If a device was grabbed through evdev and then became disconnected, we oops on close. This happens because input_release_device uses memory which was freed. Fedora enabled evdev in X11 by default recently, and now anyone who flips a KVM oopses when they log out (Fedora bug 436659). Signed-off-by: Pete Zaitcev <zaitcev@xxxxxxxxxx> diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c index 0727b0a..c0874a3 100644 --- a/drivers/input/evdev.c +++ b/drivers/input/evdev.c @@ -155,7 +155,8 @@ static int evdev_ungrab(struct evdev *evdev, struct evdev_client *client) rcu_assign_pointer(evdev->grab, NULL); synchronize_rcu(); - input_release_device(&evdev->handle); + if (evdev->exist) + input_release_device(&evdev->handle); return 0; } -- To unsubscribe from this list: send the line "unsubscribe linux-input" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
