From nobody Sat May 4 16:00:34 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1517404085596160.01527169578912; Wed, 31 Jan 2018 05:08:05 -0800 (PST) Received: from localhost ([::1]:59529 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1egs7H-0001A5-2X for importer@patchew.org; Wed, 31 Jan 2018 08:07:55 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53211) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1egs5v-0000XY-N7 for qemu-devel@nongnu.org; Wed, 31 Jan 2018 08:06:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1egs5r-00030s-NY for qemu-devel@nongnu.org; Wed, 31 Jan 2018 08:06:31 -0500 Received: from mail-db5eur01on0126.outbound.protection.outlook.com ([104.47.2.126]:60640 helo=EUR01-DB5-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1egs5q-0002wi-SE for qemu-devel@nongnu.org; Wed, 31 Jan 2018 08:06:27 -0500 Received: from localhost.sw.ru (195.214.232.6) by AM5PR0801MB2065.eurprd08.prod.outlook.com (2603:10a6:203:4c::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.444.14; Wed, 31 Jan 2018 13:06:21 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=0mpiZ5KFu7pMA4j5nYzTCaTE9t6hO6Xp4L9smRgPYsg=; b=USbYHLr8uzlQQl4/7FPulW5p7yXhz4r6YIqUK3+fURWKaWY0RU6bgORhvkV8f7Y8B/bLRNeX9Cwowxg+KBq+GyjHUpl9vJX8KtKkqZ219Q2oLR+k+PLIM6uY/SEsQGs8Km12F5Ft32b9i9W9Y9XXvayeGVw5+eJHLEuSg1JvKjw= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=klim.kireev@virtuozzo.com; From: Klim Kireev To: qemu-devel@nongnu.org Date: Wed, 31 Jan 2018 16:06:13 +0300 Message-Id: <20180131130613.30959-1-klim.kireev@virtuozzo.com> X-Mailer: git-send-email 2.14.3 MIME-Version: 1.0 X-Originating-IP: [195.214.232.6] X-ClientProxiedBy: HE1PR1001CA0016.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:3:f7::26) To AM5PR0801MB2065.eurprd08.prod.outlook.com (2603:10a6:203:4c::15) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b903ca27-eaa9-48e7-20c6-08d568ab6cd8 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(7168020)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:AM5PR0801MB2065; X-Microsoft-Exchange-Diagnostics: 1; AM5PR0801MB2065; 3:wmRUctfGMp8b1JhOcz8W7s+oEqmttPtbp52gLyHOrc4eKFoH24V1jo4SBbhEfIhuJx4FxmIMoCROQwOberwxe42Os2iMsTZcivxpjOoSZhVqUOd9hAuocPm2vRdcSYy+M7ey47EfgasebfAoLzy1VLwe1VSR6THG6iAQGoBAy6wsstJVlI13u9bgwrQ6L7/2DmXbOy783LPyqXmnBAu/3cocT5kIeJJgTyTv5bfIRsLyxrge1qxV8rUiZIizPGRv; 25:qtrXX4ED4YJeB00Ra44bhgzGZ5NmvsvaAjyMZJA48HRqGtUpWLAHPaE3jnsc9eNCzdtgxUV0yPGbRVFmlzkUavnen2KFeM+DXyL1AdhiaGqbi8MQxPhc8u+gmgvdhJ2T2pkm7RboOmWzZp3vd/4U17gmZqmyqGXYmZzo12thBLKzEkXiXGyB197ubUld5seLOL9D9Vo7grD37JUSpzlEwoKT/qzZAoM9P6SEd4dH9hxw5v/bm2B7R/hC8812QbfsQXMK6c5SvltURw3RFOSdCwZq1zTEJ8pe+G7PwbzZ1VXLBE5CTD69x5WadnQYE53JMtDb04yL0HTytWDvYHAkeA==; 31:q6t1oyOEtlswHufdhBQbJ/Xy0w8BaFh6yDqFd8BV+fhC+EUoWe9jUSZoiroOLJrneV10Kyrn0ACWqe+hVPg5Zbe9/v8Ykdrd+n5tvQF+zeiImOgjC0jOzlNKvgvhaIkZl03MCbx8IH68Cj304R/4ydNdQRbIjCgU8vDb2DemDhLosRYwGnh+7qryyxcv3NKvehw/gKQPdcfJXHFbcDfBXTb1/SQWFBu9ZbdQdUsTvCo= X-MS-TrafficTypeDiagnostic: AM5PR0801MB2065: X-Microsoft-Exchange-Diagnostics: 1; AM5PR0801MB2065; 20:HWWrtIZsx35gWlvRdw6hPEuX10ig6tx8tzFgybhtOOL3RyO/cZWrFQoouliFBigLJEeZn++AasfPbBxKnJx2FPYOR/9PszdtPv0RkxKVuJLFI9MLK77NjKk7a7WmTTB9e+emjRLjatA0luKl35uXI0pTV8W3HS8WyiIaVxsKWEvwOPTji80RwWW3Tfm60Xm7GhDCANH6VlcSgslLCMfAg38cdjBgq/CCgooC2yxuKXaayeweIPU22K6ikH3HzptcBvKD10wYNQ7+tp6/0rfmZNpkHU5MQKJCMQH/Gi3E34KWMhKEbWHzBYHFpAk/AxOo5WG/MPqNxeb2o5pwb4k7C5k7w3dPMD3kAtKimzVRLwzWdTTrwgqf/yGMkp/b3YmfoBJB4iDwY9BApr2Wak6ObRoS+4dw15lT/6MIlFrkIxI=; 4:PVZfy2MOUeuKhgLj++6Y/Yq/+lZvU8QI310BTD3SzBYRYpjyneZ1EckkzaoK39m2R7UM5M2MqW6AaDsU/lyl1oVG3/WHcMArx+jKkKzO/GlXWbCmxpdm+R+UCfi1uf66NOf6OuKBQvqEjCHdueH2Bga+ttxvdIxYd0sNKrxNmaCRIXWcse73FYFjNrtVPTerGvwpsbtD3RADJvYPRW8tp3xcQkrgrtG/XSoUgPypsImQ6QWmXUNL+Yo8Z0pFurRz4nBLrmRUJNjIgmfb1nmTzQ== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(3231101)(2400082)(944501161)(10201501046)(93006095)(93001095)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(20161123562045)(6072148)(201708071742011); SRVR:AM5PR0801MB2065; BCL:0; PCL:0; RULEID:; SRVR:AM5PR0801MB2065; X-Forefront-PRVS: 056929CBB8 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6069001)(39840400004)(376002)(366004)(396003)(39380400002)(346002)(199004)(189003)(305945005)(7736002)(4326008)(86362001)(97736004)(25786009)(6486002)(6512007)(53936002)(478600001)(47776003)(6116002)(26005)(66066001)(2351001)(8936002)(81156014)(50226002)(50466002)(48376002)(36756003)(2361001)(3846002)(53416004)(6916009)(68736007)(76506005)(2906002)(6666003)(52116002)(5660300001)(51416003)(81166006)(1076002)(8676002)(386003)(105586002)(106356001)(69596002)(6506007)(16586007)(55236004)(186003)(16526019)(316002); DIR:OUT; SFP:1102; SCL:1; SRVR:AM5PR0801MB2065; H:localhost.sw.ru; FPR:; SPF:None; PTR:InfoNoRecords; A:3; MX:1; LANG:en; Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: None (protection.outlook.com: virtuozzo.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; AM5PR0801MB2065; 23:fLvCk8SVdAIyhrSmap43Du78FYHstW3VfGBlZRA?= =?us-ascii?Q?xKlCKi3sX+E9HL2xUOAOUmUnHChfekTf8GrWr0q2AXArlE2NRzO5F8RdOCjq?= =?us-ascii?Q?yPtTT4CEy+RQhwpPoMTY4WA9vnLeyxDkxB+M/ZpUcp6Jq1VNPGbtd2G0LHBf?= =?us-ascii?Q?hTtgruQOuJ+Orc7bFWZqGAZezpRCZnWr0hDOWbHDkJgEDMzbopNutkBHxurP?= =?us-ascii?Q?jq2hGqw646t/CDEdJfLjUVmEaT0k+JrmRvW7MganKa523+l1Mjp1I7S+BLEC?= =?us-ascii?Q?lsvpgPw1itmTUC07h+mj05Xy+DSONTESGTxjdvULbVYy/f8x93rs+DK+klZl?= =?us-ascii?Q?o73XagjftiwS2ZK23dgcz68I1pztogELp+ULR8bncKspqf+7hImZBUQljPPG?= =?us-ascii?Q?pR7J4htC5s2v0BZAaZUTQ27w/Sn8sX1e9+wdbv++cBltiEzhMMfNUAY0canX?= =?us-ascii?Q?EUZvqgjFiJaZfckKS5XDvmezE0A7PX9HVekr702puUSrGdVHAe7VT2WbutJw?= =?us-ascii?Q?Qv835CQfV9XCF84kvMyMi6SO1l33pPTcBhkdw1EGbwZ0gppuXl2g2PJxeUkX?= =?us-ascii?Q?mVlUSlix9OHXnN3REIyY0iX2PrFa+k7WcsmtYOY1Aa39OPj7E5BloHmBaV/A?= =?us-ascii?Q?8UjCJd0YZfkCwwT0FbxPKvIeQoeCjr/0H/cpFZVUGgKwXk3mwJPnsZyH5Roq?= =?us-ascii?Q?9xGlLpmSSZlvHyZco07bk+TQ1tJvlDxi1Dw9q1+qOqn0/+Wow7t34CWU0juH?= =?us-ascii?Q?SgU5MCq/sG3v830BtASOyU/GRCndjV1MFy0XC0vc1+Coc9OyXKL7lYl1uYWd?= =?us-ascii?Q?EKjAMy3ynYCzbrXXBBfjJ92R088qG3AzIutQuVXasO5w3SXpFou6FkCD5eJm?= =?us-ascii?Q?fPXbajGkLpabezpoeODL6Q3Uec1XwDELq+xd+DgvvdoX3vwlLs7k2u6FQhjh?= =?us-ascii?Q?bH1eZm+fhDCQZjeN+dNSbwvir1u/8aVqrAHgyaCa/HIGLq3jn5blhWrfSCMq?= =?us-ascii?Q?kId2UWppxmUsFtCBF6A/UwBqQUIIZ5orzjtLUvzqTVBnPr4GXs8eiANplAD6?= =?us-ascii?Q?HWF+TVD9vE3r3fkVWbrjBmJG7qxYKzvf+QJKxJGBL5b/HFE+tqlvnPk+vuWW?= =?us-ascii?Q?h+17Loc40y2YEEs0HgzUtvSg28r+bmVeY2EtZfokO9iPLDwh2qoqsPWkwoNb?= =?us-ascii?Q?X5jmYOgV1ttY8x3b9siZBoZuniDX1Portp9MK?= X-Microsoft-Exchange-Diagnostics: 1; AM5PR0801MB2065; 6:SW/oPfHpmXjBGMepSmogfbqmQEmrZWZE3NtydTrpNBEZXrTuPGGa3Ac3C2dTwEmEPFnq7MfRUtW6htNAQ8uAfXZEOQr4dNFG3883kD0TMM/tCVfAzpJSF8x7QpU575ii6Ct3MRGCHCEZJ59B38/iEPvfq05OtTqb3ix6CiSm9GBe1B9sl07VHIcpbBCaLgt5lvk1sbxD3VeHxI7XFRypmQQOF8iiastAbOMdNeBf7RgNBqPTCOShS1qRg0eMDNFz61PqFwduZNH1FnezvCaf9FYgCb7AT0XS8bvOa2GFDiEh5jgDKIFNQF5evj8yE6ms8uf8zyG+eiPIFmcLIpgBPQKvkDp8H/741mN1b2W4dD4=; 5:d5gpxbREr7d7CAdXvZtq2GOWM5J2wwRyWfwW7T8qOyb9bfEABKJigl/lfk3I+ntJxfCnZoL4u8kE/lDpP4DCVy9FtwHlwN5wSVVi9xAvgBKSGMqlBEtMq/RBicjl8H1zOW+LDXdC7/wqM6Pgcjxxwt4qRl2UL1v6kuwKLkoUByw=; 24:ToQFE3O/WWpRBo1GHbneF2toCKhNFM6usPb4Gg1wmxwcY6omfMoMBi8W3UcAy0AjLUNQF9Sh/ksF3rBwQfuSuYJju31B/wfHH8kTSCfGsOc=; 7:z8sp05fB5hYF5iq32HA43/r1X2DNOZg2NGvGnjCGUa4DuBshsNZjNm8vWMXXT9jUxXayNeqLCQCglr3qPjV7cF4zmUTZSCtO90Xp1gwqnPtlGxCL59Bur/SlTt/oLLA8ad960COEM+BnlS9RgjVlMQedakcyjg6+ri4ZQm96byP1+TNU6sQaYhBaYibYo/eQ2D+o95BLd5YA7JQt6INNIeI8HZ/i0GON0sqq00iu+V/TTx6rkDM/dP0PzzmPvLS2 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; AM5PR0801MB2065; 20:Ly++dZjxWqQyBAB5jmgNxrsfiVfcN+WhI88CDstsuvQXwbIl79fz+u7cODnkZlvZ9XSKSCGCAkgXvKD6+38fa/3g/zt1aSxS0QcjBHxNgzVGVKywFjcItw28DLE944M7ZUjqw8dZvCcA+7eJrbpMXUQVzLme82mBcS4K3Kgn3W0= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jan 2018 13:06:21.5249 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b903ca27-eaa9-48e7-20c6-08d568ab6cd8 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0801MB2065 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.2.126 Subject: [Qemu-devel] [PATCH] vnc: fix segfault in closed connection handling X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kraxel@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" On one of our client's node, due to trying to read from closed ioc, a segmentation fault occured. Corresponding backtrace: Having analyzed the coredump, I understood that the reason is that ioc_tag is reset on vnc_disconnect_start and ioc is cleaned in vnc_disconnect_finish. Between these two events due to some reasons the ioc_tag was set again and after vnc_disconnect_finish the handler is running with freed ioc, which led to the segmentation fault. I suggest to check ioc_tag in vnc_disconnect_finish to prevent such an occurrence. Signed-off-by: Klim Kireev --- ui/vnc.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ui/vnc.c b/ui/vnc.c index 33b087221f..b8bf0180cb 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -1270,6 +1270,10 @@ void vnc_disconnect_finish(VncState *vs) } g_free(vs->lossy_rect); =20 + if (vs->ioc_tag) { + g_source_remove(vs->ioc_tag); + vs->ioc_tag =3D 0; + } object_unref(OBJECT(vs->ioc)); vs->ioc =3D NULL; object_unref(OBJECT(vs->sioc)); --=20 2.14.3