mm/khugepaged: fix a tracepoint for error cases

Message ID	20250401202354.103501-2-sweettea-kernel@dorminy.me (mailing list archive)
State	New
Headers	show Return-Path: <owner-linux-mm@kvack.org> From: Sweet Tea Dorminy <sweettea-kernel@dorminy.me> To: Andrew Morton <akpm@linux-foundation.org>, linux-mm@kvack.org, linux-kernel@vger.kernel.org Cc: Sweet Tea Dorminy <sweettea-kernel@dorminy.me> Subject: [PATCH] mm/khugepaged: fix a tracepoint for error cases Date: Tue, 1 Apr 2025 16:23:53 -0400 Message-ID: <20250401202354.103501-2-sweettea-kernel@dorminy.me> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	mm/khugepaged: fix a tracepoint for error cases \| expand mm/khugepaged: fix a tracepoint for error cases

Message ID

20250401202354.103501-2-sweettea-kernel@dorminy.me (mailing list archive)

State

New

Headers

From: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
To: Andrew Morton <akpm@linux-foundation.org>,
	linux-mm@kvack.org,
	linux-kernel@vger.kernel.org
Cc: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>
Subject: [PATCH] mm/khugepaged: fix a tracepoint for error cases
Date: Tue,  1 Apr 2025 16:23:53 -0400
Message-ID: <20250401202354.103501-2-sweettea-kernel@dorminy.me>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

mm/khugepaged: fix a tracepoint for error cases | expand

Commit Message

Sweet Tea Dorminy April 1, 2025, 8:23 p.m. UTC

Fix a potential NULL pointer dereference in trace_mm_khugepaged_scan_pmd()
when folio is NULL. This is possible if vm_normal_page() returned a NULL
page -- which is unlikely, but was hit in testing.

(The tracepoint in include/trace/events/huge_memory.h can already deal
with a NULL page.)

Signed-off-by: Sweet Tea Dorminy <sweettea-kernel@dorminy.me>

---
Based on akpm/mm-unstable.

 mm/khugepaged.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)


base-commit: e026356e4192ff5a52c1d535e6b9e3fa50def2c4

Comments

Andrew Morton April 1, 2025, 9:09 p.m. UTC | #1

On Tue,  1 Apr 2025 16:23:53 -0400 Sweet Tea Dorminy <sweettea-kernel@dorminy.me> wrote:

> Fix a potential NULL pointer dereference in trace_mm_khugepaged_scan_pmd()
> when folio is NULL. This is possible if vm_normal_page() returned a NULL
> page -- which is unlikely, but was hit in testing.
> 
> (The tracepoint in include/trace/events/huge_memory.h can already deal
> with a NULL page.)
>
> ...
>
> --- a/mm/khugepaged.c
> +++ b/mm/khugepaged.c
> @@ -1435,8 +1435,9 @@ static int hpage_collapse_scan_pmd(struct mm_struct *mm,
>  		*mmap_locked = false;
>  	}
>  out:
> -	trace_mm_khugepaged_scan_pmd(mm, &folio->page, writable, referenced,
> -				     none_or_zero, result, unmapped);
> +	trace_mm_khugepaged_scan_pmd(mm, folio ? &folio->page : NULL,
> +				     writable, referenced, none_or_zero,
> +				     result, unmapped);
>  	return result;

Confused.  If folio==NULL then &folio->page==NULL also.  The patch
appears to be a no-op?

Do you have the messages from that oops?

diff --git a/mm/khugepaged.c b/mm/khugepaged.c
index cc945c6ab3bd..eb7b019159d4 100644
--- a/mm/khugepaged.c
+++ b/mm/khugepaged.c
@@ -1435,8 +1435,9 @@  static int hpage_collapse_scan_pmd(struct mm_struct *mm,
 		*mmap_locked = false;
 	}
 out:
-	trace_mm_khugepaged_scan_pmd(mm, &folio->page, writable, referenced,
-				     none_or_zero, result, unmapped);
+	trace_mm_khugepaged_scan_pmd(mm, folio ? &folio->page : NULL,
+				     writable, referenced, none_or_zero,
+				     result, unmapped);
 	return result;
 }

mm/khugepaged: fix a tracepoint for error cases

Commit Message

Comments

Patch