Decided not to apply this patchset to vz7.
--
Best regards,
Konstantin Khorenko,
Virtuozzo Linux Kernel Team
On 15.12.2023 16:33, Yuriy Vasilev wrote:
When the refcnt of a cslist is equal to 0, it indicates that the cslist
has been dropped and is going to be freed. In such cases, let's trigger
a BUG_ON to prevent use after free.
https://pmc.acronis.work/browse/VSTOR-76384
Signed-off-by: Yuriy Vasilev <yuriy.vasi...@virtuozzo.com>
---
fs/fuse/kio/pcs/pcs_map.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/fuse/kio/pcs/pcs_map.c b/fs/fuse/kio/pcs/pcs_map.c
index dcab125797b4..8f7dcb311f9f 100644
--- a/fs/fuse/kio/pcs/pcs_map.c
+++ b/fs/fuse/kio/pcs/pcs_map.c
@@ -91,7 +91,7 @@ static inline void cslist_get(struct pcs_cs_list * csl)
{
TRACE("csl:%p csl->map:%p refcnt:%d\n", csl, csl->map,
atomic_read(&csl->refcnt));
- atomic_inc(&csl->refcnt);
+ BUG_ON(!atomic_inc_not_zero(&csl->refcnt));
}
static inline void cslist_put(struct pcs_cs_list * csl)
{
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
