From: Paolo Bonzini <pbonzini@redhat.com>
To: Corentin Chary <corentin.chary@gmail.com>
Cc: Jan Kiszka <jan.kiszka@siemens.com>, Peter Lieven <pl@dlh.net>,
qemu-devel <qemu-devel@nongnu.org>,
kvm@vger.kernel.org,
Anthony Liguori <aliguori@linux.vnet.ibm.com>,
Jan Kiszka <jan.kiszka@web.de>
Subject: Re: [PATCH v2] vnc: threaded server depends on io-thread
Date: Wed, 09 Mar 2011 14:51:10 +0100 [thread overview]
Message-ID: <4D7785CE.9020706@redhat.com> (raw)
In-Reply-To: <1299676892-19246-1-git-send-email-corentin.chary@gmail.com>
On 03/09/2011 02:21 PM, Corentin Chary wrote:
> The threaded VNC servers messed up with QEMU fd handlers without
> any kind of locking, and that can cause some nasty race conditions.
>
> The IO-Thread provides appropriate locking primitives to avoid that.
> This patch makes CONFIG_VNC_THREAD depends on CONFIG_IO_THREAD,
> and add lock and unlock calls around the two faulty calls.
>
> Thanks to Jan Kiszka for helping me solve this issue.
>
> Cc: Jan Kiszka<jan.kiszka@web.de>
> Signed-off-by: Corentin Chary<corentin.chary@gmail.com>
> ---
> The previous patch was total crap, introduced race conditions,
> and probably crashs on client disconnections.
>
> configure | 9 +++++++++
> ui/vnc-jobs-async.c | 24 +++++++++++++++++++-----
> 2 files changed, 28 insertions(+), 5 deletions(-)
>
> diff --git a/configure b/configure
> index 5513d3e..c8c1ac1 100755
> --- a/configure
> +++ b/configure
> @@ -2455,6 +2455,15 @@ if test \( "$cpu" = "i386" -o "$cpu" = "x86_64" \) -a \
> roms="optionrom"
> fi
>
> +# VNC Thread depends on IO Thread
> +if test "$vnc_thread" = "yes" -a "$io_thread" != "yes"; then
> + echo
> + echo "ERROR: VNC thread depends on IO thread which isn't enabled."
> + echo "Please use --enable-io-thread if you want to enable it."
> + echo
> + exit 1
> +fi
> +
>
> echo "Install prefix $prefix"
> echo "BIOS directory `eval echo $datadir`"
> diff --git a/ui/vnc-jobs-async.c b/ui/vnc-jobs-async.c
> index f596247..d0c6f61 100644
> --- a/ui/vnc-jobs-async.c
> +++ b/ui/vnc-jobs-async.c
> @@ -190,6 +190,18 @@ static void vnc_async_encoding_end(VncState *orig, VncState *local)
> queue->buffer = local->output;
> }
>
> +static void vnc_worker_lock_output(VncState *vs)
> +{
> + qemu_mutex_lock_iothread();
> + vnc_lock_output(vs);
> +}
> +
> +static void vnc_worker_unlock_output(VncState *vs)
> +{
> + vnc_unlock_output(vs);
> + qemu_mutex_unlock_iothread();
> +}
> +
> static int vnc_worker_thread_loop(VncJobQueue *queue)
> {
> VncJob *job;
> @@ -211,11 +223,11 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
> return -1;
> }
>
> - vnc_lock_output(job->vs);
> + vnc_worker_lock_output(job->vs);
> if (job->vs->csock == -1 || job->vs->abort == true) {
> goto disconnected;
> }
> - vnc_unlock_output(job->vs);
> + vnc_worker_unlock_output(job->vs);
>
> /* Make a local copy of vs and switch output buffers */
> vnc_async_encoding_start(job->vs,&vs);
> @@ -236,7 +248,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
> /* output mutex must be locked before going to
> * disconnected:
> */
> - vnc_lock_output(job->vs);
> + vnc_worker_lock_output(job->vs);
> goto disconnected;
> }
>
> @@ -255,7 +267,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
> vs.output.buffer[saved_offset + 1] = n_rectangles& 0xFF;
>
> /* Switch back buffers */
> - vnc_lock_output(job->vs);
> + vnc_worker_lock_output(job->vs);
> if (job->vs->csock == -1) {
> goto disconnected;
> }
> @@ -266,10 +278,12 @@ disconnected:
> /* Copy persistent encoding data */
> vnc_async_encoding_end(job->vs,&vs);
> flush = (job->vs->csock != -1&& job->vs->abort != true);
> - vnc_unlock_output(job->vs);
> + vnc_worker_unlock_output(job->vs);
>
> if (flush) {
> + qemu_mutex_lock_iothread();
> vnc_flush(job->vs);
> + qemu_mutex_unlock_iothread();
> }
>
> vnc_lock_queue(queue);
Acked-by: Paolo Bonzini <pbonzini@redhat.com> for stable.
For 0.15, I believe an iohandler-list lock is a better solution.
Paolo
WARNING: multiple messages have this Message-ID (diff)
From: Paolo Bonzini <pbonzini@redhat.com>
To: Corentin Chary <corentin.chary@gmail.com>
Cc: kvm@vger.kernel.org, Jan Kiszka <jan.kiszka@siemens.com>,
qemu-devel <qemu-devel@nongnu.org>,
Anthony Liguori <aliguori@linux.vnet.ibm.com>,
Jan Kiszka <jan.kiszka@web.de>, Peter Lieven <pl@dlh.net>
Subject: [Qemu-devel] Re: [PATCH v2] vnc: threaded server depends on io-thread
Date: Wed, 09 Mar 2011 14:51:10 +0100 [thread overview]
Message-ID: <4D7785CE.9020706@redhat.com> (raw)
In-Reply-To: <1299676892-19246-1-git-send-email-corentin.chary@gmail.com>
On 03/09/2011 02:21 PM, Corentin Chary wrote:
> The threaded VNC servers messed up with QEMU fd handlers without
> any kind of locking, and that can cause some nasty race conditions.
>
> The IO-Thread provides appropriate locking primitives to avoid that.
> This patch makes CONFIG_VNC_THREAD depends on CONFIG_IO_THREAD,
> and add lock and unlock calls around the two faulty calls.
>
> Thanks to Jan Kiszka for helping me solve this issue.
>
> Cc: Jan Kiszka<jan.kiszka@web.de>
> Signed-off-by: Corentin Chary<corentin.chary@gmail.com>
> ---
> The previous patch was total crap, introduced race conditions,
> and probably crashs on client disconnections.
>
> configure | 9 +++++++++
> ui/vnc-jobs-async.c | 24 +++++++++++++++++++-----
> 2 files changed, 28 insertions(+), 5 deletions(-)
>
> diff --git a/configure b/configure
> index 5513d3e..c8c1ac1 100755
> --- a/configure
> +++ b/configure
> @@ -2455,6 +2455,15 @@ if test \( "$cpu" = "i386" -o "$cpu" = "x86_64" \) -a \
> roms="optionrom"
> fi
>
> +# VNC Thread depends on IO Thread
> +if test "$vnc_thread" = "yes" -a "$io_thread" != "yes"; then
> + echo
> + echo "ERROR: VNC thread depends on IO thread which isn't enabled."
> + echo "Please use --enable-io-thread if you want to enable it."
> + echo
> + exit 1
> +fi
> +
>
> echo "Install prefix $prefix"
> echo "BIOS directory `eval echo $datadir`"
> diff --git a/ui/vnc-jobs-async.c b/ui/vnc-jobs-async.c
> index f596247..d0c6f61 100644
> --- a/ui/vnc-jobs-async.c
> +++ b/ui/vnc-jobs-async.c
> @@ -190,6 +190,18 @@ static void vnc_async_encoding_end(VncState *orig, VncState *local)
> queue->buffer = local->output;
> }
>
> +static void vnc_worker_lock_output(VncState *vs)
> +{
> + qemu_mutex_lock_iothread();
> + vnc_lock_output(vs);
> +}
> +
> +static void vnc_worker_unlock_output(VncState *vs)
> +{
> + vnc_unlock_output(vs);
> + qemu_mutex_unlock_iothread();
> +}
> +
> static int vnc_worker_thread_loop(VncJobQueue *queue)
> {
> VncJob *job;
> @@ -211,11 +223,11 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
> return -1;
> }
>
> - vnc_lock_output(job->vs);
> + vnc_worker_lock_output(job->vs);
> if (job->vs->csock == -1 || job->vs->abort == true) {
> goto disconnected;
> }
> - vnc_unlock_output(job->vs);
> + vnc_worker_unlock_output(job->vs);
>
> /* Make a local copy of vs and switch output buffers */
> vnc_async_encoding_start(job->vs,&vs);
> @@ -236,7 +248,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
> /* output mutex must be locked before going to
> * disconnected:
> */
> - vnc_lock_output(job->vs);
> + vnc_worker_lock_output(job->vs);
> goto disconnected;
> }
>
> @@ -255,7 +267,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
> vs.output.buffer[saved_offset + 1] = n_rectangles& 0xFF;
>
> /* Switch back buffers */
> - vnc_lock_output(job->vs);
> + vnc_worker_lock_output(job->vs);
> if (job->vs->csock == -1) {
> goto disconnected;
> }
> @@ -266,10 +278,12 @@ disconnected:
> /* Copy persistent encoding data */
> vnc_async_encoding_end(job->vs,&vs);
> flush = (job->vs->csock != -1&& job->vs->abort != true);
> - vnc_unlock_output(job->vs);
> + vnc_worker_unlock_output(job->vs);
>
> if (flush) {
> + qemu_mutex_lock_iothread();
> vnc_flush(job->vs);
> + qemu_mutex_unlock_iothread();
> }
>
> vnc_lock_queue(queue);
Acked-by: Paolo Bonzini <pbonzini@redhat.com> for stable.
For 0.15, I believe an iohandler-list lock is a better solution.
Paolo
next prev parent reply other threads:[~2011-03-09 13:51 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-08 22:53 segmentation fault in qemu-kvm-0.14.0 Peter Lieven
2011-03-08 22:53 ` [Qemu-devel] " Peter Lieven
2011-03-09 7:13 ` Corentin Chary
2011-03-09 7:26 ` Stefan Weil
2011-03-09 7:26 ` Stefan Weil
2011-03-09 7:39 ` Michael Tokarev
2011-03-09 7:39 ` Michael Tokarev
2011-03-09 9:22 ` Stefan Weil
2011-03-09 9:22 ` Stefan Weil
2011-03-09 10:00 ` Peter Lieven
2011-03-09 10:00 ` Peter Lieven
2011-03-15 12:53 ` Peter Lieven
2011-03-15 12:53 ` Peter Lieven
2011-03-15 18:52 ` Stefan Weil
2011-03-15 18:52 ` Stefan Weil
2011-03-09 7:37 ` Jan Kiszka
2011-03-09 7:37 ` [Qemu-devel] " Jan Kiszka
2011-03-09 8:50 ` Corentin Chary
2011-03-09 9:04 ` Jan Kiszka
2011-03-09 9:54 ` Corentin Chary
2011-03-09 9:58 ` Jan Kiszka
2011-03-09 10:02 ` Jan Kiszka
2011-03-09 10:06 ` Corentin Chary
2011-03-09 10:12 ` Jan Kiszka
2011-03-09 10:14 ` Corentin Chary
2011-03-09 10:17 ` Jan Kiszka
2011-03-09 10:41 ` [PATCH] vnc: threaded server depends on io-thread Corentin Chary
2011-03-09 10:41 ` [Qemu-devel] " Corentin Chary
2011-03-09 10:50 ` Peter Lieven
2011-03-09 10:50 ` [Qemu-devel] " Peter Lieven
2011-03-09 10:57 ` Corentin Chary
2011-03-09 10:57 ` [Qemu-devel] " Corentin Chary
2011-03-09 11:05 ` Stefan Hajnoczi
2011-03-09 11:05 ` [Qemu-devel] " Stefan Hajnoczi
2011-03-09 11:25 ` Jan Kiszka
2011-03-09 11:25 ` [Qemu-devel] " Jan Kiszka
2011-03-09 11:32 ` Peter Lieven
2011-03-09 11:32 ` [Qemu-devel] " Peter Lieven
2011-03-09 11:33 ` Jan Kiszka
2011-03-09 11:33 ` [Qemu-devel] " Jan Kiszka
2011-03-09 11:42 ` Jan Kiszka
2011-03-09 11:42 ` [Qemu-devel] " Jan Kiszka
2011-03-09 12:50 ` Peter Lieven
2011-03-09 12:50 ` [Qemu-devel] " Peter Lieven
2011-03-09 13:21 ` [PATCH v2] " Corentin Chary
2011-03-09 13:21 ` [Qemu-devel] " Corentin Chary
2011-03-09 13:42 ` Corentin Chary
2011-03-09 13:42 ` [Qemu-devel] " Corentin Chary
2011-03-09 13:51 ` Paolo Bonzini [this message]
2011-03-09 13:51 ` Paolo Bonzini
2011-03-09 13:59 ` Corentin Chary
2011-03-09 13:59 ` [Qemu-devel] " Corentin Chary
2011-03-10 12:59 ` [PATCH 1/2] sockets: add qemu_socketpair() Corentin Chary
2011-03-10 12:59 ` [Qemu-devel] " Corentin Chary
2011-03-10 12:59 ` [PATCH 2/2] vnc: don't mess up with iohandlers in the vnc thread Corentin Chary
2011-03-10 12:59 ` [Qemu-devel] " Corentin Chary
2011-03-10 13:06 ` Paolo Bonzini
2011-03-10 13:06 ` [Qemu-devel] " Paolo Bonzini
2011-03-10 13:45 ` Anthony Liguori
2011-03-10 13:45 ` [Qemu-devel] " Anthony Liguori
2011-03-10 13:54 ` Corentin Chary
2011-03-10 13:54 ` [Qemu-devel] " Corentin Chary
2011-03-10 13:58 ` Paolo Bonzini
2011-03-10 13:58 ` [Qemu-devel] " Paolo Bonzini
2011-03-10 13:56 ` Paolo Bonzini
2011-03-10 13:56 ` [Qemu-devel] " Paolo Bonzini
2011-03-10 13:47 ` Peter Lieven
2011-03-10 13:47 ` [Qemu-devel] " Peter Lieven
2011-03-10 15:13 ` [PATCH v5] " Corentin Chary
2011-03-10 15:13 ` [Qemu-devel] " Corentin Chary
2011-03-14 9:19 ` Corentin Chary
2011-03-14 9:19 ` [Qemu-devel] " Corentin Chary
2011-03-14 9:55 ` Peter Lieven
2011-03-14 9:55 ` [Qemu-devel] " Peter Lieven
2011-03-15 16:55 ` Peter Lieven
2011-03-15 16:55 ` [Qemu-devel] " Peter Lieven
2011-03-15 18:07 ` Peter Lieven
2011-03-15 18:07 ` [Qemu-devel] " Peter Lieven
2011-03-09 10:02 ` segmentation fault in qemu-kvm-0.14.0 Peter Lieven
2011-03-09 10:02 ` [Qemu-devel] " Peter Lieven
2011-03-09 10:16 ` Peter Lieven
2011-03-09 10:16 ` [Qemu-devel] " Peter Lieven
2011-03-09 10:20 ` Jan Kiszka
2011-03-09 10:20 ` [Qemu-devel] " Jan Kiszka
2011-03-09 10:31 ` Peter Lieven
2011-03-09 10:31 ` [Qemu-devel] " Peter Lieven
2011-03-09 11:20 ` Paolo Bonzini
2011-03-09 11:20 ` [Qemu-devel] " Paolo Bonzini
2011-03-09 11:44 ` Jan Kiszka
2011-03-09 11:44 ` [Qemu-devel] " Jan Kiszka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D7785CE.9020706@redhat.com \
--to=pbonzini@redhat.com \
--cc=aliguori@linux.vnet.ibm.com \
--cc=corentin.chary@gmail.com \
--cc=jan.kiszka@siemens.com \
--cc=jan.kiszka@web.de \
--cc=kvm@vger.kernel.org \
--cc=pl@dlh.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.