On Tue, Nov 07, 2017 at 09:57:03AM -0800, Shaohua Li wrote: > kthread() could bail out early before we initialize blkcg_css (if the > kthread is killed very soon), which confuses free_kthread_struct. Move > the blkcg_css initialization early. > > Reported-by: syzbot <[email protected]> > Fix: 05e3db9(kthread: add a mechanism to store cgroup info) > Cc: Andrew Morton <[email protected]> > Cc: Ingo Molnar <[email protected]> > Cc: Tejun Heo <[email protected]> > Signed-off-by: Shaohua Li <[email protected]> > --- > kernel/kthread.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/kernel/kthread.c b/kernel/kthread.c > index f87cd8b4..cf5c113 100644 > --- a/kernel/kthread.c > +++ b/kernel/kthread.c > @@ -205,6 +205,10 @@ static int kthread(void *_create) > int ret; > > self = kmalloc(sizeof(*self), GFP_KERNEL); > +#ifdef CONFIG_BLK_CGROUP > + if (self) > + self->blkcg_css = NULL; > +#endif
That's not a big struct and I can't imagine that avoiding zeroing it matters in anyway. Can't we just use kzalloc() instead and drop the ugly ifdef? Thanks. -- tejun
