Re: [syzbot] [block?] [udf?] memory leak in __blkdev_issue_zero_pages

Next message: Naresh Kamboju: "Re: [PATCH 6.6 00/93] 6.6.119-rc1 review"
Previous message: Samiullah Khawaja: "Re: [RFC PATCH v2 24/32] iommu/vt-d: restore state of the preserved IOMMU"
In reply to: syzbot: "Re: [syzbot] [block?] [udf?] memory leak in __blkdev_issue_zero_pages"
Next in thread: Hannes Reinecke: "Re: [syzbot] [block?] [udf?] memory leak in __blkdev_issue_zero_pages"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Keith Busch

Date: Thu Dec 04 2025 - 12:55:43 EST

On Thu, Dec 04, 2025 at 09:42:38PM +0530, shaurya wrote:
> Move the fatal signal check before bio_alloc() to prevent a memory
> leak when BLKDEV_ZERO_KILLABLE is set and a fatal signal is pending.
>
> Previously, the bio was allocated before checking for a fatal signal.
> If a signal was pending, the code would break out of the loop without
> freeing or chaining the just-allocated bio, causing a memory leak.
>
> This matches the pattern already used in __blkdev_issue_write_zeroes()
> where the signal check precedes the allocation.
>
> Signed-off-by: Shaurya Rane <ssrane_b23@xxxxxxxxxxxxx>

Looks good.

Reviewed-by: Keith Busch <kbusch@xxxxxxxxxx>

> ---
> block/blk-lib.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/block/blk-lib.c b/block/blk-lib.c
> index 3030a772d3aa..352e3c0f8a7d 100644
> --- a/block/blk-lib.c
> +++ b/block/blk-lib.c
> @@ -202,13 +202,13 @@ static void __blkdev_issue_zero_pages(struct block_device *bdev,
> unsigned int nr_vecs = __blkdev_sectors_to_bio_pages(nr_sects);
> struct bio *bio;
>
> - bio = bio_alloc(bdev, nr_vecs, REQ_OP_WRITE, gfp_mask);
> - bio->bi_iter.bi_sector = sector;
> -
> if ((flags & BLKDEV_ZERO_KILLABLE) &&
> fatal_signal_pending(current))
> break;
>
> + bio = bio_alloc(bdev, nr_vecs, REQ_OP_WRITE, gfp_mask);
> + bio->bi_iter.bi_sector = sector;
> +
> do {
> unsigned int len;
>
> --