On Wed, Jul 27, 2011 at 02:00:31PM +0530, Amit Shah wrote: > virtio_cleanup() will remove the VirtIONet struct that gets allocated > via virtio_common_init(). Ensure we don't dereference the structure > after calling the cleanup function. > > Signed-off-by: Amit Shah <amit.s...@redhat.com>
I see. It's not a use after free but will be once you make virtio_cleanup free the vdev? > --- > hw/virtio-net.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/hw/virtio-net.c b/hw/virtio-net.c > index a32cc01..3f10391 100644 > --- a/hw/virtio-net.c > +++ b/hw/virtio-net.c > @@ -1073,6 +1073,6 @@ void virtio_net_exit(VirtIODevice *vdev) > qemu_bh_delete(n->tx_bh); > } > > - virtio_cleanup(&n->vdev); > qemu_del_vlan_client(&n->nic->nc); > + virtio_cleanup(&n->vdev); > } > -- > 1.7.6