On Fri, 17 Jun 2016 15:32:20 +0200 Vlastimil Babka <vbabka@xxxxxxx> wrote: > On 06/17/2016 09:57 AM, js1304@xxxxxxxxx wrote: > > From: Sudip Mukherjee <sudipm.mukherjee@xxxxxxxxx> > > > > We have dereferenced page_ext before checking it. Lets check it first > > and then used it. > > > > Link: http://lkml.kernel.org/r/1465249059-7883-1-git-send-email-sudipm.mukherjee@xxxxxxxxx > > Signed-off-by: Sudip Mukherjee <sudip.mukherjee@xxxxxxxxxxxxxxx> > > Signed-off-by: Joonsoo Kim <iamjoonsoo.kim@xxxxxxx> > > Hmm, this is already in mmotm as > http://www.ozlabs.org/~akpm/mmotm/broken-out/mm-page_owner-use-stackdepot-to-store-stacktrace-fix.patch > > But imho it's fixing a problem not related to your patch, but something that the > commit f86e4271978b missed. So it should separately go to 4.7 ASAP. > > Acked-by: Vlastimil Babka <vbabka@xxxxxxx> > Fixes: f86e4271978b ("mm: check the return value of lookup_page_ext for all call > sites") Thanks, I reordered Sudip's patch. From: Sudip Mukherjee <sudipm.mukherjee@xxxxxxxxx> Subject: mm/page_owner: avoid null pointer dereference We have dereferenced page_ext before checking it. Lets check it first and then used it. Fixes: f86e4271978b ("mm: check the return value of lookup_page_ext for all call sites") Link: http://lkml.kernel.org/r/1465249059-7883-1-git-send-email-sudipm.mukherjee@xxxxxxxxx Signed-off-by: Sudip Mukherjee <sudip.mukherjee@xxxxxxxxxxxxxxx> Acked-by: Vlastimil Babka <vbabka@xxxxxxx> Cc: Joonsoo Kim <iamjoonsoo.kim@xxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- mm/page_owner.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff -puN mm/page_owner.c~mm-page_owner-use-stackdepot-to-store-stacktrace-fix mm/page_owner.c --- a/mm/page_owner.c~mm-page_owner-use-stackdepot-to-store-stacktrace-fix +++ a/mm/page_owner.c @@ -207,13 +207,15 @@ void __dump_page_owner(struct page *page .nr_entries = page_ext->nr_entries, .entries = &page_ext->trace_entries[0], }; - gfp_t gfp_mask = page_ext->gfp_mask; - int mt = gfpflags_to_migratetype(gfp_mask); + gfp_t gfp_mask; + int mt; if (unlikely(!page_ext)) { pr_alert("There is not page extension available.\n"); return; } + gfp_mask = page_ext->gfp_mask; + mt = gfpflags_to_migratetype(gfp_mask); if (!test_bit(PAGE_EXT_OWNER, &page_ext->flags)) { pr_alert("page_owner info is not active (free page?)\n"); _ -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>