On Fri, Jan 4, 2019 at 6:42 PM Christopher Lameter <cl@xxxxxxxxx> wrote:
>
> From: Christoph Lameter <cl@xxxxxxxxx>
>
> Callers of __alloc_alien() check for NULL.
> We must do the same check in __alloc_alien() after the allocation of
> the alien cache to avoid potential NULL pointer dereferences
> should the allocation fail.
>
> Fixes: 49dfc304ba241b315068023962004542c5118103 ("slab: use the lock on alien_cache, instead of the lock on array_cache")
> Fixes: c8522a3a5832b843570a3315674f5a3575958a5 ("Slab: introduce alloc_alien")
> Signed-off-by: Christoph Lameter <cl@xxxxxxxxx>
Please also add the Reported-by tag to commit for tracking purposes:
Reported-by: syzbot+d6ed4ec679652b4fd4e4@xxxxxxxxxxxxxxxxxxxxxxxxx
> Index: linux/mm/slab.c
> ===================================================================
> --- linux.orig/mm/slab.c
> +++ linux/mm/slab.c
> @@ -666,8 +666,10 @@ static struct alien_cache *__alloc_alien
> struct alien_cache *alc = NULL;
>
> alc = kmalloc_node(memsize, gfp, node);
> - init_arraycache(&alc->ac, entries, batch);
> - spin_lock_init(&alc->lock);
> + if (alc) {
> + init_arraycache(&alc->ac, entries, batch);
> + spin_lock_init(&alc->lock);
> + }
> return alc;
> }
>
