[PATCHv2 1/2] zram: do not leak blk idx at the end of writeback

Next message: Sergey Senozhatsky: "[PATCHv2 2/2] zram: clear trailing bytes of compressed writeback pages"
Previous message: Sergey Senozhatsky: "[PATCHv2 0/2] zram: writeback fixes"
In reply to: Sergey Senozhatsky: "[PATCHv2 0/2] zram: writeback fixes"
Next in thread: Sergey Senozhatsky: "[PATCHv2 2/2] zram: clear trailing bytes of compressed writeback pages"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sergey Senozhatsky

Date: Mon May 25 2026 - 22:31:03 EST

zram_writeback_slots() loop can terminate with valid
reserved backing device blk_idx. The problem is that
cleanup code doesn't release that reserved blk_idx
before zram_writeback_slots() returns, which leads to
blk_idx leak (it becomes permanently busy and can not
be used for actual writeback.) This does not lead to
any system instabilities, it only means that we can
writeback less pages. The scenario is hard to hit in
practice as it requires writeabck to race with
modification (slot-free or overwrite) of the final
post-processing slot.

Release reserved but unused blk_idx before returning
from zram_writeback_slots().

Fixes: f405066a1f0db ("zram: introduce writeback bio batching")
Suggested-by: Brian Geffon <bgeffon@xxxxxxxxxx>
Signed-off-by: Sergey Senozhatsky <senozhatsky@xxxxxxxxxxxx>
---
drivers/block/zram/zram_drv.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index 07111455eecf..602abfe23797 100644
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -1127,6 +1127,9 @@ static int zram_writeback_slots(struct zram *zram,
if (req)
release_wb_req(req);

+ if (blk_idx != INVALID_BDEV_BLOCK)
+ zram_release_bdev_block(zram, blk_idx);
+
while (atomic_read(&wb_ctl->num_inflight) > 0) {
wait_event(wb_ctl->done_wait, !list_empty(&wb_ctl->done_reqs));
err = zram_complete_done_reqs(zram, wb_ctl);
--
2.54.0.746.g67dd491aae-goog