Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp3507239yba; Tue, 23 Apr 2019 05:10:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqymnwiJkV9N2kfQQLUljDngNmLJJL3+KhHKSvDiXzd4D0TUVWTRVAAW+EXSG7Ru5u/8fYxi X-Received: by 2002:a63:6842:: with SMTP id d63mr24403695pgc.49.1556021446895; Tue, 23 Apr 2019 05:10:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556021446; cv=none; d=google.com; s=arc-20160816; b=KAJgfQnAo7bHaLrZE5v1VjPumuqGd2y3cOpJIwWl0dasMpQ1F8iC1mnQoPgJOd0Yne Ng2mjgnnpJHqAKyZdlStKbYq1wt/PV4CFeR0+AUt1ax0NZugOJ3eft4tw2Z7JgPV2oMi sln7MvU4UvZcjOCo5utjfIjN1G6XMdbl5IzhdpfTa+jQeTh3HhxvBvXG4RhufTm88Mx/ VTdVJLQ/NyCglzhmZeS5hD19gsaCZ+2iP2OFmv2QTlyEpXR9m9FnZ7Ak8HhEyrnC+jVh fzgWWAbgKTuo37pQSx9q77ZCCPsavyduT+l66WnfhIzgQVTqZSD72BGQ9FWbEAanvo6z Xrlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=T857UWl4vW/mMLkowhYpmmGUf62PJOrVKCTWr9tpU4g=; b=RbAVut4+U26izult1O71r4X8k3LSpcOQdIT94cFxY2GPdwwNmIH6kMwv7ltBavxNPQ s1RMTIJ7xY/9B8F3VVJQNYvw7oryrrPXNH/p+u3YErM632wgQGW7Teb5ukJDdNFUizH0 YMO4w6Ls/FLYJagTSgP3rh0ltuBlDEfZLeNcs9gf9XHLnAT8iky7CHYVEt1cdtVgE2M+ WAVcgrjZ010y4/gBoAE8N5g8kYJy8fcxcA7SCf1iTOy6D2kLXSO/N3Mr5LUAYoTd3uV1 6JoesD2ubdreWZ0sUXbqbRxVTxy6Oa3/bvIFaq54btDbdGmbA31QVinV+IYm8A45W+Gg CIZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l11si16396623plb.370.2019.04.23.05.10.30; Tue, 23 Apr 2019 05:10:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727663AbfDWMHo (ORCPT + 99 others); Tue, 23 Apr 2019 08:07:44 -0400 Received: from relay.sw.ru ([185.231.240.75]:56342 "EHLO relay.sw.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726150AbfDWMHo (ORCPT ); Tue, 23 Apr 2019 08:07:44 -0400 Received: from [172.16.25.12] (helo=i7.sw.ru) by relay.sw.ru with esmtp (Exim 4.91) (envelope-from ) id 1hIuD5-0000jI-Hi; Tue, 23 Apr 2019 15:07:39 +0300 From: Andrey Ryabinin To: Andrew Morton Cc: Mel Gorman , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Ryabinin Subject: [PATCH 1/2] mm/page_alloc: avoid potential NULL pointer dereference Date: Tue, 23 Apr 2019 15:08:05 +0300 Message-Id: <20190423120806.3503-1-aryabinin@virtuozzo.com> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org ac.preferred_zoneref->zone passed to alloc_flags_nofragment() can be NULL. 'zone' pointer unconditionally derefernced in alloc_flags_nofragment(). Bail out on NULL zone to avoid potential crash. Currently we don't see any crashes only because alloc_flags_nofragment() has another bug which allows compiler to optimize away all accesses to 'zone'. Fixes: 6bb154504f8b ("mm, page_alloc: spread allocations across zones before introducing fragmentation") Signed-off-by: Andrey Ryabinin --- mm/page_alloc.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 933bd42899e8..2b2c7065102f 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -3461,6 +3461,9 @@ alloc_flags_nofragment(struct zone *zone, gfp_t gfp_mask) alloc_flags |= ALLOC_KSWAPD; #ifdef CONFIG_ZONE_DMA32 + if (!zone) + return alloc_flags; + if (zone_idx(zone) != ZONE_NORMAL) goto out; -- 2.21.0