[Devel] [PATCH vz10] memcg: guard mm_overdraft() against NULL memcg (cgroup_disable=memory)

Vasileios Almpanis vasileios.almpanis at virtuozzo.com
Fri Jun 5 15:13:15 MSK 2026


On 6/4/26 11:23 AM, Konstantin Khorenko wrote:
> get_mem_cgroup_from_mm() returns NULL when mem_cgroup_disabled() is true
> (e.g. the kernel was booted with "cgroup_disable=memory"). mm_overdraft()
> dereferenced the result unconditionally:
>
> 	memcg = get_mem_cgroup_from_mm(mm);
> 	overdraft = memcg->overdraft;     /* NULL deref */
> 	css_put(&memcg->css);
>
> It is called from oom_badness() (*overdraft = mm_overdraft(p->mm)) on
> every OOM scoring pass, so any OOM kill on a memory-cgroup-disabled
> kernel NULL-derefs. Return 0 (no overdraft) when memcg is NULL.
>
> Fixes: 36eac5599341 ("memcg: add oom_guarantee")
> https://virtuozzo.atlassian.net/browse/VSTOR-132310
> Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
Reviewed-by: Vasileios Almpanis <vasileios.almpanis at virtuozzo.com>
> ---
>   include/linux/memcontrol.h | 2 ++
>   1 file changed, 2 insertions(+)
>
> diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h
> index 23ab42e5978e..bf2440e36941 100644
> --- a/include/linux/memcontrol.h
> +++ b/include/linux/memcontrol.h
> @@ -907,6 +907,8 @@ static inline unsigned long mm_overdraft(struct mm_struct *mm)
>   	unsigned long overdraft;
>   
>   	memcg = get_mem_cgroup_from_mm(mm);
> +	if (!memcg)
> +		return 0;
>   	overdraft = memcg->overdraft;
>   	css_put(&memcg->css);
>   

-- 
Best regards, Vasileios Almpanis
Software Developer, Virtuozzo.



More information about the Devel mailing list