On Tue, 11 Oct 2022 22:22:53 +0800, Yu Kuai wrote:
> From: Yu Kuai <yukuai3@xxxxxxxxxx>
>
> Our syzkaller report a null pointer dereference, root cause is
> following:
>
> __blk_mq_alloc_map_and_rqs
> set->tags[hctx_idx] = blk_mq_alloc_map_and_rqs
> blk_mq_alloc_map_and_rqs
> blk_mq_alloc_rqs
> // failed due to oom
> alloc_pages_node
> // set->tags[hctx_idx] is still NULL
> blk_mq_free_rqs
> drv_tags = set->tags[hctx_idx];
> // null pointer dereference is triggered
> blk_mq_clear_rq_mapping(drv_tags, ...)
>
> [...]
Applied, thanks!
[1/1] blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
commit: 76dd298094f484c6250ebd076fa53287477b2328
Best regards,
--
Jens Axboe
