From: Han Guangjiang hanguangjiang@lixiang.com

On repeated cold boots we occasionally hit a NULL pointer crash in blk_should_throtl() when throttling is consulted before the throttle policy is fully enabled for the queue. Checking only q->td != NULL is insufficient during early initialization, so blkg_to_pd() for the throttle policy can still return NULL and blkg_to_tg() becomes NULL, which later gets dereferenced.

Tighten blk_throtl_activated() to also require that the throttle policy bit is set on the queue:

return q->td != NULL && test_bit(blkcg_policy_throtl.plid, q->blkcg_pols);

This prevents blk_should_throtl() from accessing throttle group state until policy data has been attached to blkgs.

Fixes: a3166c51702b ("blk-throttle: delay initialization until configuration") Cc: stable@vger.kernel.org

Co-developed-by: Liang Jie liangjie@lixiang.com Signed-off-by: Liang Jie liangjie@lixiang.com Signed-off-by: Han Guangjiang hanguangjiang@lixiang.com --- block/blk-throttle.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/block/blk-throttle.h b/block/blk-throttle.h index 3b27755bfbff..9ca43dc56eda 100644 --- a/block/blk-throttle.h +++ b/block/blk-throttle.h @@ -156,7 +156,7 @@ void blk_throtl_cancel_bios(struct gendisk *disk);

static inline bool blk_throtl_activated(struct request_queue *q) { - return q->td != NULL; + return q->td != NULL && test_bit(blkcg_policy_throtl.plid, q->blkcg_pols); }

static inline bool blk_should_throtl(struct bio *bio)