Re: [Qemu-devel] [PATCH] monitor: Protect outbuf from concurrent access

[Jan Kiszka]

On 2011-09-01 21:35, Luiz Capitulino wrote:
> Sometimes, when having lots of VMs running on a RHEV host and the user
> attempts to close a SPICE window, libvirt will get corrupted json from
> QEMU.
> 
> After some investigation, I found out that the problem is that different
> SPICE threads are calling monitor functions (such as
> monitor_protocol_event()) in parallel which causes concurrent access
> to the monitor's internal buffer outbuf[].
> 
> This fixes the problem by protecting accesses to outbuf[] with a mutex.
> 
> Honestly speaking, I'm not completely sure this the best thing to do
> because the monitor itself and other qemu subsystems are not thread safe,
> so having subsystems like SPICE assuming the contrary seems a bit
> catastrophic to me...

I fully agree.

...

> @@ -246,10 +248,14 @@ static int monitor_read_password(Monitor *mon, 
> ReadLineFunc *readline_func,
>  
>  void monitor_flush(Monitor *mon)
>  {
> +    qemu_mutex_lock(&mon->mutex);
> +
>      if (mon && mon->outbuf_index != 0 && !mon->mux_out) {
>          qemu_chr_fe_write(mon->chr, mon->outbuf, mon->outbuf_index);
>          mon->outbuf_index = 0;
>      }
> +
> +    qemu_mutex_unlock(&mon->mutex);

Here is another example for things that can break due to "optimistic"
parallelization: What protects the chardev state that will be touched by
calling qemu_chr_fe_write? Even when ignoring mux'ed channels for now, I
bet there are code paths that modify the state without holding the
frontend lock (i.e. Monitor::mutex).

Jan

signature.asc
Description: OpenPGP digital signature