[Spice-devel] [PATCH spice-server 1/2] spicevmc: Return early when instance has no device state

Pavel Grunt pgrunt at redhat.com
Thu Nov 5 07:58:31 PST 2015 

Same approach as in spice_server_char_device_wakeup().
Avoid segmentation fault when the webdav channel (spice port channel) is
used with the vnc display:
 #0  0x00007ffff7aab734 in spice_char_device_state_opaque_get (dev=0x0)
     at char_device.c:720
 #1  0x00007ffff7b0850c in spice_server_port_event (sin=<optimized out>, event=<optimized out>) at spicevmc.c:578
 #2  0x0000555555787ba4 in set_guest_connected (port=<optimized out>, guest_connected=1) at hw/char/virtio-console.c:89
 #3  0x0000555555678d7c in control_out (len=<optimized out>, buf=0x55555775c3a0, vser=0x5555578d1540) at /home/pgrunt/RH/qemu/hw/char/virtio-serial-bus.c:404
 #4  0x0000555555678d7c in control_out (vdev=0x5555578d1540, vq=0x555557941bc8)
     at /home/pgrunt/RH/qemu/hw/char/virtio-serial-bus.c:441
 #5  0x000055555588eb98 in aio_dispatch (ctx=0x5555562e1a50) at aio-posix.c:160
 #6  0x00005555558829ee in aio_ctx_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at async.c:226
 #7  0x00007ffff2010e3a in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
 #8  0x000055555588d8fb in main_loop_wait () at main-loop.c:211
 #9  0x000055555588d8fb in main_loop_wait (timeout=<optimized out>)
     at main-loop.c:256
 #10 0x000055555588d8fb in main_loop_wait (nonblocking=<optimized out>)
     at main-loop.c:504
 #11 0x000055555561b664 in main () at vl.c:1891
---
 server/spicevmc.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/server/spicevmc.c b/server/spicevmc.c
index e10f183..6ac1561 100644
--- a/server/spicevmc.c
+++ b/server/spicevmc.c
@@ -569,6 +569,11 @@ SPICE_GNUC_VISIBLE void spice_server_port_event(SpiceCharDeviceInstance *sin, ui
 {
     SpiceVmcState *state;
 
+    if (sin->st == NULL) {
+        spice_warning("no SpiceCharDeviceState attached to instance %p", sin);
+        return;
+    }
+
     state = (SpiceVmcState *)spice_char_device_state_opaque_get(sin->st);
     if (event == SPICE_PORT_EVENT_OPENED) {
         state->port_opened = TRUE;
-- 
2.5.0

More information about the Spice-devel mailing list