On 26.11.2025 12:29, Roger Pau Monne wrote:
> --- a/xen/common/domain.c
> +++ b/xen/common/domain.c
> @@ -1547,8 +1547,7 @@ int vcpu_unpause_by_systemcontroller(struct vcpu *v)
> static void _domain_pause(struct domain *d, bool sync)
> {
> struct vcpu *v;
> -
> - atomic_inc(&d->pause_count);
> + bool was_paused = atomic_inc_return(&d->pause_count) - 1;
>
> if ( sync )
> for_each_vcpu ( d, v )
Isn't this racy? Another CPU doing the INC above just afterwards (yielding
was_paused as false there) might still ...
> @@ -1557,7 +1556,8 @@ static void _domain_pause(struct domain *d, bool sync)
> for_each_vcpu ( d, v )
> vcpu_sleep_nosync(v);
>
> - arch_domain_pause(d);
> + if ( !was_paused )
> + arch_domain_pause(d);
... make it here faster, and then the call would occur to late. Whether that's
acceptable is a matter of what exactly the arch hook does.
Furthermore, is what the arch hook does for x86 actually correct when "sync"
is false? The vCPU-s might then still be running while the Viridian time is
already frozen.
Jan
