Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp1942976rwb; Fri, 28 Jul 2023 18:47:59 -0700 (PDT) X-Google-Smtp-Source: APBJJlG6d2YJFPjHN0BaSE37sicm/oMP/tAqeUl2lEXjmurpqWyvbzrfsJDkMckz+uJCoaEgUqxe X-Received: by 2002:a17:902:7b8a:b0:1b5:49fc:e336 with SMTP id w10-20020a1709027b8a00b001b549fce336mr2475533pll.42.1690595279427; Fri, 28 Jul 2023 18:47:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690595279; cv=none; d=google.com; s=arc-20160816; b=l0MMpdOB90xVwqefN95/qSlCTuNCWToxiLDp1ShDZr6VQ7VybbAu6SQr3PUZzAOBI5 w7IDfaiNcQdzbPnSQAYyqBGwh/N7uCM/T6piZHOENIUhJeSv3GA2Lcza/ybb8QJ9tuJF m7HPKFOBtPa+NMrwZ5cd073X395cZMQV0X/hjXd0v8NdFQ8FUj36L2C6fpAm1unuIRtB tgHxSYdGUHHdXZnT7gp7aB7tFswksi0AdLWWD9RD9nfDXzdRIKaRWtwOGPV0CtYqgUIC 7rjZqIWYn8oK1WAno39VUX0nduWnpXpTzoNoKTEivWAxIVWv3fpeumGM8Z4CDxeI+lHs vXAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=0wWBrgJmDz8vNioLPvZ7zs17z+DjGgVgGJutHe403bI=; fh=Oy9ivW643EOfKEJFNo3mtGiJK0kjZWHmMtTcJFXWZQs=; b=zj2lUMk+/xfOBTAketPm57AIsLl3oHpIfH5gquk2afFc/aXBtZACSFIXvcYNNnC11m iCeQx5AoIbViZ7I2oOTcfG8mK/7ICLxSiTLoT/peB504URKicZegrfDpF54pVkUk/W8Z 8ol0fHit2Jh9rKHnFIKAycc/3CuDeVuvX1xk/g7URkg6b3cLJ8Oyr4dlfD63y10Kwju3 binTQDHtyoWVihTtSaUPGRGtbsaDcKO3cks3889JAEWxyfbyH2eqtHKO0ayEHZOYmYhe i44MllvHVu4ZvxJ2tC+m8tV5uS/wbBt3acv06Jq4HJJa0/R9rqvO+XOkXRf5+FxgtTCU Geiw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=DAgMrl3J; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y12-20020a1709029b8c00b001b9e39f8e21si2974179plp.127.2023.07.28.18.47.47; Fri, 28 Jul 2023 18:47:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=DAgMrl3J; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229834AbjG2AwP (ORCPT + 99 others); Fri, 28 Jul 2023 20:52:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41252 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235564AbjG2AwG (ORCPT ); Fri, 28 Jul 2023 20:52:06 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E744D4ED2 for ; Fri, 28 Jul 2023 17:51:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Transfer-Encoding: Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date: Sender:Reply-To:Content-ID:Content-Description; bh=0wWBrgJmDz8vNioLPvZ7zs17z+DjGgVgGJutHe403bI=; b=DAgMrl3JkbZs+KCaWX1+F2NZ1z PcxOVZsyjLzc1qYhqPCk9PzcK4gtont3vucKMrOtH6RT0JMSqmsqnC5529uXsEY5j73s/bGiWhk7l 4JOmVvGAw3EgpMVqhe/NhKCiz8Hophzn5kyDHC/nDMBcYknk8BLZJ7o0fU5IKz0OEfyz4ADgab7m3 KllwofHsQeeLcsuqZGs0COx+s5k5hCOg7mFaNHKJRkqSwRqzaApo07D3R1inMiOhgOXW+RirAYJQO 2wAMw8DR4ZkLPjTyx6z0V+TBUZiCcqQTR/r0HJ1OQqm0ANIFiLdiVfmR5QlTM1zZTIy6jATwaVP3w 8wD3hJeg==; Received: from willy by casper.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1qPYA7-009CJy-4G; Sat, 29 Jul 2023 00:50:27 +0000 Date: Sat, 29 Jul 2023 01:50:27 +0100 From: Matthew Wilcox To: Joan Bruguera =?iso-8859-1?Q?Mic=F3?= Cc: Steven Price , zhengqi.arch@bytedance.com, Roman Gushchin , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrew Morton Subject: Re: [PATCH] mm: shrinkers: fix race condition on debugfs cleanup Message-ID: References: <20230726000827.724389-1-joanbrugueram@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20230726000827.724389-1-joanbrugueram@gmail.com> X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 26, 2023 at 12:08:26AM +0000, Joan Bruguera Mic? wrote: > Hmmm, indeed linux-next crashes with a null pointer dereference when > calling `ida_free(..., -1)`. > > It appears to me that 69cb69ea5542 ("ida: Remove assertions that an ID was > allocated") didn't intend to make `ida_free(..., -1)` invalid; after all, > it was authored & introduced immediately after fc82bbf4dede ("ida: don't > use BUG_ON() for debugging") whose commit message calls for making it > legal, with Matthew's support. > And the referenced Bluetooth HCI code that also calls `ida_free(..., -1)` > is still there, as far as I can tell ([1]). > > Rather, probably the `((int)id < 0)` was accidentally dropped, or the idea > was that it would be handled by the `not_found:` label in `ida_free`, but > for that to work you'd need to change the `!test_bit(bit, bitmap->bitmap)` > condition to `!bitmap || !test_bit(bit, bitmap->bitmap)` since otherwise > `bitmap->bitmap` is a null pointer dereference. I've been in two minds about that patch ever since I wrote it. I've dropped it from my tree for now. But, er, you have pointed out a bug which is that we don't handle !bitmap properly. That should be fixed.