Public bug reported:
If an event is emitted during monitor_flush_locked() it will deadlock.
Thread 1 (Thread 0x7f14f1854000 (LWP 7245)):
#0 0x00007f14fc30592d in __lll_lock_wait () at /lib64/libpthread.so.0
#1 0x00007f14fc2fedc9 in pthread_mutex_lock () at /lib64/libpthread.so.0
#2 0x000055de60e19327 in qemu_mutex_lock_impl (mutex=0x55de61859e58,
file=0x55de60f1a640 "/home/elmarco/src/qq/monitor.c", line=438) at
/home/elmarco/src/qq/util/qemu-thread-posix.c:66
#3 0x000055de6085c5af in monitor_puts (mon=0x55de61859d30, str=0x55de62a61d30
"{\"timestamp\": {\"seconds\": 1559585795, \"microseconds\": 508720},
\"event\": \"SPICE_DISCONNECTED\", \"data\": {\"server\": {\"port\":
\"/tmp/.9IW52Z/spice.sock\", \"family\": \"unix\", \"host\": \"localhost\"},
\"client\": {"...) at /home/elmarco/src/qq/monitor.c:438
#4 0x000055de6085c85a in qmp_send_response (mon=0x55de61859d30,
rsp=0x55de61ed19a0) at /home/elmarco/src/qq/monitor.c:493
#5 0x000055de6085c8ee in monitor_qapi_event_emit
(event=QAPI_EVENT_SPICE_DISCONNECTED, qdict=0x55de61ed19a0) at
/home/elmarco/src/qq/monitor.c:521
#6 0x000055de6085c9ea in monitor_qapi_event_queue_no_reenter
(event=QAPI_EVENT_SPICE_DISCONNECTED, qdict=0x55de61ed19a0) at
/home/elmarco/src/qq/monitor.c:546
#7 0x000055de6085cd7a in qapi_event_emit (event=QAPI_EVENT_SPICE_DISCONNECTED,
qdict=0x55de61ed19a0) at /home/elmarco/src/qq/monitor.c:621
#8 0x000055de60e04bc3 in qapi_event_send_spice_disconnected
(server=0x55de61ee7b30, client=0x55de620c9090) at qapi/qapi-events-ui.c:101
#9 0x000055de60c84381 in channel_event (event=3, info=0x55de6222f4c0) at
/home/elmarco/src/qq/ui/spice-core.c:234
#10 0x00007f14fc70ba3b in reds_handle_channel_event (reds=<optimized out>,
event=3, info=0x55de6222f4c0) at reds.c:318
#11 0x00007f14fc6f407b in main_dispatcher_self_handle_channel_event
(info=0x55de6222f4c0, event=3, self=0x55de61a5b0b0) at main-dispatcher.c:191
#12 0x00007f14fc6f407b in main_dispatcher_channel_event (self=0x55de61a5b0b0,
event=event@entry=3, info=0x55de6222f4c0) at main-dispatcher.c:191
#13 0x00007f14fc713cf3 in red_stream_push_channel_event
(s=s@entry=0x55de6222f400, event=event@entry=3) at red-stream.c:416
#14 0x00007f14fc713d2b in red_stream_free (s=0x55de6222f400) at red-stream.c:390
#15 0x00007f14fc6fa67c in red_channel_client_finalize (object=0x55de62511360)
at red-channel-client.c:347
#16 0x00007f14fe4cfcf0 in g_object_unref () at /lib64/libgobject-2.0.so.0
#17 0x00007f14fc6fca12 in red_channel_client_push (rcc=0x55de62511360) at
red-channel-client.c:1340
#18 0x00007f14fc6fca12 in red_channel_client_push (rcc=0x55de62511360) at
red-channel-client.c:1303
#19 0x00007f14fc6cd479 in red_char_device_send_msg_to_client (client=<optimized
out>, msg=0x55de62512c00, dev=0x55de61a5b3b0) at char-device.c:307
#20 0x00007f14fc6cd479 in red_char_device_send_msg_to_clients
(msg=0x55de62512c00, dev=0x55de61a5b3b0) at char-device.c:307
#21 0x00007f14fc6cd479 in red_char_device_read_from_device (dev=0x55de61a5b3b0)
at char-device.c:355
#22 0x000055de60a27dba in spice_chr_write (chr=0x55de61924c00,
buf=0x55de6236c070 "{\"return\": {}, \"id\": 2}\r\n", len=25) at
/home/elmarco/src/qq/chardev/spice.c:201
#23 0x000055de60d89e29 in qemu_chr_write_buffer (s=0x55de61924c00,
buf=0x55de6236c070 "{\"return\": {}, \"id\": 2}\r\n", len=25,
offset=0x7ffcd5e1a860, write_all=false) at
/home/elmarco/src/qq/chardev/char.c:113
#24 0x000055de60d89f96 in qemu_chr_write (s=0x55de61924c00, buf=0x55de6236c070
"{\"return\": {}, \"id\": 2}\r\n", len=25, write_all=false) at
/home/elmarco/src/qq/chardev/char.c:148
#25 0x000055de60d8cf78 in qemu_chr_fe_write (be=0x55de61859d30,
buf=0x55de6236c070 "{\"return\": {}, \"id\": 2}\r\n", len=25) at
/home/elmarco/src/qq/chardev/char-fe.c:42
#26 0x000055de6085c40f in monitor_flush_locked (mon=0x55de61859d30) at
/home/elmarco/src/qq/monitor.c:404
#27 0x000055de6085c614 in monitor_puts (mon=0x55de61859d30, str=0x55de622f6a40
"{\"return\": {}, \"id\": 2}\n") at /home/elmarco/src/qq/monitor.c:446
#28 0x000055de6085c85a in qmp_send_response (mon=0x55de61859d30,
rsp=0x55de61ecf960) at /home/elmarco/src/qq/monitor.c:493
#29 0x000055de60865902 in monitor_qmp_respond (mon=0x55de61859d30,
rsp=0x55de61ecf960) at /home/elmarco/src/qq/monitor.c:4128
#30 0x000055de60865a19 in monitor_qmp_dispatch (mon=0x55de61859d30,
req=0x55de622ec000) at /home/elmarco/src/qq/monitor.c:4157
#31 0x000055de60865ce2 in monitor_qmp_bh_dispatcher (data=0x0) at
/home/elmarco/src/qq/monitor.c:4224
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1831486
Title:
qmp monitor deadlock (with spice events for ex)
Status in QEMU:
New
Bug description:
If an event is emitted during monitor_flush_locked() it will deadlock.
Thread 1 (Thread 0x7f14f1854000 (LWP 7245)):
#0 0x00007f14fc30592d in __lll_lock_wait () at /lib64/libpthread.so.0
#1 0x00007f14fc2fedc9 in pthread_mutex_lock () at /lib64/libpthread.so.0
#2 0x000055de60e19327 in qemu_mutex_lock_impl (mutex=0x55de61859e58,
file=0x55de60f1a640 "/home/elmarco/src/qq/monitor.c", line=438) at
/home/elmarco/src/qq/util/qemu-thread-posix.c:66
#3 0x000055de6085c5af in monitor_puts (mon=0x55de61859d30,
str=0x55de62a61d30 "{\"timestamp\": {\"seconds\": 1559585795, \"microseconds\":
508720}, \"event\": \"SPICE_DISCONNECTED\", \"data\": {\"server\": {\"port\":
\"/tmp/.9IW52Z/spice.sock\", \"family\": \"unix\", \"host\": \"localhost\"},
\"client\": {"...) at /home/elmarco/src/qq/monitor.c:438
#4 0x000055de6085c85a in qmp_send_response (mon=0x55de61859d30,
rsp=0x55de61ed19a0) at /home/elmarco/src/qq/monitor.c:493
#5 0x000055de6085c8ee in monitor_qapi_event_emit
(event=QAPI_EVENT_SPICE_DISCONNECTED, qdict=0x55de61ed19a0) at
/home/elmarco/src/qq/monitor.c:521
#6 0x000055de6085c9ea in monitor_qapi_event_queue_no_reenter
(event=QAPI_EVENT_SPICE_DISCONNECTED, qdict=0x55de61ed19a0) at
/home/elmarco/src/qq/monitor.c:546
#7 0x000055de6085cd7a in qapi_event_emit
(event=QAPI_EVENT_SPICE_DISCONNECTED, qdict=0x55de61ed19a0) at
/home/elmarco/src/qq/monitor.c:621
#8 0x000055de60e04bc3 in qapi_event_send_spice_disconnected
(server=0x55de61ee7b30, client=0x55de620c9090) at qapi/qapi-events-ui.c:101
#9 0x000055de60c84381 in channel_event (event=3, info=0x55de6222f4c0) at
/home/elmarco/src/qq/ui/spice-core.c:234
#10 0x00007f14fc70ba3b in reds_handle_channel_event (reds=<optimized out>,
event=3, info=0x55de6222f4c0) at reds.c:318
#11 0x00007f14fc6f407b in main_dispatcher_self_handle_channel_event
(info=0x55de6222f4c0, event=3, self=0x55de61a5b0b0) at main-dispatcher.c:191
#12 0x00007f14fc6f407b in main_dispatcher_channel_event (self=0x55de61a5b0b0,
event=event@entry=3, info=0x55de6222f4c0) at main-dispatcher.c:191
#13 0x00007f14fc713cf3 in red_stream_push_channel_event
(s=s@entry=0x55de6222f400, event=event@entry=3) at red-stream.c:416
#14 0x00007f14fc713d2b in red_stream_free (s=0x55de6222f400) at
red-stream.c:390
#15 0x00007f14fc6fa67c in red_channel_client_finalize (object=0x55de62511360)
at red-channel-client.c:347
#16 0x00007f14fe4cfcf0 in g_object_unref () at /lib64/libgobject-2.0.so.0
#17 0x00007f14fc6fca12 in red_channel_client_push (rcc=0x55de62511360) at
red-channel-client.c:1340
#18 0x00007f14fc6fca12 in red_channel_client_push (rcc=0x55de62511360) at
red-channel-client.c:1303
#19 0x00007f14fc6cd479 in red_char_device_send_msg_to_client
(client=<optimized out>, msg=0x55de62512c00, dev=0x55de61a5b3b0) at
char-device.c:307
#20 0x00007f14fc6cd479 in red_char_device_send_msg_to_clients
(msg=0x55de62512c00, dev=0x55de61a5b3b0) at char-device.c:307
#21 0x00007f14fc6cd479 in red_char_device_read_from_device
(dev=0x55de61a5b3b0) at char-device.c:355
#22 0x000055de60a27dba in spice_chr_write (chr=0x55de61924c00,
buf=0x55de6236c070 "{\"return\": {}, \"id\": 2}\r\n", len=25) at
/home/elmarco/src/qq/chardev/spice.c:201
#23 0x000055de60d89e29 in qemu_chr_write_buffer (s=0x55de61924c00,
buf=0x55de6236c070 "{\"return\": {}, \"id\": 2}\r\n", len=25,
offset=0x7ffcd5e1a860, write_all=false) at
/home/elmarco/src/qq/chardev/char.c:113
#24 0x000055de60d89f96 in qemu_chr_write (s=0x55de61924c00,
buf=0x55de6236c070 "{\"return\": {}, \"id\": 2}\r\n", len=25, write_all=false)
at /home/elmarco/src/qq/chardev/char.c:148
#25 0x000055de60d8cf78 in qemu_chr_fe_write (be=0x55de61859d30,
buf=0x55de6236c070 "{\"return\": {}, \"id\": 2}\r\n", len=25) at
/home/elmarco/src/qq/chardev/char-fe.c:42
#26 0x000055de6085c40f in monitor_flush_locked (mon=0x55de61859d30) at
/home/elmarco/src/qq/monitor.c:404
#27 0x000055de6085c614 in monitor_puts (mon=0x55de61859d30,
str=0x55de622f6a40 "{\"return\": {}, \"id\": 2}\n") at
/home/elmarco/src/qq/monitor.c:446
#28 0x000055de6085c85a in qmp_send_response (mon=0x55de61859d30,
rsp=0x55de61ecf960) at /home/elmarco/src/qq/monitor.c:493
#29 0x000055de60865902 in monitor_qmp_respond (mon=0x55de61859d30,
rsp=0x55de61ecf960) at /home/elmarco/src/qq/monitor.c:4128
#30 0x000055de60865a19 in monitor_qmp_dispatch (mon=0x55de61859d30,
req=0x55de622ec000) at /home/elmarco/src/qq/monitor.c:4157
#31 0x000055de60865ce2 in monitor_qmp_bh_dispatcher (data=0x0) at
/home/elmarco/src/qq/monitor.c:4224
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1831486/+subscriptions
