[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/3] libxl: Fix libxl_postfork_child_noexec deadlock etc.

To: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
From: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
Date: Mon, 24 Feb 2014 15:17:54 +0000
Cc: Ian Campbell <Ian.Campbell@xxxxxxxxxx>, M A Young <m.a.young@xxxxxxxxxxxx>
Delivery-date: Mon, 24 Feb 2014 15:18:27 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 02/24/2014 02:19 PM, Ian Jackson wrote:

libxl_postfork_child_noexec would nestedly reaquire the non-recursive
"no_forking" mutex: atfork_lock uses it, as does sigchld_user_remove.
The result on Linux is that the process always deadlocks before
returning from this function.

This is used by xl's console child.  So, the ultimate effect is that
xl with pygrub does not manage to connect to the pygrub console.
This beahviour was reported by Michael Young in Xen 4.4.0 RC5.

Also, the use of sigchld_user_remove in libxl_postfork_child_noexec is
not correct with SIGCHLD sharing.  libxl_postfork_child_noexec is
documented to suffice if called only on one ctx.  So deregistering the
ctx it's called on is not sufficient.  Instead, we need a new approach
which discards the whole sigchld_user list and unconditionally removes
our SIGCHLD handler if we had one.

Prompted by this, clarify the semantics of
libxl_postfork_child_noexec.  Specifically, expand on the meaning of
"quickly" by explaining what operations are not permitted; and
document the fact that the function doesn't reclaim the resources in
the ctxs.

And add a comment in libxl_postfork_child_noexec explaining the
internal concurrency situation.

This is an important bugfix.  IMO the bug is a blocker for Xen 4.4.

Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Reported-by: M A Young <m.a.young@xxxxxxxxxxxx>
CC: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
CC: George Dunlap <george.dunlap@xxxxxxxxxxxxx>


So it looks like this path gets called from a number of other places in xl:

libxl_postfork_child_noexec() is called by xl.c:postfork().

postfork() is called in xl_cmdimpl.c by autoconnect_vncviewer(),autoconnect_console(), and do_daemonize().


do_daemonize() is called during "xl create", and "xl devd".

Was this deadlock not triggered for those, or was it triggered andnobody noticed?


 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 1/3] libxl: Fix libxl_postfork_child_noexec deadlock etc.
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH 1/3] libxl: Fix libxl_postfork_child_noexec deadlock etc.
  - From: George Dunlap

References:
- [Xen-devel] [PATCH 0/3] libxl: Fix deadlock with pygrub
  - From: Ian Jackson
- [Xen-devel] [PATCH 1/3] libxl: Fix libxl_postfork_child_noexec deadlock etc.
  - From: Ian Jackson

Prev by Date: Re: [Xen-devel] [PATCH 2/2] arm/xen: Don't use xen DMA ops when the device is protected by an IOMMU
Next by Date: Re: [Xen-devel] Fwd: [How to read xen source]
Previous by thread: Re: [Xen-devel] [PATCH] tools/console: reset tty when xenconsole fails
Next by thread: Re: [Xen-devel] [PATCH 1/3] libxl: Fix libxl_postfork_child_noexec deadlock etc.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.