vnc: add magic cookie to VncState

Set magic cookie on initialization.  Clear on cleanup.  Sprinkle a bunch
of assert()s checking the cookie, to verify the pointer is valid.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20180507102254.12107-1-kraxel@redhat.com
This commit is contained in:
Gerd Hoffmann 2018-05-07 12:22:54 +02:00
parent 4f4cb8282d
commit f31f9c1080
3 changed files with 16 additions and 1 deletions

View File

@ -82,6 +82,7 @@ VncJob *vnc_job_new(VncState *vs)
{ {
VncJob *job = g_new0(VncJob, 1); VncJob *job = g_new0(VncJob, 1);
assert(vs->magic == VNC_MAGIC);
job->vs = vs; job->vs = vs;
vnc_lock_queue(queue); vnc_lock_queue(queue);
QLIST_INIT(&job->rectangles); QLIST_INIT(&job->rectangles);
@ -214,6 +215,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
/* Here job can only be NULL if queue->exit is true */ /* Here job can only be NULL if queue->exit is true */
job = QTAILQ_FIRST(&queue->jobs); job = QTAILQ_FIRST(&queue->jobs);
vnc_unlock_queue(queue); vnc_unlock_queue(queue);
assert(job->vs->magic == VNC_MAGIC);
if (queue->exit) { if (queue->exit) {
return -1; return -1;
@ -236,6 +238,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
/* Make a local copy of vs and switch output buffers */ /* Make a local copy of vs and switch output buffers */
vnc_async_encoding_start(job->vs, &vs); vnc_async_encoding_start(job->vs, &vs);
vs.magic = VNC_MAGIC;
/* Start sending rectangles */ /* Start sending rectangles */
n_rectangles = 0; n_rectangles = 0;
@ -289,6 +292,7 @@ disconnected:
vnc_unlock_queue(queue); vnc_unlock_queue(queue);
qemu_cond_broadcast(&queue->cond); qemu_cond_broadcast(&queue->cond);
g_free(job); g_free(job);
vs.magic = 0;
return 0; return 0;
} }

View File

@ -1138,6 +1138,7 @@ static void audio_capture_notify(void *opaque, audcnotification_e cmd)
{ {
VncState *vs = opaque; VncState *vs = opaque;
assert(vs->magic == VNC_MAGIC);
switch (cmd) { switch (cmd) {
case AUD_CNOTIFY_DISABLE: case AUD_CNOTIFY_DISABLE:
vnc_lock_output(vs); vnc_lock_output(vs);
@ -1167,6 +1168,7 @@ static void audio_capture(void *opaque, void *buf, int size)
{ {
VncState *vs = opaque; VncState *vs = opaque;
assert(vs->magic == VNC_MAGIC);
vnc_lock_output(vs); vnc_lock_output(vs);
if (vs->output.offset < vs->throttle_output_offset) { if (vs->output.offset < vs->throttle_output_offset) {
vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
@ -1275,6 +1277,7 @@ void vnc_disconnect_finish(VncState *vs)
vs->ioc = NULL; vs->ioc = NULL;
object_unref(OBJECT(vs->sioc)); object_unref(OBJECT(vs->sioc));
vs->sioc = NULL; vs->sioc = NULL;
vs->magic = 0;
g_free(vs); g_free(vs);
} }
@ -1414,7 +1417,7 @@ static void vnc_client_write_locked(VncState *vs)
static void vnc_client_write(VncState *vs) static void vnc_client_write(VncState *vs)
{ {
assert(vs->magic == VNC_MAGIC);
vnc_lock_output(vs); vnc_lock_output(vs);
if (vs->output.offset) { if (vs->output.offset) {
vnc_client_write_locked(vs); vnc_client_write_locked(vs);
@ -1487,6 +1490,7 @@ static void vnc_jobs_bh(void *opaque)
{ {
VncState *vs = opaque; VncState *vs = opaque;
assert(vs->magic == VNC_MAGIC);
vnc_jobs_consume_buffer(vs); vnc_jobs_consume_buffer(vs);
} }
@ -1537,6 +1541,8 @@ gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
GIOCondition condition, void *opaque) GIOCondition condition, void *opaque)
{ {
VncState *vs = opaque; VncState *vs = opaque;
assert(vs->magic == VNC_MAGIC);
if (condition & G_IO_IN) { if (condition & G_IO_IN) {
if (vnc_client_read(vs) < 0) { if (vnc_client_read(vs) < 0) {
/* vs is free()ed here */ /* vs is free()ed here */
@ -1568,6 +1574,7 @@ gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
void vnc_write(VncState *vs, const void *data, size_t len) void vnc_write(VncState *vs, const void *data, size_t len)
{ {
assert(vs->magic == VNC_MAGIC);
if (vs->disconnecting) { if (vs->disconnecting) {
return; return;
} }
@ -3064,6 +3071,7 @@ static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc,
int i; int i;
trace_vnc_client_connect(vs, sioc); trace_vnc_client_connect(vs, sioc);
vs->magic = VNC_MAGIC;
vs->sioc = sioc; vs->sioc = sioc;
object_ref(OBJECT(vs->sioc)); object_ref(OBJECT(vs->sioc));
vs->ioc = QIO_CHANNEL(sioc); vs->ioc = QIO_CHANNEL(sioc);

View File

@ -255,8 +255,11 @@ typedef enum {
VNC_STATE_UPDATE_FORCE, VNC_STATE_UPDATE_FORCE,
} VncStateUpdate; } VncStateUpdate;
#define VNC_MAGIC ((uint64_t)0x05b3f069b3d204bb)
struct VncState struct VncState
{ {
uint64_t magic;
QIOChannelSocket *sioc; /* The underlying socket */ QIOChannelSocket *sioc; /* The underlying socket */
QIOChannel *ioc; /* The channel currently used for I/O */ QIOChannel *ioc; /* The channel currently used for I/O */
guint ioc_tag; guint ioc_tag;