It is possible that walk_guest_tables() is called on a shadow gmap that
has been removed already, in which case its parent will be NULL.

In such case, return -EAGAIN and let the callers deal with it.

Fixes: e38c884df921 ("KVM: s390: Switch to new gmap")
Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
---
 arch/s390/kvm/gaccess.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c
index 67de47a81a87..4630b2a067ea 100644
--- a/arch/s390/kvm/gaccess.c
+++ b/arch/s390/kvm/gaccess.c
@@ -1287,7 +1287,10 @@ static int walk_guest_tables(struct gmap *sg, unsigned long saddr, struct pgtwal
 	union asce asce;
 	int rc;
 
+	if (!parent)
+		return -EAGAIN;
 	kvm = parent->kvm;
+	WARN_ON(!kvm);
 	asce = sg->guest_asce;
 	entries = get_entries(w);
 
-- 
2.52.0

On 2/6/26 15:35, Claudio Imbrenda wrote:
> It is possible that walk_guest_tables() is called on a shadow gmap that
> has been removed already, in which case its parent will be NULL.
> 
> In such case, return -EAGAIN and let the callers deal with it.
> 
> Fixes: e38c884df921 ("KVM: s390: Switch to new gmap")
> Signed-off-by: Claudio Imbrenda <imbrenda@linux.ibm.com>

Acked-by: Janosch Frank <frankja@linux.ibm.com>

> ---
>   arch/s390/kvm/gaccess.c | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/arch/s390/kvm/gaccess.c b/arch/s390/kvm/gaccess.c
> index 67de47a81a87..4630b2a067ea 100644
> --- a/arch/s390/kvm/gaccess.c
> +++ b/arch/s390/kvm/gaccess.c
> @@ -1287,7 +1287,10 @@ static int walk_guest_tables(struct gmap *sg, unsigned long saddr, struct pgtwal
>   	union asce asce;
>   	int rc;
>   
> +	if (!parent)
> +		return -EAGAIN;
>   	kvm = parent->kvm;
> +	WARN_ON(!kvm);
>   	asce = sg->guest_asce;
>   	entries = get_entries(w);
>