From: Qian Cai <cai@lca.pw>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Anders Roxell <anders.roxell@linaro.org>,
Arnd Bergmann <arnd@arndb.de>, Michal Hocko <mhocko@suse.com>,
linux-mm@kvack.org
Subject: Re: [PATCH] backing-dev: no need to check return value of debugfs_create functions
Date: Tue, 22 Jan 2019 13:46:38 -0500 [thread overview]
Message-ID: <86349002-49d7-7053-b26f-51309e320a04@lca.pw> (raw)
In-Reply-To: <20190122183348.GA31271@kroah.com>
On 1/22/19 1:33 PM, Greg Kroah-Hartman wrote:
> On Tue, Jan 22, 2019 at 06:19:08PM +0100, Sebastian Andrzej Siewior wrote:
>> On 2019-01-22 17:25:03 [+0100], Greg Kroah-Hartman wrote:
>>>>> }
>>>>>
>>>>> static void bdi_debug_unregister(struct backing_dev_info *bdi)
>>>>> {
>>>>> - debugfs_remove(bdi->debug_stats);
>>>>> - debugfs_remove(bdi->debug_dir);
>>>>> + debugfs_remove_recursive(bdi->debug_dir);
>>>>
>>>> this won't remove it.
>>>
>>> Which is fine, you don't care.
>>
>> but if you cat the stats file then it will dereference the bdi struct
>> which has been free(), right?
>
> Maybe, I don't know, your code is long gone, it doesn't matter :)
>
>>> But step back, how could that original call be NULL? That only happens
>>> if you pass it a bad parent dentry (which you didn't), or the system is
>>> totally out of memory (in which case you don't care as everything else
>>> is on fire).
>>
>> debugfs_get_inode() could do -ENOMEM and then the directory creation
>> fails with NULL.
>
> And if that happens, your system has worse problems :)
Well, there are cases that people are running longevity testing on debug kernels
that including OOM and reading all files in sysfs test cases.
Admittedly, the situation right now is not all that healthy as many things are
unable to survive in a low-memory situation, i.e., kmemleak, dma-api debug etc
could just disable themselves.
That's been said, it certainly not necessary to make the situation worse by
triggering a NULL pointer dereferencing or KASAN use-after-free warnings because
of those patches.
next prev parent reply other threads:[~2019-01-22 18:46 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-22 15:21 Greg Kroah-Hartman
2019-01-22 16:07 ` Sebastian Andrzej Siewior
2019-01-22 16:25 ` Greg Kroah-Hartman
2019-01-22 17:19 ` Sebastian Andrzej Siewior
2019-01-22 18:33 ` Greg Kroah-Hartman
2019-01-22 18:46 ` Qian Cai [this message]
2019-01-22 20:28 ` Sebastian Andrzej Siewior
2019-01-23 6:46 ` Greg Kroah-Hartman
2019-01-23 21:35 ` Sebastian Andrzej Siewior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86349002-49d7-7053-b26f-51309e320a04@lca.pw \
--to=cai@lca.pw \
--cc=akpm@linux-foundation.org \
--cc=anders.roxell@linaro.org \
--cc=arnd@arndb.de \
--cc=bigeasy@linutronix.de \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox