Service denied when server is updated
Norman Feske
norman.feske at genode-labs.com
Tue Jul 10 13:31:11 CEST 2018
Hi Stefan,
thank you for the detailed steps, which make the situation much more
clear. Actually, I can spot the problem without trying out the steps:
In your scenario, you change the routing rules for a component that is
already running. The sculpt manager does not look at the routing rules
of running components but passes the <route> content to the runtime
(init) configuration as is. Init, in turn, responds to the routing
change by killing and restarting the affected component, which is
expected. From init's perspective, the new route is not valid because
the server does not exist at this point (it is not yet part of the
runtime config until it is completely installed). So the session request
by the new instance of the client is denied.
The same situation can be produced with the default config/deploy.
1. Uncomment fonts_fs, wm, backdrop, and nano3d. Wait until all
components are downloaded and nano3d is running in a window.
2. Switch the networking to "local" to cut the connection to the
internet.
3. Copy the <start> node of the wm, modify the start name to "wm.2"
and rename the pkg to some unexisting name like "themed_wm.2".
The log will show a message "...themed_wm.2 incomplete or
missiing"
4. Change the <route> of nano3d to <child name="wm.2"/>.
(actually, one can leave out steps 2 and 3)
It turns out that all components work as designed but I did not
anticipate the dynamic change of <route> content in config/deploy. The
sculpt manager looks only at this content as a precondition before
starting a component but it does not monitor the information once it is
satisfied. The relevant parts of the code are [1, 2].
[1]
https://github.com/genodelabs/genode/blob/master/repos/gems/src/app/sculpt_manager/deploy.cc#L18
[2]
https://github.com/genodelabs/genode/blob/master/repos/gems/src/app/depot_deploy/child.h#L172
In [2] you can see that a condition stays satisfied once it becomes
satisfied for the first time. In principle, the sculpt manager could
re-evaluate all <route> nodes (not just the incomplete ones) each time
the runtime config is generated. Removing the early return should do the
trick. I tested this with the simplified scenario outlined above.
However, this is just a quickfix because this change increases the XML
parsing overhead inside the sculpt manager to a level I feel
uncomfortable with. For each route - not just for the incomplete
components but also for all running components - the condition check
performs one parsing pass of the runtime's state report. Therefore, the
costs for the checks increase quadratically with the number of start
nodes. So to properly solve it, we need to cache the runtime state
inside the sculpt manager.
I'm going to implement that for the release 18.08. Until then, I hope
that the quickfix works for you as an interim solution.
Cheers
Norman
--
Dr.-Ing. Norman Feske
Genode Labs
https://www.genode-labs.com · https://genode.org
Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.genode.org/pipermail/users/attachments/20180710/68eac5bc/attachment.sig>
More information about the users
mailing list