Re: [PATCH] PCI/DOE: Fix destroy_work_on_stack() race

From: Lukas Wunner
Date: Thu Jul 27 2023 - 03:57:17 EST

Next message: Konrad Dybcio: "Re: [PATCH] ARM: dts: nuvoton: Add Fii Mori system"
Previous message: Conor Dooley: "Re: [PATCH v2] riscv: Handle zicsr/zifencei issue between gcc and binutils"
In reply to: Ira Weiny: "[PATCH] PCI/DOE: Fix destroy_work_on_stack() race"
Next in thread: Bjorn Helgaas: "Re: [PATCH] PCI/DOE: Fix destroy_work_on_stack() race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 26, 2023 at 11:29:42AM -0700, Ira Weiny wrote:
> The following debug object splat was observed in testing.
[...]
> This occurs because destroy_work_on_stack() was called after signaling
> the completion in the calling thread. This creates a race between
> destroy_work_on_stack() and the task->work struct going of scope in the
> pci_doe().
>
> Signal the work complete after destroying the work struct. This is safe
> because signal_task_complete() is the final thing the work item does and
> the workqueue code is careful not to access the work struct after.
>
> Fixes: abf04be0e707 ("PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y")
> Cc: Lukas Wunner <lukas@xxxxxxxxx>
> Signed-off-by: Ira Weiny <ira.weiny@xxxxxxxxx>

Reviewed-by: Lukas Wunner <lukas@xxxxxxxxx>

Thanks for catching this. The offending commit abf04be0e707 was applied
by Dan. Not sure if that means he's going to apply this fix as well?
Would require an ack from Bjorn in that case. Or Bjorn applies it.

Thanks,

Lukas

Next message: Konrad Dybcio: "Re: [PATCH] ARM: dts: nuvoton: Add Fii Mori system"
Previous message: Conor Dooley: "Re: [PATCH v2] riscv: Handle zicsr/zifencei issue between gcc and binutils"
In reply to: Ira Weiny: "[PATCH] PCI/DOE: Fix destroy_work_on_stack() race"
Next in thread: Bjorn Helgaas: "Re: [PATCH] PCI/DOE: Fix destroy_work_on_stack() race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]