[PATCH 2/2] qxl: Fix race on accessing cursor in struct SimpleSpiceDispl

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 2/2] qxl: Fix race on accessing cursor in struct SimpleSpiceDispl

From:	Hyman Huang
Subject:	[PATCH 2/2] qxl: Fix race on accessing cursor in struct SimpleSpiceDisplay
Date:	Fri, 20 Dec 2024 02:46:58 +0800

Both the spice server and the qemu (iothread/main loop) context
can access the cursor field in struct SimpleSpiceDisplay.

Add the mutex lock before accessing cursor in
qxl_spice_reset_cursor().

Signed-off-by: Hyman Huang <yong.huang@smartx.com>
---
 hw/display/qxl.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index ae2d983299..d1fbeb65cf 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -298,10 +298,12 @@ void qxl_spice_reset_cursor(PCIQXLDevice *qxl)
     qemu_mutex_lock(&qxl->track_lock);
     qxl->guest_cursor = 0;
     qemu_mutex_unlock(&qxl->track_lock);
+    qemu_mutex_lock(&qxl->ssd.lock);
     if (qxl->ssd.cursor) {
         cursor_unref(qxl->ssd.cursor);
     }
     qxl->ssd.cursor = cursor_builtin_hidden();
+    qemu_mutex_unlock(&qxl->ssd.lock);
 }
 
 static uint32_t qxl_crc32(const uint8_t *p, unsigned len)
-- 
2.39.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 1/2] qxl: Do not use C99 // comments, Hyman Huang, 2024/12/19
- [PATCH 2/2] qxl: Fix race on accessing cursor in struct SimpleSpiceDisplay, Hyman Huang <=
  - Re: [PATCH 2/2] qxl: Fix race on accessing cursor in struct SimpleSpiceDisplay, Philippe Mathieu-Daudé, 2024/12/20
- Re: [PATCH 1/2] qxl: Do not use C99 // comments, Philippe Mathieu-Daudé, 2024/12/20

Prev by Date: Re: [PULL v2 00/42] Rust, qdev, target/i386 changes for 2024-12-19
Next by Date: [PATCH 1/2] qxl: Do not use C99 // comments
Previous by thread: [PATCH 1/2] qxl: Do not use C99 // comments
Next by thread: Re: [PATCH 2/2] qxl: Fix race on accessing cursor in struct SimpleSpiceDisplay
Index(es):
- Date
- Thread