Received: by 2002:ab2:60d1:0:b0:1f7:5705:b850 with SMTP id i17csp171444lqm; Tue, 30 Apr 2024 17:16:04 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCV/XbIzS03VC1gKsmK2L3FbkN6Wru8bru3PNo4mbrUo3XLwdFgVFz3yDCbw3NlnObrxobGbLZuas/9eoabYeC5gkCbm4hUNCkmWCn6mRQ== X-Google-Smtp-Source: AGHT+IF6xK4AohUeMYrDCzShKajUfWPqnLmB/713UNzygUkaKH/WYeQoOq7vIZo1cH0ch1Mt6QGO X-Received: by 2002:a17:90b:3bc3:b0:2a5:3aec:fdef with SMTP id ph3-20020a17090b3bc300b002a53aecfdefmr915902pjb.47.1714522564658; Tue, 30 Apr 2024 17:16:04 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714522564; cv=pass; d=google.com; s=arc-20160816; b=mxGJGrBF+51dH7mK6gg7war7zz9MwOq5/4YYc31/gGF86hLugzbrBwpZItVKUrjzJf q6YiCEDlI9rPI9lxX0hzRmC4IS7/hRZ7gRkdMQSj3TyXl5yzLsoo9/yAcDHFnZc1FCS3 NoGkb3/SZa3dc6qzx4b9HhmWSmbw0NHTAlggoQUYJg1jrl1v1CuMlnUYs+jzQ0mzGy19 UFkz0LAO6pJKTllzIsMM7CfqVxlrP/zy9q27csCFSYnFCCiO1yges2aO8kLi36TmYUuj GqIgJ+/SM9TP06Lore7zdQdia+vr7SfZcL5Jwhxe5fc5OPu7q1oSLTrm9yAxXLxAkn7B mr3A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from; bh=2L8wiJAV1V4vXqR+QzfYov80zL4opTGIBPkj+zMSJQw=; fh=mNasztdev8cIkkdEnugmfHTpJ9eD7lWozhiVkrGddoo=; b=V3lMwTSd5KLylZ2g4LRCoKoeo2i6tX6oxP9+jMdUxGhLlds/5TXxWCBeXQ8LPq8mzs Uck7BSJY42qtMjXCcC2MNcvzCcVkIcpG3kSynjhsBG07dwSP5qH7sCFX5gU6BXLruNhT I+CNC0RJkzKaI3VeHQoiYT6zfYdVYLJFpsKv/wlzOu6IANLDrKs36KMVrJ60BOK4svpZ VICGGgexEtg8jv4/k8i2byFdg6bSqioK/r3vtcfuJr3yEfWKic6C3dTQ2qruaBmeybN8 1fzDFbu9c0hcW6g79OuNNMKuTvKAFN63YFmKYXYEjnCT747Nk7hUPJS76QYKnLhobgjT n44Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=sina.com); spf=pass (google.com: domain of linux-kernel+bounces-164827-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-164827-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id hk3-20020a17090b224300b002b328adc31csi120865pjb.133.2024.04.30.17.16.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Apr 2024 17:16:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-164827-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=sina.com); spf=pass (google.com: domain of linux-kernel+bounces-164827-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-164827-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 49E76284949 for ; Wed, 1 May 2024 00:16:04 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BD1581847; Wed, 1 May 2024 00:15:55 +0000 (UTC) Received: from mail115-95.sinamail.sina.com.cn (mail115-95.sinamail.sina.com.cn [218.30.115.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8371437E for ; Wed, 1 May 2024 00:15:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=218.30.115.95 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714522555; cv=none; b=Lh0PGKCcCpgHLHC3aEmVLMPUenFtuUSmVXg7dU9ZGwmFFi8iLrt3hjb2BLDRFjemxt8d/xBb/Bhu20An+UqMsydKU2XzlPSgaD1JGtjTjEaNtJefRJ2LnaWJ+nL3DQbJh96GLH9VXku9qN+IIcSRn7QS9M70esJijihT73ZsKQ0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714522555; c=relaxed/simple; bh=nL5c8XNclkvqZv1Vzc756f7bzufCJeq11kAFTQAbigI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Z147TR1IYD1lKtEgi02/5swJ47aEMuS5s1Xw6/qPH9pNSvn8ABvwjQUuHZhJAl0HqkgqIsak5ZdjvSUr4/5m9W2Uy5VX3J/rbFVaefHrfO51F+NI8lI43nL15pOfczlKn/whIYbu4Ep7MBWhN1Xk9ymbkoEKtY1i/6VC8cv/wrM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=sina.com; spf=pass smtp.mailfrom=sina.com; arc=none smtp.client-ip=218.30.115.95 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=sina.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=sina.com X-SMAIL-HELO: localhost.localdomain Received: from unknown (HELO localhost.localdomain)([116.24.11.115]) by sina.com (172.16.235.24) with ESMTP id 663189AB00000C1A; Wed, 1 May 2024 08:15:42 +0800 (CST) X-Sender: hdanton@sina.com X-Auth-ID: hdanton@sina.com Authentication-Results: sina.com; spf=none smtp.mailfrom=hdanton@sina.com; dkim=none header.i=none; dmarc=none action=none header.from=hdanton@sina.com X-SMAIL-MID: 72843945089313 X-SMAIL-UIID: 7A00621F2F04402EAA292C9DDB7F6377-20240501-081542-1 From: Hillf Danton To: Mike Christie Cc: "Michael S. Tsirkin" , Edward Adam Davis , syzbot+98edc2df894917b3431f@syzkaller.appspotmail.com, jasowang@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com, virtualization@lists.linux.dev Subject: Re: [PATCH next] vhost_task: after freeing vhost_task it should not be accessed in vhost_task_fn Date: Wed, 1 May 2024 08:15:44 +0800 Message-Id: <20240501001544.1606-1-hdanton@sina.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit On Tue, Apr 30, 2024 at 11:23:04AM -0500, Mike Christie wrote: > On 4/30/24 8:05 AM, Edward Adam Davis wrote: > > static int vhost_task_fn(void *data) > > { > > struct vhost_task *vtsk = data; > > @@ -51,7 +51,7 @@ static int vhost_task_fn(void *data) > > schedule(); > > } > > > > - mutex_lock(&vtsk->exit_mutex); > > + mutex_lock(&exit_mutex); > > /* > > * If a vhost_task_stop and SIGKILL race, we can ignore the SIGKILL. > > * When the vhost layer has called vhost_task_stop it's already stopped > > @@ -62,7 +62,7 @@ static int vhost_task_fn(void *data) > > vtsk->handle_sigkill(vtsk->data); > > } > > complete(&vtsk->exited); > > - mutex_unlock(&vtsk->exit_mutex); > > + mutex_unlock(&exit_mutex); > > > > Edward, thanks for the patch. I think though I just needed to swap the > order of the calls above. > > Instead of: > > complete(&vtsk->exited); > mutex_unlock(&vtsk->exit_mutex); > > it should have been: > > mutex_unlock(&vtsk->exit_mutex); > complete(&vtsk->exited); JFYI Edward did it [1] [1] https://lore.kernel.org/lkml/tencent_546DA49414E876EEBECF2C78D26D242EE50A@qq.com/ > > If my analysis is correct, then Michael do you want me to resubmit a > patch on top of your vhost branch or resubmit the entire patchset?