From 9a7dedbc43c7c400663d2876a8ccb6d942a1429a Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Tue, 16 Jun 2015 10:58:20 +0200 Subject: [PATCH] block: Reorder cleanups in bdrv_close() Block drivers may still want to access their child nodes in their .bdrv_close handler. If they unref and/or detach a child by themselves, this should not result in a double free. There is additional code for backing files, which are just a special case of child nodes. The same applies for them. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz --- block.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/block.c b/block.c index b723cf2858..d5c9f032aa 100644 --- a/block.c +++ b/block.c @@ -1901,6 +1901,14 @@ void bdrv_close(BlockDriverState *bs) if (bs->drv) { BdrvChild *child, *next; + bs->drv->bdrv_close(bs); + + if (bs->backing_hd) { + BlockDriverState *backing_hd = bs->backing_hd; + bdrv_set_backing_hd(bs, NULL); + bdrv_unref(backing_hd); + } + QLIST_FOREACH_SAFE(child, &bs->children, next, next) { /* TODO Remove bdrv_unref() from drivers' close function and use * bdrv_unref_child() here */ @@ -1910,12 +1918,6 @@ void bdrv_close(BlockDriverState *bs) bdrv_detach_child(child); } - if (bs->backing_hd) { - BlockDriverState *backing_hd = bs->backing_hd; - bdrv_set_backing_hd(bs, NULL); - bdrv_unref(backing_hd); - } - bs->drv->bdrv_close(bs); g_free(bs->opaque); bs->opaque = NULL; bs->drv = NULL;