On 2011-09-01 21:35, Luiz Capitulino wrote: > Sometimes, when having lots of VMs running on a RHEV host and the user > attempts to close a SPICE window, libvirt will get corrupted json from > QEMU. > > After some investigation, I found out that the problem is that different > SPICE threads are calling monitor functions (such as > monitor_protocol_event()) in parallel which causes concurrent access > to the monitor's internal buffer outbuf[]. > > This fixes the problem by protecting accesses to outbuf[] with a mutex. > > Honestly speaking, I'm not completely sure this the best thing to do > because the monitor itself and other qemu subsystems are not thread safe, > so having subsystems like SPICE assuming the contrary seems a bit > catastrophic to me...
I fully agree.
...
> @@ -246,10 +248,14 @@ static int monitor_read_password(Monitor *mon,
> ReadLineFunc *readline_func,
>
> void monitor_flush(Monitor *mon)
> {
> + qemu_mutex_lock(&mon->mutex);
> +
> if (mon && mon->outbuf_index != 0 && !mon->mux_out) {
> qemu_chr_fe_write(mon->chr, mon->outbuf, mon->outbuf_index);
> mon->outbuf_index = 0;
> }
> +
> + qemu_mutex_unlock(&mon->mutex);
Here is another example for things that can break due to "optimistic"
parallelization: What protects the chardev state that will be touched by
calling qemu_chr_fe_write? Even when ignoring mux'ed channels for now, I
bet there are code paths that modify the state without holding the
frontend lock (i.e. Monitor::mutex).
Jan
signature.asc
Description: OpenPGP digital signature
