[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Re: [PATCH] vl.c: set NULL upon deleting handlers in qe
|
From: |
Yoshiaki Tamura |
|
Subject: |
Re: [Qemu-devel] Re: [PATCH] vl.c: set NULL upon deleting handlers in qemu_set_fd_handler2() |
|
Date: |
Mon, 6 Sep 2010 20:41:45 +0900 |
2010/8/23 Corentin Chary <address@hidden>:
> On Mon, Aug 23, 2010 at 2:55 AM, Yoshiaki Tamura
> <address@hidden> wrote:
>> Currently qemu_set_fd_handler2() is only setting ioh->deleted upon
>> deleting. This may cause a crash when a read handler calls
>> qemu_set_fd_handler2() to delete handlers, but a write handler is
>> still invoked from main_loop_wait(). Because main_loop_wait() checks
>> handlers before calling, setting NULL upon deleting will protect
>> handlers being called if already deleted.
>>
>> One example is the new threaded vnc server. When an error occurs in
>> the context of a read handler, it'll releases resources and deletes
>> handlers. However, because the write handler still exists, it'll be
>> called, and then crashes because of lack of resources. This patch
>> fixes it.
>>
>> Signed-off-by: Yoshiaki Tamura <address@hidden>
>> ---
>> vl.c | 2 ++
>> 1 files changed, 2 insertions(+), 0 deletions(-)
>>
>> diff --git a/vl.c b/vl.c
>> index ccc8d57..7ae69ab 100644
>> --- a/vl.c
>> +++ b/vl.c
>> @@ -966,6 +966,8 @@ int qemu_set_fd_handler2(int fd,
>> QLIST_FOREACH(ioh, &io_handlers, next) {
>> if (ioh->fd == fd) {
>> ioh->deleted = 1;
>> + ioh->fd_read = NULL;
>> + ioh->fd_write = NULL;
>> break;
>> }
>> }
>> --
>> 1.7.1.1
>>
>>
>
> Good catch, thanks,
>
> Reviewed-by: Corentin Chary <address@hidden>
Ping?
>
> --
> Corentin Chary
> http://xf.iksaif.net
>
>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Qemu-devel] Re: [PATCH] vl.c: set NULL upon deleting handlers in qemu_set_fd_handler2(),
Yoshiaki Tamura <=