On Thu, May 07, 2026 at 03:44:25PM +0100, Liviu Dudau wrote:
> Commit 18226ba52159 ("drm/syncobj: reject invalid flags in
> drm_syncobj_find_fence") forgot to take into account the fact that
> drm_syncobj_find() takes a reference to syncobj and returns early
> without dropping the reference, leading to memory leaks.
>
> Fixes: 18226ba52159 ("drm/syncobj: reject invalid flags in
> drm_syncobj_find_fence")
> Reported by: Sam Spencer <[email protected]>
> Signed-off-by: Liviu Dudau <[email protected]>
Ping on this patch.
Erik's email address is bouncing, anyone else willing to give an ack?
Best regards,
Liviu
> ---
> drivers/gpu/drm/drm_syncobj.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/gpu/drm/drm_syncobj.c b/drivers/gpu/drm/drm_syncobj.c
> index 8d9fd1917c6e6..c9dbf64c0c9f2 100644
> --- a/drivers/gpu/drm/drm_syncobj.c
> +++ b/drivers/gpu/drm/drm_syncobj.c
> @@ -442,13 +442,15 @@ int drm_syncobj_find_fence(struct drm_file
> *file_private,
> u64 timeout = nsecs_to_jiffies64(DRM_SYNCOBJ_WAIT_FOR_SUBMIT_TIMEOUT);
> int ret;
>
> - if (flags & ~DRM_SYNCOBJ_WAIT_FLAGS_WAIT_FOR_SUBMIT)
> - return -EINVAL;
> -
> if (!syncobj)
> return -ENOENT;
>
> - /* Waiting for userspace with locks help is illegal cause that can
> + if (flags & ~DRM_SYNCOBJ_WAIT_FLAGS_WAIT_FOR_SUBMIT) {
> + ret = -EINVAL;
> + goto out;
> + }
> +
> + /* Waiting for userspace with locks held is illegal cause that can
> * trivial deadlock with page faults for example. Make lockdep complain
> * about it early on.
> */
> --
> 2.54.0
>
--
====================
| I would like to |
| fix the world, |
| but they're not |
| giving me the |
\ source code! /
---------------
¯\_(ツ)_/¯
