Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp5826648rdb; Sun, 31 Dec 2023 20:10:11 -0800 (PST) X-Google-Smtp-Source: AGHT+IFQXwnxaZmyq4syQ+2GzMO6NH25yqxhjwicwDw8W2anjQu1RXkXgogUCItmgzV2XXD6wbX7 X-Received: by 2002:a05:6e02:1a49:b0:35f:d9c3:9cf3 with SMTP id u9-20020a056e021a4900b0035fd9c39cf3mr28999431ilv.10.1704082211258; Sun, 31 Dec 2023 20:10:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704082211; cv=none; d=google.com; s=arc-20160816; b=UlHcXYSXwrVIW53R8s59c+r4HXwjqyP/+E45P7fqz1usW65QeHym458CkxDdQeXun/ tmCjncuOYetKb63nj/ShnSvx1RRM9VwhbcEBkYdmieZrhmcpX9TGILxB/cmnfcq3xy1d YSKRC2GGGAWma3Qxd2Fx6DD+lgLrbd6fsAiwQmmkOdJaN2nRi06rBsJZ4htq8xjwJYb1 R8GLG/OvJdj1uGzMQRxTp6W66DxXEcUhFAGw4fIr7QzK/SqaN4nAQ4A0F7Y9PLqN+qlF UkTZpi5Uqg09Y/wdAVCYBKUNwlXOkIx11eTkafBxXMu4NsgF2F0c6ulXK/PNLsfTORvY XI2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:date :subject:cc:to:from:message-id:dkim-signature; bh=EAWbts1UfbZbtzWsloZ7v8ZRt6WChQIrav53bt3lJbw=; fh=uD/Xfam1mrxV9LPc/5qSLVBumDTrK4FfrNd8f4SSZ/k=; b=a/ASmhM+tU3rehkssTOzaox/lVxXCoHsAOIkNY7kt3TzAluQUNgCIW6m6C1epKjBor sw8XS/RT7DfFHMltYSYH9lfaR+pYeVqGRudfZ87P341aBQIemhX4ngOT0X4JUHJOjw8a hNkLbhpOEhV4gUakgGTfTi/xc/5Oq5hehmxhdsfSa1+V78Qc9msOL8VZLjczufz2vJnv 3YOlBTgmfsrK/e4MbjO9eFgQuTQG8JgsnIXPYwpScJf3T9kBwR6DGuf8vIGhIbjs0nmf ROkJpf8nCDbzg7d+N3k5H+r4m68IFpKzKhITaWNdetwseJPgP5Di8vn8Ds9Vtt+FeWne 5FUw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@qq.com header.s=s201512 header.b="S8Zb/QSA"; spf=pass (google.com: domain of linux-kernel+bounces-13825-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-13825-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id c1-20020a170903234100b001d4bd0fd59dsi454371plh.410.2023.12.31.20.10.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Dec 2023 20:10:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-13825-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@qq.com header.s=s201512 header.b="S8Zb/QSA"; spf=pass (google.com: domain of linux-kernel+bounces-13825-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-13825-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id E268D2811FE for ; Mon, 1 Jan 2024 04:10:10 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1808F4A0C; Mon, 1 Jan 2024 04:09:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=qq.com header.i=@qq.com header.b="S8Zb/QSA" X-Original-To: linux-kernel@vger.kernel.org Received: from out203-205-221-242.mail.qq.com (out203-205-221-242.mail.qq.com [203.205.221.242]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B4A2E469E for ; Mon, 1 Jan 2024 04:09:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=qq.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qq.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512; t=1704082179; bh=EAWbts1UfbZbtzWsloZ7v8ZRt6WChQIrav53bt3lJbw=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=S8Zb/QSAEKJZpeCIPa/mpQT8ORIFsBbL+s7+r+x+lycZMhteMly9kBR9ZxVl4N+3j dyvOoUMX/eWUTZeQJVmEN0/+owOFncZl1xyB97rcNSyYk5B7g6IEqNIMibV90mbJZp zJJiqwATi/MCvdVT0t5aJeyGtz3WEJ5MJsK/sMZg= Received: from pek-lxu-l1.wrs.com ([111.198.225.215]) by newxmesmtplogicsvrsza7-0.qq.com (NewEsmtp) with SMTP id 5C22667; Mon, 01 Jan 2024 12:01:28 +0800 X-QQ-mid: xmsmtpt1704081688t0x4yoqld Message-ID: X-QQ-XMAILINFO: MB5+LsFw85NoQTH+nO5NxAPtCrnSlZ01978F9e5VinuxsQzr2Nmn1gHa4JliGn elyCu32lQ0nscFZYDcpMw/4kNXCEUWtska3de0OSa1LbtrW97r4WOv0ds8ib4ZNZlexPG1xBu8/9 CFwpbO2rTgf7MZAKnHfGZdHj8PTJPX4M8Ubyc3Scl6lvL7PN/48ipJW0cLhoJ8ynHQCNABcFd7QO xEkT78/AGZ+QnMnStR/pGsDz+MQYsHa6lR3Yg1no+JeZN6bEk1f+rec9M9fjKtP4LECzCi8TmADE nRPOvvHWQcSdcctJZVTbPXFAsow3krjUDZunmGDNnNvJJTfZruuMAG/ohDTMpCOdjBOloghqslUk hkAOwxVqb+rrXI9lT5D0gMkrWClFLkVvIMLdrVpSdMRRhjJo/3fDZg7/3Xuvh9OPIeClk/H9/uVF ekLb6+GtjpNUOIeOE1j7xZuOqUpf9I+O+xYd7i3Zj/xfvAJoyGAY7olHKYoDiZp5pTNRSIixwU+D FbSO4oRd2nznEWEd5M7uDnjMbzUZtueGz+FnzCOpbhAcGqQ29fg1YyAaVT877YletLCaz29y3aY6 Wk/o9kXc+Uc1o6tQ5IrR4OrjHv/l8z4DwAy+MzPjTJDjEiS83O/VbJeFHW2P4Our2hJDdvWJq4zo NE4+H6b9TLu6WZj9FzBLB4tmiukt3nUBVBXxQDCsNUQn5Ci0rjW0CGtVx+gtDUkC/aEf1Ju2Kr8F NJZHzCad6fruJ/HILMl39T4WdjKP34W1nLpkp+fALdwUZjhnSWH8H5OH+NSlogDqYkuocT69cfG4 C7ea1hFSLNfGonzRST7OF8padTBb2QR8DQWM6JpPx6MLTNCRR07AVwNSMSkQt9fWlRppQk904hPZ EEy6Ef7szu1uSoOshu9+tc934jSAaE9vG+KYut4SRp01mFKwZho0g7GGMYs5JxF71S+0tEEKrX X-QQ-XMRINFO: OD9hHCdaPRBwq3WW+NvGbIU= From: Edward Adam Davis To: syzbot+9b4adfed366b14496e7e@syzkaller.appspotmail.com Cc: linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com Subject: Re: [syzbot] [dri?] [media?] memory leak in get_sg_table Date: Mon, 1 Jan 2024 12:01:29 +0800 X-OQ-MSGID: <20240101040128.213722-2-eadavis@qq.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <0000000000009e6825060dd6c287@google.com> References: <0000000000009e6825060dd6c287@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit please test memory leak in get_sg_table #syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git fbafc3e621c3 diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c index 21916bba77d5..709260211546 100644 --- a/drivers/dma-buf/dma-buf.c +++ b/drivers/dma-buf/dma-buf.c @@ -471,8 +471,11 @@ static long dma_buf_ioctl(struct file *file, if (sync.flags & DMA_BUF_SYNC_END) ret = dma_buf_end_cpu_access(dmabuf, direction); - else + else { + if (dmabuf->doing) + return -EBUSY; ret = dma_buf_begin_cpu_access(dmabuf, direction); + } return ret; diff --git a/drivers/dma-buf/udmabuf.c b/drivers/dma-buf/udmabuf.c index c40645999648..ff49e5cf7d07 100644 --- a/drivers/dma-buf/udmabuf.c +++ b/drivers/dma-buf/udmabuf.c @@ -151,7 +151,10 @@ static int begin_cpu_udmabuf(struct dma_buf *buf, struct udmabuf *ubuf = buf->priv; struct device *dev = ubuf->device->this_device; int ret = 0; + static DEFINE_MUTEX(lock); + mutex_lock(&lock); + buf->doing = true; if (!ubuf->sg) { ubuf->sg = get_sg_table(dev, buf, direction); if (IS_ERR(ubuf->sg)) { @@ -162,6 +165,8 @@ static int begin_cpu_udmabuf(struct dma_buf *buf, dma_sync_sg_for_cpu(dev, ubuf->sg->sgl, ubuf->sg->nents, direction); } + buf->doing = false; + mutex_unlock(&lock); return ret; } diff --git a/include/linux/dma-buf.h b/include/linux/dma-buf.h index 3f31baa3293f..4316ad0e6155 100644 --- a/include/linux/dma-buf.h +++ b/include/linux/dma-buf.h @@ -446,6 +446,7 @@ struct dma_buf { struct dma_buf *dmabuf; } *sysfs_entry; #endif + bool doing; }; /**