Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Admin port: No synchronisation in NetworkAdminConsole which may be called from any thread #9388

Closed
JGRennison opened this issue Jun 19, 2021 · 1 comment · Fixed by #9456
Closed

Admin port: No synchronisation in NetworkAdminConsole which may be called from any thread #9388

JGRennison opened this issue Jun 19, 2021 · 1 comment · Fixed by #9456
Milestone
12.0

Comments

@JGRennison
Copy link
Contributor

Version of OpenTTD

master

Expected result

No thread safety issues.

Actual result

NetworkAdminConsole may be called at any time from any thread via the Debug macro.
This iterates ServerNetworkAdminSocketHandler instances and calls ServerNetworkAdminSocketHandler::SendConsole as required without performing any synchronisation.
Iterating ServerNetworkAdminSocketHandler whilst it is being modified could theoretically result in unwanted behaviour.
Concurrent calls to Packet::AddToQueue, or concurrent calls to Packet::AddToQueue and Packet::PopFromQueue, could theoretically result in a malformed packet queue.

I noticed this issue because I received a crash report where the above issue was triggered by debug messages logged from the UDP advertisement thread.
JGRennison added a commit to JGRennison/OpenTTD-patches that referenced this issue Jun 20, 2021
@JGRennison
Fix thread safety issues in network admin socket console logging
ad15d4f 
See: OpenTTD/OpenTTD#9388
@rubidium42
Copy link
Contributor

I think the issue is bigger than what you have fixed in your patch. Under the assumption that _settings_client.gui.developer >= 2 IConsolePrint gets called which might also call NetworkServerSendRcon and NetworkServerSendAdminRcon.

Similarly send(_debug_socket... in DebugPrint might be prone to the same issue, although that would be more "unintended" behaviour: 'send should not be called on the same stream-oriented socket concurrently from different threads, because some Winsock providers may split a large send request into multiple transmissions, and this may lead to unintended data interleaving from multiple concurrent send requests on the same stream-oriented socket' (winsock2 send() documentation). That might be solved easily with a guard in the actual function.

I am wondering what the effect would be of just queueing those debug messages after fputs, and then pushing them to the admins and in-game console from the "safe" thread. In really spammy debug sessions that might create quite a queue in-memory, so we ought to employ a similar check to whether to queue you have added.
That would also have the added benefit of not accidentally passing debug prints as replies to RCons.

rubidium42 added a commit to rubidium42/OpenTTD that referenced this issue Jul 23, 2021
@rubidium42
Fix OpenTTD#9388: thread unsafe use of NetworkAdminConsole/IConsolePrint
6ada903
@rubidium42 rubidium42 mentioned this issue Jul 23, 2021
Merged
rubidium42 added a commit to rubidium42/OpenTTD that referenced this issue Jul 23, 2021
@rubidium42
Fix OpenTTD#9388: thread unsafe use of NetworkAdminConsole/IConsolePrint
d7a0e80
@TrueBrain TrueBrain added this to the 1.12 milestone Aug 14, 2021
rubidium42 added a commit that referenced this issue Sep 1, 2021
@rubidium42
Fix #9388: thread unsafe use of NetworkAdminConsole/IConsolePrint
92559e6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
12.0
Development

Successfully merging a pull request may close this issue.

Fix #9388: thread unsafe use of NetworkAdminConsole/IConsolePrint rubidium42/OpenTTD
3 participants
@TrueBrain @JGRennison @rubidium42