diff options
| author | Christoph Lameter <cl@linux.com> | 2013-01-23 21:45:47 (GMT) |
|---|---|---|
| committer | Emil Medve <Emilian.Medve@Freescale.com> | 2013-05-26 07:13:25 (GMT) |
| commit | 0a8c62a3f3bdec547e34f71c46e2607a914ba459 (patch) | |
| tree | 4a4d28ab17068dd033a9df6e7962b9d0ca8ffe96 /mm | |
| parent | dbf932a9b316d5b29b3e220e5a30e7a165ad2992 (diff) | |
| download | linux-fsl-qoriq-0a8c62a3f3bdec547e34f71c46e2607a914ba459.tar.xz | |
FIX [1/2] slub: Do not dereference NULL pointer in node_match
The variables accessed in slab_alloc are volatile and therefore
the page pointer passed to node_match can be NULL. The processing
of data in slab_alloc is tentative until either the cmpxhchg
succeeds or the __slab_alloc slowpath is invoked. Both are
able to perform the same allocation from the freelist.
Check for the NULL pointer in node_match.
A false positive will lead to a retry of the loop in __slab_alloc.
Signed-off-by: Christoph Lameter <cl@linux.com>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Pekka Enberg <penberg@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Diffstat (limited to 'mm')
| -rw-r--r-- | mm/slub.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -2041,7 +2041,7 @@ static void flush_all(struct kmem_cache *s) static inline int node_match(struct page *page, int node) { #ifdef CONFIG_NUMA - if (node != NUMA_NO_NODE && page_to_nid(page) != node) + if (!page || (node != NUMA_NO_NODE && page_to_nid(page) != node)) return 0; #endif return 1; |