Skip to content

loop: Fix NULL pointer dereference in lo_rw_aio()#878

Closed
blktests-ci[bot] wants to merge 1 commit into
linus-master_basefrom
series/1100166=>linus-master
Closed

loop: Fix NULL pointer dereference in lo_rw_aio()#878
blktests-ci[bot] wants to merge 1 commit into
linus-master_basefrom
series/1100166=>linus-master

Conversation

@blktests-ci

@blktests-ci blktests-ci Bot commented May 25, 2026

Copy link
Copy Markdown

Pull request for series with
subject: loop: Fix NULL pointer dereference in lo_rw_aio()
version: 3
url: https://patchwork.kernel.org/project/linux-block/list/?series=1100166

@blktests-ci

blktests-ci Bot commented May 25, 2026

Copy link
Copy Markdown
Author

Upstream branch: eed108e
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from de94ac7 to 86d8d37 Compare May 26, 2026 15:37
@blktests-ci

blktests-ci Bot commented May 26, 2026

Copy link
Copy Markdown
Author

Upstream branch: e8c2f9f
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from cccb9c1 to 86e822e Compare May 26, 2026 15:43
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from 86d8d37 to 9805659 Compare May 28, 2026 13:24
@blktests-ci

blktests-ci Bot commented May 28, 2026

Copy link
Copy Markdown
Author

Upstream branch: eb3f4b7
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 86e822e to c80354f Compare May 28, 2026 13:29
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from 9805659 to 3f4a345 Compare May 29, 2026 11:12
@blktests-ci

blktests-ci Bot commented May 29, 2026

Copy link
Copy Markdown
Author

Upstream branch: 8fde5d1
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from c80354f to af2d01e Compare May 29, 2026 11:16
@blktests-ci

blktests-ci Bot commented May 29, 2026

Copy link
Copy Markdown
Author

Upstream branch: 8fde5d1
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from af2d01e to 9ddbc6a Compare May 29, 2026 22:17
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from 3f4a345 to c6dc343 Compare June 1, 2026 08:57
@blktests-ci

blktests-ci Bot commented Jun 1, 2026

Copy link
Copy Markdown
Author

Upstream branch: e43ffb6
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 9ddbc6a to 1b2219f Compare June 1, 2026 09:01
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from c6dc343 to fc36596 Compare June 3, 2026 13:56
@blktests-ci

blktests-ci Bot commented Jun 3, 2026

Copy link
Copy Markdown
Author

Upstream branch: ba3e43a
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 1b2219f to 3b2a139 Compare June 3, 2026 15:06
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from fc36596 to 7bed9c3 Compare June 5, 2026 09:48
@blktests-ci

blktests-ci Bot commented Jun 5, 2026

Copy link
Copy Markdown
Author

Upstream branch: ddd664b
series: https://patchwork.kernel.org/project/linux-block/list/?series=1100166
version: 3

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 3b2a139 to 25d33df Compare June 5, 2026 10:23
@blktests-ci

blktests-ci Bot commented Jun 7, 2026

Copy link
Copy Markdown
Author

Upstream branch: ddd664b
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot added V4 and removed V3 labels Jun 7, 2026
@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 25d33df to 3246a90 Compare June 7, 2026 11:26
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from 7bed9c3 to a7bb5c5 Compare June 7, 2026 14:54
@blktests-ci

blktests-ci Bot commented Jun 7, 2026

Copy link
Copy Markdown
Author

Upstream branch: 979c294
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 3246a90 to 9fd2b1c Compare June 7, 2026 15:03
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from a7bb5c5 to 5e41a3b Compare June 10, 2026 13:31
@blktests-ci

blktests-ci Bot commented Jun 10, 2026

Copy link
Copy Markdown
Author

Upstream branch: acb7500
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 9fd2b1c to 28b2545 Compare June 10, 2026 13:40
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from 5e41a3b to c3a084b Compare June 10, 2026 20:26
@blktests-ci

blktests-ci Bot commented Jun 10, 2026

Copy link
Copy Markdown
Author

Upstream branch: 9716c08
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 28b2545 to edd7421 Compare June 10, 2026 21:08
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from c3a084b to 5f78e5d Compare June 12, 2026 22:27
@blktests-ci

blktests-ci Bot commented Jun 12, 2026

Copy link
Copy Markdown
Author

Upstream branch: 2a2974b
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from edd7421 to 8dd6fef Compare June 12, 2026 22:35
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from 5f78e5d to e48f9db Compare June 13, 2026 01:19
@blktests-ci

blktests-ci Bot commented Jun 13, 2026

Copy link
Copy Markdown
Author

Upstream branch: 062871f
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 8dd6fef to 195c89b Compare June 13, 2026 01:32
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch 2 times, most recently from 199644a to e6d9eb8 Compare June 17, 2026 12:02
@blktests-ci

blktests-ci Bot commented Jun 17, 2026

Copy link
Copy Markdown
Author

Upstream branch: 66affa3
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 195c89b to 20aef69 Compare June 17, 2026 15:22
@blktests-ci blktests-ci Bot force-pushed the linus-master_base branch from e6d9eb8 to 7d8604f Compare June 24, 2026 01:11
loop: Fix NULL pointer dereference in lo_rw_aio()
cb59728 
syzbot is reporting NULL pointer dereference in lo_rw_aio() [1][2].
An analysis by the Gemini AI collaborator [3] considers that this problem
is caused by a timing shift primarily exposed by commit 65565ca
("block: unify the synchronous bi_end_io callbacks"), along with helper
refactorings like commit 92c3737 ("block: add a bio_submit_or_kill
helper").

But due to difficulty of reproducing this race, discussion about what is
happening and how to fix this problem is stalling. Also, we haven't
identified how many filesystems are subjected to this problem.

Therefore, this patch introduces a grace period for flushing pending I/O
requests (which should be a good thing from the perspective of defensive
programming) so that we won't hit NULL pointer dereference problem, and
also emits BUG: message in order to help filesystem developers identify
the caller of an I/O request that failed to wait for completion so that
filesystem developers can fix such caller to wait for completion.

Note that emitting BUG: message is enabled only if CONFIG_KCOV=y, for
this check is a waste of computation resources for almost all users.

Link: https://syzkaller.appspot.com/bug?extid=cd8a9a308e879a4e2c28 [1]
Link: https://syzkaller.appspot.com/bug?extid=bc273027d5643e48e5b3 [2]
Link: https://lkml.kernel.org/r/fbb3edda-f108-4e5b-acf2-266f043f8125@I-love.SAKURA.ne.jp [3]
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
@blktests-ci

blktests-ci Bot commented Jun 24, 2026

Copy link
Copy Markdown
Author

Upstream branch: bade58e
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci blktests-ci Bot force-pushed the series/1100166=>linus-master branch from 20aef69 to cb59728 Compare June 24, 2026 01:58
@blktests-ci

blktests-ci Bot commented Jun 24, 2026

Copy link
Copy Markdown
Author

Upstream branch: bade58e
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

1 similar comment
@blktests-ci

blktests-ci Bot commented Jun 24, 2026

Copy link
Copy Markdown
Author

Upstream branch: bade58e
series: https://patchwork.kernel.org/project/linux-block/list/?series=1107238
version: 4

@blktests-ci

blktests-ci Bot commented Jun 24, 2026

Copy link
Copy Markdown
Author

Github failed to update this PR after force push. Close it.

@blktests-ci blktests-ci Bot closed this Jun 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

linus-master new V4

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants