monitor: protect event emission
Event emission must be protected by a mutex because of access to
the shared rate-limiting state, and to guard against concurrent
monitor "hot-plug" by means of human-monitor-command.
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
diff --git a/monitor.c b/monitor.c
index 4f2e4d9..224b32e 100644
--- a/monitor.c
+++ b/monitor.c
@@ -217,6 +217,9 @@
/* QMP checker flags */
#define QMP_ACCEPT_UNKNOWNS 1
+/* Protects mon_list, monitor_event_state. */
+static QemuMutex monitor_lock;
+
static QLIST_HEAD(mon_list, Monitor) mon_list;
static QLIST_HEAD(mon_fdsets, MonFdset) mon_fdsets;
static int mon_refcount;
@@ -465,6 +468,7 @@
/*
* Emits the event to every monitor instance, @event is only used for trace
+ * Called with monitor_lock held.
*/
static void monitor_qapi_event_emit(QAPIEvent event, QObject *data)
{
@@ -497,6 +501,7 @@
now);
/* Rate limit of 0 indicates no throttling */
+ qemu_mutex_lock(&monitor_lock);
if (!evstate->rate) {
monitor_qapi_event_emit(event, QOBJECT(data));
evstate->last = now;
@@ -521,6 +526,7 @@
evstate->last = now;
}
}
+ qemu_mutex_unlock(&monitor_lock);
}
/*
@@ -536,12 +542,14 @@
evstate->data,
evstate->last,
now);
+ qemu_mutex_lock(&monitor_lock);
if (evstate->data) {
monitor_qapi_event_emit(evstate->event, evstate->data);
qobject_decref(evstate->data);
evstate->data = NULL;
}
evstate->last = now;
+ qemu_mutex_unlock(&monitor_lock);
}
/*
@@ -5292,6 +5300,11 @@
monitor_flush(opaque);
}
+static void __attribute__((constructor)) monitor_lock_init(void)
+{
+ qemu_mutex_init(&monitor_lock);
+}
+
void monitor_init(CharDriverState *chr, int flags)
{
static int is_first_init = 1;
@@ -5329,7 +5342,10 @@
monitor_event, mon);
}
+ qemu_mutex_lock(&monitor_lock);
QLIST_INSERT_HEAD(&mon_list, mon, entry);
+ qemu_mutex_unlock(&monitor_lock);
+
if (!default_mon || (flags & MONITOR_IS_DEFAULT))
default_mon = mon;
}