From patchwork Thu Oct 18 14:28:47 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Maydell <peter.maydell@linaro.org>
X-Patchwork-Id: 192335
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id 925502C0081
	for <incoming@patchwork.ozlabs.org>;
	Fri, 19 Oct 2012 01:29:14 +1100 (EST)
Received: from localhost ([::1]:37095 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1TOr60-00061B-OT
	for incoming@patchwork.ozlabs.org; Thu, 18 Oct 2012 10:29:12 -0400
Received: from eggs.gnu.org ([208.118.235.92]:34404)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pm215@archaic.org.uk>) id 1TOr5q-000613-So
	for qemu-devel@nongnu.org; Thu, 18 Oct 2012 10:29:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pm215@archaic.org.uk>) id 1TOr5h-0000SZ-4x
	for qemu-devel@nongnu.org; Thu, 18 Oct 2012 10:29:02 -0400
Received: from 38.0.169.217.in-addr.arpa ([217.169.0.38]:57419
	helo=mnementh.archaic.org.uk) by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pm215@archaic.org.uk>) id 1TOr5g-0000SH-US
	for qemu-devel@nongnu.org; Thu, 18 Oct 2012 10:28:53 -0400
Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.72)
	(envelope-from <pm215@archaic.org.uk>)
	id 1TOr5b-0006IY-VI; Thu, 18 Oct 2012 15:28:47 +0100
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Date: Thu, 18 Oct 2012 15:28:47 +0100
Message-Id: <1350570527-24187-1-git-send-email-peter.maydell@linaro.org>
X-Mailer: git-send-email 1.7.2.5
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2)
X-Received-From: 217.169.0.38
Cc: Corentin Chary <corentincj@iksaif.net>, patches@linaro.org
Subject: [Qemu-devel] [PATCH] ui/vnc-jobs: Delete unused and buggy
	vnc_stop_worker_thread()
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

The function vnc_stop_worker_thread() is buggy, beacuse it tries to
delete jobs from the worker thread's queue but the worker thread itself
will not cope with this happening (it would end up trying to remove
an already-removed list item from its queue list). Fortunately
nobody ever calls vnc_stop_worker_thread(), so we can fix this by
simply deleting all the untested racy code.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
Seems the easiest way to deal with this bug spotted via code
inspection :-)

 ui/vnc-jobs.c |   26 --------------------------
 ui/vnc-jobs.h |    2 --
 2 files changed, 28 deletions(-)

diff --git a/ui/vnc-jobs.c b/ui/vnc-jobs.c
index 087b84d..c5ce2f1 100644
--- a/ui/vnc-jobs.c
+++ b/ui/vnc-jobs.c
@@ -136,19 +136,6 @@ bool vnc_has_job(VncState *vs)
     return ret;
 }
 
-void vnc_jobs_clear(VncState *vs)
-{
-    VncJob *job, *tmp;
-
-    vnc_lock_queue(queue);
-    QTAILQ_FOREACH_SAFE(job, &queue->jobs, next, tmp) {
-        if (job->vs == vs || !vs) {
-            QTAILQ_REMOVE(&queue->jobs, job, next);
-        }
-    }
-    vnc_unlock_queue(queue);
-}
-
 void vnc_jobs_join(VncState *vs)
 {
     vnc_lock_queue(queue);
@@ -336,16 +323,3 @@ bool vnc_worker_thread_running(void)
 {
     return queue; /* Check global queue */
 }
-
-void vnc_stop_worker_thread(void)
-{
-    if (!vnc_worker_thread_running())
-        return ;
-
-    /* Remove all jobs and wake up the thread */
-    vnc_lock_queue(queue);
-    queue->exit = true;
-    vnc_unlock_queue(queue);
-    vnc_jobs_clear(NULL);
-    qemu_cond_broadcast(&queue->cond);
-}
diff --git a/ui/vnc-jobs.h b/ui/vnc-jobs.h
index 86e6d88..b87857f 100644
--- a/ui/vnc-jobs.h
+++ b/ui/vnc-jobs.h
@@ -35,13 +35,11 @@ VncJob *vnc_job_new(VncState *vs);
 int vnc_job_add_rect(VncJob *job, int x, int y, int w, int h);
 void vnc_job_push(VncJob *job);
 bool vnc_has_job(VncState *vs);
-void vnc_jobs_clear(VncState *vs);
 void vnc_jobs_join(VncState *vs);
 
 void vnc_jobs_consume_buffer(VncState *vs);
 void vnc_start_worker_thread(void);
 bool vnc_worker_thread_running(void);
-void vnc_stop_worker_thread(void);
 
 /* Locks */
 static inline int vnc_trylock_display(VncDisplay *vd)