KVM: make kvm_unregister_irq_ack_notifier() safe
We never pass a NULL notifier pointer here, but we may well pass a notifier struct which hasn't previously been registered. Guard against this by using hlist_del_init() which will not do anything if the node hasn't been added to the list and, when removing the node, will ensure that a subsequent call to hlist_del_init() will be fine too. Fixes an oops seen when an assigned device is freed before and IRQ is assigned to it. Signed-off-by: Mark McLoughlin <> Signed-off-by: Avi Kivity <>
diff --git a/virt/kvm/irq_comm.c b/virt/kvm/irq_comm.c
--- a/virt/kvm/irq_comm.c
+++ b/virt/kvm/irq_comm.c
@@ -63,9 +63,7 @@ void kvm_register_irq_ack_notifier(struct kvm *kvm,
void kvm_unregister_irq_ack_notifier(struct kvm_irq_ack_notifier *kian)
- if (!kian)
- return;
- hlist_del(&kian->link);
+ hlist_del_init(&kian->link);
/* The caller must hold kvm->lock mutex */