linux-user: lock tcg

The tcg code generator is not thread safe. Lock its generation between
different threads.

Signed-off-by: Alexander Graf <agraf@suse.de>
[AF: Rebased onto exec.c/translate-all.c split for 1.4]
[AF: Rebased for v2.1.0-rc0]
Signed-off-by: Andreas Färber <afaerber@suse.de>

linux-user/mmap.c

@@ -30,6 +30,7 @@
 
 #include "qemu.h"
 #include "qemu-common.h"
+#include "tcg.h"
 
 //#define DEBUG_MMAP
 
@@ -40,6 +41,7 @@ void mmap_lock(void)
 {
     if (mmap_lock_count++ == 0) {
         pthread_mutex_lock(&mmap_mutex);
+        tcg_lock();
     }
 }
 
@@ -47,6 +49,7 @@ void mmap_unlock(void)
 {
     if (--mmap_lock_count == 0) {
         pthread_mutex_unlock(&mmap_mutex);
+        tcg_unlock();
     }
 }
 

tcg/tcg.c

@@ -39,6 +39,8 @@
 #include "qemu-common.h"
 #include "qemu/host-utils.h"
 #include "qemu/timer.h"
+#include "config-host.h"
+#include "qemu/thread.h"
 
 /* Note: the long term plan is to reduce the dependencies on the QEMU
    CPU definitions. Currently they are used for qemu_ld/st
@@ -123,6 +125,29 @@ const size_t tcg_op_defs_max = ARRAY_SIZE(tcg_op_defs);
 static TCGRegSet tcg_target_available_regs[2];
 static TCGRegSet tcg_target_call_clobber_regs;
 
+#ifdef CONFIG_USER_ONLY
+static __thread int tcg_lock_count;
+#endif
+void tcg_lock(void)
+{
+#ifdef CONFIG_USER_ONLY
+    TCGContext *s = &tcg_ctx;
+    if (tcg_lock_count++ == 0) {
+        qemu_mutex_lock(&s->lock);
+    }
+#endif
+}
+
+void tcg_unlock(void)
+{
+#ifdef CONFIG_USER_ONLY
+    TCGContext *s = &tcg_ctx;
+    if (--tcg_lock_count == 0) {
+        qemu_mutex_unlock(&s->lock);
+    }
+#endif
+}
+
 #if TCG_TARGET_INSN_UNIT_SIZE == 1
 static __attribute__((unused)) inline void tcg_out8(TCGContext *s, uint8_t v)
 {
@@ -339,7 +364,8 @@ void tcg_context_init(TCGContext *s)
 
     memset(s, 0, sizeof(*s));
     s->nb_globals = 0;
-    
+    qemu_mutex_init(&s->lock);
+
     /* Count total number of arguments and allocate the corresponding
        space */
     total_args = 0;
@@ -2560,10 +2586,12 @@ int tcg_gen_code(TCGContext *s, tcg_insn_unit *gen_code_buf)
     }
 #endif
 
+    tcg_lock();
     tcg_gen_code_common(s, gen_code_buf, -1);
 
     /* flush instruction cache */
     flush_icache_range((uintptr_t)s->code_buf, (uintptr_t)s->code_ptr);
+    tcg_unlock();
 
     return tcg_current_code_size(s);
 }
@@ -2575,7 +2603,11 @@ int tcg_gen_code(TCGContext *s, tcg_insn_unit *gen_code_buf)
 int tcg_gen_code_search_pc(TCGContext *s, tcg_insn_unit *gen_code_buf,
                            long offset)
 {
-    return tcg_gen_code_common(s, gen_code_buf, offset);
+    int r;
+    tcg_lock();
+    r = tcg_gen_code_common(s, gen_code_buf, offset);
+    tcg_unlock();
+    return r;
 }
 
 #ifdef CONFIG_PROFILER

tcg/tcg.h

@@ -27,6 +27,7 @@
 
 #include "qemu-common.h"
 #include "qemu/bitops.h"
+#include "qemu/thread.h"
 #include "tcg-target.h"
 
 /* Default target word size to pointer size.  */
@@ -554,6 +555,7 @@ struct TCGContext {
 
     /* The TCGBackendData structure is private to tcg-target.c.  */
     struct TCGBackendData *be;
+    QemuMutex lock;
 };
 
 extern TCGContext tcg_ctx;
@@ -732,6 +734,9 @@ void tcg_gen_shifti_i64(TCGv_i64 ret, TCGv_i64 arg1,
 TCGArg *tcg_optimize(TCGContext *s, uint16_t *tcg_opc_ptr, TCGArg *args,
                      TCGOpDef *tcg_op_def);
 
+extern void tcg_lock(void);
+extern void tcg_unlock(void);
+
 /* only used for debugging purposes */
 void tcg_dump_ops(TCGContext *s);