vnc: rework VncState release workflow
Split socket closing and releasing of VncState into two steps. First close
the socket and set the variable to -1 to indicate shutdown in progress. Do
the actual release in a few places where we can be sure it doesn't cause
trouble in form of use-after-free. Add some checks for a valid socket handle
to make sure we don't try to use the closed socket.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Backported to 0.10-stable, removing references to vs->force_update and
changing vnc_disconnect_finish() to match the code in the 0.10 version of
vnc_client_io_error() in place of the master branch version.
(cherry picked from commit
c2723a9606dae5af5c614a55296ee37e2ed7801a)
Signed-off-by: Chris Webb <chris@arachsys.com>
Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
Fedora-patch: qemu-fix-vnc-disconnect-segfault.patch