Hi Christoph, Thank you for your feedback. While `bio_alloc_clone()` is called with `GFP_NOIO`, there are still cases where such allocations can fail under memory pressure, particularly on constrained systems or during heavy I/O. I've noticed that some drivers, such as `dm-zoned`, perform a similar NULL check after `bio_alloc_clone()` and handle allocation failures gracefully by calling `bio_io_error()`. This suggests that the possibility of failure is taken into account in other parts of the kernel. Given that, I thought it would be prudent to include a NULL check here as well, to avoid any risk of dereferencing a NULL pointer—even if the probability is low. Please let me know if you think this makes sense, or if I might have missed something. Best regards, Chey > On 22 May 2025, at 12:13 AM, Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote: > > On Wed, May 21, 2025 at 08:30:19PM +0800, Ye Chey wrote: >> The bio_alloc_clone() call in pkt_make_request_read() lacks NULL check, >> which could lead to NULL pointer dereference. Add NULL check and handle >> allocation failure by calling bio_io_error(). > > Please explain in detail how this could ever lead to a path in > bio_alloc_clone that could return NULL and how you came to that > conclusion.
