[Qemu-commits] [qemu/qemu] 2ef457: monitor: fix crash when leaving qemu

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 2ef457: monitor: fix crash when leaving qemu

From:	GitHub
Subject:	[Qemu-commits] [qemu/qemu] 2ef457: monitor: fix crash when leaving qemu with spice au...
Date:	Mon, 08 Aug 2016 08:30:05 -0700

  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 2ef45716e1d4820f10a90ee2f17a9cb4fe5a8806
      
https://github.com/qemu/qemu/commit/2ef45716e1d4820f10a90ee2f17a9cb4fe5a8806
  Author: Marc-André Lureau <address@hidden>
  Date:   2016-08-08 (Mon, 08 Aug 2016)

  Changed paths:
    M include/monitor/monitor.h
    M monitor.c
    M vl.c

  Log Message:
  -----------
  monitor: fix crash when leaving qemu with spice audio

Since aa5cb7f5e, the chardevs are being cleaned up when leaving
qemu. However, the monitor has still references to them, which may
lead to crashes when running atexit() and trying to send monitor
events:

 #0  0x00007fffdb18f6f5 in __GI_raise (address@hidden) at 
../sysdeps/unix/sysv/linux/raise.c:54
 #1  0x00007fffdb1912fa in __GI_abort () at abort.c:89
 #2  0x0000555555c263e7 in error_exit (err=22, msg=0x555555d47980 
<__func__.13537> "qemu_mutex_lock") at util/qemu-thread-posix.c:39
 #3  0x0000555555c26488 in qemu_mutex_lock (mutex=0x5555567a2420) at 
util/qemu-thread-posix.c:66
 #4  0x00005555558c52db in qemu_chr_fe_write (s=0x5555567a2420, 
buf=0x55555740dc40 "{\"timestamp\": {\"seconds\": 1470041716, \"microseconds\": 
989699}, \"event\": \"SPICE_DISCONNECTED\", \"data\": {\"server\": {\"port\": 
\"5900\", \"family\": \"ipv4\", \"host\": \"127.0.0.1\"}, \"client\": 
{\"port\": \"40272\", \"f"..., len=240) at qemu-char.c:280
 #5  0x0000555555787cad in monitor_flush_locked (mon=0x5555567bd9e0) at 
/home/elmarco/src/qemu/monitor.c:311
 #6  0x0000555555787e46 in monitor_puts (mon=0x5555567bd9e0, str=0x5555567a44ef 
"") at /home/elmarco/src/qemu/monitor.c:353
 #7  0x00005555557880fe in monitor_json_emitter (mon=0x5555567bd9e0, 
data=0x5555567c73a0) at /home/elmarco/src/qemu/monitor.c:401
 #8  0x00005555557882d2 in monitor_qapi_event_emit 
(event=QAPI_EVENT_SPICE_DISCONNECTED, qdict=0x5555567c73a0) at 
/home/elmarco/src/qemu/monitor.c:472
 #9  0x000055555578838f in monitor_qapi_event_queue 
(event=QAPI_EVENT_SPICE_DISCONNECTED, qdict=0x5555567c73a0, 
errp=0x7fffffffca88) at /home/elmarco/src/qemu/monitor.c:497
 #10 0x0000555555c15541 in qapi_event_send_spice_disconnected 
(server=0x5555571139d0, client=0x5555570d0db0, errp=0x5555566c0428 
<error_abort>) at qapi-event.c:1038
 #11 0x0000555555b11bc6 in channel_event (event=3, info=0x5555570d6c00) at 
ui/spice-core.c:248
 #12 0x00007fffdcc9983a in adapter_channel_event (event=3, info=0x5555570d6c00) 
at reds.c:120
 #13 0x00007fffdcc99a25 in reds_handle_channel_event (reds=0x5555567a9d60, 
event=3, info=0x5555570d6c00) at reds.c:324
 #14 0x00007fffdcc7d4c4 in main_dispatcher_self_handle_channel_event 
(self=0x5555567b28b0, event=3, info=0x5555570d6c00) at main-dispatcher.c:175
 #15 0x00007fffdcc7d5b1 in main_dispatcher_channel_event (self=0x5555567b28b0, 
event=3, info=0x5555570d6c00) at main-dispatcher.c:194
 #16 0x00007fffdcca7674 in reds_stream_push_channel_event (s=0x5555570d9910, 
event=3) at reds-stream.c:354
 #17 0x00007fffdcca749b in reds_stream_free (s=0x5555570d9910) at 
reds-stream.c:323
 #18 0x00007fffdccb5dad in snd_disconnect_channel (channel=0x5555576a89a0) at 
sound.c:229
 #19 0x00007fffdccb9e57 in snd_detach_common (worker=0x555557739720) at 
sound.c:1589
 #20 0x00007fffdccb9f0e in snd_detach_playback (sin=0x5555569fe3f8) at 
sound.c:1602
 #21 0x00007fffdcca3373 in spice_server_remove_interface (sin=0x5555569fe3f8) 
at reds.c:3387
 #22 0x00005555558ff6e2 in line_out_fini (hw=0x5555569fe370) at 
audio/spiceaudio.c:152
 #23 0x00005555558f909e in audio_atexit () at audio/audio.c:1754
 #24 0x00007fffdb1941e8 in __run_exit_handlers (status=0, listp=0x7fffdb5175d8 
<__exit_funcs>, address@hidden) at exit.c:82
 #25 0x00007fffdb194235 in __GI_exit (status=<optimized out>) at exit.c:104
 #26 0x00007fffdb17b738 in __libc_start_main (main=0x5555558d7874 <main>, 
argc=67, argv=0x7fffffffcf48, init=<optimized out>, fini=<optimized out>, 
rtld_fini=<optimized out>, stack_end=0x7fffffffcf38) at ../csu/libc-start.c:323

Add a monitor_cleanup() functions to remove all the monitors before
cleaning up the chardev. Note that we are "losing" some events that
used to be sent during atexit().

Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Reviewed-by: Markus Armbruster <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>


  Commit: a384c205acaa4b6fe6d4d392af47b49b2c448eb4
      
https://github.com/qemu/qemu/commit/a384c205acaa4b6fe6d4d392af47b49b2c448eb4
  Author: Marc-André Lureau <address@hidden>
  Date:   2016-08-08 (Mon, 08 Aug 2016)

  Changed paths:
    M audio/audio.c
    M audio/audio.h
    M audio/coreaudio.c
    M vl.c

  Log Message:
  -----------
  audio: clean up before monitor clean up

Since aa5cb7f5e, the chardevs are being cleaned up when leaving qemu,
before the atexit() handlers. audio_cleanup() may use the monitor to
notify of changes. For compatibility reasons, let's clean up audio
before the monitor so it keeps emitting monitor events.

The audio_atexit() function is made idempotent (so it can be called
multiple times), and renamed to audio_cleanup(). Since coreaudio
backend is using a 'isAtexit' code path, change it to check
audio_is_cleaning_up() instead, so the path is taken during normal
exit.

Signed-off-by: Marc-André Lureau <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Reviewed-by: Gerd Hoffmann <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>


  Commit: 4977bb09ddb7dc97d8452fb1021af14b9695f627
      
https://github.com/qemu/qemu/commit/4977bb09ddb7dc97d8452fb1021af14b9695f627
  Author: Peter Maydell <address@hidden>
  Date:   2016-08-08 (Mon, 08 Aug 2016)

  Changed paths:
    M audio/audio.c
    M audio/audio.h
    M audio/coreaudio.c
    M include/monitor/monitor.h
    M monitor.c
    M vl.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2016-08-08' 
into staging

Monitor patches for 2016-08-08

# gpg: Signature made Mon 08 Aug 2016 13:24:42 BST
# gpg:                using RSA key 0x3870B400EB918653
# gpg: Good signature from "Markus Armbruster <address@hidden>"
# gpg:                 aka "Markus Armbruster <address@hidden>"
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-monitor-2016-08-08:
  audio: clean up before monitor clean up
  monitor: fix crash when leaving qemu with spice audio

Signed-off-by: Peter Maydell <address@hidden>


Compare: https://github.com/qemu/qemu/compare/b8dc0fcff107...4977bb09ddb7

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] 2ef457: monitor: fix crash when leaving qemu with spice au..., GitHub <=

Prev by Date: [Qemu-commits] [qemu/qemu] bd7c41: block/qdev: Let 'drive' property fall back to node...
Next by Date: [Qemu-commits] [qemu/qemu] 53279c: Update version for v2.7.0-rc2 release
Previous by thread: [Qemu-commits] [qemu/qemu] bd7c41: block/qdev: Let 'drive' property fall back to node...
Next by thread: [Qemu-commits] [qemu/qemu] 53279c: Update version for v2.7.0-rc2 release
Index(es):
- Date
- Thread