From 4e4b57342e14f260ca6e2d4cfcbafb876d227909 Mon Sep 17 00:00:00 2001 From: Peter Xu Date: Thu, 18 Jan 2018 13:20:49 +0800 Subject: [PATCH] chardev: fix incorrect unref of source MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit glib reported error when pty chardev used: $ ./qemu-system-x86_64 -chardev pty,id=foo -device isa-serial,chardev=foo qemu-system-x86_64: -chardev pty,id=foo: char device redirected to /dev/pts/2 (label foo) (qemu-system-x86_64:27885): GLib-CRITICAL **: g_source_unref: assertion 'source != NULL' failed (qemu-system-x86_64:27885): GLib-CRITICAL **: g_source_unref: assertion 'source != NULL' failed This patch fixes that. Fixes: 2c716ba150 ("chardev: introduce qemu_chr_timeout_add_ms()") CC: Paolo Bonzini Reported-by: Marc-André Lureau Signed-off-by: Peter Xu Message-Id: <20180118052049.31119-1-peterx@redhat.com> Signed-off-by: Paolo Bonzini --- chardev/char-pty.c | 48 +++++++++++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 22 deletions(-) diff --git a/chardev/char-pty.c b/chardev/char-pty.c index 89315e6807..68fd4e20c3 100644 --- a/chardev/char-pty.c +++ b/chardev/char-pty.c @@ -51,23 +51,6 @@ typedef struct { static void pty_chr_update_read_handler_locked(Chardev *chr); static void pty_chr_state(Chardev *chr, int connected); -static gboolean pty_chr_timer(gpointer opaque) -{ - struct Chardev *chr = CHARDEV(opaque); - PtyChardev *s = PTY_CHARDEV(opaque); - - qemu_mutex_lock(&chr->chr_write_lock); - s->timer_src = NULL; - g_source_unref(s->open_source); - s->open_source = NULL; - if (!s->connected) { - /* Next poll ... */ - pty_chr_update_read_handler_locked(chr); - } - qemu_mutex_unlock(&chr->chr_write_lock); - return FALSE; -} - static void pty_chr_timer_cancel(PtyChardev *s) { if (s->timer_src) { @@ -77,6 +60,31 @@ static void pty_chr_timer_cancel(PtyChardev *s) } } +static void pty_chr_open_src_cancel(PtyChardev *s) +{ + if (s->open_source) { + g_source_destroy(s->open_source); + g_source_unref(s->open_source); + s->open_source = NULL; + } +} + +static gboolean pty_chr_timer(gpointer opaque) +{ + struct Chardev *chr = CHARDEV(opaque); + PtyChardev *s = PTY_CHARDEV(opaque); + + qemu_mutex_lock(&chr->chr_write_lock); + pty_chr_timer_cancel(s); + pty_chr_open_src_cancel(s); + if (!s->connected) { + /* Next poll ... */ + pty_chr_update_read_handler_locked(chr); + } + qemu_mutex_unlock(&chr->chr_write_lock); + return FALSE; +} + /* Called with chr_write_lock held. */ static void pty_chr_rearm_timer(Chardev *chr, int ms) { @@ -195,11 +203,7 @@ static void pty_chr_state(Chardev *chr, int connected) PtyChardev *s = PTY_CHARDEV(chr); if (!connected) { - if (s->open_source) { - g_source_destroy(s->open_source); - g_source_unref(s->open_source); - s->open_source = NULL; - } + pty_chr_open_src_cancel(s); remove_fd_in_watch(chr); s->connected = 0; /* (re-)connect poll interval for idle guests: once per second.