Re: [PATCH 3.16 083/254] dmaengine: dmatest: move callback wait queue to thread context

[Adam Wallis]

Ben

On 2/28/2018 10:20 AM, Ben Hutchings wrote:
> 3.16.55-rc1 review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Adam Wallis <awallis@xxxxxxxxxxxxxx>
> 
> commit 6f6a23a213be51728502b88741ba6a10cda2441d upstream.
> 
> Commit adfa543e7314 ("dmatest: don't use set_freezable_with_signal()")
> introduced a bug (that is in fact documented by the patch commit text)
> that leaves behind a dangling pointer. Since the done_wait structure is
> allocated on the stack, future invocations to the DMATEST can produce
> undesirable results (e.g., corrupted spinlocks).
> 
> Commit a9df21e34b42 ("dmaengine: dmatest: warn user when dma test times
> out") attempted to WARN the user that the stack was likely corrupted but
> did not fix the actual issue.
> 
> This patch fixes the issue by pushing the wait queue and callback
> structs into the the thread structure. If a failure occurs due to time,
> dmaengine_terminate_all will force the callback to safely call
> wake_up_all() without possibility of using a freed pointer.
> 
> Bug: https://bugzilla.kernel.org/show_bug.cgi?id=197605
> Fixes: adfa543e7314 ("dmatest: don't use set_freezable_with_signal()")
> Reviewed-by: Sinan Kaya <okaya@xxxxxxxxxxxxxx>
> Suggested-by: Shunyong Yang <shunyong.yang@xxxxxxxxxxxxxxxx>
> Signed-off-by: Adam Wallis <awallis@xxxxxxxxxxxxxx>
> Signed-off-by: Vinod Koul <vinod.koul@xxxxxxxxx>
> Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
[..]

Make sure you pick up the following bug fix on whatever branch you apply the
above patch to