On 27/11/19 19:24, Leonardo Bras wrote: > By what I could undestand up to now, these functions that use borrowed > references can only be called while the reference (file descriptor) > exists. > So, suppose these threads, where: > - T1 uses a borrowed reference, and > - T2 is releasing the reference (close, release): Nit: T2 is releasing the *last* reference (as implied by your reference to close/release). > > T1 | T2 > kvm_get_kvm() | > ... | kvm_put_kvm() > kvm_put_kvm_no_destroy() | > > The above would not trigger a use-after-free bug, but will cause a > memory leak. Is my above understanding right? Yes, this is correct. Paolo
Attachment:
signature.asc
Description: OpenPGP digital signature