From: Peter Xu <peterx@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Daniel P . Berrange" <berrange@redhat.com>,
"Stefan Hajnoczi" <shajnocz@redhat.com>,
"Fam Zheng" <famz@redhat.com>,
"Juan Quintela" <quintela@redhat.com>,
mdroth@linux.vnet.ibm.com, peterx@redhat.com,
"Eric Blake" <eblake@redhat.com>,
"Laurent Vivier" <lvivier@redhat.com>,
"Marc-André Lureau" <marcandre.lureau@gmail.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>
Subject: [Qemu-devel] [RFC 01/15] char-io: fix possible race on IOWatchPoll
Date: Thu, 14 Sep 2017 15:50:22 +0800 [thread overview]
Message-ID: <1505375436-28439-2-git-send-email-peterx@redhat.com> (raw)
In-Reply-To: <1505375436-28439-1-git-send-email-peterx@redhat.com>
This is not a problem if we are only having one single loop thread like
before. However, after per-monitor thread is introduced, this is not
true any more, and the race can happen.
The race can be triggered with "make check -j8" sometimes:
qemu-system-x86_64: /root/git/qemu/chardev/char-io.c:91:
io_watch_poll_finalize: Assertion `iwp->src == NULL' failed.
This patch keeps the reference for the watch object when creating in
io_add_watch_poll(), so that the object will never be released in the
context main loop, especially when the context loop is running in
another standalone thread. Meanwhile, when we want to remove the watch
object, we always first detach the watch object from its owner context,
then we continue with the cleanup.
Without this patch, calling io_remove_watch_poll() in main loop thread
is not thread-safe, since the other per-monitor thread may be modifying
the watch object at the same time.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
---
chardev/char-io.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/chardev/char-io.c b/chardev/char-io.c
index f810524..3828c20 100644
--- a/chardev/char-io.c
+++ b/chardev/char-io.c
@@ -122,7 +122,6 @@ GSource *io_add_watch_poll(Chardev *chr,
g_free(name);
g_source_attach(&iwp->parent, context);
- g_source_unref(&iwp->parent);
return (GSource *)iwp;
}
@@ -131,12 +130,24 @@ static void io_remove_watch_poll(GSource *source)
IOWatchPoll *iwp;
iwp = io_watch_poll_from_source(source);
+
+ /*
+ * Here the order of destruction really matters. We need to first
+ * detach the IOWatchPoll object from the context (which may still
+ * be running in another loop thread), only after that could we
+ * continue to operate on iwp->src, or there may be race condition
+ * between current thread and the context loop thread.
+ *
+ * Let's blame the glib bug mentioned in commit 2b3167 (again) for
+ * this extra complexity.
+ */
+ g_source_destroy(&iwp->parent);
if (iwp->src) {
g_source_destroy(iwp->src);
g_source_unref(iwp->src);
iwp->src = NULL;
}
- g_source_destroy(&iwp->parent);
+ g_source_unref(&iwp->parent);
}
void remove_fd_in_watch(Chardev *chr)
--
2.7.4
next prev parent reply other threads:[~2017-09-14 7:50 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-14 7:50 [Qemu-devel] [RFC 00/15] QMP: out-of-band (OOB) execution support Peter Xu
2017-09-14 7:50 ` Peter Xu [this message]
2017-09-19 19:59 ` [Qemu-devel] [RFC 01/15] char-io: fix possible race on IOWatchPoll Eric Blake
2017-09-20 4:44 ` Peter Xu
2017-09-20 7:57 ` Daniel P. Berrange
2017-09-20 9:09 ` Peter Xu
2017-09-20 9:14 ` Daniel P. Berrange
2017-09-20 10:49 ` Peter Xu
2017-09-20 11:03 ` Daniel P. Berrange
2017-09-20 11:18 ` Peter Xu
2017-09-20 11:29 ` Daniel P. Berrange
2017-09-21 3:45 ` Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 02/15] qobject: allow NULL for qstring_get_str() Peter Xu
2017-09-19 20:48 ` Eric Blake
2017-09-20 5:02 ` Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 03/15] qobject: introduce qobject_to_str() Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 04/15] monitor: move skip_flush into monitor_data_init Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 05/15] qjson: add "opaque" field to JSONMessageParser Peter Xu
2017-09-19 20:55 ` Eric Blake
2017-09-20 5:45 ` Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 06/15] monitor: move the cur_mon hack deeper for QMP Peter Xu
2017-09-19 21:05 ` Eric Blake
2017-09-20 5:54 ` Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 07/15] monitor: unify global init Peter Xu
2017-09-19 21:35 ` Eric Blake
2017-09-19 21:48 ` Eric Blake
2017-09-20 6:54 ` Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 08/15] monitor: create IO thread Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 09/15] monitor: allow to use IO thread for parsing Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 10/15] monitor: introduce monitor_qmp_respond() Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 11/15] monitor: separate QMP parser and dispatcher Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 12/15] monitor: enable IO thread for (qmp & !mux) typed Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 13/15] qapi: introduce new cmd option "allow-oob" Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 14/15] qmp: support out-of-band (oob) execution Peter Xu
2017-09-14 15:33 ` Stefan Hajnoczi
2017-09-15 2:59 ` Peter Xu
2017-09-15 18:34 ` Eric Blake
2017-09-18 7:36 ` Peter Xu
2017-09-15 15:55 ` Dr. David Alan Gilbert
2017-09-18 7:53 ` Peter Xu
2017-09-14 7:50 ` [Qemu-devel] [RFC 15/15] qmp: let migrate-incoming allow out-of-band Peter Xu
2017-09-15 16:09 ` Dr. David Alan Gilbert
2017-09-18 8:00 ` Peter Xu
2017-09-14 11:15 ` [Qemu-devel] [RFC 00/15] QMP: out-of-band (OOB) execution support Marc-André Lureau
2017-09-14 15:19 ` Stefan Hajnoczi
2017-09-15 3:50 ` Peter Xu
2017-09-15 10:49 ` Stefan Hajnoczi
2017-09-15 11:34 ` Daniel P. Berrange
2017-09-15 12:06 ` Dr. David Alan Gilbert
2017-09-15 12:14 ` Daniel P. Berrange
2017-09-15 12:19 ` Dr. David Alan Gilbert
2017-09-15 12:29 ` Daniel P. Berrange
2017-09-15 14:29 ` Dr. David Alan Gilbert
2017-09-15 14:32 ` Daniel P. Berrange
2017-09-15 14:56 ` Stefan Hajnoczi
2017-09-15 15:17 ` Dr. David Alan Gilbert
2017-09-18 9:26 ` Peter Xu
2017-09-18 10:40 ` Dr. David Alan Gilbert
2017-09-19 2:23 ` Peter Xu
2017-09-19 9:13 ` Dr. David Alan Gilbert
2017-09-19 9:22 ` Peter Xu
2017-09-14 18:53 ` Dr. David Alan Gilbert
2017-09-15 4:46 ` Peter Xu
2017-09-15 11:14 ` Marc-André Lureau
2017-09-18 8:37 ` Peter Xu
2017-09-18 10:20 ` Marc-André Lureau
2017-09-18 10:55 ` Dr. David Alan Gilbert
2017-09-18 11:13 ` Marc-André Lureau
2017-09-18 11:26 ` Dr. David Alan Gilbert
2017-09-18 16:09 ` Marc-André Lureau
2017-09-19 6:29 ` Peter Xu
2017-09-19 9:19 ` Dr. David Alan Gilbert
2017-09-20 4:37 ` Peter Xu
2017-09-19 18:49 ` Dr. David Alan Gilbert
2017-09-18 15:08 ` Eric Blake
2017-09-14 18:56 ` Dr. David Alan Gilbert
2017-09-15 3:58 ` Peter Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1505375436-28439-2-git-send-email-peterx@redhat.com \
--to=peterx@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=dgilbert@redhat.com \
--cc=eblake@redhat.com \
--cc=famz@redhat.com \
--cc=lvivier@redhat.com \
--cc=marcandre.lureau@gmail.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=shajnocz@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).