When I use syzkaller test kernel, there is a NULL pointer dereference in register_disk. The better solution is add return code to __device_add_disk. There is a patchset(http://lists.infradead.org/pipermail /linux-nvme/2016-August/005860.html) from Fam Zheng, int this patchset, the modify is as follows: int device_add_disk() { ...alloc A... retval = alloc B if (retval) goto fail; ... fail: return retval; --->did not free A } There are many callers, ie: loop_add-->add_disk-->device_add_disk-->__device_add_disk loop_remove-->del_gendisk ----->This will free all resources, inclue B(free fail) Maybe the better way is that if device_add_disk return fail, it should free all resources? This needs to modify all the callers(Otherwise the callers will double free), unfortunately, I am not very familiar with it. zhengbin (1): Fix NULL pointer dereference in register_disk block/genhd.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) -- 2.7.4
