From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39592)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <fred.konrad@greensocs.com>) id 1ZOozF-00065X-Vk
	for qemu-devel@nongnu.org; Mon, 10 Aug 2015 11:27:43 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <fred.konrad@greensocs.com>) id 1ZOozC-000876-3a
	for qemu-devel@nongnu.org; Mon, 10 Aug 2015 11:27:41 -0400
Received: from greensocs.com ([193.104.36.180]:59112)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <fred.konrad@greensocs.com>) id 1ZOozB-00086v-QY
	for qemu-devel@nongnu.org; Mon, 10 Aug 2015 11:27:38 -0400
From: fred.konrad@greensocs.com
Date: Mon, 10 Aug 2015 17:26:59 +0200
Message-Id: <1439220437-23957-2-git-send-email-fred.konrad@greensocs.com>
In-Reply-To: <1439220437-23957-1-git-send-email-fred.konrad@greensocs.com>
References: <1439220437-23957-1-git-send-email-fred.konrad@greensocs.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [RFC PATCH V7 01/19] cpus: protect queued_work_* with
	work_mutex.
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org, mttcg@listserver.greensocs.com
Cc: mark.burton@greensocs.com, a.rigo@virtualopensystems.com, guillaume.delbergue@greensocs.com, pbonzini@redhat.com, alex.bennee@linaro.org, fred.konrad@greensocs.com

From: KONRAD Frederic <fred.konrad@greensocs.com>

This protects queued_work_* used by async_run_on_cpu, run_on_cpu and
flush_queued_work with a new lock (work_mutex) to prevent multiple (concu=
rrent)
access.

Signed-off-by: KONRAD Frederic <fred.konrad@greensocs.com>
Reviewed-by: Alex Benn=C3=A9e <alex.bennee@linaro.org>

Changes V1 -> V2:
  * Unlock the mutex while running the callback.
---
 cpus.c            | 11 +++++++++++
 include/qom/cpu.h |  3 +++
 qom/cpu.c         |  1 +
 3 files changed, 15 insertions(+)

diff --git a/cpus.c b/cpus.c
index b00a423..eabd4b1 100644
--- a/cpus.c
+++ b/cpus.c
@@ -845,6 +845,8 @@ void run_on_cpu(CPUState *cpu, void (*func)(void *dat=
a), void *data)
     wi.func =3D func;
     wi.data =3D data;
     wi.free =3D false;
+
+    qemu_mutex_lock(&cpu->work_mutex);
     if (cpu->queued_work_first =3D=3D NULL) {
         cpu->queued_work_first =3D &wi;
     } else {
@@ -853,6 +855,7 @@ void run_on_cpu(CPUState *cpu, void (*func)(void *dat=
a), void *data)
     cpu->queued_work_last =3D &wi;
     wi.next =3D NULL;
     wi.done =3D false;
+    qemu_mutex_unlock(&cpu->work_mutex);
=20
     qemu_cpu_kick(cpu);
     while (!wi.done) {
@@ -876,6 +879,8 @@ void async_run_on_cpu(CPUState *cpu, void (*func)(voi=
d *data), void *data)
     wi->func =3D func;
     wi->data =3D data;
     wi->free =3D true;
+
+    qemu_mutex_lock(&cpu->work_mutex);
     if (cpu->queued_work_first =3D=3D NULL) {
         cpu->queued_work_first =3D wi;
     } else {
@@ -884,6 +889,7 @@ void async_run_on_cpu(CPUState *cpu, void (*func)(voi=
d *data), void *data)
     cpu->queued_work_last =3D wi;
     wi->next =3D NULL;
     wi->done =3D false;
+    qemu_mutex_unlock(&cpu->work_mutex);
=20
     qemu_cpu_kick(cpu);
 }
@@ -896,15 +902,20 @@ static void flush_queued_work(CPUState *cpu)
         return;
     }
=20
+    qemu_mutex_lock(&cpu->work_mutex);
     while ((wi =3D cpu->queued_work_first)) {
         cpu->queued_work_first =3D wi->next;
+        qemu_mutex_unlock(&cpu->work_mutex);
         wi->func(wi->data);
+        qemu_mutex_lock(&cpu->work_mutex);
         wi->done =3D true;
         if (wi->free) {
             g_free(wi);
         }
     }
     cpu->queued_work_last =3D NULL;
+    qemu_mutex_unlock(&cpu->work_mutex);
+
     qemu_cond_broadcast(&qemu_work_cond);
 }
=20
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 20aabc9..efa9624 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -242,6 +242,8 @@ struct kvm_run;
  * @mem_io_pc: Host Program Counter at which the memory was accessed.
  * @mem_io_vaddr: Target virtual address at which the memory was accesse=
d.
  * @kvm_fd: vCPU file descriptor for KVM.
+ * @work_mutex: Lock to prevent multiple access to queued_work_*.
+ * @queued_work_first: First asynchronous work pending.
  *
  * State of one CPU core or thread.
  */
@@ -262,6 +264,7 @@ struct CPUState {
     uint32_t host_tid;
     bool running;
     struct QemuCond *halt_cond;
+    QemuMutex work_mutex;
     struct qemu_work_item *queued_work_first, *queued_work_last;
     bool thread_kicked;
     bool created;
diff --git a/qom/cpu.c b/qom/cpu.c
index eb9cfec..4e12598 100644
--- a/qom/cpu.c
+++ b/qom/cpu.c
@@ -316,6 +316,7 @@ static void cpu_common_initfn(Object *obj)
     cpu->gdb_num_regs =3D cpu->gdb_num_g_regs =3D cc->gdb_num_core_regs;
     QTAILQ_INIT(&cpu->breakpoints);
     QTAILQ_INIT(&cpu->watchpoints);
+    qemu_mutex_init(&cpu->work_mutex);
 }
=20
 static void cpu_common_finalize(Object *obj)
--=20
1.9.0