Commit 819f56b7fb1f4910ac826202fcf42d8093da3c4f

Authored by aliguori
1 parent 9230eaf6

char: Fix closing of various char devices (Jan Kiszka)

This patch fixes several issues around closing char devices. Affected
were pty (timer was left behind, even running), udp (no close handling
at all) and tcp (missing async IO handler cleanup). The bugs either
caused segfaults or stalled the qemu process. So far, hot-unplugging USB
serial adapters suffered from this.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6911 c046a42c-6fe2-441c-8c8c-71466251a162
Showing 1 changed file with 19 additions and 2 deletions
qemu-char.c
@@ -929,6 +929,8 @@ static void pty_chr_close(struct CharDriverState *chr) @@ -929,6 +929,8 @@ static void pty_chr_close(struct CharDriverState *chr)
929 929
930 qemu_set_fd_handler2(s->fd, NULL, NULL, NULL, NULL); 930 qemu_set_fd_handler2(s->fd, NULL, NULL, NULL, NULL);
931 close(s->fd); 931 close(s->fd);
  932 + qemu_del_timer(s->timer);
  933 + qemu_free_timer(s->timer);
932 qemu_free(s); 934 qemu_free(s);
933 } 935 }
934 936
@@ -1758,6 +1760,16 @@ static void udp_chr_update_read_handler(CharDriverState *chr) @@ -1758,6 +1760,16 @@ static void udp_chr_update_read_handler(CharDriverState *chr)
1758 } 1760 }
1759 } 1761 }
1760 1762
  1763 +static void udp_chr_close(CharDriverState *chr)
  1764 +{
  1765 + NetCharDriver *s = chr->opaque;
  1766 + if (s->fd >= 0) {
  1767 + qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
  1768 + closesocket(s->fd);
  1769 + }
  1770 + qemu_free(s);
  1771 +}
  1772 +
1761 static CharDriverState *qemu_chr_open_udp(const char *def) 1773 static CharDriverState *qemu_chr_open_udp(const char *def)
1762 { 1774 {
1763 CharDriverState *chr = NULL; 1775 CharDriverState *chr = NULL;
@@ -1791,6 +1803,7 @@ static CharDriverState *qemu_chr_open_udp(const char *def) @@ -1791,6 +1803,7 @@ static CharDriverState *qemu_chr_open_udp(const char *def)
1791 chr->opaque = s; 1803 chr->opaque = s;
1792 chr->chr_write = udp_chr_write; 1804 chr->chr_write = udp_chr_write;
1793 chr->chr_update_read_handler = udp_chr_update_read_handler; 1805 chr->chr_update_read_handler = udp_chr_update_read_handler;
  1806 + chr->chr_close = udp_chr_close;
1794 return chr; 1807 return chr;
1795 1808
1796 return_err: 1809 return_err:
@@ -1993,10 +2006,14 @@ static void tcp_chr_accept(void *opaque) @@ -1993,10 +2006,14 @@ static void tcp_chr_accept(void *opaque)
1993 static void tcp_chr_close(CharDriverState *chr) 2006 static void tcp_chr_close(CharDriverState *chr)
1994 { 2007 {
1995 TCPCharDriver *s = chr->opaque; 2008 TCPCharDriver *s = chr->opaque;
1996 - if (s->fd >= 0) 2009 + if (s->fd >= 0) {
  2010 + qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
1997 closesocket(s->fd); 2011 closesocket(s->fd);
1998 - if (s->listen_fd >= 0) 2012 + }
  2013 + if (s->listen_fd >= 0) {
  2014 + qemu_set_fd_handler(s->listen_fd, NULL, NULL, NULL);
1999 closesocket(s->listen_fd); 2015 closesocket(s->listen_fd);
  2016 + }
2000 qemu_free(s); 2017 qemu_free(s);
2001 } 2018 }
2002 2019