ping On 2019/2/20 21:27, zhengbin wrote: > When I use syzkaller test kernel, there is a NULL pointer dereference > in register_disk. The better solution is add return code to > __device_add_disk. There is a patchset(http://lists.infradead.org/pipermail > /linux-nvme/2016-August/005860.html) from Fam Zheng, int this patchset, the > modify is as follows: > int device_add_disk() { > ...alloc A... > retval = alloc B > if (retval) > goto fail; > ... > fail: > return retval; --->did not free A > } > There are many callers, ie: > loop_add-->add_disk-->device_add_disk-->__device_add_disk > loop_remove-->del_gendisk > ----->This will free all resources, inclue B(free fail) > > Maybe the better way is that if device_add_disk return fail, it should > free all resources? This needs to modify all the callers(Otherwise the > callers will double free), unfortunately, I am not very familiar with it. > > zhengbin (1): > Fix NULL pointer dereference in register_disk > > block/genhd.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > -- > 2.7.4 > > > . >
