Re: [syzbot] KASAN: use-after-free Read in addr_handler (4)

From: Jason Gunthorpe
Date: Wed Oct 06 2021 - 07:42:05 EST

Next message: Dmitry Baryshkov: "Re: [PATCH v7 0/6] clk: qcom: use power-domain for sm8250's clock controllers"
Previous message: Wei Liu: "Re: [PATCH v2 2/2] x86/hyperv: remove on-stack cpumask from hv_send_ipi_mask_allbutself"
In reply to: Jason Gunthorpe: "Re: [syzbot] KASAN: use-after-free Read in addr_handler (4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 06, 2021 at 11:18:00AM +0800, Hillf Danton wrote:
> +++ b/drivers/infiniband/core/addr.c
> @@ -795,6 +795,11 @@ void rdma_addr_cancel(struct rdma_dev_ad
> * guarentees no work is running and none will be started.
> */
> cancel_delayed_work_sync(&found->work);
> + /*
> + * flush is needed if work is queued again while it is running, as
> + * cancel waits nothing.
> + */
> + flush_work(&found->work);

The _sync() above does the same, cancel doesn't return while the work
is running

Jason

Next message: Dmitry Baryshkov: "Re: [PATCH v7 0/6] clk: qcom: use power-domain for sm8250's clock controllers"
Previous message: Wei Liu: "Re: [PATCH v2 2/2] x86/hyperv: remove on-stack cpumask from hv_send_ipi_mask_allbutself"
In reply to: Jason Gunthorpe: "Re: [syzbot] KASAN: use-after-free Read in addr_handler (4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]