Re: [PATCH 1/1] btrfs: ioctl: don't free iov when -EAGAIN in uring encoded read

From: David Sterba
Date: Wed Mar 19 2025 - 14:06:05 EST

Next message: Nuno Das Neves: "Re: [PATCH v5 10/10] Drivers: hv: Introduce mshv_root module to expose /dev/mshv to VMMs"
Previous message: Catalin Marinas: "Re: [PATCH v3 1/1] KVM: arm64: Allow cacheable stage 2 mapping using VMA flags"
In reply to: Sidong Yang: "[PATCH 1/1] btrfs: ioctl: don't free iov when -EAGAIN in uring encoded read"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 19, 2025 at 11:24:01AM +0000, Sidong Yang wrote:
> This patch fixes a bug on encoded_read. In btrfs_uring_encoded_read(),
> btrfs_encoded_read could return -EAGAIN when receiving requests concurrently.
> And data->iov goes to out_free and it freed and return -EAGAIN. io-uring
> subsystem would call it again and it doesn't reset data. And data->iov
> freed and iov_iter reference it. iov_iter would be used in
> btrfs_uring_read_finished() and could be raise memory bug.
>
> Signed-off-by: Sidong Yang <sidong.yang@xxxxxxxxxx>

Thanks, added to for-next, with a bit updated changelog and added stable
tag for 6.13.

Next message: Nuno Das Neves: "Re: [PATCH v5 10/10] Drivers: hv: Introduce mshv_root module to expose /dev/mshv to VMMs"
Previous message: Catalin Marinas: "Re: [PATCH v3 1/1] KVM: arm64: Allow cacheable stage 2 mapping using VMA flags"
In reply to: Sidong Yang: "[PATCH 1/1] btrfs: ioctl: don't free iov when -EAGAIN in uring encoded read"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]