Module Name: src
Committed By: isaki
Date: Sat Mar 9 11:55:59 UTC 2024
Modified Files:
src/sys/dev/virtio: virtio_mmio.c
Log Message:
Fix a null dereference (on attach failure).
During cleanup, setup_queue may be called even before vsc->sc_vqs is assigned.
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/sys/dev/virtio/virtio_mmio.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/virtio/virtio_mmio.c
diff -u src/sys/dev/virtio/virtio_mmio.c:1.13 src/sys/dev/virtio/virtio_mmio.c:1.14
--- src/sys/dev/virtio/virtio_mmio.c:1.13 Sat Jan 6 06:59:33 2024
+++ src/sys/dev/virtio/virtio_mmio.c Sat Mar 9 11:55:59 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: virtio_mmio.c,v 1.13 2024/01/06 06:59:33 thorpej Exp $ */
+/* $NetBSD: virtio_mmio.c,v 1.14 2024/03/09 11:55:59 isaki Exp $ */
/* $OpenBSD: virtio_mmio.c,v 1.2 2017/02/24 17:12:31 patrick Exp $ */
/*-
@@ -58,7 +58,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: virtio_mmio.c,v 1.13 2024/01/06 06:59:33 thorpej Exp $");
+__KERNEL_RCSID(0, "$NetBSD: virtio_mmio.c,v 1.14 2024/03/09 11:55:59 isaki Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -208,8 +208,7 @@ virtio_mmio_v2_setup_queue(struct virtio
uint64_t addr)
{
struct virtio_mmio_softc *sc = (struct virtio_mmio_softc *)vsc;
- struct virtqueue *vq = &vsc->sc_vqs[idx];
- KASSERT(vq->vq_index == idx);
+ struct virtqueue *vq;
virtio_mmio_reg_write(sc, VIRTIO_MMIO_QUEUE_SEL, idx);
if (addr == 0) {
@@ -218,6 +217,9 @@ virtio_mmio_v2_setup_queue(struct virtio
virtio_mmio_v2_set_addr(sc, VIRTIO_MMIO_V2_QUEUE_AVAIL_LOW, 0);
virtio_mmio_v2_set_addr(sc, VIRTIO_MMIO_V2_QUEUE_USED_LOW, 0);
} else {
+ vq = &vsc->sc_vqs[idx];
+ KASSERT(vq->vq_index == idx);
+
virtio_mmio_reg_write(sc, VIRTIO_MMIO_QUEUE_NUM,
virtio_mmio_reg_read(sc, VIRTIO_MMIO_QUEUE_NUM_MAX));
virtio_mmio_v2_set_addr(sc, VIRTIO_MMIO_V2_QUEUE_DESC_LOW,
