From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36F95C433DB for ; Sat, 9 Jan 2021 04:37:05 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id A7D2C23A69 for ; Sat, 9 Jan 2021 04:37:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A7D2C23A69 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id DCE5D8D01CF; Fri, 8 Jan 2021 23:37:03 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D7F658D01B7; Fri, 8 Jan 2021 23:37:03 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C6ECE8D01CF; Fri, 8 Jan 2021 23:37:03 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0199.hostedemail.com [216.40.44.199]) by kanga.kvack.org (Postfix) with ESMTP id B04AE8D01B7 for ; Fri, 8 Jan 2021 23:37:03 -0500 (EST) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 8641F2C81 for ; Sat, 9 Jan 2021 04:37:03 +0000 (UTC) X-FDA: 77684976726.28.birds81_3e08d16274f8 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin28.hostedemail.com (Postfix) with ESMTP id 6E4126D63 for ; Sat, 9 Jan 2021 04:37:03 +0000 (UTC) X-HE-Tag: birds81_3e08d16274f8 X-Filterd-Recvd-Size: 3817 Received: from mail-io1-f46.google.com (mail-io1-f46.google.com [209.85.166.46]) by imf04.hostedemail.com (Postfix) with ESMTP for ; Sat, 9 Jan 2021 04:37:02 +0000 (UTC) Received: by mail-io1-f46.google.com with SMTP id r9so11985570ioo.7 for ; Fri, 08 Jan 2021 20:37:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=QJA+TK24YdhY5m+moA7nWTM5dOw8XllBPwctO4rl/tE=; b=Ce5ZQWthiKjpDkEWWTY/leuunvjoHdmCkcVN42ECmvO/UsmWJARlC0DcEOnMszT1dS giFpgKPiL6LzhQH3EuEwHHKOElJCDZiQvqvM+YbhyM8t0prDXVW1g3AA4i0UrupSUOk6 WcFJeoazq6fLbK9VE24PpaBl148t/iZVd+X8/rvDKHdG+37lCZc538DSZnxZoNVZsAPA BEJi+5OTF7XO+hD5WI9ExCRuxrX2xgN7o08RE8raS7auE/WJ2vmbYL9GxOICQ19fUiMH F/BCSGtR766xWJXOcI+25lGOR7IgpV+r96s9F+KaFAtSUWW3hfP2p7nQ4IvSBw9ok7eh gquQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=QJA+TK24YdhY5m+moA7nWTM5dOw8XllBPwctO4rl/tE=; b=D9WIJshYEbwGyepxo6HbfzyY0girdtgdg3cKKClgiUQbNA8vrFRbUWksXUUmdkaoZK CB3DHRXB5L2pdaRHNiU5EdEIqrHcM8hqZeEQ//kNGYZI0SFPxfKRjXBF0cQG//kk9rA0 JDszwNiWyeK6YjwcVhK/AE79WsG9el1rogDMXKwDtBt0Hx+E/6qJ5OFWOOhnOoIrjEND TvgvuWLH6QJVGj8GAjHXvKFUzMHwmZuuci66hrodT3LitkMg0KMyJWk+IXCp6awOLVfw 72mzicbHgpw1J48heXDneZ6WPVGXCALqdTKtidkLEjdXbZYeWy4MBw7fcVpjXLHHETW6 3V3g== X-Gm-Message-State: AOAM530EWxgHwbver/DybNeZp40z1lOcSahKsaNw5n5HIA7vMyYsciGp 10X79/UHFMJyXFn9Lqhgpe3AaSo2yG+NZ7rtf7o= X-Google-Smtp-Source: ABdhPJzNE97q/B8vlMY89l0GzL+YgLOdpThEs9oX6xQRv1+2nAWKryunHwSoMs7voAZ5B9NcMLeyP9lPeXdD+wjwZQg= X-Received: by 2002:a6b:6608:: with SMTP id a8mr7884626ioc.168.1610167022556; Fri, 08 Jan 2021 20:37:02 -0800 (PST) MIME-Version: 1.0 References: <20210107123249.36964-1-linmiaohe@huawei.com> In-Reply-To: <20210107123249.36964-1-linmiaohe@huawei.com> From: Muchun Song Date: Sat, 9 Jan 2021 12:36:24 +0800 Message-ID: Subject: Re: [PATCH] mm/hugetlb: Fix potential double free in hugetlb_register_node() error path To: Miaohe Lin Cc: Andrew Morton , mike.kravetz@oracle.com, linux-mm@kvack.org, linux-kernel Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Jan 7, 2021 at 8:36 PM Miaohe Lin wrote: > > In hugetlb_sysfs_add_hstate(), we would do kobject_put() on hstate_kobjs > when failed to create sysfs group but forget to set hstate_kobjs to NULL. > Then in hugetlb_register_node() error path, we may free it again via > hugetlb_unregister_node(). > > Fixes: a3437870160c ("hugetlb: new sysfs interface") > Signed-off-by: Miaohe Lin > Cc: > --- > mm/hugetlb.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) Reviewed-by: Muchun Song > > diff --git a/mm/hugetlb.c b/mm/hugetlb.c > index e249bffa0e75..91a2a2025a2c 100644 > --- a/mm/hugetlb.c > +++ b/mm/hugetlb.c > @@ -2947,8 +2947,10 @@ static int hugetlb_sysfs_add_hstate(struct hstate *h, struct kobject *parent, > return -ENOMEM; > > retval = sysfs_create_group(hstate_kobjs[hi], hstate_attr_group); > - if (retval) > + if (retval) { > kobject_put(hstate_kobjs[hi]); > + hstate_kobjs[hi] = NULL; > + } > > return retval; > } > -- > 2.19.1 >