Received: by 2002:a05:6a10:144:0:0:0:0 with SMTP id 4csp187049pxw;
        Fri, 8 Apr 2022 05:04:55 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJygvptmh0J0/FAbP0M8FYE/Vn9Ma4/KMVG7LFHvPdMYIHGONfJnP6OBZFgEkjXmp9H0PzZd
X-Received: by 2002:a50:9f8e:0:b0:41c:d8e5:96f0 with SMTP id c14-20020a509f8e000000b0041cd8e596f0mr19192418edf.69.1649419495222;
        Fri, 08 Apr 2022 05:04:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1649419495; cv=none;
        d=google.com; s=arc-20160816;
        b=jTFc0RuQqUG/9vwFD86sAbiSVlN4jC2oKKsb53o+0/7TFw3mMxfAVtacEm2ww8ITQl
         GEUBmSsJClGUaAfI8wfWSEr/W15LVkyAxqq2Cuj69e8VTZwyraxhtaM7y79WGixBYagI
         j4vvBRCPIyuyYU+GbeLAUvjeHhokiGGRSAn653GLoDadbxVUE7bqDqFf2Bmgx6RwjUiS
         U+t7945KuCyE6p1cfaiwZHxFDEFWjbitmfjppNbbkBAw4V1JyPQjDVWAuDV/XEo7eglS
         eZ4fZ2uV7+nP07I6tFA5bVQaujmhYo4wyr0L95gxuMEAVpupX1Io0Sqr8o0VzaV4kYhM
         1PCg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:references:in-reply-to:message-id:date:subject
         :cc:to:from:dkim-signature;
        bh=2mCpxSUdvhWRHyULEeSOrL1ZUQdjKCwtXDlrgtif2uQ=;
        b=RZyrpPCT0STJ0m5ugDOuqYy+SnyYQbeHu4ERHvllPc/FZs7hlBzxABmWGtQGN7h/YV
         cSvtb6dVVDnxPTH8BTWJQh3Re4BSPwzebYpkXDusSxRYcKbpwhW9CdkdKvATyWFuqJ17
         egVxY2Q7ZO/20xLjI99wxw8iCgq7iBdA7uNjLrP4Zk/Y3vozFM+FPDUJHrVZZa5hNPMI
         PdsidL1HjrkUFhAww3n4vmtFv4RIqSPcuyTEUaHG/EBw6icggBFDYfeLaWAlNVM/inin
         2zm0KAN8zPJkr3J3FBXCyrQHNRNtH39C3TOiPjQwzsL4AD1WnzyTM6YhsbmBBU8PKtbb
         5W6Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=LgTeOp4F;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id l1-20020a50c101000000b004194da3cee0si320464edf.75.2022.04.08.05.04.16;
        Fri, 08 Apr 2022 05:04:55 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=LgTeOp4F;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232274AbiDHItz (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Fri, 8 Apr 2022 04:49:55 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47204 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232263AbiDHItw (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 8 Apr 2022 04:49:52 -0400
Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A05C4334136;
        Fri,  8 Apr 2022 01:47:46 -0700 (PDT)
Received: by mail-pl1-x62f.google.com with SMTP id m16so7323227plx.3;
        Fri, 08 Apr 2022 01:47:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references;
        bh=2mCpxSUdvhWRHyULEeSOrL1ZUQdjKCwtXDlrgtif2uQ=;
        b=LgTeOp4FD8eVXqM+CswH9ILr8GhuBlbxdFrO9xgMuwPT1iVzz+xoztfw3vfgaNglam
         jSK3OIvw2PhR9K2asPw6pYdNnkW5pFGOGPuWRMkPN17DRtG36mLd4iiiHNzjj1swsTK1
         /fF341ISGmVCrZAvxaG/qBeu8x8bZiFAO2/t25WzQ71c1euQgs3jk/QBEKpfs8QPmpxi
         czyDuAx4Xdo0tGk+0O2AO611li/D3MDdIIxPYCUw0OhS//OgquOMnTJZlpquQ0h8mEwa
         s9bFg6QM549uQ5fkzsV89ZPM0132WVZB5i87TQcPIWQKFdUaMy9/c6oBppKds3F+aDic
         C/cw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references;
        bh=2mCpxSUdvhWRHyULEeSOrL1ZUQdjKCwtXDlrgtif2uQ=;
        b=45H6sQkG1BQ4CYHghGQUr+C/6TQFv/sDLbzqyP6ycoqM4Syj8eePXGVzqZE/YY4O5M
         0dCSxGnlRALuRkYzc+dTLPnDUWcblu1O61FULkZsYBmONC3FkGIsQsAEoqMCKzn9GBBL
         +ZKA8+xCBLzplfD4JQ7t4m8jocoXd00LjCf2ULN2yoTjWryNxtesNfWHnBxlUQ6QjOoH
         rdNGjxtVQrRDMCnK54nMe6TnjtROQbjLdSlAyfoA7QpPNjL6h50CFsAGxt7ldoPc6d8e
         P6r1qmfF7DceveWKkqX8sO+fEikpowntA6FLHBwmdRSPqNZG7ecQyKRKAZVsTI52XzoT
         ZXCQ==
X-Gm-Message-State: AOAM533YlE8VhDZJ6zHKdRItRvIJoHS+DJCUJqTw7ZVA22P8d3k/H5uc
        60Ck3S7QDr7HCLrnT/hcektKLcYRJdszcA==
X-Received: by 2002:a17:90a:e552:b0:1ca:2d70:79ef with SMTP id ei18-20020a17090ae55200b001ca2d7079efmr20351916pjb.175.1649407666188;
        Fri, 08 Apr 2022 01:47:46 -0700 (PDT)
Received: from localhost.localdomain ([119.3.119.18])
        by smtp.gmail.com with ESMTPSA id fa11-20020a17090af0cb00b001ca6e27a684sm11076426pjb.16.2022.04.08.01.47.43
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 08 Apr 2022 01:47:45 -0700 (PDT)
From:   Xiaomeng Tong <xiam0nd.tong@gmail.com>
To:     song@kernel.org
Cc:     guoqing.jiang@linux.dev, linux-kernel@vger.kernel.org,
        linux-raid@vger.kernel.org, rgoldwyn@suse.com,
        stable@vger.kernel.org, xiam0nd.tong@gmail.com
Subject: Re: [PATCH] md: fix an incorrect NULL check in md_reload_sb
Date:   Fri,  8 Apr 2022 16:47:40 +0800
Message-Id: <20220408084740.26153-1-xiam0nd.tong@gmail.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <CAPhsuW6AJAo_k1a5-EiUp-Qx9Rp=jkON155AtOMRO2JmhBVFjw@mail.gmail.com>
References: <CAPhsuW6AJAo_k1a5-EiUp-Qx9Rp=jkON155AtOMRO2JmhBVFjw@mail.gmail.com>
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 7 Apr 2022 17:37:55 -0700, Song Liu wrote:
> On Mon, Mar 28, 2022 at 1:06 AM Xiaomeng Tong <xiam0nd.tong@gmail.com> wrote:
> >
> > The bug is here:
> >         if (!rdev || rdev->desc_nr != nr) {
> >
> > The list iterator value 'rdev' will *always* be set and non-NULL
> > by rdev_for_each_rcu(), so it is incorrect to assume that the
> > iterator value will be NULL if the list is empty or no element
> > found (In fact, it will be a bogus pointer to an invalid struct
> > object containing the HEAD). Otherwise it will bypass the check
> > and lead to invalid memory access passing the check.
> >
> > To fix the bug, use a new variable 'iter' as the list iterator,
> > while using the original variable 'pdev' as a dedicated pointer to
> > point to the found element.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: 70bcecdb1534 ("amd-cluster: Improve md_reload_sb to be less error prone")
> 
> s/amd-cluster/md-cluster/

Have fixed it in PATCH v3, please check it. Thank you.

--
Xiaomeng Tong