A bug of Monitor Chardev ?

Mon, 17 May 2021 00:10:50 -0700 

We find a race during QEMU starting, which would case the QEMU process coredump.

<main loop>                             |    <MON iothread>
                                        |
[1] create MON chardev                  |
qemu_create_early_backends              |
  chardev_init_func                     |
                                        |
[2] create MON iothread                 |
qemu_create_late_backends               |
  mon_init_func                         |
        aio_bh_schedule-----------------------> monitor_qmp_setup_handlers_bh
[3] enter main loog                     |    tcp_chr_update_read_handler
(* A client come in, e.g. Libvirt *)    |      update_ioc_handlers
tcp_chr_new_client                      |
  update_ioc_handlers                   |
                                        |
    [4] create new hup_source           |
        s->hup_source = *PTR1*          |
          g_source_attach(s->hup_source)|
                                        |        [5] remove_hup_source(*PTR1*)
                                        |            (create new hup_source)
                                        |             s->hup_source = *PTR2*
        [6] g_source_attach_unlocked    |
              *PTR1* is freed by [5]    |
                        
Do you have any suggestion to fix this bug ? Thanks!
  • A bug of Monit... Longpeng (Mike, Cloud Infrastructure Service Product Dept.)
    • Re: A bug... Marc-André Lureau
      • Re: A... Daniel P . Berrangé
        • R... Markus Armbruster
          • ... Peter Xu
            • ... Daniel P . Berrangé
              • ... Daniel P . Berrangé
                • ... Marc-André Lureau
                • ... Daniel P . Berrangé
                • ... Peter Xu
                • ... Longpeng (Mike, Cloud Infrastructure Service Product Dept.)

Reply via email to