All of lore.kernel.org
 help / color / mirror / Atom feed
From: Ming Lei <ming.lei@redhat.com>
To: Christoph Hellwig <hch@lst.de>
Cc: Jens Axboe <axboe@kernel.dk>,
	linux-block@vger.kernel.org,
	Cheyenne Wills <cheyenne.wills@gmail.com>
Subject: Re: [PATCH] block: fix NULL pointer dereferenced within __blk_rq_map_sg
Date: Mon, 17 Feb 2025 11:11:38 +0800	[thread overview]
Message-ID: <Z7Ko6gCTKoHitPgT@fedora> (raw)
In-Reply-To: <20250214141010.GA24011@lst.de>

On Fri, Feb 14, 2025 at 03:10:10PM +0100, Christoph Hellwig wrote:
> On Fri, Feb 14, 2025 at 04:46:38PM +0800, Ming Lei wrote:
> > Discard request may use special payload only and doesn't have bio
> > attached, so the request iterator has to be initialized from valid
> > req->bio, otherwise NULL pointer dereferenced is triggered.
> 
> So while the code changes here look good to me, the commit message is
> wrong.  discard requests always have at least one bio attached, so we're
> not going to hit this condition.  Discard requests also aren't even
> handled by the function in Cheyenne's report.  I'm pretty sure this is
> a flush request, as these are the only non-passthrough requests without
> a bio.
> 
> > +	/* discard request may not have bio attached */
> > +	if (iter.bio)
> > +		iter.iter = iter.bio->bi_iter;
> 
> Same for the comment.
 
You are right, it should be the flush internal request, even though
mapping discard request may not need bio, I will fix the commit log and
comment.


Thanks,
Ming


      reply	other threads:[~2025-02-17  3:11 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-02-14  8:46 [PATCH] block: fix NULL pointer dereferenced within __blk_rq_map_sg Ming Lei
2025-02-14 14:10 ` Christoph Hellwig
2025-02-17  3:11   ` Ming Lei [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Z7Ko6gCTKoHitPgT@fedora \
    --to=ming.lei@redhat.com \
    --cc=axboe@kernel.dk \
    --cc=cheyenne.wills@gmail.com \
    --cc=hch@lst.de \
    --cc=linux-block@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.