4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: Aditya Pakki <pakki001@xxxxxxx> commit e406f12dde1a8375d77ea02d91f313fb1a9c6aec upstream. mddev->sync_thread can be set to NULL on kzalloc failure downstream. The patch checks for such a scenario and frees allocated resources. Committer node: Added similar fix to raid5.c, as suggested by Guoqing. Cc: stable@xxxxxxxxxxxxxxx # v3.16+ Acked-by: Guoqing Jiang <gqjiang@xxxxxxxx> Signed-off-by: Aditya Pakki <pakki001@xxxxxxx> Signed-off-by: Song Liu <songliubraving@xxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/md/raid10.c | 2 ++ drivers/md/raid5.c | 2 ++ 2 files changed, 4 insertions(+) --- a/drivers/md/raid10.c +++ b/drivers/md/raid10.c @@ -3798,6 +3798,8 @@ static int raid10_run(struct mddev *mdde set_bit(MD_RECOVERY_RUNNING, &mddev->recovery); mddev->sync_thread = md_register_thread(md_do_sync, mddev, "reshape"); + if (!mddev->sync_thread) + goto out_free_conf; } return 0; --- a/drivers/md/raid5.c +++ b/drivers/md/raid5.c @@ -6977,6 +6977,8 @@ static int raid5_run(struct mddev *mddev set_bit(MD_RECOVERY_RUNNING, &mddev->recovery); mddev->sync_thread = md_register_thread(md_do_sync, mddev, "reshape"); + if (!mddev->sync_thread) + goto abort; } /* Ok, everything is just fine now */