Displaying 20 results from an estimated 88 matches for "vhost_net_release".
2011 Nov 18
3
[PATCH] vhost-net: Acquire device lock when releasing device
....651789] Pid: 21042, comm: trinity Not tainted 3.2.0-rc2-sasha-00057-ga9098b3 #5
[ 2025.653342] Call Trace:
[ 2025.653792] [<ffffffff810b4a6a>] lockdep_rcu_suspicious+0xaf/0xb9
[ 2025.654916] [<ffffffff818d4c2c>] vhost_dev_cleanup+0x342/0x3ac
[ 2025.655985] [<ffffffff818d4f18>] vhost_net_release+0x48/0x7f
[ 2025.657247] [<ffffffff811416e3>] fput+0x11e/0x1dc
[ 2025.658091] [<ffffffff8113f1ec>] filp_close+0x6e/0x79
[ 2025.658964] [<ffffffff81089ed7>] put_files_struct+0xcc/0x196
[ 2025.659971] [<ffffffff8108a034>] exit_files+0x46/0x4f
[ 2025.660865] [<ffffffff8...
2011 Nov 18
3
[PATCH] vhost-net: Acquire device lock when releasing device
....651789] Pid: 21042, comm: trinity Not tainted 3.2.0-rc2-sasha-00057-ga9098b3 #5
[ 2025.653342] Call Trace:
[ 2025.653792] [<ffffffff810b4a6a>] lockdep_rcu_suspicious+0xaf/0xb9
[ 2025.654916] [<ffffffff818d4c2c>] vhost_dev_cleanup+0x342/0x3ac
[ 2025.655985] [<ffffffff818d4f18>] vhost_net_release+0x48/0x7f
[ 2025.657247] [<ffffffff811416e3>] fput+0x11e/0x1dc
[ 2025.658091] [<ffffffff8113f1ec>] filp_close+0x6e/0x79
[ 2025.658964] [<ffffffff81089ed7>] put_files_struct+0xcc/0x196
[ 2025.659971] [<ffffffff8108a034>] exit_files+0x46/0x4f
[ 2025.660865] [<ffffffff8...
2014 Feb 12
2
[PATCH V2 5/6] vhost_net: poll vhost queue after marking DMA is done
...A_DONE_LEN : VHOST_DMA_FAILED_LEN;
> - vhost_net_ubuf_put(ubufs);
> }
>
> /* Expects to be always run from workqueue - which acts as
>
with this change, vq would lose protection that provided by ubufs->kref.
if another thread is waiting at vhost_net_ubuf_put_and_wait called by
vhost_net_release, then after vhost_net_ubuf_put, vq would been free
by vhost_net_release soon, vhost_poll_queue(&vq->poll) may cause NULL
pointer Exception.
another question is that vhost_zerocopy_callback is called by kfree_skb,
it may called in different thread context.
vhost_poll_queue is called decided...
2014 Feb 12
2
[PATCH V2 5/6] vhost_net: poll vhost queue after marking DMA is done
...A_DONE_LEN : VHOST_DMA_FAILED_LEN;
> - vhost_net_ubuf_put(ubufs);
> }
>
> /* Expects to be always run from workqueue - which acts as
>
with this change, vq would lose protection that provided by ubufs->kref.
if another thread is waiting at vhost_net_ubuf_put_and_wait called by
vhost_net_release, then after vhost_net_ubuf_put, vq would been free
by vhost_net_release soon, vhost_poll_queue(&vq->poll) may cause NULL
pointer Exception.
another question is that vhost_zerocopy_callback is called by kfree_skb,
it may called in different thread context.
vhost_poll_queue is called decided...
2019 Jun 13
0
memory leak in vhost_net_ioctl
...lf Danton <hdanton at sina.com> wrote:
> > >
> > > Hello Jason
> > >
> > > On Thu, 13 Jun 2019 17:10:39 +0800 Jason Wang wrote:
> > > >
> > > > This is basically a kfree(ubuf) after the second vhost_net_flush() in
> > > > vhost_net_release().
> > > >
> > > Fairly good catch.
> > >
> > > > Could you please post a formal patch?
> > > >
> > > I'd like very much to do that; but I wont, I am afraid, until I collect a
> > > Tested-by because of reproducer without a...
2019 Jun 13
2
memory leak in vhost_net_ioctl
...On Thu, Jun 13, 2019 at 2:07 PM Hillf Danton <hdanton at sina.com> wrote:
> >
> > Hello Jason
> >
> > On Thu, 13 Jun 2019 17:10:39 +0800 Jason Wang wrote:
> > >
> > > This is basically a kfree(ubuf) after the second vhost_net_flush() in
> > > vhost_net_release().
> > >
> > Fairly good catch.
> >
> > > Could you please post a formal patch?
> > >
> > I'd like very much to do that; but I wont, I am afraid, until I collect a
> > Tested-by because of reproducer without a cutting edge.
>
> You can ea...
2019 Jun 13
2
memory leak in vhost_net_ioctl
...On Thu, Jun 13, 2019 at 2:07 PM Hillf Danton <hdanton at sina.com> wrote:
> >
> > Hello Jason
> >
> > On Thu, 13 Jun 2019 17:10:39 +0800 Jason Wang wrote:
> > >
> > > This is basically a kfree(ubuf) after the second vhost_net_flush() in
> > > vhost_net_release().
> > >
> > Fairly good catch.
> >
> > > Could you please post a formal patch?
> > >
> > I'd like very much to do that; but I wont, I am afraid, until I collect a
> > Tested-by because of reproducer without a cutting edge.
>
> You can ea...
2019 Jun 13
1
memory leak in vhost_net_ioctl
Hello Jason
On Thu, 13 Jun 2019 17:10:39 +0800 Jason Wang wrote:
>
> This is basically a kfree(ubuf) after the second vhost_net_flush() in
> vhost_net_release().
>
Fairly good catch.
> Could you please post a formal patch?
>
I'd like very much to do that; but I wont, I am afraid, until I collect a
Tested-by because of reproducer without a cutting edge.
Thanks
Hillf
2019 Jun 13
1
memory leak in vhost_net_ioctl
Hello Jason
On Thu, 13 Jun 2019 17:10:39 +0800 Jason Wang wrote:
>
> This is basically a kfree(ubuf) after the second vhost_net_flush() in
> vhost_net_release().
>
Fairly good catch.
> Could you please post a formal patch?
>
I'd like very much to do that; but I wont, I am afraid, until I collect a
Tested-by because of reproducer without a cutting edge.
Thanks
Hillf
2014 Feb 12
0
[PATCH V2 5/6] vhost_net: poll vhost queue after marking DMA is done
...;> - vhost_net_ubuf_put(ubufs);
>> }
>>
>> /* Expects to be always run from workqueue - which acts as
>>
> with this change, vq would lose protection that provided by ubufs->kref.
> if another thread is waiting at vhost_net_ubuf_put_and_wait called by
> vhost_net_release, then after vhost_net_ubuf_put, vq would been free
> by vhost_net_release soon, vhost_poll_queue(&vq->poll) may cause NULL
> pointer Exception.
>
Good catch.
> another question is that vhost_zerocopy_callback is called by kfree_skb,
> it may called in different thread context...
2014 Feb 13
2
[PATCH net v2] vhost: fix a theoretical race in device cleanup
...LEN;
@@ -322,6 +324,8 @@ static void vhost_zerocopy_callback(struct ubuf_info *ubuf, bool success)
*/
if (cnt <= 1 || !(cnt % 16))
vhost_poll_queue(&vq->poll);
+
+ rcu_read_unlock_bh();
}
/* Expects to be always run from workqueue - which acts as
@@ -804,6 +808,8 @@ static int vhost_net_release(struct inode *inode, struct file *f)
fput(tx_sock->file);
if (rx_sock)
fput(rx_sock->file);
+ /* Make sure no callbacks are outstanding */
+ synchronize_rcu_bh();
/* We do an extra flush before freeing memory,
* since jobs can re-queue themselves. */
vhost_net_flush(n);
--
MST
2014 Feb 13
2
[PATCH net v2] vhost: fix a theoretical race in device cleanup
...LEN;
@@ -322,6 +324,8 @@ static void vhost_zerocopy_callback(struct ubuf_info *ubuf, bool success)
*/
if (cnt <= 1 || !(cnt % 16))
vhost_poll_queue(&vq->poll);
+
+ rcu_read_unlock_bh();
}
/* Expects to be always run from workqueue - which acts as
@@ -804,6 +808,8 @@ static int vhost_net_release(struct inode *inode, struct file *f)
fput(tx_sock->file);
if (rx_sock)
fput(rx_sock->file);
+ /* Make sure no callbacks are outstanding */
+ synchronize_rcu_bh();
/* We do an extra flush before freeing memory,
* since jobs can re-queue themselves. */
vhost_net_flush(n);
--
MST
2014 Jun 11
2
[PULL] vhost: infrastructure changes for 3.16
Hi Linus,
Please pull the following.
Please note this needs to be merged before merging
target-pending PULL which Nicholas will be sending
out shortly.
Thanks!
The following changes since commit 1860e379875dfe7271c649058aeddffe5afd9d0d:
Linux 3.15 (2014-06-08 11:19:54 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git tags/for_linus
2014 Jun 11
2
[PULL] vhost: infrastructure changes for 3.16
Hi Linus,
Please pull the following.
Please note this needs to be merged before merging
target-pending PULL which Nicholas will be sending
out shortly.
Thanks!
The following changes since commit 1860e379875dfe7271c649058aeddffe5afd9d0d:
Linux 3.15 (2014-06-08 11:19:54 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git tags/for_linus
2013 Jun 04
2
vhost && kernel BUG at /build/linux/mm/slub.c:3352!
...ffff8800ba06f6a0 ffff880092f2fdf0 ffffffff81c1c6df
ffff88001a7c0000
[179906.476583] ffff880092f2fe18 ffffffff81c1c771 ffff8800b69718c0
0000000000000008
[179906.480377] Call Trace:
[179906.481636] [<ffffffff81c1c6df>] vhost_net_vq_reset+0x7f/0xb0
[179906.484611] [<ffffffff81c1c771>] vhost_net_release+0x61/0xb0
[179906.487481] [<ffffffff8123237a>] __fput+0x12a/0x230
[179906.489968] [<ffffffff81232489>] ____fput+0x9/0x10
[179906.492422] [<ffffffff8113a79e>] task_work_run+0xae/0xf0
[179906.495169] [<ffffffff811172bc>] do_exit+0x44c/0xb40
[179906.497789] [<ffffffff82...
2013 Jun 04
2
vhost && kernel BUG at /build/linux/mm/slub.c:3352!
...ffff8800ba06f6a0 ffff880092f2fdf0 ffffffff81c1c6df
ffff88001a7c0000
[179906.476583] ffff880092f2fe18 ffffffff81c1c771 ffff8800b69718c0
0000000000000008
[179906.480377] Call Trace:
[179906.481636] [<ffffffff81c1c6df>] vhost_net_vq_reset+0x7f/0xb0
[179906.484611] [<ffffffff81c1c771>] vhost_net_release+0x61/0xb0
[179906.487481] [<ffffffff8123237a>] __fput+0x12a/0x230
[179906.489968] [<ffffffff81232489>] ____fput+0x9/0x10
[179906.492422] [<ffffffff8113a79e>] task_work_run+0xae/0xf0
[179906.495169] [<ffffffff811172bc>] do_exit+0x44c/0xb40
[179906.497789] [<ffffffff82...
2017 Dec 24
2
[PATCH] vhost: remove unused lock check flag in vhost_dev_cleanup()
...| 5 ++---
drivers/vhost/vhost.h | 2 +-
drivers/vhost/vsock.c | 2 +-
6 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/drivers/vhost/net.c b/drivers/vhost/net.c
index c7bdeb655646..a354d8d731e3 100644
--- a/drivers/vhost/net.c
+++ b/drivers/vhost/net.c
@@ -996,7 +996,7 @@ static int vhost_net_release(struct inode *inode, struct file *f)
vhost_net_stop(n, &tx_sock, &rx_sock);
vhost_net_flush(n);
vhost_dev_stop(&n->dev);
- vhost_dev_cleanup(&n->dev, false);
+ vhost_dev_cleanup(&n->dev);
vhost_net_vq_reset(n);
if (tx_sock)
sockfd_put(tx_sock);
diff --git a...
2019 Jun 06
1
memory leak in vhost_net_ioctl
...ee(n->vqs[VHOST_NET_VQ_TX].ubufs);
+ else
+ vhost_net_ubuf_put_and_wait(n->vqs[VHOST_NET_VQ_TX].ubufs);
mutex_lock(&n->vqs[VHOST_NET_VQ_TX].vq.mutex);
n->tx_flush = false;
atomic_set(&n->vqs[VHOST_NET_VQ_TX].ubufs->refcount, 1);
@@ -1403,6 +1408,7 @@ static int vhost_net_release(struct inode *inode, struct file *f)
synchronize_rcu();
/* We do an extra flush before freeing memory,
* since jobs can re-queue themselves. */
+ n->ld = true;
vhost_net_flush(n);
kfree(n->vqs[VHOST_NET_VQ_RX].rxq.queue);
kfree(n->vqs[VHOST_NET_VQ_TX].xdp);
--
2019 Jun 06
1
memory leak in vhost_net_ioctl
...ee(n->vqs[VHOST_NET_VQ_TX].ubufs);
+ else
+ vhost_net_ubuf_put_and_wait(n->vqs[VHOST_NET_VQ_TX].ubufs);
mutex_lock(&n->vqs[VHOST_NET_VQ_TX].vq.mutex);
n->tx_flush = false;
atomic_set(&n->vqs[VHOST_NET_VQ_TX].ubufs->refcount, 1);
@@ -1403,6 +1408,7 @@ static int vhost_net_release(struct inode *inode, struct file *f)
synchronize_rcu();
/* We do an extra flush before freeing memory,
* since jobs can re-queue themselves. */
+ n->ld = true;
vhost_net_flush(n);
kfree(n->vqs[VHOST_NET_VQ_RX].rxq.queue);
kfree(n->vqs[VHOST_NET_VQ_TX].xdp);
--
2019 Jun 13
0
memory leak in vhost_net_ioctl
...; +??????? else
> + vhost_net_ubuf_put_and_wait(n->vqs[VHOST_NET_VQ_TX].ubufs);
> ??????? mutex_lock(&n->vqs[VHOST_NET_VQ_TX].vq.mutex);
> ??????? n->tx_flush = false;
> atomic_set(&n->vqs[VHOST_NET_VQ_TX].ubufs->refcount, 1);
> @@ -1403,6 +1408,7 @@ static int vhost_net_release(struct inode
> *inode, struct file *f)
> ????synchronize_rcu();
> ????/* We do an extra flush before freeing memory,
> ???? * since jobs can re-queue themselves. */
> +??? n->ld = true;
> ????vhost_net_flush(n);
> ????kfree(n->vqs[VHOST_NET_VQ_RX].rxq.queue);
> ????kf...