From b172850200ccc70103c47c792aea4c8e7e3a8908 Mon Sep 17 00:00:00 2001 From: Pavel Grunt Date: Thu, 5 Nov 2015 16:25:55 +0100 Subject: spicevmc: Return early when instance has no device state Same approach as in spice_server_char_device_wakeup(). Avoid segmentation fault when the webdav channel (spice port channel) is used with the vnc display: #0 0x00007ffff7aab734 in spice_char_device_state_opaque_get (dev=0x0) at char_device.c:720 #1 0x00007ffff7b0850c in spice_server_port_event (sin=, event=) at spicevmc.c:578 #2 0x0000555555787ba4 in set_guest_connected (port=, guest_connected=1) at hw/char/virtio-console.c:89 #3 0x0000555555678d7c in control_out (len=, buf=0x55555775c3a0, vser=0x5555578d1540) at /home/pgrunt/RH/qemu/hw/char/virtio-serial-bus.c:404 #4 0x0000555555678d7c in control_out (vdev=0x5555578d1540, vq=0x555557941bc8) at /home/pgrunt/RH/qemu/hw/char/virtio-serial-bus.c:441 #5 0x000055555588eb98 in aio_dispatch (ctx=0x5555562e1a50) at aio-posix.c:160 #6 0x00005555558829ee in aio_ctx_dispatch (source=, callback=, user_data=) at async.c:226 #7 0x00007ffff2010e3a in g_main_context_dispatch () at /lib64/libglib-2.0.so.0 #8 0x000055555588d8fb in main_loop_wait () at main-loop.c:211 #9 0x000055555588d8fb in main_loop_wait (timeout=) at main-loop.c:256 #10 0x000055555588d8fb in main_loop_wait (nonblocking=) at main-loop.c:504 #11 0x000055555561b664 in main () at vl.c:1891 --- server/spicevmc.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/server/spicevmc.c b/server/spicevmc.c index e10f1837..6ac15611 100644 --- a/server/spicevmc.c +++ b/server/spicevmc.c @@ -569,6 +569,11 @@ SPICE_GNUC_VISIBLE void spice_server_port_event(SpiceCharDeviceInstance *sin, ui { SpiceVmcState *state; + if (sin->st == NULL) { + spice_warning("no SpiceCharDeviceState attached to instance %p", sin); + return; + } + state = (SpiceVmcState *)spice_char_device_state_opaque_get(sin->st); if (event == SPICE_PORT_EVENT_OPENED) { state->port_opened = TRUE; -- cgit v1.2.3