subject:"\[Qemu\-devel\] assert and crash on hot\-unplug"

Re: [Qemu-devel] assert and crash on hot-unplug

2012-09-21 Thread Anthony Liguori

"Serge E. Hallyn" writes: Hi Serge, > Hi, > > a regression test of CVE-2011-1751 (fixed by > 505597e4476a6bc219d0ec1362b760d71cb4fdca) found that when writing 2 to > 0xae08, qemu-system-i386 crashes with > > ERROR:qom/object.c:386:object_finalize: assertion failed: (obj->ref == 0) > > A simple w

[Qemu-devel] assert and crash on hot-unplug

2012-09-20 Thread Serge E. Hallyn

Hi, a regression test of CVE-2011-1751 (fixed by 505597e4476a6bc219d0ec1362b760d71cb4fdca) found that when writing 2 to 0xae08, qemu-system-i386 crashes with ERROR:qom/object.c:386:object_finalize: assertion failed: (obj->ref == 0) A simple way to reproduce this (in qemu 1.1 or 1.2) is: serge@u