[PATCH for-mm-unstable] mm/damon/core: handle error from 'damon_fill_regions_holes()'

SeongJae Park <sj@xxxxxxxxxx> · Tue, 13 Sep 2022 21:54:20 +0000

Commit 91fc6af21c61 ("mm/damon/core: avoid holes in newly set monitoring
target ranges") in mm-unstable tree introduces
'damon_fill_regions_holes()', which does not check failures of
'damon_new_region()' call, so NULL dereferencing is available.  This
commit fixes the issue by checking failure of the function and returning
an error code.

Reported-by: Coverity Static Analyzer CID 1524904
Fixes: 91fc6af21c61 ("mm/damon/core: avoid holes in newly set monitoring target ranges") in mm-unstable
Signed-off-by: SeongJae Park <sj@xxxxxxxxxx>
---
 mm/damon/core.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/mm/damon/core.c b/mm/damon/core.c
index 520d3bb22d91..3ef3d13e504b 100644
--- a/mm/damon/core.c
+++ b/mm/damon/core.c
@@ -173,7 +173,7 @@ static bool damon_intersect(struct damon_region *r,
 /*
  * Fill holes in regions with new regions.
  */
-static void damon_fill_regions_holes(struct damon_region *first,
+static int damon_fill_regions_holes(struct damon_region *first,
 		struct damon_region *last, struct damon_target *t)
 {
 	struct damon_region *r = first;
@@ -186,9 +186,12 @@ static void damon_fill_regions_holes(struct damon_region *first,
 		next = damon_next_region(r);
 		if (r->ar.end != next->ar.start) {
 			newr = damon_new_region(r->ar.end, next->ar.start);
+			if (!newr)
+				return -ENOMEM;
 			damon_insert_region(newr, r, next, t);
 		}
 	}
+	return 0;
 }
 
 /*
@@ -207,6 +210,7 @@ int damon_set_regions(struct damon_target *t, struct damon_addr_range *ranges,
 {
 	struct damon_region *r, *next;
 	unsigned int i;
+	int err;
 
 	/* Remove regions which are not in the new ranges */
 	damon_for_each_region_safe(r, next, t) {
@@ -251,7 +255,9 @@ int damon_set_regions(struct damon_target *t, struct damon_addr_range *ranges,
 			last->ar.end = ALIGN(range->end, DAMON_MIN_REGION);
 
 			/* fill possible holes in the range */
-			damon_fill_regions_holes(first, last, t);
+			err = damon_fill_regions_holes(first, last, t);
+			if (err)
+				return err;
 		}
 	}
 	return 0;
-- 
2.25.1








