CVSROOT: /cvs
Module name: src
Changes by: p...@cvs.openbsd.org 2020/04/29 21:50:53
Modified files:
usr.sbin/vmd : vm.c vmm.c
Log message:
vmd(8): correctly terminate vm processes after sending vm
Instead of a round about way of sending a message to vmm that 'send is
successful' and terminating by vm_remove from vmm, we can send the imsg and
exit in the vm process. The sigchld handler in vmm will vm_remove it from its
structures. This is how a normal vm is terminated as well.
Previously, vm_remove was called in vmm_dispatch_vm (ie. the event handler to
receive messages from vm process) when hanlding the IMSG_VMDOP_SEND_VM_RESPONSE
(ie. the vm process has written the vm state to the fd passed on by vmctl
send). This is not how vm_remove was intented to be used as it does a
free(vm). The vm struct holds the buffers for imsg and so after handling this
IMSG_VMDOP_SEND_VM_RESPONSE message, vmm_dispatch_vm loops again to do
imsg_get(ibuf, &imsg) to read the next message (and we had just freed this
*ibuf when we freed the vm struct) causing it to segfault.
reported by kn@
ok kn@
