From patchwork Tue Feb 21 03:37:19 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Li Qiang X-Patchwork-Id: 9583837 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 3140E600C1 for ; Tue, 21 Feb 2017 03:37:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0591B28909 for ; Tue, 21 Feb 2017 03:37:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id EE66428921; Tue, 21 Feb 2017 03:37:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3625228909 for ; Tue, 21 Feb 2017 03:37:48 +0000 (UTC) Received: from localhost ([::1]:42099 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cg1Gt-0007PA-LP for patchwork-qemu-devel@patchwork.kernel.org; Mon, 20 Feb 2017 22:37:47 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53225) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cg1Ge-0007K7-7C for qemu-devel@nongnu.org; Mon, 20 Feb 2017 22:37:33 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cg1GZ-0001Os-CC for qemu-devel@nongnu.org; Mon, 20 Feb 2017 22:37:32 -0500 Received: from mail-ot0-x244.google.com ([2607:f8b0:4003:c0f::244]:36013) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cg1GZ-0001Om-7s for qemu-devel@nongnu.org; Mon, 20 Feb 2017 22:37:27 -0500 Received: by mail-ot0-x244.google.com with SMTP id l26so12825325ota.3 for ; Mon, 20 Feb 2017 19:37:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=5ic+DaBdgvcQUK7yoVHZEo6tHBx+ZXrbJVjD45kGMCA=; b=AtMZiM57NmLY7bmbs+tTn2eopvAJ/IIVWqWNXBaRfciwNP4iWkhfFHz7MtRyGrefvr UB/JwTsv7ffJwsoFjTcoYYzb5WjUdo53+uez7Hrvy28JiEVuoGgLTZzkcCGx/3T46Md1 u4lYC3oZbyMXmCmQ2ruM5Z7QZeg/G3vvg8ZOk2SyDVgJbGLLdDVlmwLTekzNcRrZUrAF ddqPo7oRoFDP2w+LFFYxFI9hEIO4fbtKPcL7jAHDtOqxuAT5w46RGDvhg/oiKanAMRI8 O/M2mcullhnqBtwUt/MP5FY7HdF3nSQGHej9d8pB9gG/GbdwvwD4pGuu/ciltmtHBPpG yc6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=5ic+DaBdgvcQUK7yoVHZEo6tHBx+ZXrbJVjD45kGMCA=; b=Ho9A9i/MVMvdfQ2i6cBanHpQTeGR+LKsrWpQpqA91qsnr7gESeY++S3uFKGwci8BCR mL+GFmP0lrBNZPrZHZvPAoMegkD1sRhT47mac7CUti0xMsEBK1copr5b2vzl29/0vuDJ J64exnlOUGUX8L/LTNHhmlSqU4iGe/PpGdSaLtOJn9rNoBT3ZLfBHiPARJQg5KIlHLce rA+3JfzvRfIJ98Ipuz5sTXnbr6amem4GG0k84Cbdi3WW0jUWWUWK47pwuT6pfnXVKxLq 5AfUOqwO0V30Ttd967pl3MM6G1nUdK7HkkOjqbVkdE9+uFvL4XwFwv/PNpBbaPxpG5z+ UX9A== X-Gm-Message-State: AMke39k+35luoDTf6EP/S8Pi/1VdqUzmz3KPSuRSS8FOjpYK4cWp+gRgViprBjq7NDlv+A== X-Received: by 10.157.59.164 with SMTP id k33mr12055801otc.193.1487648246421; Mon, 20 Feb 2017 19:37:26 -0800 (PST) Received: from localhost.localdomain.localdomain ([104.192.110.250]) by smtp.gmail.com with ESMTPSA id c18sm8863771ote.24.2017.02.20.19.37.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Feb 2017 19:37:25 -0800 (PST) From: Li Qiang X-Google-Original-From: Li Qiang To: pbonzini@redhat.com, marcandre.lureau@redhat.com, qemu-devel@nongnu.org Date: Mon, 20 Feb 2017 19:37:19 -0800 Message-Id: <1487648239-83616-1-git-send-email-liqiang6-s@360.cn> X-Mailer: git-send-email 1.8.3.1 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2607:f8b0:4003:c0f::244 Subject: [Qemu-devel] [PATCH] spice-char: fix segfault in char_spice_finalize X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Li Qiang Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP In 'qemu_chr_open_spice_vmc' if the 'psubtype' is NULL, it will call 'char_spice_finalize'. But as the SpiceChardev is not inserted in the 'spice_chars' list, the 'QLIST_REMOVE' will cause a segfault. Add a detect to avoid it. Signed-off-by: Li Qiang --- spice-qemu-char.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/spice-qemu-char.c b/spice-qemu-char.c index 6f46f46..15dbf9c 100644 --- a/spice-qemu-char.c +++ b/spice-qemu-char.c @@ -215,7 +215,10 @@ static void char_spice_finalize(Object *obj) SpiceChardev *s = SPICE_CHARDEV(obj); vmc_unregister_interface(s); - QLIST_REMOVE(s, next); + + if (spice_chars.lh_first) { + QLIST_REMOVE(s, next); + } g_free((char *)s->sin.subtype); #if SPICE_SERVER_VERSION >= 0x000c02