From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from imap1.codethink.co.uk ([176.9.8.82]:45449 "EHLO imap1.codethink.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751255AbdLEQSB (ORCPT ); Tue, 5 Dec 2017 11:18:01 -0500 Message-ID: <1512490673.18523.176.camel@codethink.co.uk> Subject: Re: [PATCH stable-4.4 1/2] mm: check the return value of lookup_page_ext for all call sites From: Ben Hutchings To: Michal Hocko , Greg KH Cc: jaewon31.kim@samsung.com, akpm@linux-foundation.org, js1304@gmail.com, mhocko@suse.com, minchan@kernel.org, stable@vger.kernel.org, torvalds@linux-foundation.org, Yang Shi , Arnd Bergmann , Joonsoo Kim Date: Tue, 05 Dec 2017 16:17:53 +0000 In-Reply-To: <1512490595.18523.175.camel@codethink.co.uk> References: <1511339877204@kroah.com> <20171122120937.14241-1-mhocko@kernel.org> <1512490595.18523.175.camel@codethink.co.uk> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: Sorry, I see this got fixed already. Ben. On Tue, 2017-12-05 at 16:16 +0000, Ben Hutchings wrote: > On Wed, 2017-11-22 at 13:09 +0100, Michal Hocko wrote: > > From: Yang Shi > > > > commit f86e4271978bd93db466d6a95dad4b0fdcdb04f6 upstream. > > > > Per the discussion with Joonsoo Kim [1], we need check the return value > > of lookup_page_ext() for all call sites since it might return NULL in > > some cases, although it is unlikely, i.e.  memory hotplug. > > > > Tested with ltp with "page_owner=0". > > [...] > > --- a/mm/debug-pagealloc.c > > +++ b/mm/debug-pagealloc.c > > @@ -34,6 +34,8 @@ static inline void set_page_poison(struct page > > *page) > >   struct page_ext *page_ext; > >   > >   page_ext = lookup_page_ext(page); > > + if (page_ext) > > + return; > > This, and the other checks added to debug-pagealloc.c, are reversed.  > (This is specific to the 4.4 backport - in the upstream version these > functions are in mm/page_poison.c and were patched correctly.) > > Ben. > > >   __set_bit(PAGE_EXT_DEBUG_POISON, &page_ext->flags); > >  } > >   > > @@ -42,6 +44,8 @@ static inline void clear_page_poison(struct page > > *page) > >   struct page_ext *page_ext; > >   > >   page_ext = lookup_page_ext(page); > > + if (page_ext) > > + return; > >   __clear_bit(PAGE_EXT_DEBUG_POISON, &page_ext->flags); > >  } > >   > > @@ -50,6 +54,8 @@ static inline bool page_poison(struct page *page) > >   struct page_ext *page_ext; > >   > >   page_ext = lookup_page_ext(page); > > + if (page_ext) > > + return false; > >   return test_bit(PAGE_EXT_DEBUG_POISON, &page_ext->flags); > >  } > >   > > [...] > -- Ben Hutchings Software Developer, Codethink Ltd.