[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] bug in usb_bus_release() ?
|
From: |
Juergen Gross |
|
Subject: |
Re: [Qemu-devel] bug in usb_bus_release() ? |
|
Date: |
Fri, 29 Jul 2016 15:36:36 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2 |
On 27/07/16 16:56, Juergen Gross wrote:
> I can reproduce a problem in qemu with Xen just by adding and removing a
> USB bus. The bus is added via usb_bus_new() in hw/usb/xen-usb.c and
> removed later via usb_bus_release().
>
> Nothing bad happens until I close an active VNC viewer connected to the
> graphical console emulated by the same qemu process. In the log file I
> see "*** Error in `/usr/lib/xen/bin/qemu-system-i386': corrupted double-
> linked list: 0x000055b236bd56b0 ***" and the qemu process will hang.
>
> Looking into the sources I suspected a missing
>
> object_unparent(OBJECT(&usbif->bus));
>
> after calling usb_bus_release(&usbif->bus) to be the culprit, but
> adding this call didn't help (shouldn't this be called from
> usb_bus_release() instead?)
>
> I suspect something else is missing in qemu for removing a USB bus
> without leaking resources, but I couldn't find anything up to now. Does
> anyone have an idea what could be wrong?
Okay, problem solved. The bug was completely unrelated to
usb_bus_release(). It was just always triggered just after that call.
The problem was in Xen backend handling releasing more memory than
desired. Patch already sent out.
Juergen