acked-by: Cornelia Huck <cohuck@redhat.com>

RH-Acked-by: Thomas Huth <thuth@redhat.com>

RH-Acked-by: Laurent Vivier <lvivier@redhat.com>

tcg_s390_tod_updated() is always called with the iothread being locked

(e.g. from S390TODClass->set() e.g. via HELPER(sck) or on incoming

migration). The helper we call takes the lock itself - bad.

Let's change that by factoring out updating the ckc timer. This now looks

much nicer than having to call a helper from another function.

While touching it we also make sure that env->ckc is updated even if the

new value is -1ULL, for now it would not have been modified in that case.

Reported-by: Christian Borntraeger <borntraeger@de.ibm.com>

Signed-off-by: David Hildenbrand <david@redhat.com>

Message-Id: <20180629170520.13671-1-david@redhat.com>

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

Signed-off-by: Cornelia Huck <cohuck@redhat.com>

(cherry picked from commit 30c8db0e219a3c1d8b39c19e8b858830cb141738)

Signed-off-by: David Hildenbrand <david@redhat.com>

Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>

---

 target/s390x/misc_helper.c | 26 ++++++++++++++++----------

 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/target/s390x/misc_helper.c b/target/s390x/misc_helper.c

index d629b2f..ffb9f6c 100644

--- a/target/s390x/misc_helper.c

+++ b/target/s390x/misc_helper.c

@@ -150,26 +150,23 @@ uint64_t HELPER(stck)(CPUS390XState *env)

     return tod.low;

 }

-/* Set Clock Comparator */

-void HELPER(sckc)(CPUS390XState *env, uint64_t time)

+static void update_ckc_timer(CPUS390XState *env)

 {

     S390TODState *td = s390_get_todstate();

+    uint64_t time;

     /* stop the timer and remove pending CKC IRQs */

     timer_del(env->tod_timer);

-    qemu_mutex_lock_iothread();

+    g_assert(qemu_mutex_iothread_locked());

     env->pending_int &= ~INTERRUPT_EXT_CLOCK_COMPARATOR;

-    qemu_mutex_unlock_iothread();

     /* the tod has to exceed the ckc, this can never happen if ckc is all 1's */

-    if (time == -1ULL) {

+    if (env->ckc == -1ULL) {

         return;

     }

-    env->ckc = time;

-

     /* difference between origins */

-    time -= td->base.low;

+    time = env->ckc - td->base.low;

     /* nanoseconds */

     time = tod2time(time);

@@ -177,12 +174,21 @@ void HELPER(sckc)(CPUS390XState *env, uint64_t time)

     timer_mod(env->tod_timer, time);

 }

+/* Set Clock Comparator */

+void HELPER(sckc)(CPUS390XState *env, uint64_t ckc)

+{

+    env->ckc = ckc;

+

+    qemu_mutex_lock_iothread();

+    update_ckc_timer(env);

+    qemu_mutex_unlock_iothread();

+}

+

 void tcg_s390_tod_updated(CPUState *cs, run_on_cpu_data opaque)

 {

     S390CPU *cpu = S390_CPU(cs);

-    CPUS390XState *env = &cpu->env;

-    helper_sckc(env, env->ckc);

+    update_ckc_timer(&cpu->env);

 }

 /* Set Clock */

-- 

1.8.3.1