Re: [syzbot] KASAN: null-ptr-deref Read in __free_pages

From: David Howells
Date: Mon Mar 21 2022 - 05:38:16 EST

Next message: Arnd Bergmann: "Re: [PATCH V8 11/22] LoongArch: Add process management"
Previous message: CK Hu: "Re: [PATCH v3, 1/4] drm/mediatek: Adjust the timing of mipi signal from LP00 to LP11"
In reply to: Fabio M. De Francesco: "Re: [syzbot] KASAN: null-ptr-deref Read in __free_pages"
Next in thread: David Howells: "Re: [syzbot] KASAN: null-ptr-deref Read in __free_pages"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Fabio M. De Francesco <fmdefrancesco@xxxxxxxxx> wrote:

> I cannot have any objection, it's up to you to decide :)

Of course you can object. That's kind of the point of a review;-)

How about the attached instead, then?

David
---
--- a/kernel/watch_queue.c
+++ b/kernel/watch_queue.c
@@ -271,9 +271,8 @@ long watch_queue_set_size(struct pipe_inode_info *pipe, unsigned int nr_notes)
return 0;

error_p:
- for (i = 0; i < nr_pages; i++)
- if (pages[i])
- __free_page(pages[i]);
+ while (--i >= 0)
+ __free_page(pages[i]);
kfree(pages);
error:
(void) account_pipe_buffers(pipe->user, nr_pages, pipe->nr_accounted);

Next message: Arnd Bergmann: "Re: [PATCH V8 11/22] LoongArch: Add process management"
Previous message: CK Hu: "Re: [PATCH v3, 1/4] drm/mediatek: Adjust the timing of mipi signal from LP00 to LP11"
In reply to: Fabio M. De Francesco: "Re: [syzbot] KASAN: null-ptr-deref Read in __free_pages"
Next in thread: David Howells: "Re: [syzbot] KASAN: null-ptr-deref Read in __free_pages"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]