From nobody Fri Apr 3 08:08:03 2026 Received: from mail-yx1-f46.google.com (mail-yx1-f46.google.com [74.125.224.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D626B3446BC for ; Wed, 18 Feb 2026 19:09:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.125.224.46 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771441764; cv=none; b=iUcexLIafA+sRPpHcK1QWUqZo72cxoNnORfr/DlYEfixltM7FfZmZMCmwv3iVYErDpQDU7RDYoWmwvA4JR5Y8D6IZ32JnVn69f3n0I2xFHV/GI6i76x346HdJBr5jFzu0x7GzZy8TVJX4PGyt2Hn9NioK9F8hT0iEg4dlYEV7ZA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771441764; c=relaxed/simple; bh=+jdOyEDd7dgKfXWQTh8+egO7d5Cs5XS/fiyz0bK2mwY=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=Qg01zkFL58BIKdTNeNkXwkMWoxs8QOQOFE/Rrp/5RZZwaR3Jj714Wml0GzSB7IvwbzjIorzdBNPVcYvly4kHWEsXS99UqaHsXAsrr1tzyPbcZbDU+utooa9W+C0faY3j1WCAlwBx8kCsHD88eDB7CjazgZmjVH+xaf9sVvaaf1w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Rh2HQ8G+; arc=none smtp.client-ip=74.125.224.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Rh2HQ8G+" Received: by mail-yx1-f46.google.com with SMTP id 956f58d0204a3-64ad79dfb6eso98801d50.0 for ; Wed, 18 Feb 2026 11:09:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1771441762; x=1772046562; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=L0ZCsOK0QpjL7gyeytvdHiQWsLRK6hVybiMxwZYY0xQ=; b=Rh2HQ8G+6Mc7NYHkrWR9E9ajzO7PTlIk7D7gNbVtsGVwvvtDkeYO3WFv/N9sn80GT3 zNwelKY/BSef48barKPNYn7Lfr/3vwHyTZcZsSdBVa39kW3C8CAgGvIEoVuTwmBFL5um 6/KxRUpIbXrMIb83SZKA/nJVJVspEuXS7uPu+BqWfc4PK33aZR4FoAvGr3YwR/aKYc3J +Fx8QYxnpZYKsk/bRNf5yg3Fxope21nf17u0P1rIg8buQRm6mBHVP1g0zK6Pfqo9Ome4 Fmhrgrs/jDd7odYb2okzCDcUjitS92Fk9+3QEoIRHcQlrDoLr5z32d0RwOYIQWjIaLfF 1iwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771441762; x=1772046562; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=L0ZCsOK0QpjL7gyeytvdHiQWsLRK6hVybiMxwZYY0xQ=; b=eWWmGMG+n3L6FUn9zsdVgfKxSTIoPHf3ID1UQdVm6/IL0xMmrvXCNhm15GWqRkXMCa IuOOw/IxDPqmT2ZS43WMD13YmJQpZPLbDr8NEZWXVbI5OXjVfCrgMgXqKxN8HK2W+6lr KwgRoT/0bWq23G2s9IFaGuX3ko7MJsf9JMMyHhUHuuzzh1xIVqEmCisukZDJjuKaPLJ4 HrWjcVb7Kp7C6To1TjTuY/PtDF61TqeINLNqQ7KSC1pEhJVB+gxSrz37DWVv7LLIaVqD 5DsjVLXWTi8Q1AJoox7un6cenGO0Wv5tHrZD5j875JLYScqT7R701iM3+UkUztu41AuU uIAA== X-Forwarded-Encrypted: i=1; AJvYcCUMBnOFuQIQK1y9Z8jYB6yfcs8fnU+IUSDDZtQ489AdrEX1T5Wjf71us9F0dYlQLGIL0MqaD07NbOkJKtQ=@vger.kernel.org X-Gm-Message-State: AOJu0YxPaZDY0sUR4LLCbThusc6U1IoinZYFZvVOIzVZ6XiY7Ptexf+4 3w8RtAGYk39Jt2KZUUxI8eJKGZNUuoleozSzb5GoQA9yjCa+4at9X5mR X-Gm-Gg: AZuq6aKf9Zo7iASX7VJ2kvRHNJH6cBGhg4HrvxsCqmFZCSB/V0MHeXzq1KivGM3bfJN aGC6NcuuYg29cap8M4qSDcR7O3DaFKAjAZOKMtsysu/9E5nHE9JCpT2atOp4MuyeLx2qQlLQz6k AGAg22RHqwWFD9/zv5OpXiEPTSG4Txqpd/UvH6FDMd8/NGGsV0QpOsOj9fxXXo/1NninRakxpaT n0/DudsTWUavuMOnpXpJbWe/o/8ZGkjh5BLVZOEnY0C7AhcMibB2+XOpSFNzGLHM2PeEcccqdtw SMx8i8pmDEmRIigcXaQdaDHhA3htNQQDq5A0GAmwD/hhTNhu1UQa9ByDWDQ5lVhezguJ/adAACO IX5YdJOgy2VFtCLMFShdih6/bnFiZlivnalzfWE1gN2ig76xFREM4Br5frRL0Ri7PULuA7N8omV vcQIdIjNCDvqcVEgslbFAEKlNKH8BMZtZkkKODkb4/5mjv9C7W32/dxW3tZBlqdseZUi6IfBUTw zKbisBN6T65kzr7pPFJf+LwRSsbqwlbEq2QUISZSuA= X-Received: by 2002:a05:690e:1246:b0:64a:dcf7:c13e with SMTP id 956f58d0204a3-64c55563073mr2467484d50.17.1771441761829; Wed, 18 Feb 2026 11:09:21 -0800 (PST) Received: from tux ([2601:7c0:c37c:4c00:e3a8:26f7:7e08:88e1]) by smtp.gmail.com with ESMTPSA id 956f58d0204a3-64c22f89f75sm6379914d50.11.2026.02.18.11.09.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Feb 2026 11:09:21 -0800 (PST) From: Ethan Tidmore To: "K . Y . Srinivasan" , Haiyang Zhang , Wei Liu , Dexuan Cui , Long Li , Saurabh Sengar Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H . Peter Anvin" , Michael Kelley , x86@kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, Ethan Tidmore Subject: [PATCH] x86/hyperv: Fix error pointer dereference Date: Wed, 18 Feb 2026 13:09:03 -0600 Message-ID: <20260218190903.7874-1-ethantidmore06@gmail.com> X-Mailer: git-send-email 2.53.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The function idle_thread_get() can return an error pointer and is not checked for it. Add check for error pointer. Detected by Smatch: arch/x86/hyperv/hv_vtl.c:126 hv_vtl_bringup_vcpu() error: 'idle' dereferencing possible ERR_PTR() Fixes: 2b4b90e053a29 ("x86/hyperv: Use per cpu initial stack for vtl contex= t") Signed-off-by: Ethan Tidmore --- v2: - Fixed typo. arch/x86/hyperv/hv_vtl.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c index c0edaed0efb3..9b6a9bc4ab76 100644 --- a/arch/x86/hyperv/hv_vtl.c +++ b/arch/x86/hyperv/hv_vtl.c @@ -110,7 +110,7 @@ static void hv_vtl_ap_entry(void) =20 static int hv_vtl_bringup_vcpu(u32 target_vp_index, int cpu, u64 eip_ignor= ed) { - u64 status; + u64 status, rsp, rip; int ret =3D 0; struct hv_enable_vp_vtl *input; unsigned long irq_flags; @@ -123,9 +123,11 @@ static int hv_vtl_bringup_vcpu(u32 target_vp_index, in= t cpu, u64 eip_ignored) struct desc_struct *gdt; =20 struct task_struct *idle =3D idle_thread_get(cpu); - u64 rsp =3D (unsigned long)idle->thread.sp; + if (IS_ERR(idle)) + return PTR_ERR(idle); =20 - u64 rip =3D (u64)&hv_vtl_ap_entry; + rsp =3D (unsigned long)idle->thread.sp; + rip =3D (u64)&hv_vtl_ap_entry; =20 native_store_gdt(&gdt_ptr); store_idt(&idt_ptr); --=20 2.53.0