2024-05-22 12:25:00

by Fedor Pchelkin

[permalink] [raw]
Subject: [PATCH] dma-buf: handle testing kthreads creation failure

kthread creation may possibly fail inside race_signal_callback(). In
such case stop the already started threads and return with error code.

Found by Linux Verification Center (linuxtesting.org).

Fixes: 2989f6451084 ("dma-buf: Add selftests for dma-fence")
Cc: [email protected]
Signed-off-by: Fedor Pchelkin <[email protected]>
---
drivers/dma-buf/st-dma-fence.c | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/drivers/dma-buf/st-dma-fence.c b/drivers/dma-buf/st-dma-fence.c
index b7c6f7ea9e0c..ab1ec4631578 100644
--- a/drivers/dma-buf/st-dma-fence.c
+++ b/drivers/dma-buf/st-dma-fence.c
@@ -540,6 +540,12 @@ static int race_signal_callback(void *arg)
t[i].before = pass;
t[i].task = kthread_run(thread_signal_callback, &t[i],
"dma-fence:%d", i);
+ if (IS_ERR(t[i].task)) {
+ ret = PTR_ERR(t[i].task);
+ while (--i >= 0)
+ kthread_stop(t[i].task);
+ return ret;
+ }
get_task_struct(t[i].task);
}

--
2.39.2



2024-05-22 17:41:02

by T.J. Mercier

[permalink] [raw]
Subject: Re: [PATCH] dma-buf: handle testing kthreads creation failure

On Wed, May 22, 2024 at 5:24 AM Fedor Pchelkin <[email protected]> wrote:
>
> kthread creation may possibly fail inside race_signal_callback(). In
> such case stop the already started threads and return with error code.
>
> Found by Linux Verification Center (linuxtesting.org).
>
> Fixes: 2989f6451084 ("dma-buf: Add selftests for dma-fence")
> Cc: [email protected]
> Signed-off-by: Fedor Pchelkin <[email protected]>
> ---
> drivers/dma-buf/st-dma-fence.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/drivers/dma-buf/st-dma-fence.c b/drivers/dma-buf/st-dma-fence.c
> index b7c6f7ea9e0c..ab1ec4631578 100644
> --- a/drivers/dma-buf/st-dma-fence.c
> +++ b/drivers/dma-buf/st-dma-fence.c
> @@ -540,6 +540,12 @@ static int race_signal_callback(void *arg)
> t[i].before = pass;
> t[i].task = kthread_run(thread_signal_callback, &t[i],
> "dma-fence:%d", i);
> + if (IS_ERR(t[i].task)) {
> + ret = PTR_ERR(t[i].task);
> + while (--i >= 0)
> + kthread_stop(t[i].task);

This looks like it needs to be kthread_stop_put since get_task_struct
was called for previous successful kthread_run calls.

> + return ret;
> + }
> get_task_struct(t[i].task);
> }
>
> --
> 2.39.2
>