WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [Patch] fix xenfb_update_screen bogus rect

from [Markus Armbruster] [Permanent Link][Original]
To: Akio Takebe <takebe_akio@xxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [Patch] fix xenfb_update_screen bogus rect
From: Markus Armbruster <armbru@xxxxxxxxxx>
Date: Thu, 29 Jan 2009 15:44:57 +0100
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 29 Jan 2009 06:47:31 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4981A70D.1010905@xxxxxxxxxxxxxx> (Akio Takebe's message of "Thu\, 29 Jan 2009 21\:54\:37 +0900")
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <497E784B.7060003@xxxxxxxxxxxxxx> <497ED10A.76E4.0078.0@xxxxxxxxxx> <498009CC.1000101@xxxxxxxxxxxxxx> <871vun33jp.fsf@xxxxxxxxxxxxxxxxx> <4981A70D.1010905@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux) 
Akio Takebe <takebe_akio@xxxxxxxxxxxxxx> writes:

> Hi, Markus
>
> Markus Armbruster wrote:
>> Akio Takebe <takebe_akio@xxxxxxxxxxxxxx> writes:
[...]
>>> diff -r 83b71f4b5cb2 drivers/xen/fbfront/xenfb.c
>>> --- a/drivers/xen/fbfront/xenfb.c   Tue Jan 20 13:28:35 2009 +0000
>>> +++ b/drivers/xen/fbfront/xenfb.c   Thu Jan 29 01:24:06 2009 +0900
>>> @@ -213,17 +213,23 @@
>>
>> Please use -p with diff.
>>
>>>     if (xenfb_queue_full(info))
>>>             return;
>>>  -  mutex_lock(&info->mm_lock);
>>> -
>>>     spin_lock_irqsave(&info->dirty_lock, flags);
>>> -   y1 = info->y1;
>>> -   y2 = info->y2;
>>> -   x1 = info->x1;
>>> -   x2 = info->x2;
>>> -   info->x1 = info->y1 = INT_MAX;
>>> -   info->x2 = info->y2 = 0;
>>> +   if (info->dirty){
>>> +           info->dirty = 0;
>>> +           y1 = info->y1;
>>> +           y2 = info->y2;
>>> +           x1 = info->x1;
>>> +           x2 = info->x2;
>>> +           info->x1 = info->y1 = INT_MAX;
>>> +           info->x2 = info->y2 = 0;
>>> +   } else {
>>> +           spin_unlock_irqrestore(&info->dirty_lock, flags);
>>> +           return;
>>> +   }
>>>     spin_unlock_irqrestore(&info->dirty_lock, flags);
>>>  +  mutex_lock(&info->mm_lock);
>>> +   
>>>     list_for_each_entry(map, &info->mappings, link) {
>>>             if (!map->faults)
>>>                     continue;
>>
>> Careful, locking is rather delicate here.  Please read the big comment
>> "There are three locks:", then explain why moving the locking of
>> mm_lock is safe.
>>
> Thank you for your review.

My pleasure.  I have to thank for your fix!

> First, I thought mm_lock just protected the mappings,
> and the dirty rectangle was protected by the dirty_lock.
> So I moved the mm_lock.
> Also when I tested the patch, I didn't get any problem.

Subtle locking bugs are notoriously hard to demonstrate by testing.

> Do you mean the narrow point of between unloking dirty_lock and locking 
> mm_lock
> in xenfb_update_screen() may be not safe?
> Do you find any critical cases?
>
> Best Regards,
>
> Akio Takebe

Your proposed change might be fine, it might be racy, I don't know.
What I do know is that it invalidates the comment I mentioned.  That's
a nasty trap for the unwary, and clearly a bug as far as I'm
concerned.

I strongly recommend to either revert the locking change, or fix the
comment to match the new code.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] Building Xen with structures thread_info/task_struct, Bastian Blank
Next by Date:  [Xen-devel] RE: [PATCH v2] txt: 0/5 - Overview, Cihula, Joseph
Previous by Thread:  Re: [Xen-devel] [Patch] fix xenfb_update_screen bogus rect, Akio Takebe
Next by Thread:  Re: [Xen-devel] [Patch] fix xenfb_update_screen bogus rect, Akio Takebe
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy