After commit 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}")',
do_migrate_pages can return uninitialized variable 'err' (which is
propagated to user-space as error) when 'from' and 'to' nodesets
are identical. This can be reproduced with LTP migrate_pages01,
which calls migrate_pages() with same set for both old/new_nodes.
Add 'err' initialization back.
Fixes: 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}")
Cc: Zi Yan <[email protected]>
Cc: Yang Shi <[email protected]>
Cc: Jan Kara <[email protected]>
Cc: Matthew Wilcox <[email protected]>
Cc: Mel Gorman <[email protected]>
Cc: Michal Hocko <[email protected]>
Cc: Song Liu <[email protected]>
Cc: Andrew Morton <[email protected]>
Signed-off-by: Jan Stancek <[email protected]>
---
mm/mempolicy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 8cf96bd21341..2c3a86502053 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1111,7 +1111,7 @@ int do_migrate_pages(struct mm_struct *mm, const nodemask_t *from,
const nodemask_t *to, int flags)
{
int busy = 0;
- int err;
+ int err = 0;
nodemask_t tmp;
migrate_prep();
--
2.18.1
On Tue, Jan 5, 2021 at 6:14 AM Jan Stancek <[email protected]> wrote:
>
> After commit 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}")',
> do_migrate_pages can return uninitialized variable 'err' (which is
> propagated to user-space as error) when 'from' and 'to' nodesets
> are identical. This can be reproduced with LTP migrate_pages01,
> which calls migrate_pages() with same set for both old/new_nodes.
>
> Add 'err' initialization back.
Thanks for catching this. Acked-by: Yang Shi <[email protected]>
>
> Fixes: 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}")
> Cc: Zi Yan <[email protected]>
> Cc: Yang Shi <[email protected]>
> Cc: Jan Kara <[email protected]>
> Cc: Matthew Wilcox <[email protected]>
> Cc: Mel Gorman <[email protected]>
> Cc: Michal Hocko <[email protected]>
> Cc: Song Liu <[email protected]>
> Cc: Andrew Morton <[email protected]>
> Signed-off-by: Jan Stancek <[email protected]>
> ---
> mm/mempolicy.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/mempolicy.c b/mm/mempolicy.c
> index 8cf96bd21341..2c3a86502053 100644
> --- a/mm/mempolicy.c
> +++ b/mm/mempolicy.c
> @@ -1111,7 +1111,7 @@ int do_migrate_pages(struct mm_struct *mm, const nodemask_t *from,
> const nodemask_t *to, int flags)
> {
> int busy = 0;
> - int err;
> + int err = 0;
> nodemask_t tmp;
>
> migrate_prep();
> --
> 2.18.1
>
On Tue 05-01-21 15:14:20, Jan Stancek wrote:
> After commit 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}")',
> do_migrate_pages can return uninitialized variable 'err' (which is
> propagated to user-space as error) when 'from' and 'to' nodesets
> are identical. This can be reproduced with LTP migrate_pages01,
> which calls migrate_pages() with same set for both old/new_nodes.
>
> Add 'err' initialization back.
>
> Fixes: 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}")
> Cc: Zi Yan <[email protected]>
> Cc: Yang Shi <[email protected]>
> Cc: Jan Kara <[email protected]>
> Cc: Matthew Wilcox <[email protected]>
> Cc: Mel Gorman <[email protected]>
> Cc: Michal Hocko <[email protected]>
> Cc: Song Liu <[email protected]>
> Cc: Andrew Morton <[email protected]>
> Signed-off-by: Jan Stancek <[email protected]>
Acked-by: Michal Hocko <[email protected]>
Thanks!
> ---
> mm/mempolicy.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/mempolicy.c b/mm/mempolicy.c
> index 8cf96bd21341..2c3a86502053 100644
> --- a/mm/mempolicy.c
> +++ b/mm/mempolicy.c
> @@ -1111,7 +1111,7 @@ int do_migrate_pages(struct mm_struct *mm, const nodemask_t *from,
> const nodemask_t *to, int flags)
> {
> int busy = 0;
> - int err;
> + int err = 0;
> nodemask_t tmp;
>
> migrate_prep();
> --
> 2.18.1
>
--
Michal Hocko
SUSE Labs