In parse_record_options() we can end up using a deleted instance after options have been parsed. This can be triggered by the following command: $ trace-cmd record -v -e block -B foo ls We probably need a proper to avoid to end up in this situation, but in the mean time, check that the current instance isn't marked for deletion before calling remove_instances(). That at least prevent an hard to debug memory corruption bug. Fixes a USE_AFTER_FREE error (CWE-416) Signed-off-by: Jerome Marchand <jmarchan@xxxxxxxxxx> --- tracecmd/trace-record.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c index 770e775b..dc3e5285 100644 --- a/tracecmd/trace-record.c +++ b/tracecmd/trace-record.c @@ -6909,6 +6909,8 @@ static void parse_record_options(int argc, } } + if (ctx->instance->delete) + die("Instance to be deleted is still used"); remove_instances(del_list); /* If --date is specified, prepend it to all guest VM flags */ -- 2.44.0