From 9a3e52e3465f85d203d0fd2910ca3625b3c45420 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 25 Sep 2018 10:15:06 +0200 Subject: [PATCH 1/3] monitor: guard iothread access by mon->use_io_thread monitor_resume() and monitor_suspend() both want to "kick" the I/O thread if it is there, but in monitor_suspend() lacked the use_io_thread flag condition. This is required when we later only spawn the thread on first use. Signed-off-by: Wolfgang Bumiller Reviewed-by: Eric Blake Reviewed-by: Peter Xu Message-Id: <20180925081507.11873-2-w.bumiller@proxmox.com> Signed-off-by: Markus Armbruster --- monitor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monitor.c b/monitor.c index 823b5a1099..66f149c1dc 100644 --- a/monitor.c +++ b/monitor.c @@ -4292,7 +4292,7 @@ int monitor_suspend(Monitor *mon) atomic_inc(&mon->suspend_cnt); - if (monitor_is_qmp(mon)) { + if (monitor_is_qmp(mon) && mon->use_io_thread) { /* * Kick I/O thread to make sure this takes effect. It'll be * evaluated again in prepare() of the watch object. From 8511770185f5769d06e7c3e37b2fd79f268cf84c Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Tue, 25 Sep 2018 10:15:07 +0200 Subject: [PATCH 2/3] monitor: delay monitor iothread creation Commit d32749deb615 moved the call to monitor_init_globals() to before os_daemonize(), making it an unsuitable place to spawn the monitor iothread as it won't be inherited over the fork() in os_daemonize(). We now spawn the thread the first time we instantiate a monitor which actually has use_io_thread == true. Instantiation of monitors happens only after os_daemonize(). We still need to create the qmp_dispatcher_bh when not using iothreads, so this now still happens in monitor_init_globals(). Signed-off-by: Wolfgang Bumiller Fixes: d32749deb615 ("monitor: move init global earlier") Message-Id: <20180925081507.11873-3-w.bumiller@proxmox.com> Reviewed-by: Eric Blake Reviewed-by: Peter Xu Tested-by: Peter Xu [This fixes a crash on shutdown with --daemonize] Signed-off-by: Markus Armbruster --- monitor.c | 35 +++++++++++++++++++++-------------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/monitor.c b/monitor.c index 66f149c1dc..d39390c2f2 100644 --- a/monitor.c +++ b/monitor.c @@ -708,9 +708,14 @@ static void monitor_qapi_event_init(void) static void handle_hmp_command(Monitor *mon, const char *cmdline); +static void monitor_iothread_init(void); + static void monitor_data_init(Monitor *mon, bool skip_flush, bool use_io_thread) { + if (use_io_thread && !mon_iothread) { + monitor_iothread_init(); + } memset(mon, 0, sizeof(Monitor)); qemu_mutex_init(&mon->mon_lock); qemu_mutex_init(&mon->qmp.qmp_queue_lock); @@ -4461,15 +4466,6 @@ static AioContext *monitor_get_aio_context(void) static void monitor_iothread_init(void) { mon_iothread = iothread_create("mon_iothread", &error_abort); - - /* - * The dispatcher BH must run in the main loop thread, since we - * have commands assuming that context. It would be nice to get - * rid of those assumptions. - */ - qmp_dispatcher_bh = aio_bh_new(iohandler_get_aio_context(), - monitor_qmp_bh_dispatcher, - NULL); } void monitor_init_globals(void) @@ -4479,7 +4475,15 @@ void monitor_init_globals(void) sortcmdlist(); qemu_mutex_init(&monitor_lock); qemu_mutex_init(&mon_fdsets_lock); - monitor_iothread_init(); + + /* + * The dispatcher BH must run in the main loop thread, since we + * have commands assuming that context. It would be nice to get + * rid of those assumptions. + */ + qmp_dispatcher_bh = aio_bh_new(iohandler_get_aio_context(), + monitor_qmp_bh_dispatcher, + NULL); } /* These functions just adapt the readline interface in a typesafe way. We @@ -4624,7 +4628,9 @@ void monitor_cleanup(void) * we need to unregister from chardev below in * monitor_data_destroy(), and chardev is not thread-safe yet */ - iothread_stop(mon_iothread); + if (mon_iothread) { + iothread_stop(mon_iothread); + } /* Flush output buffers and destroy monitors */ qemu_mutex_lock(&monitor_lock); @@ -4639,9 +4645,10 @@ void monitor_cleanup(void) /* QEMUBHs needs to be deleted before destroying the I/O thread */ qemu_bh_delete(qmp_dispatcher_bh); qmp_dispatcher_bh = NULL; - - iothread_destroy(mon_iothread); - mon_iothread = NULL; + if (mon_iothread) { + iothread_destroy(mon_iothread); + mon_iothread = NULL; + } } QemuOptsList qemu_mon_opts = { From 0c57893d62596d1d91779452be3b38b4b72ecd04 Mon Sep 17 00:00:00 2001 From: Eric Blake Date: Tue, 23 Oct 2018 22:35:59 +0100 Subject: [PATCH 3/3] vl: Avoid crash when -mon is underspecified MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit A quick coredump on an incomplete command line: ./x86_64-softmmu/qemu-system-x86_64 -mon mode=control,pretty=on #0 0x00007ffff723d9e4 in g_str_hash () at /lib64/libglib-2.0.so.0 #1 0x00007ffff723ce38 in g_hash_table_lookup () at /lib64/libglib-2.0.so.0 #2 0x0000555555cc0073 in object_class_property_find (klass=0x5555566a94b0, name=0x0, errp=0x0) at qom/object.c:1135 #3 0x0000555555cc004b in object_class_property_find (klass=0x5555566a9440, name=0x0, errp=0x0) at qom/object.c:1129 #4 0x0000555555cbfe6e in object_property_find (obj=0x5555568348c0, name=0x0, errp=0x0) at qom/object.c:1080 #5 0x0000555555cc183d in object_resolve_path_component (parent=0x5555568348c0, part=0x0) at qom/object.c:1762 #6 0x0000555555d82071 in qemu_chr_find (name=0x0) at chardev/char.c:802 #7 0x00005555559d77cb in mon_init_func (opaque=0x0, opts=0x5555566b65a0, errp=0x0) at vl.c:2291 Fix it to instead fail gracefully. Signed-off-by: Eric Blake Message-Id: <20181023213600.364086-1-eblake@redhat.com> Reviewed-by: Paolo Bonzini Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Peter Xu Signed-off-by: Markus Armbruster --- vl.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vl.c b/vl.c index 03ed215d7b..55bab005b6 100644 --- a/vl.c +++ b/vl.c @@ -2323,6 +2323,10 @@ static int mon_init_func(void *opaque, QemuOpts *opts, Error **errp) } chardev = qemu_opt_get(opts, "chardev"); + if (!chardev) { + error_report("chardev is required"); + exit(1); + } chr = qemu_chr_find(chardev); if (chr == NULL) { error_setg(errp, "chardev \"%s\" not found", chardev);