commit: 237242bddc99041e15a4ca51b8439657cadaff17 From: Cornelia Huck <[email protected]> Date: Fri, 9 Nov 2012 14:54:12 +1030 Subject: virtio: Don't access index after unregister. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
Virtio wants to release used indices after the corresponding virtio device has been unregistered. However, virtio does not hold an extra reference, giving up its last reference with device_unregister(), making accessing dev->index afterwards invalid. I actually saw problems when testing my (not-yet-merged) virtio-ccw code: - device_add virtio-net,id=xxx -> creates device virtio<n> with n>0 - device_del xxx -> deletes virtio<n>, but calls ida_simple_remove with an index of 0 - device_add virtio-net,id=xxx -> tries to add virtio0, which is still in use... So let's save the index we want to release before calling device_unregister(). Signed-off-by: Cornelia Huck <[email protected]> Acked-by: Sjur Brændeland <[email protected]> Cc: [email protected] Signed-off-by: Rusty Russell <[email protected]> --- drivers/virtio/virtio.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c index 1e8659c..809b0de 100644 --- a/drivers/virtio/virtio.c +++ b/drivers/virtio/virtio.c @@ -225,8 +225,10 @@ EXPORT_SYMBOL_GPL(register_virtio_device); void unregister_virtio_device(struct virtio_device *dev) { + int index = dev->index; /* save for after device release */ + device_unregister(&dev->dev); - ida_simple_remove(&virtio_index_ida, dev->index); + ida_simple_remove(&virtio_index_ida, index); } EXPORT_SYMBOL_GPL(unregister_virtio_device); -- 1.7.3.4 -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
