Commit 7fba9420 authored by Tetsuo Handa's avatar Tetsuo Handa Committed by Andrew Morton

mm: shrinker: use kvzalloc_node() from expand_one_shrinker_info()

syzbot is reporting uninit-value at shrinker_alloc(), for commit
307becec ("mm: shrinker: add a secondary array for
shrinker_info::{map, nr_deferred}") which assumed that the ->unit was
allocated with __GFP_ZERO forgot to replace kvmalloc_node() in
expand_one_shrinker_info() with kvzalloc_node().

Link: https://lkml.kernel.org/r/9226cc0a-10e0-4489-80c5-58c3b5b4359c@I-love.SAKURA.ne.jpReported-by: default avatarsyzbot <syzbot+1e0ed05798af62917464@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=1e0ed05798af62917464
Fixes: 307becec ("mm: shrinker: add a secondary array for shrinker_info::{map, nr_deferred}")
Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: default avatarQi Zheng <zhengqi.arch@bytedance.com>
Cc: Muchun Song <songmuchun@bytedance.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
parent 5b8fbf50
...@@ -126,7 +126,7 @@ static int expand_one_shrinker_info(struct mem_cgroup *memcg, int new_size, ...@@ -126,7 +126,7 @@ static int expand_one_shrinker_info(struct mem_cgroup *memcg, int new_size,
if (new_nr_max <= old->map_nr_max) if (new_nr_max <= old->map_nr_max)
continue; continue;
new = kvmalloc_node(sizeof(*new) + new_size, GFP_KERNEL, nid); new = kvzalloc_node(sizeof(*new) + new_size, GFP_KERNEL, nid);
if (!new) if (!new)
return -ENOMEM; return -ENOMEM;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment