From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B3CFAC83F22
	for <linux-mm@archiver.kernel.org>; Wed, 16 Jul 2025 14:58:33 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 2C0038D0003; Wed, 16 Jul 2025 10:58:33 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 270B48D0001; Wed, 16 Jul 2025 10:58:33 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 186808D0003; Wed, 16 Jul 2025 10:58:33 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14])
	by kanga.kvack.org (Postfix) with ESMTP id 071488D0001
	for <linux-mm@kvack.org>; Wed, 16 Jul 2025 10:58:33 -0400 (EDT)
Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id A539F10F9CD
	for <linux-mm@kvack.org>; Wed, 16 Jul 2025 14:58:32 +0000 (UTC)
X-FDA: 83670434064.06.66B221B
Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51])
	by imf10.hostedemail.com (Postfix) with ESMTP id B64FEC0003
	for <linux-mm@kvack.org>; Wed, 16 Jul 2025 14:58:30 +0000 (UTC)
Authentication-Results: imf10.hostedemail.com;
	dkim=pass header.d=mandelbit.com header.s=google header.b=Ygq7aKhy;
	dmarc=none;
	spf=pass (imf10.hostedemail.com: domain of antonio@mandelbit.com designates 209.85.208.51 as permitted sender) smtp.mailfrom=antonio@mandelbit.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1752677910; a=rsa-sha256;
	cv=none;
	b=NWajw0HCWgb2t02VvUe83YiRFU7WrOhbIze7eLGloXrBfv9OjdhgzwJQyXtnRoXEC8UTSS
	bHCdjtWsrDPl9AiCiKD3ysKthILjRyfHN8MrRcc4dTX4I1+bAxIvs0Yw1SZnP31UuayjO3
	jlCm/IAVqra9R86ljSj1S+oKEThIJZg=
ARC-Authentication-Results: i=1;
	imf10.hostedemail.com;
	dkim=pass header.d=mandelbit.com header.s=google header.b=Ygq7aKhy;
	dmarc=none;
	spf=pass (imf10.hostedemail.com: domain of antonio@mandelbit.com designates 209.85.208.51 as permitted sender) smtp.mailfrom=antonio@mandelbit.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1752677910;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:references:dkim-signature;
	bh=VVBZEfdSo5UbY68Wpk7UsXW4kadd8U3WtMxLGH9Dvzo=;
	b=USkIgR1gTpA7HhgqjwLSqUu3wJwpaEz87etd5SxCcjYQb59i7WM2ktAXZHJ3ooprAtbkhj
	s/2vLF/OjyJAkdN57xt0kI95IuJjMTxkxbnfqyGnArFAf6K/lZlzmmenpzXFHCFe7hC6zu
	9Y90fWXFrtwVbN2AkIorjDDTfK4VApw=
Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-607cc1a2bd8so11075919a12.2
        for <linux-mm@kvack.org>; Wed, 16 Jul 2025 07:58:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=mandelbit.com; s=google; t=1752677909; x=1753282709; darn=kvack.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=VVBZEfdSo5UbY68Wpk7UsXW4kadd8U3WtMxLGH9Dvzo=;
        b=Ygq7aKhyRHF+ayHn+vtvU561P4ApmiMb9iCkdznmt/VwXwTYWYXE/e/5unQVOL5nfH
         QS98Nd0ylToRa6Ts4N3+TN15OI/kUl0GvXtnneiGlos5NxWdjbV1R/OfIZY9niAcoMdi
         UdQEnuhYsPeRz6b7eEjvcg0Gky/C9t3Fd1yHnGsj3bpvZhYG5NMbS1/YEg4JyAj1wp8e
         GBZvOt6LQ+9przXTu0vlZ14FKWei3F8fLEprCbzoqQIqRQknVz7jsRHfTEK8rAxrZDYn
         AOajK4qBQgwcUwAWGtj+Ti0aAkcpl8FwZhVw3CxV61f4BnPt6J35YcRpXzsDIRW4U6zm
         sZDQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752677909; x=1753282709;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=VVBZEfdSo5UbY68Wpk7UsXW4kadd8U3WtMxLGH9Dvzo=;
        b=C0CyF1isO5fv4cA/V0JiHt4SPUsVT8jZK2CJuXk4X1YsFF/cKHehrW74ZjJXOYRD3o
         l3A416WAqgB3lFe/0LAR6VE+I3FlAMUBH90cEndQ/zkHvi3Yvfhe3ZH1g/0PlOsfixcS
         NSMPrTIk5skToFMvuArJFTJ2d5Xvtg33LbscLo9zjwnGGe5eqARh8FH5p/KbHpYcWEGZ
         V0NhFoPg0GXorRvKeAjBIDfPS2FAcwqo5JEMC9lIWuo39pnHRvqPcqe/s0kagGTZwiRj
         SRjg7/yjsah/ds2k7llBUR7G9FqggXtf2rL33x7KTHJgb2PWpJJiJ7nDm/zCLB4ETsd4
         EXZg==
X-Gm-Message-State: AOJu0Ywh40VQqGIevJkWeQv7oU7/KhWlLJGTiOVHgAAlVnh6zKgs4CIA
	l+BSV70i4XZD9T9OcF2icVH3xBEdSRt/rCxV8IL6YE+fythNbMcD6a3OzOSIG0Mmv4UBrF3HZ6H
	umO0chBzUUQ==
X-Gm-Gg: ASbGnculiN0ykOdThf+5sXIZJAww3Wy/9LI1sSXbxcfNSjbrOXHgfirGpDvfsRisGp7
	ciPATOV9bo4sIBPG8KLgB3cU0WV+q8qSLhRavT9jXQ0M87hCLVLXlCW/tHjcbv9HVNX7bzssT+f
	lcW58cBnsWvhV2jdCFu9I1ZuJpKGmss88oZAIikqUjkXK4Tuns5oXHrXK+gsqJ0W4Aj0AvR/R5f
	w5uvzq47nLAFdXKo0PI2AjBAxvL92aitoNMfvUZ41cDjUQTzmGEx5BFUPfk0Na4xnsYA2Ofdujf
	smcwTQGNqsFO9OHUj+OKudqY9+ipj3lFyJcLiphZ9xqsM3ipN5xgdOZXDw8PR7CXAOLio6kS85i
	5nbgaZJZYt4Iuiknip3k49ftL/GDx56gLhT2qaKt9/iNRl0WR
X-Google-Smtp-Source: AGHT+IFfriUTxkXd0jMa2Z4GOhPntI/5yBkhTR7oiq57a190gh+fIujJPR36JEanOXjCVcj+lbXsHQ==
X-Received: by 2002:a05:6402:d08:b0:607:28c9:c3c9 with SMTP id 4fb4d7f45d1cf-6128592c9b4mr2677236a12.6.1752677908932;
        Wed, 16 Jul 2025 07:58:28 -0700 (PDT)
Received: from inifinity.homelan.mandelbit.com ([2001:67c:2fbc:1:96ff:526e:2192:5194])
        by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-612688e0d81sm2595921a12.38.2025.07.16.07.58.27
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 16 Jul 2025 07:58:28 -0700 (PDT)
From: Antonio Quartulli <antonio@mandelbit.com>
To: linux-mm@kvack.org
Cc: Antonio Quartulli <antonio@mandelbit.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	David Hildenbrand <david@redhat.com>,
	Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
	Baolin Wang <baolin.wang@linux.alibaba.com>,
	"Liam R. Howlett" <Liam.Howlett@oracle.com>,
	Nico Pache <npache@redhat.com>,
	Ryan Roberts <ryan.roberts@arm.com>,
	Dev Jain <dev.jain@arm.com>,
	Barry Song <baohua@kernel.org>,
	Zi Yan <ziy@nvidia.com>
Subject: [RFC] mm/huge_memory: prevent potential NULL pointer dereference
Date: Wed, 16 Jul 2025 16:58:04 +0200
Message-ID: <20250716145804.4836-1-antonio@mandelbit.com>
X-Mailer: git-send-email 2.49.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Rspamd-Server: rspam12
X-Rspamd-Queue-Id: B64FEC0003
X-Stat-Signature: qmw58kwxfxneb7ddhae43yc6mou6u5r9
X-Rspam-User: 
X-HE-Tag: 1752677910-651518
X-HE-Meta: U2FsdGVkX1+eviR1xWEz0E15/DCEpB3UOz/nIJeONNhTDagrBlTVoXwnelwWjuwzm5byEWPjrIi8Z93vxoTByOsduj/a5thBjaYWJv16jEYfM1f6kuzzNcyTrWPd3nvsypWv3TrQ1sO4ZgLd8pA7oqGWmgTSztFJLscq9ZSA9ulW8V35tuG1mgDffDeqihMXSC7wiVyVpCMNbS8lKtMWfHqF5E1ymwmVa1zPVSrW3nNle4WO8oA/xhNMvIkiqLtY/puUH1USGBYY/p4b8Gc3R+zjwgmrMWvG7fHhgZD7DNZqB5TAyvFJNtuExeN5zfy1VTPZFnFWz/EvHTBWusi8Kkd6sWGDTJqGA2ruAgXOGp9jrD/LOuLTYyBOK4Wse6zan5IfAoNmK6CcsChrsh1xhEFyezlNrYNeOEHx/9uq/WDzQrHtZA8iU/NA0YcBzyLkAfl/IrrvdjyqZEDGRS/CO1J1WrV6lQ5YBcJqL1XsU/WzdlhFRqlu+TwKTEqncWdagqB7ffMZu2rftisplwp7cDwL/OrIzN4Q+rOLPsHvF42Yk5agcct2YNblk57t4JcmbOeOEZcUpNwByHhCQ7YgRZ9peygTr2xoSJQT85L2fTF3kjwE1sHxjLq5M8GBiHeDKew+0l05ag4YWwuDk1OxC4OXEPiyuQ0Vu38bTAawSOPn+K19Kp63xH6aEgCpJWWYTIuqnCzajH3WTaZTmNqyiG3yR5bxDnz2YoyQuoktPQVfcTbDxlDiNr4LYzKHVtyew4yKWe1nyNjwVxF4aLMoT1X9HF2/1ki6QrRcKEVr0bd/2GGdL5xXxk2zM9edZfq4g6SnLeRnc5JqGKcc7QkG02b5ZZiSQn7SbffLKWiEfx50eV9xPH6X45/lSElhIhFvnQwJS2+wRYFngQ0J5SkTkkdCuJCwTHSvLecXHFN+9huY1IUkth7DelBvV1S8lzvuP38DEf7gPn6YcSG0MWW
 XqNoA4Ry
 jWHB/15NGndbBJNpUjeBmsrEIVLpil2+nwjOhH2zNQzUvLzCvGyyE462uSdeBtbvuKmjg9nIe8Ys/HA3uS8+f3Bzd1KYMUMyV7prAZeFeS3tTdawKepP27eGmrCYJAtAwj+msQKAzIp7Eiivw79n96Mz964SxpnFpw8p7MKdAWEKQD1pbXkIumS3tKbMjqzoI6Lyjxh+Nx5vePrFg4+6v4MsRF4k6n8+Ziy0Tz5qEkESbStaPaA1t9FGe15bWQVeOC6353EFXv0+UM57xDWRRA3yK7R9TT0cT/rdUxr+/mr7m+DxZUawlKtWohhe2bUyXKjbFaCHs5z5rxBpunVf5WU6aYeOvdU2lrbfWzNeL+z9lZjQSMIckxGRCJM/dUEGMbfh5ECPuo1XzcwIisqtxL7yWmC6CleUNcWIDHJ4PfB0MwMY=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

I just found this issue in the last linux-next Coverity report and it
caught my attention.
I am not familiar with this code, therefore I am sending this patch
as RFC because I am not 100% sure whether this is a false positive or
not.
However, it seems potentially legit to me:

In __folio_split(), when looping over folios we dereference
`mapping` before ensuring it is non-NULL.

Following code in the loop body performs such check, thus
suggesting that `mapping` may be NULL and accessing it
without any check may be dangerous.

Add NULL check before passing it to shmem_mapping().

Cc: Zi Yan <ziy@nvidia.com>
Fixes: 00527733d0dc ("mm/huge_memory: add two new (not yet used) functions for folio_split()")
Addresses-Coverity-ID: 1647614 ("FORWARD_NULL")
Signed-off-by: Antonio Quartulli <antonio@mandelbit.com>
---
 mm/huge_memory.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mm/huge_memory.c b/mm/huge_memory.c
index 389620c65a5f..d649026db95a 100644
--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -3802,7 +3802,7 @@ static int __folio_split(struct folio *folio, unsigned int new_order,
 
 			/* Some pages can be beyond EOF: drop them from cache */
 			if (new_folio->index >= end) {
-				if (shmem_mapping(mapping))
+				if (mapping && shmem_mapping(mapping))
 					nr_shmem_dropped += folio_nr_pages(new_folio);
 				else if (folio_test_clear_dirty(new_folio))
 					folio_account_cleaned(
-- 
2.49.1