[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] bug in usb_bus_release() ?
From: |
Juergen Gross |
Subject: |
[Qemu-devel] bug in usb_bus_release() ? |
Date: |
Wed, 27 Jul 2016 16:56:47 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2 |
I can reproduce a problem in qemu with Xen just by adding and removing a
USB bus. The bus is added via usb_bus_new() in hw/usb/xen-usb.c and
removed later via usb_bus_release().
Nothing bad happens until I close an active VNC viewer connected to the
graphical console emulated by the same qemu process. In the log file I
see "*** Error in `/usr/lib/xen/bin/qemu-system-i386': corrupted double-
linked list: 0x000055b236bd56b0 ***" and the qemu process will hang.
Looking into the sources I suspected a missing
object_unparent(OBJECT(&usbif->bus));
after calling usb_bus_release(&usbif->bus) to be the culprit, but
adding this call didn't help (shouldn't this be called from
usb_bus_release() instead?)
I suspect something else is missing in qemu for removing a USB bus
without leaking resources, but I couldn't find anything up to now. Does
anyone have an idea what could be wrong?
Juergen
- [Qemu-devel] bug in usb_bus_release() ?,
Juergen Gross <=