All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Marc-André Lureau" <marcandre.lureau@gmail.com>
To: Rao Lei <lei.rao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>, QEMU <qemu-devel@nongnu.org>
Subject: Re: [RFC PATCH] ui/vnc.c: Fixed a deadlock bug.
Date: Mon, 3 Jan 2022 12:14:09 +0400	[thread overview]
Message-ID: <CAJ+F1C+6NEayzZr8cDHizFAJwgqCVE1668Z6vbPRBh63HRU50g@mail.gmail.com> (raw)
In-Reply-To: <20211229021404.100550-1-lei.rao@intel.com>

[-- Attachment #1: Type: text/plain, Size: 3623 bytes --]

Hi

On Wed, Dec 29, 2021 at 6:18 AM Rao Lei <lei.rao@intel.com> wrote:

> The GDB statck is as follows:
> (gdb) bt
> 0  __lll_lock_wait (futex=futex@entry=0x56211df20360, private=0) at
> lowlevellock.c:52
> 1  0x00007f263caf20a3 in __GI___pthread_mutex_lock (mutex=0x56211df20360)
> at ../nptl/pthread_mutex_lock.c:80
> 2  0x000056211a757364 in qemu_mutex_lock_impl (mutex=0x56211df20360,
> file=0x56211a804857 "../ui/vnc-jobs.h", line=60)
>     at ../util/qemu-thread-posix.c:80
> 3  0x000056211a0ef8c7 in vnc_lock_output (vs=0x56211df14200) at
> ../ui/vnc-jobs.h:60
> 4  0x000056211a0efcb7 in vnc_clipboard_send (vs=0x56211df14200, count=1,
> dwords=0x7ffdf1701338) at ../ui/vnc-clipboard.c:138
> 5  0x000056211a0f0129 in vnc_clipboard_notify (notifier=0x56211df244c8,
> data=0x56211dd1bbf0) at ../ui/vnc-clipboard.c:209
> 6  0x000056211a75dde8 in notifier_list_notify (list=0x56211afa17d0
> <clipboard_notifiers>, data=0x56211dd1bbf0) at ../util/notify.c:39
> 7  0x000056211a0bf0e6 in qemu_clipboard_update (info=0x56211dd1bbf0) at
> ../ui/clipboard.c:50
> 8  0x000056211a0bf05d in qemu_clipboard_peer_release (peer=0x56211df244c0,
> selection=QEMU_CLIPBOARD_SELECTION_CLIPBOARD)
>     at ../ui/clipboard.c:41
> 9  0x000056211a0bef9b in qemu_clipboard_peer_unregister
> (peer=0x56211df244c0) at ../ui/clipboard.c:19
> 10 0x000056211a0d45f3 in vnc_disconnect_finish (vs=0x56211df14200) at
> ../ui/vnc.c:1358
> 11 0x000056211a0d4c9d in vnc_client_read (vs=0x56211df14200) at
> ../ui/vnc.c:1611
> 12 0x000056211a0d4df8 in vnc_client_io (ioc=0x56211ce70690,
> condition=G_IO_IN, opaque=0x56211df14200) at ../ui/vnc.c:1649
> 13 0x000056211a5b976c in qio_channel_fd_source_dispatch
>     (source=0x56211ce50a00, callback=0x56211a0d4d71 <vnc_client_io>,
> user_data=0x56211df14200) at ../io/channel-watch.c:84
> 14 0x00007f263ccede8e in g_main_context_dispatch () at
> /lib/x86_64-linux-gnu/libglib-2.0.so.0
> 15 0x000056211a77d4a1 in glib_pollfds_poll () at ../util/main-loop.c:232
> 16 0x000056211a77d51f in os_host_main_loop_wait (timeout=958545) at
> ../util/main-loop.c:255
> 17 0x000056211a77d630 in main_loop_wait (nonblocking=0) at
> ../util/main-loop.c:531
> 18 0x000056211a45bc8e in qemu_main_loop () at ../softmmu/runstate.c:726
> 19 0x000056211a0b45fa in main (argc=69, argv=0x7ffdf1701778,
> envp=0x7ffdf17019a8) at ../softmmu/main.c:50
>
> From the call trace, we can see it is a deadlock bug.
> vnc_disconnect_finish will acquire the output_mutex.
> But, the output_mutex will be acquired again in vnc_clipboard_send.
> Repeated locking will cause deadlock. So, I move
> qemu_clipboard_peer_unregister() behind vnc_unlock_output();
>
> Signed-off-by: Lei Rao <lei.rao@intel.com>
>

Looks good to me. Please add to the commit message

Fixes: 0bf41cab93e ("ui/vnc: clipboard support")

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

---
>  ui/vnc.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/ui/vnc.c b/ui/vnc.c
> index 1ed1c7efc6..3ccd33dedc 100644
> --- a/ui/vnc.c
> +++ b/ui/vnc.c
> @@ -1354,12 +1354,12 @@ void vnc_disconnect_finish(VncState *vs)
>          /* last client gone */
>          vnc_update_server_surface(vs->vd);
>      }
> +    vnc_unlock_output(vs);
> +
>      if (vs->cbpeer.notifier.notify) {
>          qemu_clipboard_peer_unregister(&vs->cbpeer);
>      }
>
> -    vnc_unlock_output(vs);
> -
>      qemu_mutex_destroy(&vs->output_mutex);
>      if (vs->bh != NULL) {
>          qemu_bh_delete(vs->bh);
> --
> 2.32.0
>
>
>

-- 
Marc-André Lureau

[-- Attachment #2: Type: text/html, Size: 4506 bytes --]

      reply	other threads:[~2022-01-03  8:15 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-29  2:14 [RFC PATCH] ui/vnc.c: Fixed a deadlock bug Rao Lei
2022-01-03  8:14 ` Marc-André Lureau [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAJ+F1C+6NEayzZr8cDHizFAJwgqCVE1668Z6vbPRBh63HRU50g@mail.gmail.com \
    --to=marcandre.lureau@gmail.com \
    --cc=kraxel@redhat.com \
    --cc=lei.rao@intel.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.