usb-host: workaround libusb bug · jcs.org/qemu@54cdfe5

qemu with hax to log dma reads & writes jcs.org/2018/11/12/vfio

usb-host: workaround libusb bug

libusb seems to no allways call the completion callback for requests
canceled (which it is supposed to do according to the docs). So add
a limit to avoid qemu waiting forever.

Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20200529072225.3195-1-kraxel@redhat.com>

Gerd Hoffmann 5 years ago 54cdfe51 9f815e83

+14

1 changed file

expand all

usb

host-libusb.c

+14

hw/usb/host-libusb.c

··· 972 972 static void usb_host_abort_xfers(USBHostDevice *s) 973 973 { 974 974 USBHostRequest *r, *rtmp; 975 + int limit = 100; 975 976 976 977 QTAILQ_FOREACH_SAFE(r, &s->requests, next, rtmp) { 977 978 usb_host_req_abort(r); ··· 982 983 memset(&tv, 0, sizeof(tv)); 983 984 tv.tv_usec = 2500; 984 985 libusb_handle_events_timeout(ctx, &tv); 986 + if (--limit == 0) { 987 + /* 988 + * Don't wait forever for libusb calling the complete 989 + * callback (which will unlink and free the request). 990 + * 991 + * Leaking memory here, to make sure libusb will not 992 + * access memory which we have released already. 993 + */ 994 + QTAILQ_FOREACH_SAFE(r, &s->requests, next, rtmp) { 995 + QTAILQ_REMOVE(&s->requests, r, next); 996 + } 997 + return; 998 + } 985 999 } 986 1000 } 987 1001