From nobody Mon Jun 8 13:24:30 2026 Received: from out-173.mta1.migadu.com (out-173.mta1.migadu.com [95.215.58.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 404F735200C for ; Fri, 29 May 2026 01:42:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=95.215.58.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780018929; cv=none; b=KOxpbga/mgkyU7wpfqWBhAOYU0RmmqWdh1IlUMgRyp/5sfaESbl8xkSBXGz+hgLE1DMuaWXBf8bEU+uWidPXxKiscmn+PvCKB+Itjqi9WbCPiaDVpL/i4gFP0juEUZI+w9WfQGAbGe65nTWCvl81IuSRJw0ACO8jdO5p3LFM9qg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780018929; c=relaxed/simple; bh=ZPPb4dWderTYZWn2SNvtOSjwjA0F6UWItmdtWdyRrk8=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=P5uOjXfQ1YIqrvbAcAYHzNrIEr+JD06sOKq3z1i9o0DxrbteIQc0LGxjEuOFVXYhKMt7ckMx89/0DtxROfHjxFjsmXQ5Lm35a8o5opAA6Ttw59VAJif7OW3rcGbmm+qeAWL/jC7Vxli5WSySHbO/Z65z5IS3hC/favz9gdYTZ6w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=YgztwgLt; arc=none smtp.client-ip=95.215.58.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="YgztwgLt" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1780018926; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=ziMz6HVoieYrDjrV2NAuiQxTv94f1tu4Knq7c+x4ci4=; b=YgztwgLtIHL1/MEG/04MmSqxTZ3CdCeEWT1HE0UiN/6o852nNWi2yOiGVMiGDP9wdUrY9b ceRtFCXWzvWGVDf6R2bfQ9Kg4I7eYnb6aqnHAeCGyDkhpfnaU2F+y8hknZ+BFyLdk23umF lG5EH0PG2hahyXDX8pwamp/aig62Nmw= From: Hui Zhu To: Andrew Morton , Uladzislau Rezki , Nicholas Piggin , linux-mm@kvack.org, linux-kernel@vger.kernel.org Cc: Hui Zhu Subject: [PATCH] vmalloc: Fix NULL pointer dereference in is_vm_area_hugepages() Date: Fri, 29 May 2026 09:41:30 +0800 Message-ID: <20260529014130.671291-1-hui.zhu@linux.dev> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Migadu-Flow: FLOW_OUT Content-Type: text/plain; charset="utf-8" From: Hui Zhu find_vm_area() can return NULL if the given address is not a valid vmalloc area. Check the return value before dereferencing it to avoid a kernel crash. Fixes: 121e6f3258fe ("mm/vmalloc: hugepage vmalloc mappings") Signed-off-by: Hui Zhu Reviewed-by: Dev Jain Reviewed-by: Uladzislau Rezki (Sony) --- include/linux/vmalloc.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h index 3b02c0c6b371..d87dc7f77f4e 100644 --- a/include/linux/vmalloc.h +++ b/include/linux/vmalloc.h @@ -265,7 +265,9 @@ static inline bool is_vm_area_hugepages(const void *add= r) * allocated in the vmalloc layer. */ #ifdef CONFIG_HAVE_ARCH_HUGE_VMALLOC - return find_vm_area(addr)->page_order > 0; + struct vm_struct *area =3D find_vm_area(addr); + + return area && area->page_order > 0; #else return false; #endif --=20 2.43.0