On Thu, 12 Oct 2023 01:25:35 -0700 Huai-Yuan Liu <810974084@xxxxxx> wrote:
> The function call alloc_percpu() returns a pointer to the memory address,
> but it hasn't been checked. Our static analysis tool indicates that null
> pointer dereference may exist in pointer zone->per_cpu_pageset. It is
> always safe to judge the null pointer before use.
>
> ...
>
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -5390,6 +5390,8 @@ void __meminit setup_zone_pageset(struct zone *zone)
> zone->per_cpu_zonestats = alloc_percpu(struct per_cpu_zonestat);
>
> zone->per_cpu_pageset = alloc_percpu(struct per_cpu_pages);
> + if (!zone->per_cpu_pageset)
> + return;
> for_each_possible_cpu(cpu) {
> struct per_cpu_pages *pcp;
> struct per_cpu_zonestat *pzstats;
I suppose as it's __meminit, yes, we should be checking here.
In which case we should also be checking the alloc_percpu() two lines
earlier and we should be freeing zone->per_cpu_zonestats if this second
alloc_percpu() fails. And we should be propagating the overall failure
back to higher layers whihc then handle it so the kernel won't immediately
crash anwyay.
