Commit b19456dd authored by zhanghailiang's avatar zhanghailiang Committed by Paolo Bonzini
Browse files

char: Fix removing wrong GSource that be found by fd_in_tag 



We use fd_in_tag to find a GSource, fd_in_tag is return value of
g_source_attach(GSource *source, GMainContext *context), the return
value is unique only in the same context, so we may get the same
values with different 'context' parameters.

It is no problem to find the right fd_in_tag by using
 g_main_context_find_source_by_id(GMainContext *context, guint source_id)
while there is only one default main context.

But colo-compare tries to create/use its own context, and if we pass wrong
'context' parameter with right fd_in_tag, we will find a wrong GSource to handle.
We tried to fix the related codes in commit b43decb0,
but it didn't fix the bug completely, because we still have some codes didn't pass
*right* context parameter for remove_fd_in_watch().

Let's fix it by record the GSource directly instead of fd_in_tag.

Signed-off-by: default avatarzhanghailiang <zhang.zhanghailiang@huawei.com>
Reviewed-by: default avatarMarc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1492564532-91680-1-git-send-email-zhang.zhanghailiang@huawei.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 6103451a

chardev/char-fd.c

+4 −4
Original line number Diff line number Diff line
@@ -58,7 +58,7 @@ static gboolean fd_chr_read(QIOChannel *chan, GIOCondition cond, void *opaque) 
    ret = qio_channel_read(

        chan, (gchar *)buf, len, NULL);

    if (ret == 0) {

        remove_fd_in_watch(chr, NULL);

        remove_fd_in_watch(chr);

        qemu_chr_be_event(chr, CHR_EVENT_CLOSED);

        return FALSE;

    }
@@ -89,9 +89,9 @@ static void fd_chr_update_read_handler(Chardev *chr, 
{

    FDChardev *s = FD_CHARDEV(chr);



    remove_fd_in_watch(chr, NULL);

    remove_fd_in_watch(chr);

    if (s->ioc_in) {

        chr->fd_in_tag = io_add_watch_poll(chr, s->ioc_in,

        chr->gsource = io_add_watch_poll(chr, s->ioc_in,

                                           fd_chr_read_poll,

                                           fd_chr_read, chr,

                                           context);
@@ -103,7 +103,7 @@ static void char_fd_finalize(Object *obj) 
    Chardev *chr = CHARDEV(obj);

    FDChardev *s = FD_CHARDEV(obj);



    remove_fd_in_watch(chr, NULL);

    remove_fd_in_watch(chr);

    if (s->ioc_in) {

        object_unref(OBJECT(s->ioc_in));

    }

chardev/char-io.c

+8 −15
Original line number Diff line number Diff line
@@ -98,7 +98,7 @@ static GSourceFuncs io_watch_poll_funcs = { 
    .finalize = io_watch_poll_finalize,

};



guint io_add_watch_poll(Chardev *chr,

GSource *io_add_watch_poll(Chardev *chr,

                        QIOChannel *ioc,

                        IOCanReadHandler *fd_can_read,

                        QIOChannelFunc fd_read,
@@ -106,7 +106,6 @@ guint io_add_watch_poll(Chardev *chr, 
                        GMainContext *context)

{

    IOWatchPoll *iwp;

    int tag;

    char *name;



    iwp = (IOWatchPoll *) g_source_new(&io_watch_poll_funcs,
@@ -122,21 +121,15 @@ guint io_add_watch_poll(Chardev *chr, 
    g_source_set_name((GSource *)iwp, name);

    g_free(name);



    tag = g_source_attach(&iwp->parent, context);

    g_source_attach(&iwp->parent, context);

    g_source_unref(&iwp->parent);

    return tag;

    return (GSource *)iwp;

}



static void io_remove_watch_poll(guint tag, GMainContext *context)

static void io_remove_watch_poll(GSource *source)

{

    GSource *source;

    IOWatchPoll *iwp;



    g_return_if_fail(tag > 0);



    source = g_main_context_find_source_by_id(context, tag);

    g_return_if_fail(source != NULL);



    iwp = io_watch_poll_from_source(source);

    if (iwp->src) {

        g_source_destroy(iwp->src);
@@ -146,11 +139,11 @@ static void io_remove_watch_poll(guint tag, GMainContext *context) 
    g_source_destroy(&iwp->parent);

}



void remove_fd_in_watch(Chardev *chr, GMainContext *context)

void remove_fd_in_watch(Chardev *chr)

{

    if (chr->fd_in_tag) {

        io_remove_watch_poll(chr->fd_in_tag, context);

        chr->fd_in_tag = 0;

    if (chr->gsource) {

        io_remove_watch_poll(chr->gsource);

        chr->gsource = NULL;

    }

}

chardev/char-io.h

+2 −2
Original line number Diff line number Diff line
@@ -29,14 +29,14 @@ 
#include "sysemu/char.h"



/* Can only be used for read */

guint io_add_watch_poll(Chardev *chr,

GSource *io_add_watch_poll(Chardev *chr,

                        QIOChannel *ioc,

                        IOCanReadHandler *fd_can_read,

                        QIOChannelFunc fd_read,

                        gpointer user_data,

                        GMainContext *context);



void remove_fd_in_watch(Chardev *chr, GMainContext *context);

void remove_fd_in_watch(Chardev *chr);



int io_channel_send(QIOChannel *ioc, const void *buf, size_t len);

chardev/char-pty.c

+3 −3
Original line number Diff line number Diff line
@@ -199,7 +199,7 @@ static void pty_chr_state(Chardev *chr, int connected) 
            g_source_remove(s->open_tag);

            s->open_tag = 0;

        }

        remove_fd_in_watch(chr, NULL);

        remove_fd_in_watch(chr);

        s->connected = 0;

        /* (re-)connect poll interval for idle guests: once per second.

         * We check more frequently in case the guests sends data to
@@ -215,8 +215,8 @@ static void pty_chr_state(Chardev *chr, int connected) 
            s->connected = 1;

            s->open_tag = g_idle_add(qemu_chr_be_generic_open_func, chr);

        }

        if (!chr->fd_in_tag) {

            chr->fd_in_tag = io_add_watch_poll(chr, s->ioc,

        if (!chr->gsource) {

            chr->gsource = io_add_watch_poll(chr, s->ioc,

                                               pty_chr_read_poll,

                                               pty_chr_read,

                                               chr, NULL);

chardev/char-socket.c

+4 −4
Original line number Diff line number Diff line
@@ -327,7 +327,7 @@ static void tcp_chr_free_connection(Chardev *chr) 
    }



    tcp_set_msgfds(chr, NULL, 0);

    remove_fd_in_watch(chr, NULL);

    remove_fd_in_watch(chr);

    object_unref(OBJECT(s->sioc));

    s->sioc = NULL;

    object_unref(OBJECT(s->ioc));
@@ -484,7 +484,7 @@ static void tcp_chr_connect(void *opaque) 


    s->connected = 1;

    if (s->ioc) {

        chr->fd_in_tag = io_add_watch_poll(chr, s->ioc,

        chr->gsource = io_add_watch_poll(chr, s->ioc,

                                           tcp_chr_read_poll,

                                           tcp_chr_read,

                                           chr, NULL);
@@ -501,9 +501,9 @@ static void tcp_chr_update_read_handler(Chardev *chr, 
        return;

    }



    remove_fd_in_watch(chr, NULL);

    remove_fd_in_watch(chr);

    if (s->ioc) {

        chr->fd_in_tag = io_add_watch_poll(chr, s->ioc,

        chr->gsource = io_add_watch_poll(chr, s->ioc,

                                           tcp_chr_read_poll,

                                           tcp_chr_read, chr,

                                           context);