KASAN: slab-use-after-free Read in vhost_task_fn
please test uaf in vhost_task_fn
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git bb7a2467e6be
Message-Id: <tencent_546DA49414E876EEBECF2C78D26D242EE50A@qq.com>
diff --git a/kernel/vhost_task.c b/kernel/vhost_task.c
index 48c2899..8800f5a 100644
--- a/kernel/vhost_task.c
+++ b/kernel/vhost_task.c
@@ -61,8 +61,8 @@ static int vhost_task_fn(void *data)
set_bit(VHOST_TASK_FLAGS_KILLED, &vtsk->flags);
vtsk->handle_sigkill(vtsk->data);
}
- complete(&vtsk->exited);
mutex_unlock(&vtsk->exit_mutex);
+ complete(&vtsk->exited);
do_exit(0);
}