[PATCH v2] KVM: arm/arm64: Fix occasional warning from the timer work function

[Marc Zyngier]

On 09/01/17 11:18, Christoffer Dall wrote:
> When a VCPU blocks (WFI) and has programmed the vtimer, we program a
> soft timer to expire in the future to wake up the vcpu thread when
> appropriate.  Because such as wake up involves a vcpu kick, and the
> timer expire function can get called from interrupt context, and the
> kick may sleep, we have to schedule the kick in the work function.
> 
> The work function currently has a warning that gets raised if it turns
> out that the timer shouldn't fire when it's run, which was added because
> the idea was that in that case the work should never have been cancelled.
> 
> However, it turns out that this whole thing is racy and we can get
> spurious warnings.  The problem is that we clear the armed flag in the
> work function, which may run in parallel with the
> kvm_timer_unschedule->timer_disarm() call.  This results in a possible
> situation where the timer_disarm() call does not call
> cancel_work_sync(), which effectively synchronizes the completion of the
> work function with running the VCPU.  As a result, the VCPU thread
> proceeds before the work function completees, causing changes to the
> timer state such that kvm_timer_should_fire(vcpu) returns false in the
> work function.
> 
> All we do in the work function is to kick the VCPU, and an occasional
> rare extra kick never harmed anyone.  Since the race above is extremely
> rare, we don't bother checking if the race happens but simply remove the
> check and the clearing of the armed flag from the work function.
> 
> Reported-by: Matthias Brugger <mbrugger at suse.com>
> Signed-off-by: Christoffer Dall <christoffer.dall at linaro.org>

Reviewed-by: Marc Zyngier <marc.zyngier at arm.com>

	M.
-- 
Jazz is not dead. It just smells funny...