Skip to content

virgl: Avoid a race condition on handle removal

Corentin Noël requested to merge tintou/mesa:tintou/virgl-bo-handle-race into main

What does this MR do and why?

We were unlocking the bo handles hash table right after removing the bo handle and afterward closing it. This leads to race conditions where the handle could have been re-acquired on another thread. As the kernel would return the same bo handle and do not reference count them, this leads to it being used after being closed.

Merge request reports

Loading