Re: [PATCH] [RFC] dma-buf: fix race condition between poll and close

following: Reported-by: syzbot+5d4cb6b4409edfd18...@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=5d4cb6b4409edfd18646 Tested-by: Dmitry Antipov Thanks, Dmitry

Re: [PATCH] [RFC] dma-buf: fix race condition between poll and close

On 4/24/24 2:28 PM, Christian König wrote: I don't fully understand how that happens either, it could be that there is some bug in the EPOLL_FD code. Maybe it's a race when the EPOLL file descriptor is closed or something like that. IIUC the race condition looks like the following: Thread 0

Re: [PATCH] [RFC] dma-buf: fix race condition between poll and close

On 4/24/24 10:09, Christian König wrote: To repeat what I already said on the other thread: Calling dma_buf_poll() while fput() is in progress is illegal in the first place. So there is nothing to fix in dma_buf_poll(), but rather to figure out who is incorrectly calling fput(). Hm. OTOH it

[PATCH] [RFC] dma-buf: fix race condition between poll and close

poll activity with EPOLLERR. Reported-by: syzbot+5d4cb6b4409edfd18...@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=5d4cb6b4409edfd18646 Signed-off-by: Dmitry Antipov --- drivers/dma-buf/dma-buf.c | 23 ++- 1 file changed, 18 insertions(+), 5 dele

[PATCH] drm/nouveau: svm: fix kvcalloc() arguments order

' arguments of 'kvcalloc()' are multiplied to calculate the final size, their actual order doesn't affect the result and so this is not a bug. But it's still worth to fix it. Signed-off-by: Dmitry Antipov --- drivers/gpu/drm/nouveau/nouveau_svm.c | 2 +- 1 file changed,