[libvirt] [PATCH 2/3] qemu: hotplug: Fix double free on USB collision

[Jiri Denemark]

On Thu, Dec 05, 2013 at 15:40:27 -0500, Cole Robinson wrote:
> If we hit a collision, we free the USB device while it is still part
> of our temporary USBDeviceList. When the list is unref'd, the device
> is free'd again.
> 
> Make the initial device freeing dependent on whether it is present
> in the temporary list or not.
> ---
>  src/qemu/qemu_hotplug.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
> index bff9e23..b7512a7 100644
> --- a/src/qemu/qemu_hotplug.c
> +++ b/src/qemu/qemu_hotplug.c
> @@ -1518,7 +1518,10 @@ cleanup:
>      }
>      if (added)
>          virUSBDeviceListSteal(driver->activeUsbHostdevs, usb);
> -    virUSBDeviceFree(usb);
> +    if (list && usb &&
> +        !virUSBDeviceListFind(list, usb) &&
> +        !virUSBDeviceListFind(driver->activeUsbHostdevs, usb))
> +        virUSBDeviceFree(usb);
>      virObjectUnref(list);
>      VIR_FREE(devstr);
>      return ret;

ACK

Jirka