(Trouble with VPN, so replying from gmail.)
On Thu, Jan 19, 2017 at 1:27 AM, Paolo Bonzini wrote:
>
>
> On 18/01/2017 23:15, Paul E. McKenney wrote:
>> On Wed, Jan 18, 2017 at 09:53:19AM +0100, Paolo Bonzini wrote:
>>>
>>>
>>> On 17/01/2017 21:34, Paul E. McKenney wrote:
Do any of your callb
On 18/01/2017 23:15, Paul E. McKenney wrote:
> On Wed, Jan 18, 2017 at 09:53:19AM +0100, Paolo Bonzini wrote:
>>
>>
>> On 17/01/2017 21:34, Paul E. McKenney wrote:
>>> Do any of your callback functions invoke call_srcu()? (Hey, I have to ask!)
>>
>> No, we only use synchronize_srcu and synchroni
On Wed, Jan 18, 2017 at 09:53:19AM +0100, Paolo Bonzini wrote:
>
>
> On 17/01/2017 21:34, Paul E. McKenney wrote:
> > Do any of your callback functions invoke call_srcu()? (Hey, I have to ask!)
>
> No, we only use synchronize_srcu and synchronize_srcu_expedited, so our
> only callback comes fro
On 17/01/2017 21:34, Paul E. McKenney wrote:
> Do any of your callback functions invoke call_srcu()? (Hey, I have to ask!)
No, we only use synchronize_srcu and synchronize_srcu_expedited, so our
only callback comes from there.
From: Paolo Bonzini
Subject: [PATCH] srcu: wait for all
On Tue, Jan 17, 2017 at 01:03:28PM +0100, Paolo Bonzini wrote:
>
>
> On 17/01/2017 12:13, Dmitry Vyukov wrote:
> > On Tue, Jan 17, 2017 at 12:08 PM, Paolo Bonzini wrote:
> >>
> >>
> >> On 17/01/2017 10:56, Dmitry Vyukov wrote:
> I am seeing use-after-frees in process_srcu as struct srcu_str
On 17/01/2017 12:13, Dmitry Vyukov wrote:
> On Tue, Jan 17, 2017 at 12:08 PM, Paolo Bonzini wrote:
>>
>>
>> On 17/01/2017 10:56, Dmitry Vyukov wrote:
I am seeing use-after-frees in process_srcu as struct srcu_struct is
already freed. Before freeing struct srcu_struct, code does
cl
On Tue, Jan 17, 2017 at 12:08 PM, Paolo Bonzini wrote:
>
>
> On 17/01/2017 10:56, Dmitry Vyukov wrote:
>>> I am seeing use-after-frees in process_srcu as struct srcu_struct is
>>> already freed. Before freeing struct srcu_struct, code does
>>> cleanup_srcu_struct(&kvm->irq_srcu). We also tried to
On 17/01/2017 10:56, Dmitry Vyukov wrote:
>> I am seeing use-after-frees in process_srcu as struct srcu_struct is
>> already freed. Before freeing struct srcu_struct, code does
>> cleanup_srcu_struct(&kvm->irq_srcu). We also tried to do:
>>
>> + srcu_barrier(&kvm->irq_srcu);
>> cle
zkaller" , "Paolo Bonzini"
>>> , "Radim Krčmář"
>>> , "KVM list" , "LKML"
>>>
>>> Sent: Monday, January 16, 2017 10:34:26 PM
>>> Subject: Re: kvm: use-after-free in process_srcu
>>>
>>>
quot;KVM list" , "LKML"
>>
>> Sent: Monday, January 16, 2017 10:34:26 PM
>> Subject: Re: kvm: use-after-free in process_srcu
>>
>> On Sun, Jan 15, 2017 at 6:11 PM, Dmitry Vyukov wrote:
>> > On Fri, Jan 13, 2017 at 10:19 AM, Dmitry Vyukov wr
- Original Message -
> From: "Dmitry Vyukov"
> To: "Steve Rutherford"
> Cc: "syzkaller" , "Paolo Bonzini"
> , "Radim Krčmář"
> , "KVM list" , "LKML"
>
> Sent: Monday, January 16, 2017 10:34:26
On Sun, Jan 15, 2017 at 6:11 PM, Dmitry Vyukov wrote:
> On Fri, Jan 13, 2017 at 10:19 AM, Dmitry Vyukov wrote:
>> On Fri, Jan 13, 2017 at 4:30 AM, Steve Rutherford
>> wrote:
>>> I'm not that familiar with the kernel's workqueues, but this seems
>>> like the classic "callback outlives the memory
On Fri, Jan 13, 2017 at 10:19 AM, Dmitry Vyukov wrote:
> On Fri, Jan 13, 2017 at 4:30 AM, Steve Rutherford
> wrote:
>> I'm not that familiar with the kernel's workqueues, but this seems
>> like the classic "callback outlives the memory it references"
>> use-after-free, where the process_srcu call
On Fri, Jan 13, 2017 at 4:30 AM, Steve Rutherford
wrote:
> I'm not that familiar with the kernel's workqueues, but this seems
> like the classic "callback outlives the memory it references"
> use-after-free, where the process_srcu callback is outliving struct
> kvm (which contains the srcu_struct)
I'm not that familiar with the kernel's workqueues, but this seems
like the classic "callback outlives the memory it references"
use-after-free, where the process_srcu callback is outliving struct
kvm (which contains the srcu_struct). If that's right, then calling
srcu_barrier (which should wait fo
On Sun, Dec 11, 2016 at 9:40 AM, Vegard Nossum wrote:
> On 11 December 2016 at 07:46, Dmitry Vyukov wrote:
>> Hello,
>>
>> I am getting the following use-after-free reports while running
>> syzkaller fuzzer.
>> On commit 318c8932ddec5c1c26a4af0f3c053784841c598e (Dec 7).
>> Unfortunately it is not
On 11 December 2016 at 07:46, Dmitry Vyukov wrote:
> Hello,
>
> I am getting the following use-after-free reports while running
> syzkaller fuzzer.
> On commit 318c8932ddec5c1c26a4af0f3c053784841c598e (Dec 7).
> Unfortunately it is not reproducible, but all reports look sane and
> very similar, so
Hello,
I am getting the following use-after-free reports while running
syzkaller fuzzer.
On commit 318c8932ddec5c1c26a4af0f3c053784841c598e (Dec 7).
Unfortunately it is not reproducible, but all reports look sane and
very similar, so I would assume that it is some hard to trigger race.
In all case
18 matches
Mail list logo
