subject:"\[PATCH\] block\: Avoid stale pointer dereference in blk_get_aio_context\(\)"

Re: [PATCH] block: Avoid stale pointer dereference in blk_get_aio_context()

2020-07-10 Thread Kevin Wolf

Am 09.07.2020 um 15:50 hat Greg Kurz geschrieben: > It is possible for blk_remove_bs() to race with blk_drain_all(), causing > the latter to dereference a stale blk->root pointer: > > > blk_remove_bs(blk) >bdrv_root_unref_child(blk->root) > child_bs = blk->root->bs > bdrv_detach_chi

[PATCH] block: Avoid stale pointer dereference in blk_get_aio_context()

2020-07-09 Thread Greg Kurz

It is possible for blk_remove_bs() to race with blk_drain_all(), causing the latter to dereference a stale blk->root pointer: blk_remove_bs(blk) bdrv_root_unref_child(blk->root) child_bs = blk->root->bs bdrv_detach_child(blk->root) ... g_free(blk->root) <== blk-