[PATCH][v2] x86/process: Return early if TIF_IO_BITMAP is set but no IO bitmap is assigned

Next message: syzbot: "[syzbot] [net?] KCSAN: data-race in xfrm_lookup_with_ifid / xfrm_policy_delete"
Previous message: Yichong Chen: "[PATCH v3] tools/mm/page_owner_sort: free per-record allocations"
Next in thread: Sohil Mehta: "Re: [PATCH][v2] x86/process: Return early if TIF_IO_BITMAP is set but no IO bitmap is assigned"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: lirongqing

Date: Fri Jun 12 2026 - 01:52:07 EST

From: Li RongQing <lirongqing@xxxxxxxxx>

Outside the IOPL emulation path, the IO bitmap is always expected
to be allocated when TIF_IO_BITMAP is set. The paranoid WARN_ON_ONCE()
handles the case where the flag and the pointer got out of sync.
In this rare scenario, return early instead of continuing and
dereferencing a NULL pointer.

[Sohil Mehta: rephrased commit message]

Reviewed-by: Sohil Mehta <sohil.mehta@xxxxxxxxx>
Signed-off-by: Li RongQing <lirongqing@xxxxxxxxx>
---
Diff with v1: rephrased commit message

arch/x86/kernel/process.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c
index 4c718f8..d5cd217 100644
--- a/arch/x86/kernel/process.c
+++ b/arch/x86/kernel/process.c
@@ -486,6 +486,7 @@ void native_tss_update_io_bitmap(void)
if (WARN_ON_ONCE(!iobm)) {
clear_thread_flag(TIF_IO_BITMAP);
native_tss_invalidate_io_bitmap();
+ return;
}

/*
--
2.9.4