Re: [PATCH] sched/core: Fix error pointer dereference
From: Vishal Chourasia
Date: Thu Feb 26 2026 - 00:19:05 EST
On Tue, Feb 17, 2026 at 12:06:33PM -0600, Ethan Tidmore wrote:
> The function idle_thread_get() can return an error pointer and is not
> checked for one. Add check for error pointer.
>
> Detected by Smatch:
> kernel/cpu.c:911 finish_cpu() error:
> 'idle' dereferencing possible ERR_PTR()
>
> Fixes: bf2c59fce4074 ("sched/core: Fix illegal RCU from offline CPUs")
> Signed-off-by: Ethan Tidmore <ethantidmore06@xxxxxxxxx>
> ---
> kernel/cpu.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/cpu.c b/kernel/cpu.c
> index bc4f7a9ba64e..30af888d1bc1 100644
> --- a/kernel/cpu.c
> +++ b/kernel/cpu.c
> @@ -908,7 +908,12 @@ static int bringup_cpu(unsigned int cpu)
> static int finish_cpu(unsigned int cpu)
> {
> struct task_struct *idle = idle_thread_get(cpu);
> - struct mm_struct *mm = idle->active_mm;
> + struct mm_struct *mm;
> +
> + if (IS_ERR(idle))
> + return PTR_ERR(idle);
> +
> + mm = idle->active_mm;
>
> /*
> * sched_force_init_mm() ensured the use of &init_mm,
> --
> 2.53.0
>
Reviewed-by: Vishal Chourasia <vishalc@xxxxxxxxxxxxx>