pxcloud/spice-gtk
5
0
Fork 0
mirror of https://gitlab.uni-freiburg.de/opensourcevdi/spice-gtk synced 2025-12-31 11:29:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

channel: Abort migration in delayed unref

Browse Source 
When channel is unref'ed during migration migrate_channel_event_cb
is called causing a crash by coroutine yielding to nonexistent channel.

The delayed_unref happens for the target host channel and will only occur
when the migration process fails.

As comment in spice_channel_coroutine says:
  Co-routine exits now - the SpiceChannel object may no longer exist,
  so don't do anything else now unless you like SEGVs

Related: rhbz#1318574
Acked-by: Victor Toso <victortoso@redhat.com>
This commit is contained in:
Pavel Grunt 2016-04-22 16:47:48 +02:00
parent b5458f8ee6
commit 109e5756e7
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/spice-channel.c
View File

@ -2296,6 +2296,7 @@ static gboolean spice_channel_delayed_unref(gpointer data)
SpiceChannel *channel = SPICE_CHANNEL(data);
SpiceChannelPrivate *c = channel->priv;
gboolean was_ready = c->state == SPICE_CHANNEL_STATE_READY;
SpiceSession *session;
CHANNEL_DEBUG(channel, "Delayed unref channel %p", channel);
@ -2303,6 +2304,13 @@ static gboolean spice_channel_delayed_unref(gpointer data)
c->state = SPICE_CHANNEL_STATE_UNCONNECTED;
session = spice_channel_get_session(channel);
if (spice_session_is_for_migration(session)) {
/* error during migration - abort migration */
spice_session_abort_migration(session);
return FALSE;
}
if (c->event != SPICE_CHANNEL_NONE) {
g_coroutine_signal_emit(channel, signals[SPICE_CHANNEL_EVENT], 0, c->event);
c->event = SPICE_CHANNEL_NONE;