pxcloud/spice
5
0
Fork 0
mirror of https://gitlab.uni-freiburg.de/opensourcevdi/spice synced 2025-12-27 15:45:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4639817f0e
spice/server
History
Marc-André Lureau 4639817f0e server: fix crash when restarting VM with old client 
The server will reset the vdagent char device when the client does not
implement SPICE_MAIN_CAP_AGENT_CONNECTED_TOKENS. This will nullify
dev->sin and the following crash will be reached on restart:

 #0  0x00007fb05aa264a1 in spice_char_device_write_to_device (dev=dev@entry=0x7fb066ae5d30) at char_device.c:443
 #1  0x00007fb05aa27137 in spice_char_device_write_to_device (dev=0x7fb066ae5d30) at char_device.c:436
 #2  spice_char_device_start (dev=0x7fb066ae5d30) at char_device.c:798
 #3  0x00007fb05aa6a981 in spice_server_vm_start (s=<optimized out>) at reds.c:3795
 #4  0x00007fb0644b7f89 in qdev_reset_one (dev=<optimized out>, opaque=<optimized out>) at hw/core/qdev.c:241
 #5  0x00007fb0644b7918 in qbus_walk_children (bus=0x7fb06661e870, pre_devfn=0x0, pre_busfn=0x0,
     post_devfn=0x7fb0644b7f80 <qdev_reset_one>, post_busfn=0x7fb0644b6350 <qbus_reset_one>, opaque=0x0)
     at hw/core/qdev.c:422
 #6  0x00007fb0644b7848 in qdev_walk_children (dev=0x7fb0665f47a0, pre_devfn=0x0, pre_busfn=0x0,
     post_devfn=0x7fb0644b7f80 <qdev_reset_one>, post_busfn=0x7fb0644b6350 <qbus_reset_one>, opaque=0x0)
     at hw/core/qdev.c:456
 #7  0x00007fb0644b7918 in qbus_walk_children (bus=0x7fb06647cde0, pre_devfn=0x0, pre_busfn=0x0,
     post_devfn=0x7fb0644b7f80 <qdev_reset_one>, post_busfn=0x7fb0644b6350 <qbus_reset_one>, opaque=0x0)
     at hw/core/qdev.c:422
 #8  0x00007fb0644399fd in qemu_devices_reset () at vl.c:1830

After restart, qemu will reset the device instance (sin) when virtio
port is opened:

 #0  spice_char_device_state_reset_dev_instance (state=0x7fe4873876d0, sin=sin@entry=0x7fe486fb0c68)
     at char_device.c:667
 #1  0x00007fe47b277516 in attach_to_red_agent (sin=0x7fe486fb0c68) at reds.c:2838
 #2  spice_server_char_device_add_interface (sin=0x7fe486fb0c68, s=0x7fe486fb2e60) at reds.c:2962
 #3  spice_server_add_interface (s=0x7fe486fb2e60, sin=0x7fe486fb0c68) at reds.c:3104
 #4  0x00007fe484c69e57 in vmc_register_interface (scd=0x7fe486fb0c60) at spice-qemu-char.c:123
 #5  0x00007fe484ce96b4 in set_guest_connected (port=<optimized out>, guest_connected=1)
     at hw/char/virtio-console.c:89
 #6  0x00007fe484ba70ed in handle_control_message (len=8, buf=0x7fe486fbdf70, vser=0x7fe48739ae98)
     at /usr/src/debug/qemu-2.1.0/hw/char/virtio-serial-bus.c:382

Let's ignore the call to spice_char_device_{write,read}_to_device() when
dev->sin is NULL, similary to other conditions, such as dev->running.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1145919
2014-10-17 17:38:52 +02:00
..
tests server/tests/Makefile.am: White-space cleanup 2014-09-18 14:06:55 +02:00
.gitignore gitignore: add generated_*, vim temps, pyc 2010-11-08 16:06:55 +02:00
agent-msg-filter.c server: Add support for filtering out agent file-xfer msgs (rhbz#961848) 2013-06-06 16:07:30 +02:00
agent-msg-filter.h server: Add support for filtering out agent file-xfer msgs (rhbz#961848) 2013-06-06 16:07:30 +02:00
char_device.c server: fix crash when restarting VM with old client 2014-10-17 17:38:52 +02:00
char_device.h syntax-check: s/the the/the/ in a comment 2013-07-16 23:37:28 +03:00
demarshallers.h Remove trailing blank lines 2012-01-13 18:11:59 +02:00
dispatcher.c Don't do arithmetic on void * type, use uint8_t instead 2012-04-25 09:40:18 +01:00
dispatcher.h dispatcher.h: fix - s/#define MAIN_DISPATCHER_H/#define DISPATCHER_H 2013-04-22 16:30:54 -04:00
glz_encode_match_tmpl.c add #include <config.h> to all source files 2011-05-03 14:44:10 +02:00
glz_encode_tmpl.c Remove trailing whitespace from end of lines 2012-01-13 18:11:59 +02:00
glz_encoder_config.h Fix multiple printf format problems 2012-04-25 09:42:11 +01:00
glz_encoder_dictionary_protected.h server: s/max_encdoers/max_encoders/ 2012-08-30 17:08:09 +03:00
glz_encoder_dictionary.c server: s/max_encdoers/max_encoders/ 2012-08-30 17:08:09 +03:00
glz_encoder_dictionary.h Remove trailing blank lines 2012-01-13 18:11:59 +02:00
glz_encoder.c Remove trailing blank lines 2012-01-13 18:11:59 +02:00
glz_encoder.h Use the spice-common submodule 2012-03-25 18:59:10 +02:00
inputs_channel.c Introduce reds_stream_is_ssl() 2014-01-20 12:15:42 +01:00
inputs_channel.h Remove trailing blank lines 2012-01-13 18:11:59 +02:00
jpeg_encoder.c Use the spice-common logging functions 2012-03-25 19:00:00 +02:00
jpeg_encoder.h Remove trailing whitespace from end of lines 2012-01-13 18:11:59 +02:00
main_channel.c main_channel: monitoring client connection status 2013-08-14 13:36:30 -04:00
main_channel.h Namespace RECEIVE_BUF_SIZE 2013-10-08 19:07:41 +02:00
main_dispatcher.c decouple disconnection of the main channel from client destruction 2013-07-29 11:35:17 -04:00
main_dispatcher.h decouple disconnection of the main channel from client destruction 2013-07-29 11:35:17 -04:00
Makefile.am Add reds_stream.[ch] 2014-01-20 12:15:41 +01:00
migration_protocol.h enable seamless migration and set migration protocol version 2012-08-27 09:13:14 +03:00
mjpeg_encoder.c Fix assert in mjpeg_encoder_adjust_params_to_bit_rate() 2014-05-30 13:45:02 -05:00
mjpeg_encoder.h mjpeg_encoder: add mjpeg_encoder_get_stats 2013-06-24 15:23:34 -04:00
red_bitmap_utils.h Remove trailing blank lines 2012-01-13 18:11:59 +02:00
red_channel.c server: use a warning when disconnecting unresponsive client 2014-05-16 19:20:51 +02:00
red_channel.h Fix test_capability() typo 2014-03-13 17:13:38 +01:00
red_client_cache.h Use the spice-common logging functions 2012-03-25 19:00:00 +02:00
red_client_shared_cache.h Use the spice-common logging functions 2012-03-25 19:00:00 +02:00
red_common.h Move SPICE_GNUC_VISIBLE to red_common.h 2014-01-20 12:15:41 +01:00
red_dispatcher.c dispatcher: lower a monitor-config warning to a debug level 2014-09-08 12:04:15 +02:00
red_dispatcher.h server: set dispatcher before calling attache_worker 2013-10-07 16:33:20 +02:00
red_memslots.c server: remove memslot unused functions 2013-10-01 16:23:59 +02:00
red_memslots.h server: remove memslot unused functions 2013-10-01 16:23:59 +02:00
red_parse_qxl.c Fix indentation in red_get_opaque_ptr 2014-09-18 14:06:55 +02:00
red_parse_qxl.h Add support for QXLComposite to spice server 2012-08-24 13:44:42 -04:00
red_time.h server: move three functions to red_channel 2013-08-14 12:08:04 +03:00
red_worker.c Validate surface bounding box before using it 2014-09-18 14:06:55 +02:00
red_worker.h server: move bit set/clear utilities out of red_worker.h 2013-08-14 12:08:04 +03:00
reds_gl_canvas.c Use the spice-common submodule 2012-03-25 18:59:10 +02:00
reds_gl_canvas.h Use the spice-common submodule 2012-03-25 18:59:10 +02:00
reds_stream.c Add missing buffer (re)allocation to reds_sasl_handle_auth_steplen() 2014-04-16 17:11:38 +02:00
reds_stream.h Make struct AsyncRead/async_read_handler private 2014-04-16 17:11:38 +02:00
reds_sw_canvas.c Use the spice-common submodule 2012-03-25 18:59:10 +02:00
reds_sw_canvas.h Use the spice-common submodule 2012-03-25 18:59:10 +02:00
reds-private.h Fix 'recive' typo throughout the code base 2013-10-08 19:07:42 +02:00
reds.c migration: Don't assert() if MIGRATE_DATA comes before attaching the agent 2014-10-14 15:48:02 +03:00
reds.h clean-up: remove unused function 2014-09-08 14:49:29 +02:00
smartcard.c red_channel: monitor connection latency using MSG_PING 2013-04-22 16:30:54 -04:00
smartcard.h smartcard: use SpiceCharDeviceState for managing reading from the device 2012-07-03 14:13:42 +03:00
snd_worker.c server: don't assert on invalid client message 2014-07-25 17:25:29 +02:00
snd_worker.h snd_worker: support sending SPICE_MSG_PLAYBACK_LATENCY 2013-04-22 16:30:54 -04:00
spice_bitmap_utils.c server: Don't dump the bitmap when the format is invalid 2014-09-12 18:00:30 +02:00
spice_bitmap_utils.h server: move surface_format_to_image_type to spice_bitmap_utils 2013-08-14 12:08:04 +03:00
spice_image_cache.c server: split spice_image_cache from red_worker 2013-08-14 12:08:04 +03:00
spice_image_cache.h server: split spice_image_cache from red_worker 2013-08-14 12:08:04 +03:00
spice_server_utils.h server: move bit set/clear utilities out of red_worker.h 2013-08-14 12:08:04 +03:00
spice_timer_queue.c Don't truncate large 'now' values in _spice_timer_set 2014-03-20 11:34:49 +01:00
spice_timer_queue.h server: spice_timer_queue 2013-04-22 16:30:54 -04:00
spice-experimental.h Remove trailing blank lines 2012-01-13 18:11:59 +02:00
spice-server.syms Add support for the Opus codec 2014-01-02 12:36:59 +01:00
spice.h spice.h: Don't use 48kHz for playback/recording rates 2014-08-20 16:12:31 +02:00
spicevmc.c red_channel: monitor connection latency using MSG_PING 2013-04-22 16:30:54 -04:00
stat.h Remove trailing blank lines 2012-01-13 18:11:59 +02:00
zlib_encoder.c Use the spice-common logging functions 2012-03-25 19:00:00 +02:00
zlib_encoder.h applying zlib compression over glz on WAN connection 2010-06-21 15:05:37 +02:00