[Spice-devel] [PATCH 01/15] Don't abort if an item isn't handled.
Frediano Ziglio
fziglio at redhat.com
Fri Jan 15 03:40:16 PST 2016
>
> On Thu, 2016-01-14 at 09:36 -0500, Frediano Ziglio wrote:
> > >
> > > From: Jonathon Jongsma <jjongsma at redhat.com>
> > >
> > > Use spice_warning() instead of spice_critical() since the latter will
> > > cause the entire qemu session to abort.
> > >
> > > (/usr/bin/qemu-kvm:24458): Spice-Warning **:
> > > ../../server/dcc-send.c:2442:dcc_send_item: should not be reached
> > > (/usr/bin/qemu-kvm:24458): Spice-CRITICAL **:
> > > ../../server/dcc.c:1595:release_item_before_push: invalid item type
> > > Thread 4 (Thread 0x7fcac941f700 (LWP 24459)):
> > > #0 0x00007fcae12347f0 in sem_timedwait () at
> > > ../sysdeps/unix/sysv/linux/x86_64/sem_timedwait.S:101
> > > #1 0x00007fcae2d0f887 in qemu_sem_timedwait ()
> > > #2 0x00007fcae2cba7dc in worker_thread ()
> > > #3 0x00007fcae122d52a in start_thread (arg=0x7fcac941f700) at
> > > pthread_create.c:310
> > > #4 0x00007fcad7af577d in clone () at
> > > ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
> > > Thread 3 (Thread 0x7fcac8a3c700 (LWP 24460)):
> > > #0 0x00007fcad7aeb957 in ioctl () at
> > > ../sysdeps/unix/syscall-template.S:81
> > > #1 0x00007fcae2a89215 in kvm_vcpu_ioctl ()
> > > #2 0x00007fcae2a892cc in kvm_cpu_exec ()
> > > #3 0x00007fcae2a77cb2 in qemu_kvm_cpu_thread_fn ()
> > > #4 0x00007fcae122d52a in start_thread (arg=0x7fcac8a3c700) at
> > > pthread_create.c:310
> > > #5 0x00007fcad7af577d in clone () at
> > > ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
> > > Thread 2 (Thread 0x7fcac3bff700 (LWP 24461)):
> > > #0 0x00007fcae12351cd in read () at
> > > ../sysdeps/unix/syscall-template.S:81
> > > #1 0x00007fcae24b20e9 in spice_backtrace_gstack () at
> > > ../../../spice-common/common/backtrace.c:99
> > > #2 0x00007fcae24b2209 in spice_backtrace () at
> > > ../../../spice-common/common/backtrace.c:130
> > > #3 0x00007fcae24b97e6 in spice_logv (log_domain=0x7fcae252d9fe
> > > "Spice",
> > > log_level=SPICE_LOG_LEVEL_CRITICAL, strloc=0x7fcae253ff9e
> > > "../../server/dcc.c:1595", function=0x7fcae2540040
> > > <__FUNCTION__.31779>
> > > "release_item_before_push", format=0x7fcae25384e2 "invalid item
> > > type",
> > > args=args at entry=0x7fcac3bfe648) at
> > > ../../../spice-common/common/log.c:108
> > > #4 0x00007fcae24b9918 in spice_log (log_domain=<optimized out>,
> > > log_level=<optimized out>, strloc=<optimized out>,
> > > function=<optimized
> > > out>, format=<optimized out>) at
> > > ../../../spice-common/common/log.c:123
> > > #5 0x00007fcae24a5835 in dcc_send_item (dcc=<optimized out>,
> > > pipe_item=<optimized out>) at ../../server/dcc-send.c:2445
> > > #6 0x00007fcae2466450 in red_channel_client_push (item=<optimized
> > > out>,
> > > rcc=0x7fcaa80458a0) at ../../server/red_channel.c:596
> > > #7 0x00007fcae2466450 in red_channel_client_push
> > > (rcc=rcc at entry=0x7fcaa80458a0) at ../../server/red_channel.c:1358
> > > #8 0x00007fcae2466f2f in red_channel_client_handle_message
> > > (rcc=0x7fcaa80458a0) at ../../server/red_channel.c:1575
> > > #9 0x00007fcae2466f2f in red_channel_client_handle_message
> > > (rcc=0x7fcaa80458a0, size=<optimized out>, type=<optimized out>,
> > > message=0x7fcaa8737100) at ../../server/red_channel.c:1552
> > > #10 0x00007fcae24640b5 in red_channel_client_receive
> > > (handler=0x7fcaa80499b0, stream=0x7fcae39cda60) at
> > > ../../server/red_channel.c:304
> > > #11 0x00007fcae24640b5 in red_channel_client_receive
> > > (rcc=rcc at entry=0x7fcaa80458a0) at ../../server/red_channel.c:326
> > > #12 0x00007fcae246689c in red_channel_client_event (fd=<optimized
> > > out>,
> > > event=1, data=0x7fcaa80458a0) at ../../server/red_channel.c:1584
> > > #13 0x00007fcae24774ec in watch_func (source=<optimized out>,
> > > condition=<optimized out>, data=0x7fcaa8016090) at
> > > ../../server/red_worker.c:619
> > > #14 0x00007fcae0b30aeb in g_main_context_dispatch
> > > (context=0x7fcae3996e60) at gmain.c:3111
> > > #15 0x00007fcae0b30aeb in g_main_context_dispatch
> > > (context=context at entry=0x7fcae3996e60) at gmain.c:3710
> > > #16 0x00007fcae0b30e88 in g_main_context_iterate
> > > (context=0x7fcae3996e60, block=block at entry=1,
> > > dispatch=dispatch at entry=1,
> > > self=<optimized out>) at gmain.c:3781
> > > #17 0x00007fcae0b311b2 in g_main_loop_run (loop=0x7fcaa80008c0) at
> > > gmain.c:3975
> > > #18 0x00007fcae24773c3 in red_worker_main (arg=<optimized out>) at
> > > ../../server/red_worker.c:1756
> > > #19 0x00007fcae122d52a in start_thread (arg=0x7fcac3bff700) at
> > > pthread_create.c:310
> > > #20 0x00007fcad7af577d in clone () at
> > > ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
> > > Thread 1 (Thread 0x7fcae28f7a80 (LWP 24458)):
> > > #0 0x00007fcad7aea2a1 in __GI_ppoll (fds=0x7fcae39d10a0, nfds=7,
> > > timeout=<optimized out>, sigmask=0x0) at
> > > ../sysdeps/unix/sysv/linux/ppoll.c:56
> > > #1 0x00007fcae2cc770c in qemu_poll_ns ()
> > > #2 0x00007fcae2cc6eb4 in main_loop_wait ()
> > > #3 0x00007fcae2a505dd in main ()
> > > Aborted (core dumped)
> > > ---
> > > server/dcc.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/server/dcc.c b/server/dcc.c
> > > index eb5e4d1..c255e1a 100644
> > > --- a/server/dcc.c
> > > +++ b/server/dcc.c
> > > @@ -1620,7 +1620,7 @@ static void
> > > release_item_before_push(DisplayChannelClient *dcc, PipeItem *item)
> > > free(item);
> > > break;
> > > default:
> > > - spice_critical("invalid item type");
> > > + spice_warning("invalid item type");
> > > }
> > > }
> > >
> >
> > I don't agree. item type is generated internally and is a program
> > bug is not handled so I prefer the crash.
>
>
> Unfortunately, I can't remember what type was not being handled here and
> why...
> This patch does sort of mask the root cause, so I'm OK dropping the patch.
>
> Jonathon
>
>
I think so. However I think there is a design/implementation problem.
Each item do mostly same thing (serialize the data to the channel) so
we mostly require that each item have:
- a way to create it;
- a way to destroy it;
- a way to serialize it.
So, why not removing the PIPE_ITEM_* constants and implement 3 callbacks
for the items? Mostly item destroys will just resolve in a free.
I don't think this would be hard to implement. Just veeery long!
Frediano
More information about the Spice-devel
mailing list