hpet: guard IRQ handling with BQL

Commit [1] made qemu fail with abort: xen_evtchn_set_gsi: Assertion `bql_locked()' failed. when running ./tests/functional/x86_64/test_kvm_xen.py tests. To fix it make sure that BQL is held when manipulating IRQs. Fixes: 7defb58baf (hpet: switch to fine-grained device locking) Reported-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Link: https://lore.kernel.org/r/20250910142506.86274-1-imammedo@redhat.com Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
author: Igor Mammedov <imammedo@redhat.com> 2025-09-10 16:25:06 +0200
committer: Paolo Bonzini <pbonzini@redhat.com> 2025-09-17 19:00:58 +0200
commit: d99041a20328423bc6819ddd69b60cf98d8d84f1 (patch)
tree: 85cc82e5b48f2acd42982481400fa66e95efb31b /hw/timer
parent: 7c83e501565a57560aa1d87109819f46effeb7fc (diff)
download: focaccia-qemu-d99041a20328423bc6819ddd69b60cf98d8d84f1.tar.gz
focaccia-qemu-d99041a20328423bc6819ddd69b60cf98d8d84f1.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/hw/timer/hpet.c b/hw/timer/hpet.c
index 789a31d0a0..1acba4fa9d 100644
--- a/hw/timer/hpet.c
+++ b/hw/timer/hpet.c
@@ -40,6 +40,7 @@
 #include "qom/object.h"
 #include "qemu/lockable.h"
 #include "qemu/seqlock.h"
+#include "qemu/main-loop.h"
 #include "trace.h"
 
 struct hpet_fw_config hpet_fw_cfg = {.count = UINT8_MAX};
@@ -222,12 +223,15 @@ static void update_irq(struct HPETTimer *timer, int set)
                                  timer->fsb & 0xffffffff, MEMTXATTRS_UNSPECIFIED,
                                  NULL);
         } else if (timer->config & HPET_TN_TYPE_LEVEL) {
+            BQL_LOCK_GUARD();
             qemu_irq_raise(s->irqs[route]);
         } else {
+            BQL_LOCK_GUARD();
             qemu_irq_pulse(s->irqs[route]);
         }
     } else {
         if (!timer_fsb_route(timer)) {
+            BQL_LOCK_GUARD();
             qemu_irq_lower(s->irqs[route]);
         }
     }
@@ -534,10 +538,12 @@ static void hpet_ram_write(void *opaque, hwaddr addr,
             /* i8254 and RTC output pins are disabled
              * when HPET is in legacy mode */
             if (activating_bit(old_val, new_val, HPET_CFG_LEGACY)) {
+                BQL_LOCK_GUARD();
                 qemu_set_irq(s->pit_enabled, 0);
                 qemu_irq_lower(s->irqs[0]);
                 qemu_irq_lower(s->irqs[RTC_ISA_IRQ]);
             } else if (deactivating_bit(old_val, new_val, HPET_CFG_LEGACY)) {
+                BQL_LOCK_GUARD();
                 qemu_irq_lower(s->irqs[0]);
                 qemu_set_irq(s->pit_enabled, 1);
                 qemu_set_irq(s->irqs[RTC_ISA_IRQ], s->rtc_irq_level);
@@ -683,11 +689,13 @@ static void hpet_handle_legacy_irq(void *opaque, int n, int level)
 
     if (n == HPET_LEGACY_PIT_INT) {
         if (!hpet_in_legacy_mode(s)) {
+            BQL_LOCK_GUARD();
             qemu_set_irq(s->irqs[0], level);
         }
     } else {
         s->rtc_irq_level = level;
         if (!hpet_in_legacy_mode(s)) {
+            BQL_LOCK_GUARD();
             qemu_set_irq(s->irqs[RTC_ISA_IRQ], level);
         }
     }
author	Igor Mammedov <imammedo@redhat.com>	2025-09-10 16:25:06 +0200
committer	Paolo Bonzini <pbonzini@redhat.com>	2025-09-17 19:00:58 +0200
commit	d99041a20328423bc6819ddd69b60cf98d8d84f1 (patch)
tree	85cc82e5b48f2acd42982481400fa66e95efb31b /hw/timer
parent	7c83e501565a57560aa1d87109819f46effeb7fc (diff)
download	focaccia-qemu-d99041a20328423bc6819ddd69b60cf98d8d84f1.tar.gz focaccia-qemu-d99041a20328423bc6819ddd69b60cf98d8d84f1.zip