From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 365C6C3DA59 for ; Tue, 16 Jul 2024 02:28:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A87426B0085; Mon, 15 Jul 2024 22:28:44 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A36F66B0088; Mon, 15 Jul 2024 22:28:44 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 94D656B008A; Mon, 15 Jul 2024 22:28:44 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 774AD6B0085 for ; Mon, 15 Jul 2024 22:28:44 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 17DA1A0325 for ; Tue, 16 Jul 2024 02:28:44 +0000 (UTC) X-FDA: 82344032568.24.4F0D671 Received: from out-175.mta0.migadu.com (out-175.mta0.migadu.com [91.218.175.175]) by imf12.hostedemail.com (Postfix) with ESMTP id 12B5F4000B for ; Tue, 16 Jul 2024 02:28:40 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=NTAusPSc; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf12.hostedemail.com: domain of youling.tang@linux.dev designates 91.218.175.175 as permitted sender) smtp.mailfrom=youling.tang@linux.dev ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1721096878; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=O1mujR3vP2Iz9uVp53noz/jO9KfAisyw45Xfjm48+HU=; b=evW2kdV4FZJgerbkZoJEd7/9/hf9SYNtvnHt154rVMgHDTGJXS4jqgIalohWeJcKblG6jB aCjvXF9f6E11OvF34BT1FRtebzjPkYaSaU70x8LyMaoKvg5Ciy8EeeEDvVjwk+bOWgH0JO tJ7la/2oUdVOSMGCU5iduF6Cf7cOLGk= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1721096878; a=rsa-sha256; cv=none; b=y+hh+D717F3cUrzbWqB+C9kM++OSS+LmyyTwvoeCpvspa9Bh5Dcdfycny6hW0FkLFm48ln y82MMSSu9x4OFWk/tpO5j+92Hu0tTT1ZZqxMVQtzwABaeK3XbwOPWPcu4z0LD7iVTqUUmg 0UBlpQQouYoL8wyZ2NviQF7ylVerZ2A= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=NTAusPSc; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf12.hostedemail.com: domain of youling.tang@linux.dev designates 91.218.175.175 as permitted sender) smtp.mailfrom=youling.tang@linux.dev X-Envelope-To: kent.overstreet@linux.dev DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1721096919; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=O1mujR3vP2Iz9uVp53noz/jO9KfAisyw45Xfjm48+HU=; b=NTAusPScl9gsv4KjVF0LzveVhAUYesQc7ZaWNzuqzJnO7NLdBRCIcXIwRIMKwoqL2LVipO OMrFXf3TnqgNBgEab1VPfPPtyUVzdWxgHEmm9TD4Og7rqtYjWq8ZbHT1rFAH3v1u0CN9jV wgqw+dnphKMegVJew+Tb/aywoHQdKvQ= X-Envelope-To: akpm@linux-foundation.org X-Envelope-To: linux-mm@kvack.org X-Envelope-To: linux-kernel@vger.kernel.org X-Envelope-To: tangyouling@kylinos.cn X-Envelope-To: zhengqi.arch@bytedance.com Message-ID: <7db60e36-9c96-4938-a28d-a9745e287386@linux.dev> Date: Tue, 16 Jul 2024 10:28:33 +0800 MIME-Version: 1.0 Subject: Re: [PATCH] mm: list_lru: Fix NULL pointer dereference in list_lru_add() To: Kent Overstreet Cc: Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Youling Tang , Qi Zheng References: <20240712032554.444823-1-youling.tang@linux.dev> <8ce42a2e-783f-4244-8e75-21dcd578adf5@linux.dev> Content-Language: en-US, en-AU X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Youling Tang In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 12B5F4000B X-Stat-Signature: kfec9gsecw5i58aidqf59e6597iuxg59 X-Rspam-User: X-HE-Tag: 1721096920-742902 X-HE-Meta: U2FsdGVkX19uKbcd23SJLqadyppztP++CLxf1EyUezl0W+peOUiZc7LmrBzCpwBAw4BvuOZ9ZqhsxNDDe9Seff5YIOkeLfM0DUuj5nTXDX6v5p9pZhU158eLwYvptVuKdXDwJ5cBQdKJHRS5MEsT3L/T25CmV4R8kesRTCdebr+JqgNV+KmrPk4dmHk9DmnWd6wkQYhpIwxEEOx6a9TO0T9OfWkSAaCMxZ6uwSKI7VA1yGbcn6ZvRDXS6J7lMseoYllTkuCo2QmPAIGy2cg9okEW39f7QbpqXbg5Ey/EWNTVIVtTnec6DW6KdvWdXxVGo5GN4pcue45Dgm4nZjsthUjhpflUKDFr1/NGEWemFborGvL1/sxJwYwgd80nt0LSe8EPs0ffWj6eL1sx5Ib5w9TgYK61PH0ifAMbIuC5Id6NPfhh3b1Mg7XnxwG7HwEY/SbtCJewamkBCOVr4xD4Lz7bS/ysOZVqiT3koIVH3shlO0h/67oP8CgdepRPWb40mfOAofXuj9dCfCnfcfvCz2lq/x0BmPqHsqm6DTK83C8LwCeXK7TfuPiZvloc9tXwZ+42xWOwkdhOkd5HrYTvZMCKix5fiVq0TxMBqjG1nsZhV4M2S0xCwzjEybUGvJq27kcacg3E+pNJM0YNfeAgER8DA28b5LnWrzkiMwvPrToE3o8y1GwZfzc5Ub13CQnP+ksFI6jerU2SRbs51K2hC98U1HqjLKCIXYNH5MYkX9R/sxDJusOGNqg4v7buzz/wPpY9vxlh29dXxxsiCt4QuSZr+AejXr2MPCSfHOV/IeI6FFuhiq26TN7kyHpK96DRUEaaA5bihlIEMFP0GsV2gdLije3anzNWLLNezAF9F8iA5P59zKYqXpwRuT6RvMncOHs+CNIRuY942Zmr2JOyv6DVA+HlYYZCOBtGbeX24bNWkdKTkajAKenCSvOWP/4Bbi4DBLqXCLfeNHYHlHo ozi37ljj KAW9trO6SGgSt8oRHri6fO14cHoOra6e9YOMjo+UKYrA+sXT+9Jhwi9q5T2oookQ/lVzwre3L7UofQ2ARDCoMzd0ytOoh0MATiMmA6EQMC58g3wGE68XcwqoVcahrYns0jUz8F0OYf5FHhc5xJjWN8xG2ixlFVuW0UTnrGWIv5SZufOilVH8zPw9lSv3p0umOhaQJWqSH3zVSLC4N00c4IB4T3N6ZUVIwAA7tq7jTMz45v2QUL66iHt8erd+cSfVxoYx1cnM6wX4EvqcMsSZWBKGIa0d4OtmZ86QRQVQNq28O4DqhtfbeGzh/UQP4IUB5zmYBy+5JihxNpD0bAjeaEhegfr22vvvP9wwQVyeLkIi89voW6DqaXTEPUrnd7SbginNHleHdzGYPMokj7XTQ4s16Cqq3nDklZ1rtLw3prxpSRgc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hi, Kent On 12/07/2024 23:49, Kent Overstreet wrote: > On Fri, Jul 12, 2024 at 12:28:57PM GMT, Youling Tang wrote: >> Hi, Kent >> >> On 12/07/2024 12:07, Kent Overstreet wrote: >>> On Fri, Jul 12, 2024 at 11:25:54AM GMT, Youling Tang wrote: >>>> From: Youling Tang >>>> >>>> Note that list_lru_from_memcg_idx() may return NULL, so it is necessary >>>> to error handle the return value to avoid triggering NULL pointer >>>> dereference BUG. >>>> >>>> The issue was triggered for discussion [1], >>>> Link [1]: https://lore.kernel.org/linux-bcachefs/84de6cb1-57bd-42f7-8029-4203820ef0b4@linux.dev/T/#m901bb26cdb1d9d4bacebf0d034f0a5a712cc93a6 >>> I see no explanation for why this is the correct fix, and I doubt it is. >>> What's the real reason for the NULL lru_list_one, and why doesn't this >>> come up on other filesystems? >> We can break it down into two questions (independent of each other): >> 1) Error handling is necessary when l (lru_list_one) is NULL here. > No, you're just hiding the actual bug - since I wasn't clear, I'm naking > this patch. We should use kmem_cache_alloc_lru() instead of kmem_cache_alloc(), similar to the [1] modification. Apply the following patch to fix the problem: diff --git a/fs/bcachefs/fs.c b/fs/bcachefs/fs.c index f9c9a95d7d4c..79a580dfb5e1 100644 --- a/fs/bcachefs/fs.c +++ b/fs/bcachefs/fs.c @@ -227,7 +227,8 @@ static struct inode *bch2_alloc_inode(struct super_block *sb)  static struct bch_inode_info *__bch2_new_inode(struct bch_fs *c)  { -       struct bch_inode_info *inode = kmem_cache_alloc(bch2_inode_cache, GFP_NOFS); +       struct bch_inode_info *inode = alloc_inode_sb(c->vfs_sb, bch2_inode_cache, GFP_NOFS);         if (!inode)                 return NULL; Link [1]: https://lwn.net/ml/linux-kernel/20220228122126.37293-5-songmuchun@bytedance.com/ Thanks, Youling.