[Spice-devel] [PATCH spice-server 03/16] test-display-base: Avoid usage after free freeing wakeup timer
Christophe Fergeau
cfergeau at redhat.com
Wed Sep 6 15:37:46 UTC 2017
I'd add a "when" in the shortlog
On Mon, Sep 04, 2017 at 11:57:11AM +0100, Frediano Ziglio wrote:
> The wakeup timer is used by the worker thread and by the
> main thread.
> Destroying the object before destroying the worker thread
> can lead to use after free.
> Destroying the worker thread before make sure we don't race.
s/before/first maybe, and "makes sure"
> This is detect easily compiling the test with address sanitizer.
"detected easily when compiling"
>
> Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
> ---
> server/tests/test-display-base.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/server/tests/test-display-base.c b/server/tests/test-display-base.c
> index ac1cffca..da33ad08 100644
> --- a/server/tests/test-display-base.c
> +++ b/server/tests/test-display-base.c
> @@ -921,8 +921,10 @@ Test *test_new(SpiceCoreInterface *core)
>
> void test_destroy(Test *test)
> {
> - test->core->timer_remove(test->wakeup_timer);
> spice_server_destroy(test->server);
> + // this timer is used by spice server so
> + // avoid to free it while is running
> + test->core->timer_remove(test->wakeup_timer);
> free(test->commands);
> free(test);
> }
> --
> 2.13.5
>
> _______________________________________________
> Spice-devel mailing list
> Spice-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/spice-devel
More information about the Spice-devel
mailing list