On Mon, 9 Oct 2023 08:15:13 -0700 Mike Kravetz <mike.kravetz@xxxxxxxxxx> wrote: > > This should also be empty and a noop. > > > > Is it possible that the misaligned kernel image could make these lists > > appear as non-empty? > > Actually, just saw this: > > https://lore.kernel.org/linux-mm/20231009145605.2150897-1-usama.arif@xxxxxxxxxxxxx/ > > Will take a look, although as mentioned above prep_and_add_bootmem_folios on > an empty list should be a noop. Konrad, are you able to test Usama's patch? Thanks. From: Usama Arif <usama.arif@xxxxxxxxxxxxx> Subject: mm: hugetlb: only prep and add allocated folios for non-gigantic pages Date: Mon, 9 Oct 2023 15:56:05 +0100 Calling prep_and_add_allocated_folios when allocating gigantic pages at boot time causes the kernel to crash as folio_list is empty and iterating it causes a NULL pointer dereference. Call this only for non-gigantic pages when folio_list has entries. Link: https://lkml.kernel.org/r/20231009145605.2150897-1-usama.arif@xxxxxxxxxxxxx Fixes: bfb41d6b2fe148 ("hugetlb: restructure pool allocations") Signed-off-by: Usama Arif <usama.arif@xxxxxxxxxxxxx> Cc: Fam Zheng <fam.zheng@xxxxxxxxxxxxx> Cc: Mike Kravetz <mike.kravetz@xxxxxxxxxx> Cc: Muchun Song <songmuchun@xxxxxxxxxxxxx> Cc: Punit Agrawal <punit.agrawal@xxxxxxxxxxxxx> Cc: Anshuman Khandual <anshuman.khandual@xxxxxxx> Cc: Barry Song <21cnbao@xxxxxxxxx> Cc: David Hildenbrand <david@xxxxxxxxxx> Cc: David Rientjes <rientjes@xxxxxxxxxx> Cc: James Houghton <jthoughton@xxxxxxxxxx> Cc: Joao Martins <joao.m.martins@xxxxxxxxxx> Cc: Konrad Dybcio <konradybcio@xxxxxxxxxx> Cc: Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx> Cc: Miaohe Lin <linmiaohe@xxxxxxxxxx> Cc: Michal Hocko <mhocko@xxxxxxxx> Cc: Naoya Horiguchi <naoya.horiguchi@xxxxxxxxx> Cc: Oscar Salvador <osalvador@xxxxxxx> Cc: Xiongchun Duan <duanxiongchun@xxxxxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- mm/hugetlb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/mm/hugetlb.c~hugetlb-restructure-pool-allocations-fix +++ a/mm/hugetlb.c @@ -3307,7 +3307,8 @@ static void __init hugetlb_hstate_alloc_ } /* list will be empty if hstate_is_gigantic */ - prep_and_add_allocated_folios(h, &folio_list); + if (!hstate_is_gigantic(h)) + prep_and_add_allocated_folios(h, &folio_list); if (i < h->max_huge_pages) { char buf[32]; _
