• Vitaly Kuznetsov's avatar
    Drivers: hv: vmbus: Fix a race condition when unregistering a device · ae4b4f11
    Vitaly Kuznetsov authored
    commit 04a258c1 upstream.
    
    When build with Debug the following crash is sometimes observed:
    Call Trace:
     [<ffffffff812b9600>] string+0x40/0x100
     [<ffffffff812bb038>] vsnprintf+0x218/0x5e0
     [<ffffffff810baf7d>] ? trace_hardirqs_off+0xd/0x10
     [<ffffffff812bb4c1>] vscnprintf+0x11/0x30
     [<ffffffff8107a2f0>] vprintk+0xd0/0x5c0
     [<ffffffffa0051ea0>] ? vmbus_process_rescind_offer+0x0/0x110 [hv_vmbus]
     [<ffffffff8155c71c>] printk+0x41/0x45
     [<ffffffffa004ebac>] vmbus_device_unregister+0x2c/0x40 [hv_vmbus]
     [<ffffffffa0051ecb>] vmbus_process_rescind_offer+0x2b/0x110 [hv_vmbus]
    ...
    
    This happens due to the following race: between 'if (channel->device_obj)' check
    in vmbus_process_rescind_offer() and pr_debug() in vmbus_device_unregister() the
    device can disappear. Fix the issue by taking an additional reference to the
    device before proceeding to vmbus_device_unregister().
    Signed-off-by: default avatarVitaly Kuznetsov <vkuznets@redhat.com>
    Signed-off-by: default avatarK. Y. Srinivasan <kys@microsoft.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    ae4b4f11
channel_mgmt.c 23.6 KB