[PATCH] mm/damon/stat: deallocate damon_call() failure leaking damon_ctx

Next message: Huang, Kai: "Re: [PATCH v2 08/31] x86/virt/tdx: Configure TDX Module with optional TDX Connect feature"
Previous message: Joseph Qi: "Re: [PATCH v3] ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY"
Next in thread: SeongJae Park: "Re: (sashiko review) [PATCH] mm/damon/stat: deallocate damon_call() failure leaking damon_ctx"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: SeongJae Park

Date: Wed Apr 01 2026 - 21:06:54 EST

DAMON_STAT does not deallocate its dynamically allocated damon_ctx
object when damon_call() is failed. As a result, the memory is leaked.
Check the failure and deallocate the damon_ctx object.

The issue was discovered [1] by sashiko.

[1] https://lore.kernel.org/20260401012428.86694-1-sj@xxxxxxxxxx

Fixes: 405f61996d9d ("mm/damon/stat: use damon_call() repeat mode instead of damon_callback")
Cc: <stable@xxxxxxxxxxxxxxx> # 6.17.x
Signed-off-by: SeongJae Park <sj@xxxxxxxxxx>
---
mm/damon/stat.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/mm/damon/stat.c b/mm/damon/stat.c
index 5a742fc157e4..30aeb2c207ec 100644
--- a/mm/damon/stat.c
+++ b/mm/damon/stat.c
@@ -257,7 +257,12 @@ static int damon_stat_start(void)

damon_stat_last_refresh_jiffies = jiffies;
call_control.data = damon_stat_context;
- return damon_call(damon_stat_context, &call_control);
+ err = damon_call(damon_stat_context, &call_control);
+ if (err) {
+ damon_destroy_ctx(damon_stat_context);
+ damon_stat_context = NULL;
+ }
+ return err;
}

static void damon_stat_stop(void)

base-commit: 4fd04f750d79667937931314ed64c9d79b0d82ef
--
2.47.3