From: Jackie Liu <liu.yun@linux.dev>
To: dlemoal@kernel.org, axboe@kernel.dk
Cc: linux-block@vger.kernel.org
Subject: [PATCH 1/2] block: fix zones_cond memory leak in blk_revalidate_disk_zones()
Date: Tue, 31 Mar 2026 16:47:31 +0800 [thread overview]
Message-ID: <20260331084731.45283-1-liu.yun@linux.dev> (raw)
From: Jackie Liu <liuyun01@kylinos.cn>
Fix memory leaks of args.zones_cond allocated in
disk_revalidate_zone_resources() on multiple error paths:
1) When disk_revalidate_zone_resources() itself fails (e.g.
disk_alloc_zone_resources() returns an error), blk_revalidate_disk_zones()
returns directly without freeing args.zones_cond.
2) When report_zones() fails or the capacity check fails,
disk_free_zone_resources() only frees the old disk->zones_cond, not
the newly allocated args.zones_cond.
3) When the nr_conv_zones validation fails in disk_update_zone_resources(),
the code jumps to unfreeze before disk_set_zones_cond_array() transfers
ownership of args->zones_cond to disk->zones_cond.
Fix cases 1 and 2 by adding a free_zones_cond label at the end of
blk_revalidate_disk_zones() to centralize the cleanup. Fix case 3 by
moving disk_set_zones_cond_array() before the nr_conv_zones check in
disk_update_zone_resources() so that ownership is transferred early and
disk_free_zone_resources() at the unfreeze label properly frees it.
Fixes: 6e945ffb6555 ("block: use zone condition to determine conventional zones")
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn>
---
block/blk-zoned.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/block/blk-zoned.c b/block/blk-zoned.c
index 9d1dd6ccfad7..2ea790e4f320 100644
--- a/block/blk-zoned.c
+++ b/block/blk-zoned.c
@@ -1956,6 +1956,8 @@ static int disk_update_zone_resources(struct gendisk *disk,
memflags = blk_mq_freeze_queue(q);
disk->nr_zones = args->nr_zones;
+ disk_set_zones_cond_array(disk, args->zones_cond);
+
if (args->nr_conv_zones >= disk->nr_zones) {
queue_limits_cancel_update(q);
pr_warn("%s: Invalid number of conventional zones %u / %u\n",
@@ -1966,7 +1968,6 @@ static int disk_update_zone_resources(struct gendisk *disk,
disk->zone_capacity = args->zone_capacity;
disk->last_zone_capacity = args->last_zone_capacity;
- disk_set_zones_cond_array(disk, args->zones_cond);
/*
* Some devices can advertise zone resource limits that are larger than
@@ -2239,7 +2240,7 @@ int blk_revalidate_disk_zones(struct gendisk *disk)
ret = disk_revalidate_zone_resources(disk, &args);
if (ret) {
memalloc_noio_restore(noio_flag);
- return ret;
+ goto free_zones_cond;
}
ret = disk->fops->report_zones(disk, 0, UINT_MAX, &rep_args);
@@ -2268,6 +2269,8 @@ int blk_revalidate_disk_zones(struct gendisk *disk)
disk_free_zone_resources(disk);
blk_mq_unfreeze_queue(q, memflags);
+free_zones_cond:
+ kfree(args.zones_cond);
return ret;
}
EXPORT_SYMBOL_GPL(blk_revalidate_disk_zones);
--
2.51.1
next reply other threads:[~2026-03-31 8:48 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-31 8:47 Jackie Liu [this message]
2026-03-31 9:18 ` [PATCH 1/2] block: fix zones_cond memory leak in blk_revalidate_disk_zones() Damien Le Moal
2026-03-31 9:47 ` Jackie Liu
2026-03-31 10:01 ` Damien Le Moal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260331084731.45283-1-liu.yun@linux.dev \
--to=liu.yun@linux.dev \
--cc=axboe@kernel.dk \
--cc=dlemoal@kernel.org \
--cc=linux-block@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.