Changeset 365 for pjproject/trunk/pjlib/src/pj/ioqueue_winnt.c

Timestamp:

Mar 30, 2006 4:32:18 PM (18 years ago)

Author:

bennylp

Message:

Fixed race condition bug in ioqueue unregistration for select and Win32 IOCP backend

File:

• pjproject/trunk/pjlib/src/pj/ioqueue_winnt.c (modified) (23 diffs)

pjproject/trunk/pjlib/src/pj/ioqueue_winnt.c

@@ -107 +107 @@
 struct pj_ioqueue_key_t
 {
+    PJ_DECL_LIST_MEMBER(struct pj_ioqueue_key_t);
+
     pj_ioqueue_t       *ioqueue;
     HANDLE              hnd;
     void               *user_data;
     enum handle_type    hnd_type;
+    pj_ioqueue_callback cb;
+
 #if PJ_HAS_TCP
     int                 connecting;
 #endif
-    pj_ioqueue_callback cb;
-    pj_bool_t           has_quit_signal;
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    pj_atomic_t        *ref_count;
+    pj_bool_t           closing;
+    pj_time_val         free_time;
+#endif
+
 };
 
@@ -126 +135 @@
     pj_lock_t        *lock;
     pj_bool_t         auto_delete_lock;
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    pj_ioqueue_key_t  active_list;
+    pj_ioqueue_key_t  free_list;
+    pj_ioqueue_key_t  closing_list;
+#endif
+
+    /* These are to keep track of connecting sockets */
+#if PJ_HAS_TCP
     unsigned          event_count;
     HANDLE            event_pool[MAXIMUM_WAIT_OBJECTS+1];
-#if PJ_HAS_TCP
     unsigned          connecting_count;
     HANDLE            connecting_handles[MAXIMUM_WAIT_OBJECTS+1];
@@ -280 +297 @@
 {
     pj_ioqueue_t *ioqueue;
+    unsigned i;
     pj_status_t rc;
 
@@ -291 +309 @@
                      sizeof(union operation_key), PJ_EBUG);
 
+    /* Create IOCP */
     ioqueue = pj_pool_zalloc(pool, sizeof(*ioqueue));
     ioqueue->iocp = CreateIoCompletionPort(INVALID_HANDLE_VALUE, NULL, 0, 0);
@@ -296 +315 @@
         return PJ_RETURN_OS_ERROR(GetLastError());
 
+    /* Create IOCP mutex */
     rc = pj_lock_create_simple_mutex(pool, NULL, &ioqueue->lock);
     if (rc != PJ_SUCCESS) {
@@ -304 +324 @@
     ioqueue->auto_delete_lock = PJ_TRUE;
 
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /*
+     * Create and initialize key pools.
+     */
+    pj_list_init(&ioqueue->active_list);
+    pj_list_init(&ioqueue->free_list);
+    pj_list_init(&ioqueue->closing_list);
+
+    /* Preallocate keys according to max_fd setting, and put them
+     * in free_list.
+     */
+    for (i=0; i<max_fd; ++i) {
+        pj_ioqueue_key_t *key;
+
+        key = pj_pool_alloc(pool, sizeof(pj_ioqueue_key_t));
+
+        rc = pj_atomic_create(pool, 0, &key->ref_count);
+        if (rc != PJ_SUCCESS) {
+            key = ioqueue->free_list.next;
+            while (key != &ioqueue->free_list) {
+                pj_atomic_destroy(key->ref_count);
+                key = key->next;
+            }
+            CloseHandle(ioqueue->iocp);
+            return rc;
+        }
+
+        pj_list_push_back(&ioqueue->free_list, key);
+
+    }
+#endif
+
     *p_ioqueue = ioqueue;
 
@@ -316 +368 @@
 {
     unsigned i;
+    pj_ioqueue_key_t *key;
 
     PJ_CHECK_STACK();
     PJ_ASSERT_RETURN(ioqueue, PJ_EINVAL);
 
+    pj_lock_acquire(ioqueue->lock);
+
+#if PJ_HAS_TCP
     /* Destroy events in the pool */
     for (i=0; i<ioqueue->event_count; ++i) {
@@ -325 +381 @@
     }
     ioqueue->event_count = 0;
+#endif
 
     if (CloseHandle(ioqueue->iocp) != TRUE)
         return PJ_RETURN_OS_ERROR(GetLastError());
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Destroy reference counters */
+    key = ioqueue->active_list.next;
+    while (key != &ioqueue->active_list) {
+        pj_atomic_destroy(key->ref_count);
+        key = key->next;
+    }
+
+    key = ioqueue->closing_list.next;
+    while (key != &ioqueue->closing_list) {
+        pj_atomic_destroy(key->ref_count);
+        key = key->next;
+    }
+
+    key = ioqueue->free_list.next;
+    while (key != &ioqueue->free_list) {
+        pj_atomic_destroy(key->ref_count);
+        key = key->next;
+    }
+#endif
 
     if (ioqueue->auto_delete_lock)
@@ -371 +449 @@
     PJ_ASSERT_RETURN(pool && ioqueue && cb && key, PJ_EINVAL);
 
+    pj_lock_acquire(ioqueue->lock);
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* If safe unregistration is used, then get the key record from
+     * the free list.
+     */
+    if (pj_list_empty(&ioqueue->free_list)) {
+        pj_lock_release(ioqueue->lock);
+        return PJ_ETOOMANY;
+    }
+
+    rec = ioqueue->free_list.next;
+    pj_list_erase(rec);
+
+    /* Set initial reference count to 1 */
+    pj_assert(pj_atomic_get(rec->ref_count) == 0);
+    pj_atomic_inc(rec->ref_count);
+
+    rec->closing = 0;
+
+#else
+    rec = pj_pool_zalloc(pool, sizeof(pj_ioqueue_key_t));
+#endif
+
     /* Build the key for this socket. */
-    rec = pj_pool_zalloc(pool, sizeof(pj_ioqueue_key_t));
     rec->ioqueue = ioqueue;
     rec->hnd = (HANDLE)sock;
@@ -379 +480 @@
     pj_memcpy(&rec->cb, cb, sizeof(pj_ioqueue_callback));
 
+#if PJ_HAS_TCP
+    rec->connecting = 0;
+#endif
+
     /* Set socket to nonblocking. */
     value = 1;
     rc = ioctlsocket(sock, FIONBIO, &value);
     if (rc != 0) {
+        pj_lock_release(ioqueue->lock);
         return PJ_RETURN_OS_ERROR(WSAGetLastError());
     }
@@ -389 +495 @@
     hioq = CreateIoCompletionPort((HANDLE)sock, ioqueue->iocp, (DWORD)rec, 0);
     if (!hioq) {
+        pj_lock_release(ioqueue->lock);
         return PJ_RETURN_OS_ERROR(GetLastError());
     }
 
     *key = rec;
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    pj_list_push_back(&ioqueue->active_list, rec);
+#endif
+
+    pj_lock_release(ioqueue->lock);
+
     return PJ_SUCCESS;
 }
@@ -423 +537 @@
 
 
-
-/*
- * Internal function to poll the I/O Completion Port, execute callback, 
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+/* Decrement the key's reference counter, and when the counter reach zero,
+ * destroy the key.
+ */
+static void decrement_counter(pj_ioqueue_key_t *key)
+{
+    if (pj_atomic_dec_and_get(key->ref_count) == 0) {
+
+        pj_lock_acquire(key->ioqueue->lock);
+
+        pj_assert(key->closing == 1);
+        pj_gettimeofday(&key->free_time);
+        key->free_time.msec += PJ_IOQUEUE_KEY_FREE_DELAY;
+        pj_time_val_normalize(&key->free_time);
+
+        pj_list_erase(key);
+        pj_list_push_back(&key->ioqueue->closing_list, key);
+
+        pj_lock_release(key->ioqueue->lock);
+    }
+}
+#endif
+
+/*
+ * Poll the I/O Completion Port, execute callback, 
  * and return the key and bytes transfered of the last operation.
  */
@@ -458 +594 @@
             *p_key = key;
 
-        /* If size_status is POST_QUIT_LEN, mark the key as quitting */
-        if (size_status == POST_QUIT_LEN) {
-            key->has_quit_signal = 1;
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+        /* We shouldn't call callbacks if key is quitting. */
+        if (key->closing)
             return PJ_TRUE;
-        }
-
-        /* We shouldn't call callbacks if key is quitting. 
-         * But this should have been taken care by unregister function
-         * (the unregister function should have cleared out the callbacks)
+
+        /* Increment reference counter to prevent this key from being
+         * deleted
          */
+        pj_atomic_inc(key->ref_count);
+#endif
 
         /* Carry out the callback */
@@ -505 +641 @@
             break;
         }
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+        decrement_counter(key);
+#endif
+
         return PJ_TRUE;
     }
@@ -517 +658 @@
 PJ_DEF(pj_status_t) pj_ioqueue_unregister( pj_ioqueue_key_t *key )
 {
-    pj_ssize_t polled_len;
-    pj_ioqueue_key_t *polled_key;
-    generic_overlapped ov;
-    BOOL rc;
-
     PJ_ASSERT_RETURN(key, PJ_EINVAL);
 
@@ -543 +679 @@
     }
 #endif
-
-
-    /* Unregistering handle from IOCP is pretty tricky.
-     *
-     * Even after the socket has been closed, GetQueuedCompletionStatus
-     * may still return events for the handle. This will likely to
-     * cause crash in pjlib, because the key associated with the handle
-     * most likely will have been destroyed.
-     *
-     * The solution is to poll the IOCP until we're sure that there are
-     * no further events for the handle.
-     */
-
-    /* Clear up callbacks for the key. 
-     * We don't want the callback to be called for this key.
-     */
+    
+    /* Close handle (the only way to disassociate handle from IOCP). 
+     * We also need to close handle to make sure that no further events
+     * will come to the handle.
+     */
+    CloseHandle(key->hnd);
+
+    /* Reset callbacks */
+    key->cb.on_accept_complete = NULL;
+    key->cb.on_connect_complete = NULL;
     key->cb.on_read_complete = NULL;
     key->cb.on_write_complete = NULL;
-    key->cb.on_accept_complete = NULL;
-    key->cb.on_connect_complete = NULL;
-
-    /* Init overlapped struct */
-    pj_memset(&ov, 0, sizeof(ov));
-    ov.operation = PJ_IOQUEUE_OP_READ;
-
-    /* Post queued completion status with a special length. */
-    rc = PostQueuedCompletionStatus( key->ioqueue->iocp, (DWORD)POST_QUIT_LEN,
-                                     (DWORD)key, &ov.overlapped);
-
-    /* Poll IOCP until has_quit_signal is set in the key.
-     * The has_quit_signal flag is set in poll_iocp() when POST_QUIT_LEN
-     * is detected. We need to have this flag because POST_QUIT_LEN may be
-     * detected by other threads.
-     */
-    do {
-        polled_len = 0;
-        polled_key = NULL;
-
-        rc = poll_iocp(key->ioqueue->iocp, 0, &polled_len, &polled_key);
-
-    } while (rc && !key->has_quit_signal);
-
-
-    /* Close handle if this is a file. */
-    if (key->hnd_type == HND_IS_FILE) {
-        CloseHandle(key->hnd);
-    }
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Mark key as closing. */
+    key->closing = 1;
+
+    /* Decrement reference counter. */
+    decrement_counter(key);
+
+    /* Even after handle is closed, I suspect that IOCP may still try to
+     * do something with the handle, causing memory corruption when pool
+     * debugging is enabled.
+     *
+     * Forcing context switch seems to have fixed that, but this is quite
+     * an ugly solution..
+     */
+    pj_thread_sleep(0);
+#endif
 
     return PJ_SUCCESS;
@@ -603 +721 @@
     DWORD dwMsec;
     int connect_count = 0;
-    pj_bool_t has_event;
+    int event_count = 0;
 
     PJ_ASSERT_RETURN(ioqueue, -PJ_EINVAL);
-
-    /* Check the connecting array. */
-#if PJ_HAS_TCP
-    connect_count = check_connecting(ioqueue);
-#endif
 
     /* Calculate miliseconds timeout for GetQueuedCompletionStatus */
@@ -616 +729 @@
 
     /* Poll for completion status. */
-    has_event = poll_iocp(ioqueue->iocp, dwMsec, NULL, NULL);
+    event_count = poll_iocp(ioqueue->iocp, dwMsec, NULL, NULL);
+
+#if PJ_HAS_TCP
+    /* Check the connecting array, only when there's no activity. */
+    if (event_count == 0) {
+        connect_count = check_connecting(ioqueue);
+        if (connect_count > 0)
+            event_count += connect_count;
+    }
+#endif
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Check the closing keys only when there's no activity and when there are
+     * pending closing keys.
+     */
+    if (event_count == 0 && !pj_list_empty(&ioqueue->closing_list)) {
+        pj_time_val now;
+        pj_ioqueue_key_t *key;
+
+        pj_gettimeofday(&now);
+        
+        /* Move closing keys to free list when they've finished the closing
+         * idle time.
+         */
+        pj_lock_acquire(ioqueue->lock);
+        key = ioqueue->closing_list.next;
+        while (key != &ioqueue->closing_list) {
+            pj_ioqueue_key_t *next = key->next;
+
+            pj_assert(key->closing != 0);
+
+            if (PJ_TIME_VAL_GTE(now, key->free_time)) {
+                pj_list_erase(key);
+                pj_list_push_back(&ioqueue->free_list, key);
+            }
+            key = next;
+        }
+        pj_lock_release(ioqueue->lock);
+    }
+#endif
 
     /* Return number of events. */
-    return connect_count + has_event;
+    return event_count;
 }
 
@@ -645 +797 @@
     PJ_CHECK_STACK();
     PJ_ASSERT_RETURN(key && op_key && buffer && length, PJ_EINVAL);
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Check key is not closing */
+    if (key->closing)
+        return PJ_ECANCELLED;
+#endif
 
     op_key_rec = (union operation_key*)op_key->internal__;
@@ -716 +874 @@
     PJ_ASSERT_RETURN(key && op_key && buffer, PJ_EINVAL);
 
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Check key is not closing */
+    if (key->closing)
+        return PJ_ECANCELLED;
+#endif
+
     op_key_rec = (union operation_key*)op_key->internal__;
     op_key_rec->overlapped.wsabuf.buf = buffer;
@@ -800 +964 @@
     PJ_CHECK_STACK();
     PJ_ASSERT_RETURN(key && op_key && data, PJ_EINVAL);
-    
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Check key is not closing */
+    if (key->closing)
+        return PJ_ECANCELLED;
+#endif
+
     op_key_rec = (union operation_key*)op_key->internal__;
 
@@ -873 +1043 @@
     PJ_ASSERT_RETURN(key && op_key && new_sock, PJ_EINVAL);
 
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Check key is not closing */
+    if (key->closing)
+        return PJ_ECANCELLED;
+#endif
+
     /*
      * See if there is a new connection immediately available.
@@ -962 +1138 @@
     PJ_CHECK_STACK();
     PJ_ASSERT_RETURN(key && addr && addrlen, PJ_EINVAL);
+
+#if PJ_IOQUEUE_HAS_SAFE_UNREG
+    /* Check key is not closing */
+    if (key->closing)
+        return PJ_ECANCELLED;
+#endif
 
     /* Initiate connect() */