From: Charan Teja Reddy <[email protected]>
When dma_buf_stats_setup() fails, it closes the dmabuf file which
results into the calling of dma_buf_file_release() where it does
list_del(&dmabuf->list_node) with out first adding it to the proper
list. This is resulting into panic in the below path:
__list_del_entry_valid+0x38/0xac
dma_buf_file_release+0x74/0x158
__fput+0xf4/0x428
____fput+0x14/0x24
task_work_run+0x178/0x24c
do_notify_resume+0x194/0x264
work_pending+0xc/0x5f0
Fix it by moving the dma_buf_stats_setup() after dmabuf is added to the
list.
Fixes: bdb8d06dfefd ("dmabuf: Add the capability to expose DMA-BUF stats in sysfs")
Signed-off-by: Charan Teja Reddy <[email protected]>
---
drivers/dma-buf/dma-buf.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
index 602b12d..a6fc96e 100644
--- a/drivers/dma-buf/dma-buf.c
+++ b/drivers/dma-buf/dma-buf.c
@@ -543,10 +543,6 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info)
file->f_mode |= FMODE_LSEEK;
dmabuf->file = file;
- ret = dma_buf_stats_setup(dmabuf);
- if (ret)
- goto err_sysfs;
-
mutex_init(&dmabuf->lock);
INIT_LIST_HEAD(&dmabuf->attachments);
@@ -554,6 +550,10 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info)
list_add(&dmabuf->list_node, &db_list.head);
mutex_unlock(&db_list.lock);
+ ret = dma_buf_stats_setup(dmabuf);
+ if (ret)
+ goto err_sysfs;
+
return dmabuf;
err_sysfs:
--
2.7.4
On Mon, May 9, 2022 at 12:50 PM Charan Teja Kalla
<[email protected]> wrote:
>
> From: Charan Teja Reddy <[email protected]>
>
> When dma_buf_stats_setup() fails, it closes the dmabuf file which
> results into the calling of dma_buf_file_release() where it does
> list_del(&dmabuf->list_node) with out first adding it to the proper
> list. This is resulting into panic in the below path:
> __list_del_entry_valid+0x38/0xac
> dma_buf_file_release+0x74/0x158
> __fput+0xf4/0x428
> ____fput+0x14/0x24
> task_work_run+0x178/0x24c
> do_notify_resume+0x194/0x264
> work_pending+0xc/0x5f0
>
> Fix it by moving the dma_buf_stats_setup() after dmabuf is added to the
> list.
>
> Fixes: bdb8d06dfefd ("dmabuf: Add the capability to expose DMA-BUF stats in sysfs")
> Signed-off-by: Charan Teja Reddy <[email protected]>
Tested-by: T.J. Mercier <[email protected]>
Acked-by: T.J. Mercier <[email protected]>
> ---
> drivers/dma-buf/dma-buf.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
> index 602b12d..a6fc96e 100644
> --- a/drivers/dma-buf/dma-buf.c
> +++ b/drivers/dma-buf/dma-buf.c
> @@ -543,10 +543,6 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info)
> file->f_mode |= FMODE_LSEEK;
> dmabuf->file = file;
>
> - ret = dma_buf_stats_setup(dmabuf);
> - if (ret)
> - goto err_sysfs;
> -
> mutex_init(&dmabuf->lock);
> INIT_LIST_HEAD(&dmabuf->attachments);
>
> @@ -554,6 +550,10 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info)
> list_add(&dmabuf->list_node, &db_list.head);
> mutex_unlock(&db_list.lock);
>
> + ret = dma_buf_stats_setup(dmabuf);
> + if (ret)
> + goto err_sysfs;
> +
> return dmabuf;
>
> err_sysfs:
> --
> 2.7.4
>
Am 10.05.22 um 04:43 schrieb Charan Teja Kalla:
> Hello Mercier,
>
> On 5/10/2022 3:19 AM, T.J. Mercier wrote:
>> On Mon, May 9, 2022 at 12:50 PM Charan Teja Kalla
>> <[email protected]> wrote:
>>> From: Charan Teja Reddy <[email protected]>
>>>
>>> When dma_buf_stats_setup() fails, it closes the dmabuf file which
>>> results into the calling of dma_buf_file_release() where it does
>>> list_del(&dmabuf->list_node) with out first adding it to the proper
>>> list. This is resulting into panic in the below path:
>>> __list_del_entry_valid+0x38/0xac
>>> dma_buf_file_release+0x74/0x158
>>> __fput+0xf4/0x428
>>> ____fput+0x14/0x24
>>> task_work_run+0x178/0x24c
>>> do_notify_resume+0x194/0x264
>>> work_pending+0xc/0x5f0
>>>
>>> Fix it by moving the dma_buf_stats_setup() after dmabuf is added to the
>>> list.
>>>
>>> Fixes: bdb8d06dfefd ("dmabuf: Add the capability to expose DMA-BUF stats in sysfs")
>>> Signed-off-by: Charan Teja Reddy <[email protected]>
>> Tested-by: T.J. Mercier <[email protected]>
>> Acked-by: T.J. Mercier <[email protected]>
>>
> Thanks for the Ack. Also Realized that it should have:
> Cc: <[email protected]> # 5.15.x+
Reviewed and pushed to drm-misc-fixes.
Thanks,
Christian.
Hello Mercier,
On 5/10/2022 3:19 AM, T.J. Mercier wrote:
> On Mon, May 9, 2022 at 12:50 PM Charan Teja Kalla
> <[email protected]> wrote:
>> From: Charan Teja Reddy <[email protected]>
>>
>> When dma_buf_stats_setup() fails, it closes the dmabuf file which
>> results into the calling of dma_buf_file_release() where it does
>> list_del(&dmabuf->list_node) with out first adding it to the proper
>> list. This is resulting into panic in the below path:
>> __list_del_entry_valid+0x38/0xac
>> dma_buf_file_release+0x74/0x158
>> __fput+0xf4/0x428
>> ____fput+0x14/0x24
>> task_work_run+0x178/0x24c
>> do_notify_resume+0x194/0x264
>> work_pending+0xc/0x5f0
>>
>> Fix it by moving the dma_buf_stats_setup() after dmabuf is added to the
>> list.
>>
>> Fixes: bdb8d06dfefd ("dmabuf: Add the capability to expose DMA-BUF stats in sysfs")
>> Signed-off-by: Charan Teja Reddy <[email protected]>
> Tested-by: T.J. Mercier <[email protected]>
> Acked-by: T.J. Mercier <[email protected]>
>
Thanks for the Ack. Also Realized that it should have:
Cc: <[email protected]> # 5.15.x+