Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp5805555rdb; Sun, 31 Dec 2023 18:49:22 -0800 (PST) X-Google-Smtp-Source: AGHT+IEDDprB9siPeb5jabjRJiY22i2s3s0WUqXI62vBoFqNFey+i+3CagVmm8WLLzdkz3TLYn3a X-Received: by 2002:a17:902:7d96:b0:1d4:20ed:ec46 with SMTP id a22-20020a1709027d9600b001d420edec46mr6996449plm.104.1704077361985; Sun, 31 Dec 2023 18:49:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704077361; cv=none; d=google.com; s=arc-20160816; b=Q4iS+rWb8O3lgULlOBUNKnSq5elCCL1AN7KAMQl3DgJ+1wtTo3neZAcBT3bYX1Vvdk ECrwis8QchArCGHjARlaWuZ+UOfzXIoirmQ3B8mvx4fp7AHzJ4ZffbpEt3QtxEQh75md zTuu/TxU5qQAUsy5X42xDbJZ/ZFFYQ3dTy/BXYOjCXCegxlr5GYhlitDHdDYY66RAlje EJIFIjQtFVIFmIMWLgaaKMIkLcBPZCmI8SDS1pQ8yEKV7SBNVFD3y8VlmmunRbZ51VS0 X2M3T+7cNNNfL4X1bao2VCYpeq6ho/WHTdfjLnwiO/DkXIxDe7BVTFCXRYEHVrWlcZqS PYGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:date :subject:cc:to:from:message-id:dkim-signature; bh=KabU2A20PeH4SZvFCt9NizESfm+H7X76LgXU4kut9EA=; fh=uD/Xfam1mrxV9LPc/5qSLVBumDTrK4FfrNd8f4SSZ/k=; b=nVP7GF60Lzex/RHt3XRV+2rfy0y72C5GPuw3pyJO0XMB+kIirnbUWQrrE3wGtL40VZ XlMdXTxpprSLbA1XVa0pUL763/pCYGJzH/YqlCcpbh8VSwe/aiKItt4ETivOhy2ff2Be mr4oV2ObQV76BCoq93suNm6OTi/mer2y2lo5UBYwnDuJBIdUAJJWwZApkkxvSv4NHJkY WXjtcsYs5lDKQwYMxyez8dGpdaSqC3B1zt4+SvvkSHrmbmtpJ3RojbUWDFr7O61vLBO0 ZL57POfv5iCdJto/JLMe+nEnG0Cp1S4eJq47oJheXgS9q6nlYc8NcQ8c63U/cWoELCCa SzEA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@qq.com header.s=s201512 header.b=Bdgtk0Jz; spf=pass (google.com: domain of linux-kernel+bounces-13817-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-13817-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id r7-20020a1709028bc700b001d4ac32b3e9si2452171plo.393.2023.12.31.18.49.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Dec 2023 18:49:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-13817-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@qq.com header.s=s201512 header.b=Bdgtk0Jz; spf=pass (google.com: domain of linux-kernel+bounces-13817-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-13817-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 750CDB218F7 for ; Mon, 1 Jan 2024 02:49:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3E5757FD; Mon, 1 Jan 2024 02:49:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=qq.com header.i=@qq.com header.b="Bdgtk0Jz" X-Original-To: linux-kernel@vger.kernel.org Received: from out203-205-221-239.mail.qq.com (out203-205-221-239.mail.qq.com [203.205.221.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1D4857F9 for ; Mon, 1 Jan 2024 02:49:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=qq.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qq.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512; t=1704077348; bh=KabU2A20PeH4SZvFCt9NizESfm+H7X76LgXU4kut9EA=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=Bdgtk0Jz8er9VwJV5A+nzjanappZ/3m3AY0LZ/azIcz/Kop8D9psWvKOVW+1ROotx ZbOZSdPqby+vmds+uMb+Cjoc7nR18wHrtWzy5fiNoDWobG53blIdMkIt9DujBVNl+v fx5VqM16htLqGEFqN6ZeCGVHGfOkx4sXVsryVnPY= Received: from pek-lxu-l1.wrs.com ([111.198.225.215]) by newxmesmtplogicsvrszb9-0.qq.com (NewEsmtp) with SMTP id AB9902DF; Mon, 01 Jan 2024 10:42:57 +0800 X-QQ-mid: xmsmtpt1704076977tn6u9b761 Message-ID: X-QQ-XMAILINFO: N7h1OCCDntuj9WoC9EoF/oqbsyZHeK7h3Ac31eb5jQGc0J4BZuiJJHd/po+Yky Rb+rrS66YsZJPgVn+QP+KM8m8bzWF+VF2/HNIH7v8ymN045MHASXVn/xi+1uOcP0MVE2qqkxNZZl V431AW7s8z0Y85lLJmqtyClpNFiEuVT2j7tsEQt/oxAl4kjqonnpW9yGYKrruTWYLGS+8QtMNQ/r fr3UjQ+M/R6ULUX0t99sdGKzgh9r7X8M/RGv+PTh2Hknq/0qDJRPMDjyGmHIuDfWnp1flQRLxHdP yORihYuAsZbeCb7LjvM83wOePoaJbiF7RBuwkKNiAVe6HwzuhzJ0WTNXZrj/QohIxXE0uBqpHxu/ V9aRvPqqx1NDth57kqHu5NYqlkAvIt7qDp1gdAsSwkkaibhWTpvKehGnXmiSufTD9YbduUBx3OGo XQ9rNVVoFKfo3Wz0H6lf7Xu6FeR8fb1S9ZQH9tmR+9ApS59uALQlRwlOLcglO3zrqxM/aMGuG1sl n31K2A79eXcSQEy9D+O96zT/VXBsUIJFzc4AZmIGzJCE0XJJRkXTh+hQm+MrxQnRPSN5bNaQJY44 1K5G+UQIncnjJiZzxdoLtaQZOJsAQJqYnjpidwDUagFWU1MD7ca5pqq6gGuqL4FlfZc45flzm2JT VEggB/1rw69KH8S2pe8GzObbZ8X/Oq3g49ZkptmBkNzNr0CBzRbq5JO6sh3iBaZpG2HT++JbDm4z JgSJ9V9xQe1X3dwaTMkaU73HMwb7LfUYUYOKHdbQOCPB7j8QrqEnESp8xIbRTR0cgkuFxzC1MN+h cpG2Qoltfkdc1ks+SN2v9IqTiRHwQM2ySulfaZvvQ8BCXXtcUH8qXCWyqPKNZyorbrmBytJuhHqC QN8SVa4cOe+lHc1ekCJOK6HOlMpW88zA5lD7zkCVdBq4eCfva53BL5/RCL27Sh8w== X-QQ-XMRINFO: Mp0Kj//9VHAxr69bL5MkOOs= From: Edward Adam Davis To: syzbot+9b4adfed366b14496e7e@syzkaller.appspotmail.com Cc: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com Subject: Re: [syzbot] [dri?] [media?] memory leak in get_sg_table Date: Mon, 1 Jan 2024 10:42:58 +0800 X-OQ-MSGID: <20240101024257.148635-2-eadavis@qq.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <0000000000009e6825060dd6c287@google.com> References: <0000000000009e6825060dd6c287@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit please test memory leak in get_sg_table #syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git fbafc3e621c3 diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c index 21916bba77d5..709260211546 100644 --- a/drivers/dma-buf/dma-buf.c +++ b/drivers/dma-buf/dma-buf.c @@ -471,8 +471,11 @@ static long dma_buf_ioctl(struct file *file, if (sync.flags & DMA_BUF_SYNC_END) ret = dma_buf_end_cpu_access(dmabuf, direction); - else + else { + if (dmabuf->doing) + return -EBUSY; ret = dma_buf_begin_cpu_access(dmabuf, direction); + } return ret; diff --git a/drivers/dma-buf/udmabuf.c b/drivers/dma-buf/udmabuf.c index c40645999648..ed98c0319e03 100644 --- a/drivers/dma-buf/udmabuf.c +++ b/drivers/dma-buf/udmabuf.c @@ -152,6 +152,7 @@ static int begin_cpu_udmabuf(struct dma_buf *buf, struct device *dev = ubuf->device->this_device; int ret = 0; + buf->doing = true; if (!ubuf->sg) { ubuf->sg = get_sg_table(dev, buf, direction); if (IS_ERR(ubuf->sg)) { @@ -162,6 +163,7 @@ static int begin_cpu_udmabuf(struct dma_buf *buf, dma_sync_sg_for_cpu(dev, ubuf->sg->sgl, ubuf->sg->nents, direction); } + buf->doing = false; return ret; } diff --git a/include/linux/dma-buf.h b/include/linux/dma-buf.h index 3f31baa3293f..4316ad0e6155 100644 --- a/include/linux/dma-buf.h +++ b/include/linux/dma-buf.h @@ -446,6 +446,7 @@ struct dma_buf { struct dma_buf *dmabuf; } *sysfs_entry; #endif + bool doing; }; /**