Hi Lee : I saw your patch because of CVE-2022-20158, the patch like below: --- mm: backing-dev: Take a reference to the bdi in use to prevent UAF KASAN reports a reproducible issue in the BDI handling code due to a dereference of a previously freed pointer to 'struct backing_dev_info' in bdi_unregister(). Because of a distinct lack of locking and/or reference taking, blk_cleanup_queue() puts the final taken reference to the bdi, which is then promptly freed by release_bdi(). However, del_gendisk() calls bdi_unregister() after the fact, which then attempts to dereference it causing the kernel to panic. Bug: 182815710 Signed-off-by: Lee Jones <lee.jones@xxxxxxxxxx> Change-Id: Iaf3dadf3b983a4b7d74d4e273fc676350cfc387f --- I am sorry that I have some questions for this patch. According to my analysis, I failed to find the relevant process may lead to null pointer reference. can you show me "KASAN reports a reproducible issue" that what the problem is? thank you very much!
