search for: c38e39c378f4

...6/entry/common.c:301 > [<0000000029cc8ca7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 > > End of syzbot report. > > The function vhost_net_ubuf_alloc() appears in the two cases of dump info, for > pid 7130 and 7117, suggesting that it is ubuf leak. > > Since commit c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_flush") > the function vhost_net_flush() had been no longer releasing ubuf. > > Freeing the slab after the last flush in the release path fixes it. > > > Fixes: c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_fl...

...t;] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301 [<0000000029cc8ca7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 End of syzbot report. The function vhost_net_ubuf_alloc() appears in the two cases of dump info, for pid 7130 and 7117, suggesting that it is ubuf leak. Since commit c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_flush") the function vhost_net_flush() had been no longer releasing ubuf. Freeing the slab after the last flush in the release path fixes it. Fixes: c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_flush") Reported-by: Syz...

...t;] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301 [<0000000029cc8ca7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 End of syzbot report. The function vhost_net_ubuf_alloc() appears in the two cases of dump info, for pid 7130 and 7117, suggesting that it is ubuf leak. Since commit c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_flush") the function vhost_net_flush() had been no longer releasing ubuf. Freeing the slab after the last flush in the release path fixes it. Fixes: c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_flush") Reported-by: Syz...

...gcc (GCC) 9.0.0 20181231 (experimental) > patch: https://syzkaller.appspot.com/x/patch.diff?x=11ff0de1a00000 > And I want to try again the following tiny diff made based on the logic: 1_> vhost_net_ubuf_alloc() in the dump info suggests that it is ubuf leak. 2_> commit c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_flush") makes vhost_net_flush() no longer release ubuf. 3_> in both reset_owner and release pathes, see vhost_net_reset_owner() and vhost_net_release() please, vq is reset in wake of flush: vhost_net_flush(n); vhost_dev_sto...

...gcc (GCC) 9.0.0 20181231 (experimental) > patch: https://syzkaller.appspot.com/x/patch.diff?x=11ff0de1a00000 > And I want to try again the following tiny diff made based on the logic: 1_> vhost_net_ubuf_alloc() in the dump info suggests that it is ubuf leak. 2_> commit c38e39c378f4 ("vhost-net: fix use-after-free in vhost_net_flush") makes vhost_net_flush() no longer release ubuf. 3_> in both reset_owner and release pathes, see vhost_net_reset_owner() and vhost_net_release() please, vq is reset in wake of flush: vhost_net_flush(n); vhost_dev_sto...