[PATCH] mm: don't allow empty relative nodemask in mpol_relative_nodemask()

Next message: Timur Tabi: "Re: [PATCH 0/5] nouveau/gsp: Cleanup IS_ERR_OR_NULL() usage"
Previous message: Christian Marangi: "[PATCH v5 0/3] clk: add support for Airoha AN7583 clock"
Next in thread: Waiman Long: "Re: [PATCH] mm: don't allow empty relative nodemask in mpol_relative_nodemask()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Yury Norov

Date: Thu May 28 2026 - 15:06:56 EST

Reassigning nodes relative an empty user-provided nodemask is useless,
and triggers divide-by-zero in the function.

Reported-by: Farhad Alemi <farhad.alemi@xxxxxxxxxxxx>
Link: https://lore.kernel.org/all/CA+0ovCgxbZkXa+OU8w3s84R3KNPNxxRfmsNR-udh+afQBbGNmw@xxxxxxxxxxxxxx/
Signed-off-by: Yury Norov <ynorov@xxxxxxxxxx>
---
mm/mempolicy.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 4e4421b22b59..cd961fa1eb33 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -370,8 +370,13 @@ static inline int mpol_store_user_nodemask(const struct mempolicy *pol)
static void mpol_relative_nodemask(nodemask_t *ret, const nodemask_t *orig,
const nodemask_t *rel)
{
+ unsigned int w = nodes_weight(*rel);
nodemask_t tmp;
- nodes_fold(tmp, *orig, nodes_weight(*rel));
+
+ if (w == 0)
+ return -EINVAL;
+
+ nodes_fold(tmp, *orig, w);
nodes_onto(*ret, tmp, *rel);
}

--
2.51.0