From d621cfe0a177978b17711a712293221294430f53 Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Tue, 3 Jul 2018 10:53:30 +0200 Subject: [PATCH] qmp: Document COMMAND_DROPPED design flaw Events are broadcast to all monitors. If another monitor's client has a command with the same ID in flight, the event will incorrectly claim that command was dropped. This must be fixed before out-of-band execution can graduate from "experimental". Signed-off-by: Markus Armbruster Reviewed-by: Eric Blake Message-Id: <20180703085358.13941-5-armbru@redhat.com> --- monitor.c | 6 ++++++ qapi/misc.json | 3 +++ 2 files changed, 9 insertions(+) diff --git a/monitor.c b/monitor.c index 4f4f309d45..3ad89fe1ba 100644 --- a/monitor.c +++ b/monitor.c @@ -4331,6 +4331,12 @@ static void handle_qmp_command(JSONMessageParser *parser, GQueue *tokens) /* Drop the request if queue is full. */ if (mon->qmp.qmp_requests->length >= QMP_REQ_QUEUE_LEN_MAX) { qemu_mutex_unlock(&mon->qmp.qmp_queue_lock); + /* + * FIXME @id's scope is just @mon, and broadcasting it is + * wrong. If another monitor's client has a command with + * the same ID in flight, the event will incorrectly claim + * that command was dropped. + */ qapi_event_send_command_dropped(id, COMMAND_DROP_REASON_QUEUE_FULL, &error_abort); diff --git a/qapi/misc.json b/qapi/misc.json index 0446c3e48e..74cd97f237 100644 --- a/qapi/misc.json +++ b/qapi/misc.json @@ -3454,6 +3454,9 @@ # only be dropped when the oob capability is enabled. # # @id: The dropped command's "id" field. +# FIXME Broken by design. Events are broadcast to all monitors. If +# another monitor's client has a command with the same ID in flight, +# the event will incorrectly claim that command was dropped. # # @reason: The reason why the command is dropped. #