Re: [PATCH v1] irq_work: Fix use-after-free in irq_work_single on PREEMPT_RT

Next message: Tejun Heo: "Re: [PATCH] tools/sched_ext: Regenerate autogen enum headers"
Previous message: Gary Guo: "Re: [PATCH v8 04/31] gpu: nova-core: add Copy/Clone to Spec and Revision, add chipset() accessor"
In reply to: Steven Rostedt: "Re: [PATCH v1] irq_work: Fix use-after-free in irq_work_single on PREEMPT_RT"
Next in thread: Jiayuan Chen: "Re: [PATCH v1] irq_work: Fix use-after-free in irq_work_single on PREEMPT_RT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sebastian Andrzej Siewior

Date: Wed Mar 25 2026 - 12:15:48 EST

On 2026-03-25 11:53:15 [-0400], Steven Rostedt wrote:
> On Wed, 25 Mar 2026 16:38:26 +0100
> Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx> wrote:
>
> > Most irq-work aren't free()ed since they are static and remain around.
> > There is no task assigned if there is no active waiter.
> > Wouldn't it be easier to kfree_rcu() the struct using the irq-work?
>
> I guess we should add some kind of helper then. Like tracepoints have.
>
> tracepoint_synchronize_unregister()
>
> Perhaps have a:
>
> irq_work_synchronize_free();
>
> Or something like that to let developers know that they just can't safely free a
> structure that contains an irq_work?

That sounds great.

> -- Steve

Sebastian