This Linux kernel change "mm/page_alloc.c: avoid potential NULL pointer dereference" is included in the Linux 5.1 release. This change is authored by Andrey Ryabinin <aryabinin [at] virtuozzo.com> on Thu Apr 25 22:23:58 2019 -0700. The commit for this change in Linux stable tree is 8139ad0 (patch).
mm/page_alloc.c: avoid potential NULL pointer dereference ac.preferred_zoneref->zone passed to alloc_flags_nofragment() can be NULL. 'zone' pointer unconditionally derefernced in alloc_flags_nofragment(). Bail out on NULL zone to avoid potential crash. Currently we don't see any crashes only because alloc_flags_nofragment() has another bug which allows compiler to optimize away all accesses to 'zone'. Link: http://email@example.com Fixes: 6bb154504f8b ("mm, page_alloc: spread allocations across zones before introducing fragmentation") Signed-off-by: Andrey Ryabinin <firstname.lastname@example.org> Acked-by: Mel Gorman <email@example.com> Signed-off-by: Andrew Morton <firstname.lastname@example.org> Signed-off-by: Linus Torvalds <email@example.com>
There are 3 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.
mm/page_alloc.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mm/page_alloc.c b/mm/page_alloc.c index d167c48..9992ca7 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -3432,6 +3432,9 @@ static bool zone_allows_reclaim(struct zone *local_zone, struct zone *zone) alloc_flags |= ALLOC_KSWAPD; #ifdef CONFIG_ZONE_DMA32 + if (!zone) + return alloc_flags; + if (zone_idx(zone) != ZONE_NORMAL) goto out;