zpool_destroy_pool() does not tolerate a NULL zs_pool pointer argument and performs a NULL-pointer dereference. Although there are quite a few zs_destroy_pool() users, still update it to be coherent with the corresponding destroy() functions of the remainig pool-allocators (slab, mempool, etc.), which now allow NULL pool-pointers. For consistency, tweak zpool_destroy_pool() and NULL-check the pointer there. Proposed by Andrew Morton. Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@xxxxxxxxx> Reported-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> LKML-reference: https://lkml.org/lkml/2015/6/8/583 --- mm/zsmalloc.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c index c766240..80964d2 100644 --- a/mm/zsmalloc.c +++ b/mm/zsmalloc.c @@ -1868,6 +1868,9 @@ void zs_destroy_pool(struct zs_pool *pool) { int i; + if (unlikely(!pool)) + return; + zs_pool_stat_destroy(pool); for (i = 0; i < zs_size_classes; i++) { -- 2.4.3.368.g7974889 -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>