From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3BD00CFA771 for ; Fri, 4 Oct 2024 12:07:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C2CDF6B0400; Fri, 4 Oct 2024 08:07:34 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id BDC936B0401; Fri, 4 Oct 2024 08:07:34 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A7CD26B0402; Fri, 4 Oct 2024 08:07:34 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 878766B0400 for ; Fri, 4 Oct 2024 08:07:34 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 32CD1C15DC for ; Fri, 4 Oct 2024 12:07:34 +0000 (UTC) X-FDA: 82635795228.21.DB64153 Received: from mail-ed1-f46.google.com (mail-ed1-f46.google.com [209.85.208.46]) by imf13.hostedemail.com (Postfix) with ESMTP id 3C9AE2000D for ; Fri, 4 Oct 2024 12:07:32 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Fm4AFSt7; spf=pass (imf13.hostedemail.com: domain of gianf.trad@gmail.com designates 209.85.208.46 as permitted sender) smtp.mailfrom=gianf.trad@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728043479; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=dJVK921w3iFUMPjOsedY5HobXgKXFD8ikd8FUYg1RJY=; b=dtkrIuVZm+rh4WjSNQ3sbtqmQG9kU/AkHPKbhB2dAqFD1Mq1IVa5Y6YWG2ZrLaldK+Rgm4 sMsGDmuZn7MBQpRrzlPcUVIiAzHFjGpnzAU5gpK/ItcnQLUV8qFHfK45ts912rIglPlKci NGgw/wZWSA/XpfQc346lUYQRi2/zsJk= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Fm4AFSt7; spf=pass (imf13.hostedemail.com: domain of gianf.trad@gmail.com designates 209.85.208.46 as permitted sender) smtp.mailfrom=gianf.trad@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728043479; a=rsa-sha256; cv=none; b=tnBCG6gR0Nd6t7T6AVpbnicWNEFD7q7ktvlgSN0jJXHHupeEd7yXNQG+40N43Xy2b7p0RF 7qgL2D/JMv6voE1xpsY+Czy+hbivNt3vraqBOhN0CBO7rbbZ+Ev7D8XO/XfUikJrWbUEPh x+F7TUXjYdwyUPQL+5G1GtMpBt29Rqo= Received: by mail-ed1-f46.google.com with SMTP id 4fb4d7f45d1cf-5c896b9b3e1so2704234a12.2 for ; Fri, 04 Oct 2024 05:07:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728043651; x=1728648451; darn=kvack.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=dJVK921w3iFUMPjOsedY5HobXgKXFD8ikd8FUYg1RJY=; b=Fm4AFSt7TBjMeKfS7jJx9OhGdmvasTLD3hygz2KEvhXJHtIsn3l63kk5HTndfM6EwD wurKI6pBPJ7oO5TbyUjBqwT68XcApxDm0B0xk8n81wWtr+AwUOA2p6pMUHZSKGYOcAJl PVNUW8l6Vt+BvHSr1joja7bVp2FRhIlRK4DPYeNGs7FQGnj+D9NpSQwbZo1l0Wzs/ASJ 38/vapRPwGYMj5iJUY2YCwDEWX7E1+LjkETOlgxTuwFo05t5uzyNHCLD7VGGEFpjCmm/ 6aa9WWcmJ7Vof6C5Wcj2Sp2PCkjxVLetIuds9fMpy/k7Tk1u4xrWu+QieoIQr/0jTni7 2oZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728043651; x=1728648451; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=dJVK921w3iFUMPjOsedY5HobXgKXFD8ikd8FUYg1RJY=; b=iDCrulcitM3Q5BhW8nM0rFYYhqFhRCZDd7sNww6w4Bn/TYyb0KTdYmTI42jxWMY6J0 aeD3qh+y+5gV3I84znbidGquGtl/tqeHs4y/A6KmngaaVoaVq/E3Qf2864EqhkB6n9IV lo+yNbGByjvNQTkqIs4/t01MR+pecNpa+ULdEco6LtwBkjwzUJyFi8TLOGrcAWCmkk4p pquPsW8Yy7SdBxkn8o9hwCAOMVQUwH/szUzxpOLI1vogA3cMYUaKG3jEnbXNuKtLS2xF EbLQ/ZHt2jqOVMBhz18t4aAyBKNx0CGQHQ351etnqFmrwHRf14jLgE7pHBvXV/iPUS8Q VnVg== X-Forwarded-Encrypted: i=1; AJvYcCUPq0wtkeIXPP7x+EM1A1Xcq5PfofNTgap2Ud+VDWwQopn/wChpeF+lgeOBk648qU44mWoKFDdE0Q==@kvack.org X-Gm-Message-State: AOJu0YzCY5vqsphw3OZxpQbtF652ayOW9LGJ1VRMpI19Gm975BNkuPqY ITXcqQ0KkbPGrZljfDWP1w7aMWrAFUzz5ZfsJPz7mJznWjOnqqAJ X-Google-Smtp-Source: AGHT+IGCmBA6NptMvevhseiOieqkBOfft0hRfl6fCcaTQKwAPYzIHgU2oHNiwCMzms/GqgiqijKR0w== X-Received: by 2002:a05:6402:538a:b0:5c5:b9c2:c5bb with SMTP id 4fb4d7f45d1cf-5c8d2e9f05dmr1729696a12.35.1728043650570; Fri, 04 Oct 2024 05:07:30 -0700 (PDT) Received: from ?IPV6:2a01:e11:5400:7400:cad:e881:e8d:c87? ([2a01:e11:5400:7400:cad:e881:e8d:c87]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5c8ca4f713asm1766441a12.97.2024.10.04.05.07.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 04 Oct 2024 05:07:29 -0700 (PDT) Message-ID: <991c8404-1c1c-47c7-ab27-2117d134b59b@gmail.com> Date: Fri, 4 Oct 2024 14:07:25 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2] Fix NULL pointer dereference in read_cache_folio To: Matthew Wilcox Cc: akpm@linux-foundation.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, skhan@linuxfoundation.org, syzbot+4089e577072948ac5531@syzkaller.appspotmail.com References: <20240929230548.370027-3-gianf.trad@gmail.com> <20240930090225.28517-2-gianf.trad@gmail.com> Content-Language: en-US, it From: Gianfranco Trad In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 3C9AE2000D X-Stat-Signature: 9mtzzri7uswmnotzdcy5ec563obk7xaq X-Rspam-User: X-HE-Tag: 1728043652-210170 X-HE-Meta: U2FsdGVkX19nxAnuxemsopcClo/isnYArVwHAmU34ZyfIZey3mjmb61ykC5tkUwXe09j80An0Gg6jPkEnQtsgnlyUJ2svs7i5X0PL3/Y+QknK7LgQJYugA9pvLn8uPmETlSHIX1FOTqgjWkMx4uOHoF+0CelMWqesa5pESBX+lerzo55vN797EgBwj9k2bm7AHfsZOHcaFqWb6fI4BaMZ3OM6fnf+bDZcEmbRYInpD3GRdN+qptqmD5Gme3OlXTpYPBhObauRRlpYKghIMWh0uxgJVElwT8fxnLrIdKKO5nrM9J8AhFGrLYReFtko2URQ49HG7muQsq4SEjWjAjmwrRMmDuXLrE8WgXPsnTpPVrbZv1sxILILXlkyIUlIJKziqUNT2zg4D9tiaCbVKoGc5sp/1MUdEpzbBCWZtnL29Fz6ulXpeE7kBSCSTqqAUDGyU1A8RM9WamMi2cPSKIyMzX3lAi16+8e8WbjMtF8RHnvxUMhZt/XNE7nnEansea+8wO7o9OCW/ItqkjlJ9QP4yMf+m8GGZdegiznB7HhNyNcH7ml8isoWqF3rqDzj02KPWhnj/M/AOXtPClSX9nYt2TAIHTb7sel20lrPrPzphl/hk63cPaYdKxcQtk/Y6fS2FHzSHQZRcqXbNDNpxj6aPSnvC9im7A5jJ78k2GTNkiTT86Slp81qY+QVB3mJzX4CE8N8nOEwOJcSIXgnZ8L6DV92sOvboc/B7pIAH5skQiWUC6JKI+omKcb9ZFzePuLyacZqAt5G9J1vRsBe/Fw13j/c1HFcKQjicJ7hZzJKD1XLDw25Os+tRc1aPlSedcbPhSyeVt1lqz5krdWDRAYfopNa2LWyjbO+nXlTggTq70mWwzCatP2Dpo92Q7im9QDSzvtwXPzfbbiqLUFXtCpuu1STdTN8Y0TSUI0LURTtuDYHFKvNif/9SNbq/WjnlcxpEzzFH1zat9zc9ZPc90 A+8V2pHQ LVAwJG/IfqcrzmiHQ8FDvPe2u9ZKXZJI8To2gF0PiigoTyEZvWmO91GKvTdqa7T53pDX2Ybh3kHCkQYBUH23hx4ia6/5Kr27uUBpsZPXt5QcxEMaWZYDyjdY0KabgZ0HjUdjC158MCZrzQ1JrjSgy97RuU9q0K9NXkQtQ/zqiLN71iauOhe7Z2JM54NdlTupp8+j1GlVTOyUkq4X1hb8Cs4rNy84fsVyCoWxsXMZKiPHK4WdmmyMFMpWimZTRoHjAmELiAXRCOQ1VDH4rKWQiF1QZEuE8qxVyI0f2tZ5jLb8iFBiq5v/rKjpixvaT/3fFk/PQy/G/UiZRrtOqnf+u3ybXpNxrjilrDWwWbv8RFru8m3rFDOG1GsSZjyo7RkfmQks8utE+xfMfZbXoy74ElQVIPkayZCExkMd+QwAOxFQeA6J+Tg5zjr2jVde6jlN3k8wOqrOiLZBlBUxWd4LkYptUV/w+EQUxKR0ca7NNpno2cZCHNl8JB4cAdZQK/VEklRUhXtw5ShugDmdCsNnkyYPuBjk/vMa+jyLH4u3H+lRKI0ttYUus+jLbWJgB0TZAT1Sua/ZcPdhoboBL5FfgDbTJ6SDQJJSgQyzZsvXAZZgFZnR+ls6cxNhtSw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000001, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 30/09/24 20:14, Matthew Wilcox wrote: > On Mon, Sep 30, 2024 at 11:02:26AM +0200, Gianfranco Trad wrote: >> @@ -2360,6 +2360,8 @@ static int filemap_read_folio(struct file *file, filler_t filler, >> /* Start the actual read. The read will unlock the page. */ >> if (unlikely(workingset)) >> psi_memstall_enter(&pflags); >> + if (!filler) >> + return -EIO; > > This is definitely wrong because you enter memstall, but do not exit it. Got it, thanks. > > As Andrew says, the underlying problem is that the filesystem does not > implement ->read_folio. Which filesystem is this? Reproducer via procfs accesses a bpf map backed by an anonymous inode (anon_inode_fs_type), with mapping->a_ops pointing to anon_aops, hence, read_folio() undefined. > >> error = filler(file, folio); >> if (unlikely(workingset)) >> psi_memstall_leave(&pflags); >> -- >> 2.43.0 >> I suppose the next step would be to contact the proper maintainers(?) If you have any additional suggestions, I'd be more than glad to listen. Thanks to both of you for your time, --Gian