From: Marc-André Lureau <marcandre.lur...@redhat.com>
Avoid handlers being called with dangling pointers when the object is
freed.
Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
---
ui/vdagent.c | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/ui/vdagent.c b/ui/vdagent.c
index 5ae5734c81..1a29016e07 100644
--- a/ui/vdagent.c
+++ b/ui/vdagent.c
@@ -721,22 +721,26 @@ static void vdagent_chr_accept_input(Chardev *chr)
vdagent_send_buf(vd);
}
+static void vdagent_disconnect(VDAgentChardev *vd)
+{
+ vdagent_reset_bufs(vd);
+ vd->caps = 0;
+ if (vd->mouse_hs) {
+ qemu_input_handler_deactivate(vd->mouse_hs);
+ }
+ if (vd->cbpeer.update.notify) {
+ qemu_clipboard_peer_unregister(&vd->cbpeer);
+ memset(&vd->cbpeer, 0, sizeof(vd->cbpeer));
+ }
+}
+
static void vdagent_chr_set_fe_open(struct Chardev *chr, int fe_open)
{
VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
if (!fe_open) {
trace_vdagent_close();
- /* reset state */
- vdagent_reset_bufs(vd);
- vd->caps = 0;
- if (vd->mouse_hs) {
- qemu_input_handler_deactivate(vd->mouse_hs);
- }
- if (vd->cbpeer.update.notify) {
- qemu_clipboard_peer_unregister(&vd->cbpeer);
- memset(&vd->cbpeer, 0, sizeof(vd->cbpeer));
- }
+ vdagent_disconnect(vd);
return;
}
@@ -781,6 +785,7 @@ static void vdagent_chr_fini(Object *obj)
{
VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(obj);
+ vdagent_disconnect(vd);
buffer_free(&vd->outbuf);
}
--
2.32.0.264.g75ae10bc75
