From 79df69022f0dd9fd4f051adb900412b509731978 Mon Sep 17 00:00:00 2001 Message-Id: <79df69022f0dd9fd4f051adb900412b509731978.1334837238.git.minovotn@redhat.com> From: Paolo Bonzini Date: Tue, 17 Apr 2012 15:58:41 +0200 Subject: [PATCH 1/3] block: Set backing_hd to NULL after deleting it RH-Author: Paolo Bonzini Message-id: <1334678322-15574-2-git-send-email-pbonzini@redhat.com> Patchwork-id: 39271 O-Subject: [RHEL 6.3 qemu-kvm PATCH 1/2] block: Set backing_hd to NULL after deleting it Bugzilla: 812948 RH-Acked-by: Jeffrey Cody RH-Acked-by: Asias He RH-Acked-by: Kevin Wolf Setting backing_hd to NULL after deleting it is necessary in order to avoid a double-free after close+open+close. This is a much stronger need than what was in the original commit message: It is safer to set backing_hd to NULL after deleting it so that any use after deletion is obvious during development. Happy segfaulting! Signed-off-by: Stefan Hajnoczi Signed-off-by: Kevin Wolf (cherry-picked from upstream commit 557df6aca2e389ef631b283ca1522b1fdf121eff) --- block.c | 1 + 1 file changed, 1 insertion(+) Signed-off-by: Michal Novotny --- block.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/block.c b/block.c index 6bf6d18..bd42f0f 100644 --- a/block.c +++ b/block.c @@ -694,6 +694,7 @@ void bdrv_close(BlockDriverState *bs) } if (bs->backing_hd) { bdrv_delete(bs->backing_hd); + bs->backing_hd = NULL; } bs->drv->bdrv_close(bs); g_free(bs->opaque); -- 1.7.7.6