From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S936312AbdDZTnK (ORCPT ); Wed, 26 Apr 2017 15:43:10 -0400 Received: from mx1.redhat.com ([209.132.183.28]:48310 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752229AbdDZTnC (ORCPT ); Wed, 26 Apr 2017 15:43:02 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 30FDC9331A Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=jmoyer@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 30FDC9331A From: Jeff Moyer To: Dan Williams Cc: linux-nvdimm@ml01.01.org, linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: Re: [PATCH v2 1/2] libnvdimm, region: fix flush hint detection crash References: <149307779085.7155.436029631521340565.stgit@dwillia2-desk3.amr.corp.intel.com> <149307779612.7155.12969380677038292861.stgit@dwillia2-desk3.amr.corp.intel.com> X-PGP-KeyID: 1F78E1B4 X-PGP-CertKey: F6FE 280D 8293 F72C 65FD 5A58 1FF8 A7CA 1F78 E1B4 X-PCLoadLetter: What the f**k does that mean? Date: Wed, 26 Apr 2017 15:43:00 -0400 In-Reply-To: <149307779612.7155.12969380677038292861.stgit@dwillia2-desk3.amr.corp.intel.com> (Dan Williams's message of "Mon, 24 Apr 2017 16:49:56 -0700") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Wed, 26 Apr 2017 19:43:02 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Dan Williams writes: > In the case where a dimm does not have any associated flush hints the > ndrd->flush_wpq array may be uninitialized leading to crashes with the > following signature: > > BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 > IP: region_visible+0x10f/0x160 [libnvdimm] > > Call Trace: > internal_create_group+0xbe/0x2f0 > sysfs_create_groups+0x40/0x80 > device_add+0x2d8/0x650 > nd_async_device_register+0x12/0x40 [libnvdimm] > async_run_entry_fn+0x39/0x170 > process_one_work+0x212/0x6c0 > ? process_one_work+0x197/0x6c0 > worker_thread+0x4e/0x4a0 > kthread+0x10c/0x140 > ? process_one_work+0x6c0/0x6c0 > ? kthread_create_on_node+0x60/0x60 > ret_from_fork+0x31/0x40 Sorry for being dense, but I'm having a tough time connecting the dots, here. How does region_visible trip over the missing (not uninitialized, you're actually walking off the end of the structure) wpq_flush array? Anyway, the fix looks valid. Reviewed-by: Jeff Moyer Thanks, Jeff > > Cc: > Fixes: f284a4f23752 ("libnvdimm: introduce nvdimm_flush() and nvdimm_has_flush()") > Signed-off-by: Dan Williams > --- > drivers/nvdimm/region_devs.c | 11 +++++++---- > 1 file changed, 7 insertions(+), 4 deletions(-) > > diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c > index 8de5a04644a1..24abceda986a 100644 > --- a/drivers/nvdimm/region_devs.c > +++ b/drivers/nvdimm/region_devs.c > @@ -1000,17 +1000,20 @@ EXPORT_SYMBOL_GPL(nvdimm_flush); > */ > int nvdimm_has_flush(struct nd_region *nd_region) > { > - struct nd_region_data *ndrd = dev_get_drvdata(&nd_region->dev); > int i; > > /* no nvdimm == flushing capability unknown */ > if (nd_region->ndr_mappings == 0) > return -ENXIO; > > - for (i = 0; i < nd_region->ndr_mappings; i++) > - /* flush hints present, flushing required */ > - if (ndrd_get_flush_wpq(ndrd, i, 0)) > + for (i = 0; i < nd_region->ndr_mappings; i++) { > + struct nd_mapping *nd_mapping = &nd_region->mapping[i]; > + struct nvdimm *nvdimm = nd_mapping->nvdimm; > + > + /* flush hints present / available */ > + if (nvdimm->num_flush) > return 1; > + } > > /* > * The platform defines dimm devices without hints, assume > > _______________________________________________ > Linux-nvdimm mailing list > Linux-nvdimm@lists.01.org > https://lists.01.org/mailman/listinfo/linux-nvdimm