On 05/09/2016 06:03 AM, Frediano Ziglio wrote:
> Removing an interface cause SpiceBaseInstance->st to be set to NULL.
> This pointer was then deferenced in agent code.
> As SpiceBaseInstance should not be used after this call make sure
> we don't keep pointers to it.
>
> Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx>
> ---
> server/reds.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/server/reds.c b/server/reds.c
> index 67c262a..2dee76f 100644
> --- a/server/reds.c
> +++ b/server/reds.c
> @@ -3264,6 +3264,7 @@ static void spice_server_char_device_remove_interface(RedsState *reds, SpiceBase
> if (strcmp(char_device->subtype, SUBTYPE_VDAGENT) == 0) {
> if (reds->vdagent) {
> reds_agent_remove(reds);
> + red_char_device_reset_dev_instance(RED_CHAR_DEVICE(reds->agent_dev), NULL);
> }
> }
> #ifdef USE_SMARTCARD
>
Confirmed that this solves the crash without the need of reverting the
original patch which introduced the issue.
Tested-by: Eduardo Lima (Etrunko) <etrunko@xxxxxxxxxx>
--
Eduardo de Barros Lima (Etrunko)
Software Engineer - RedHat
etrunko@xxxxxxxxxx
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel