mirror of
https://github.com/qemu/qemu.git
synced 2024-11-23 19:03:38 +08:00
e0bf95443e
This reverts commit2b316774f6
. After038b421788
("Revert "chardev: use a child source for qio input source"") we've been observing the "iwp->src == NULL" assertion triggering periodically during the initial capabilities querying by libvirtd. One of possible backtraces: Thread 1 (Thread 0x7f16cd4f0700 (LWP 43858)): 0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 1 0x00007f16c6c21e65 in __GI_abort () at abort.c:79 2 0x00007f16c6c21d39 in __assert_fail_base at assert.c:92 3 0x00007f16c6c46e86 in __GI___assert_fail (assertion=assertion@entry=0x562e9bcdaadd "iwp->src == NULL", file=file@entry=0x562e9bcdaac8 "../chardev/char-io.c", line=line@entry=99, function=function@entry=0x562e9bcdab10 <__PRETTY_FUNCTION__.20549> "io_watch_poll_finalize") at assert.c:101 4 0x0000562e9ba20c2c in io_watch_poll_finalize (source=<optimized out>) at ../chardev/char-io.c:99 5 io_watch_poll_finalize (source=<optimized out>) at ../chardev/char-io.c:88 6 0x00007f16c904aae0 in g_source_unref_internal () from /lib64/libglib-2.0.so.0 7 0x00007f16c904baf9 in g_source_destroy_internal () from /lib64/libglib-2.0.so.0 8 0x0000562e9ba20db0 in io_remove_watch_poll (source=0x562e9d6720b0) at ../chardev/char-io.c:147 9 remove_fd_in_watch (chr=chr@entry=0x562e9d5f3800) at ../chardev/char-io.c:153 10 0x0000562e9ba23ffb in update_ioc_handlers (s=0x562e9d5f3800) at ../chardev/char-socket.c:592 11 0x0000562e9ba2072f in qemu_chr_fe_set_handlers_full at ../chardev/char-fe.c:279 12 0x0000562e9ba207a9 in qemu_chr_fe_set_handlers at ../chardev/char-fe.c:304 13 0x0000562e9ba2ca75 in monitor_qmp_setup_handlers_bh (opaque=0x562e9d4c2c60) at ../monitor/qmp.c:509 14 0x0000562e9bb6222e in aio_bh_poll (ctx=ctx@entry=0x562e9d4c2f20) at ../util/async.c:216 15 0x0000562e9bb4de0a in aio_poll (ctx=0x562e9d4c2f20, blocking=blocking@entry=true) at ../util/aio-posix.c:722 16 0x0000562e9b99dfaa in iothread_run (opaque=0x562e9d4c26f0) at ../iothread.c:63 17 0x0000562e9bb505a4 in qemu_thread_start (args=0x562e9d4c7ea0) at ../util/qemu-thread-posix.c:543 18 0x00007f16c70081ca in start_thread (arg=<optimized out>) at pthread_create.c:479 19 0x00007f16c6c398d3 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 io_remove_watch_poll(), which makes sure that iwp->src is NULL, calls g_source_destroy() which finds that iwp->src is not NULL in the finalize callback. This can only happen if another thread has managed to trigger io_watch_poll_prepare() callback in the meantime. Move iwp->src destruction back to the finalize callback to prevent the described race, and also remove the stale comment. The deadlock glib bug was fixed back in 2010 by b35820285668 ("gmain: move finalization of GSource outside of context lock"). Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Sergey Dyasli <sergey.dyasli@nutanix.com> Link: https://lore.kernel.org/r/20240712092659.216206-1-sergey.dyasli@nutanix.com Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
185 lines
5.3 KiB
C
185 lines
5.3 KiB
C
/*
|
|
* QEMU System Emulator
|
|
*
|
|
* Copyright (c) 2003-2008 Fabrice Bellard
|
|
*
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
* in the Software without restriction, including without limitation the rights
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
* furnished to do so, subject to the following conditions:
|
|
*
|
|
* The above copyright notice and this permission notice shall be included in
|
|
* all copies or substantial portions of the Software.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
* THE SOFTWARE.
|
|
*/
|
|
#include "qemu/osdep.h"
|
|
#include "chardev/char-io.h"
|
|
|
|
typedef struct IOWatchPoll {
|
|
GSource parent;
|
|
|
|
QIOChannel *ioc;
|
|
GSource *src;
|
|
|
|
IOCanReadHandler *fd_can_read;
|
|
GSourceFunc fd_read;
|
|
void *opaque;
|
|
GMainContext *context;
|
|
} IOWatchPoll;
|
|
|
|
static IOWatchPoll *io_watch_poll_from_source(GSource *source)
|
|
{
|
|
return container_of(source, IOWatchPoll, parent);
|
|
}
|
|
|
|
static gboolean io_watch_poll_prepare(GSource *source,
|
|
gint *timeout)
|
|
{
|
|
IOWatchPoll *iwp = io_watch_poll_from_source(source);
|
|
bool now_active = iwp->fd_can_read(iwp->opaque) > 0;
|
|
bool was_active = iwp->src != NULL;
|
|
if (was_active == now_active) {
|
|
return FALSE;
|
|
}
|
|
|
|
/*
|
|
* We do not register the QIOChannel watch as a child GSource.
|
|
* The 'prepare' function on the parent GSource will be
|
|
* skipped if a child GSource's 'prepare' function indicates
|
|
* readiness. We need this prepare function be guaranteed
|
|
* to run on *every* iteration of the main loop, because
|
|
* it is critical to ensure we remove the QIOChannel watch
|
|
* if 'fd_can_read' indicates the frontend cannot receive
|
|
* more data.
|
|
*/
|
|
if (now_active) {
|
|
iwp->src = qio_channel_create_watch(
|
|
iwp->ioc, G_IO_IN | G_IO_ERR | G_IO_HUP | G_IO_NVAL);
|
|
g_source_set_callback(iwp->src, iwp->fd_read, iwp->opaque, NULL);
|
|
g_source_attach(iwp->src, iwp->context);
|
|
} else {
|
|
g_source_destroy(iwp->src);
|
|
g_source_unref(iwp->src);
|
|
iwp->src = NULL;
|
|
}
|
|
return FALSE;
|
|
}
|
|
|
|
static gboolean io_watch_poll_check(GSource *source)
|
|
{
|
|
return FALSE;
|
|
}
|
|
|
|
static gboolean io_watch_poll_dispatch(GSource *source, GSourceFunc callback,
|
|
gpointer user_data)
|
|
{
|
|
abort();
|
|
}
|
|
|
|
static void io_watch_poll_finalize(GSource *source)
|
|
{
|
|
IOWatchPoll *iwp = io_watch_poll_from_source(source);
|
|
if (iwp->src) {
|
|
g_source_destroy(iwp->src);
|
|
g_source_unref(iwp->src);
|
|
iwp->src = NULL;
|
|
}
|
|
}
|
|
|
|
static GSourceFuncs io_watch_poll_funcs = {
|
|
.prepare = io_watch_poll_prepare,
|
|
.check = io_watch_poll_check,
|
|
.dispatch = io_watch_poll_dispatch,
|
|
.finalize = io_watch_poll_finalize,
|
|
};
|
|
|
|
GSource *io_add_watch_poll(Chardev *chr,
|
|
QIOChannel *ioc,
|
|
IOCanReadHandler *fd_can_read,
|
|
QIOChannelFunc fd_read,
|
|
gpointer user_data,
|
|
GMainContext *context)
|
|
{
|
|
IOWatchPoll *iwp;
|
|
char *name;
|
|
|
|
iwp = (IOWatchPoll *) g_source_new(&io_watch_poll_funcs,
|
|
sizeof(IOWatchPoll));
|
|
iwp->fd_can_read = fd_can_read;
|
|
iwp->opaque = user_data;
|
|
iwp->ioc = ioc;
|
|
iwp->fd_read = (GSourceFunc) fd_read;
|
|
iwp->src = NULL;
|
|
iwp->context = context;
|
|
|
|
name = g_strdup_printf("chardev-iowatch-%s", chr->label);
|
|
g_source_set_name((GSource *)iwp, name);
|
|
g_free(name);
|
|
|
|
g_source_attach(&iwp->parent, context);
|
|
g_source_unref(&iwp->parent);
|
|
return (GSource *)iwp;
|
|
}
|
|
|
|
static void io_remove_watch_poll(GSource *source)
|
|
{
|
|
IOWatchPoll *iwp;
|
|
|
|
iwp = io_watch_poll_from_source(source);
|
|
g_source_destroy(&iwp->parent);
|
|
}
|
|
|
|
void remove_fd_in_watch(Chardev *chr)
|
|
{
|
|
if (chr->gsource) {
|
|
io_remove_watch_poll(chr->gsource);
|
|
chr->gsource = NULL;
|
|
}
|
|
}
|
|
|
|
int io_channel_send_full(QIOChannel *ioc,
|
|
const void *buf, size_t len,
|
|
int *fds, size_t nfds)
|
|
{
|
|
size_t offset = 0;
|
|
|
|
while (offset < len) {
|
|
ssize_t ret = 0;
|
|
struct iovec iov = { .iov_base = (char *)buf + offset,
|
|
.iov_len = len - offset };
|
|
|
|
ret = qio_channel_writev_full(
|
|
ioc, &iov, 1,
|
|
fds, nfds, 0, NULL);
|
|
if (ret == QIO_CHANNEL_ERR_BLOCK) {
|
|
if (offset) {
|
|
return offset;
|
|
}
|
|
|
|
errno = EAGAIN;
|
|
return -1;
|
|
} else if (ret < 0) {
|
|
errno = EINVAL;
|
|
return -1;
|
|
}
|
|
|
|
offset += ret;
|
|
}
|
|
|
|
return offset;
|
|
}
|
|
|
|
int io_channel_send(QIOChannel *ioc, const void *buf, size_t len)
|
|
{
|
|
return io_channel_send_full(ioc, buf, len, NULL, 0);
|
|
}
|