From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-ot1-f69.google.com (mail-ot1-f69.google.com [209.85.210.69])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5051335BA
	for <linux-kernel@vger.kernel.org>; Sun, 31 May 2026 00:13:02 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.69
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1780186384; cv=none; b=R1jTk5SrP56o0yDGHjf5WfoYGWqPkhq9Cuf8FWQPU8TeuywivKtPp8kG60ub3ye+svujpUmIX9SQk7x9xPNH+j0Y2POfYEr2n/ZIWkARUo9+P3B5wmnDNg8Oi32sF/2OeMwF9/BElNOpPsN5BQWGgWl4p5S9JuPxdvD8oiQlM0Y=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1780186384; c=relaxed/simple;
	bh=JW0FD+2DPgANMzLTt1wWX4Y9JThE/xdo87cSUcpEUZw=;
	h=MIME-Version:Date:In-Reply-To:Message-ID:Subject:From:To:
	 Content-Type; b=EsMwiphvEPOC3t8GyAoKq52+Fsm/uOsPS/249k4umJLj2s/jS9WiOkoOWLJU4nN8xKgdx6em6mufRkIv8pI48BcZzfbGrW331nZEvymMKbTKu9+BtxpvnU9Oueesfi0xjZDHJ6Dqp838MOHp8SwTayRCDEwY7jSQMLvDYriQpnc=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.210.69
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com
Received: by mail-ot1-f69.google.com with SMTP id 46e09a7af769-7e60dfccf42so9601201a34.0
        for <linux-kernel@vger.kernel.org>; Sat, 30 May 2026 17:13:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1780186381; x=1780791181;
        h=to:from:subject:message-id:in-reply-to:date:mime-version
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=xRV31tvV6VYj2yHL45P9LQ7ltz4W9RcWscikq7Aciu4=;
        b=gMHSTuzTVtt38s4yyM9uhEHQ8ifldLmgvD1MxYnW98JhFTuWdUiensCq5SfPoiOyek
         Y7qSgDeZL7UExKUuYDutpuqDOOgo0gRxidPvJbu0/UkcxJc5GrZiZdfG/mXWItYt2SHl
         elWD3ko62LhIzwG7rNveg9Y+5V/6Ct78itY/2fnxbH7tWgl4/x8jFaijg8i9+6jLwmkZ
         +hs13KDyW8QOyJKOeaUNXzZuunBTQvYAdEjt9TEghTDJMIdEgly+SkWiQxw64YntN2kx
         v2SskGF9rOVikkUACHj34sbS1Bpj/IrEs//XxQKVQs/hM5L75MbsP9mPJvbiPYbbLKYK
         MJ6w==
X-Forwarded-Encrypted: i=1; AFNElJ8ZlRB23UbBwQH8IOYmMs0OuQ0iM4ypHIx4FP4OPOMPmMKzqdlNgcMEViMo4ED+91M/YTFcvRbccsPCbuM=@vger.kernel.org
X-Gm-Message-State: AOJu0YxCvQiXdfb6NcGipkbB2OA/J8oXm1eLx55bHeQkyba0kNvHtKzJ
	Eqt0IvuQLQfhCze8xykyh/H0Tn3wmjThuUmRV8r+FP2bC2SA+waa0XsZYlqjvkYTT0fyFjyYUow
	ZwPAx6aVJ2OvUedM7u6fYZfc5NZO3D9zvXVpo6ZBjD6s//eDPwdQ3u8qBpIg=
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Received: by 2002:a05:6820:2006:b0:69d:fcff:a3bc with SMTP id
 006d021491bc7-69e102b5a53mr2611671eaf.20.1780186381637; Sat, 30 May 2026
 17:13:01 -0700 (PDT)
Date: Sat, 30 May 2026 17:13:01 -0700
In-Reply-To: <20260530231803.97278-1-kartikey406@gmail.com>
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <6a1b7d0d.b111c304.35cd64.001c.GAE@google.com>
Subject: Re: [syzbot] [bluetooth?] memory leak in init_srcu_struct_fields
From: syzbot <syzbot+535ecc844591e50588a5@syzkaller.appspotmail.com>
To: kartikey406@gmail.com, linux-kernel@vger.kernel.org, 
	syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
memory leak in init_srcu_struct_fields

BUG: memory leak
unreferenced object 0xffff88810de6f800 (size 512):
  comm "syz.0.17", pid 6610, jiffies 4294948707
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace (crc 55438727):
    kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]
    slab_post_alloc_hook mm/slub.c:4613 [inline]
    slab_alloc_node mm/slub.c:4937 [inline]
    __kmalloc_cache_noprof+0x371/0x480 mm/slub.c:5443
    _kmalloc_noprof include/linux/slab.h:969 [inline]
    _kzalloc_noprof include/linux/slab.h:1286 [inline]
    init_srcu_struct_fields+0x2c0/0x350 kernel/rcu/srcutree.c:207
    hci_alloc_dev_priv+0x37/0x680 net/bluetooth/hci_core.c:2416
    hci_alloc_dev include/net/bluetooth/hci_core.h:1763 [inline]
    hci_uart_register_dev drivers/bluetooth/hci_ldisc.c:672 [inline]
    hci_uart_set_proto drivers/bluetooth/hci_ldisc.c:752 [inline]
    hci_uart_tty_ioctl+0x173/0x460 drivers/bluetooth/hci_ldisc.c:806
    tty_ioctl+0xaca/0xd60 drivers/tty/tty_io.c:2801
    vfs_ioctl fs/ioctl.c:51 [inline]
    __do_sys_ioctl fs/ioctl.c:597 [inline]
    __se_sys_ioctl fs/ioctl.c:583 [inline]
    __x64_sys_ioctl+0xf4/0x140 fs/ioctl.c:583
    do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
    do_syscall_64+0xee/0x600 arch/x86/entry/syscall_64.c:94
    entry_SYSCALL_64_after_hwframe+0x77/0x7f

BUG: memory leak
unreferenced object (percpu) 0x607e4db7f740 (size 384):
  comm "syz.0.17", pid 6610, jiffies 4294948707
  hex dump (first 32 bytes on cpu 0):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace (crc 593bdea7):
    pcpu_alloc_noprof+0x7c7/0xed0 mm/percpu.c:1956
    init_srcu_struct_fields+0x2eb/0x350 kernel/rcu/srcutree.c:224
    hci_alloc_dev_priv+0x37/0x680 net/bluetooth/hci_core.c:2416
    hci_alloc_dev include/net/bluetooth/hci_core.h:1763 [inline]
    hci_uart_register_dev drivers/bluetooth/hci_ldisc.c:672 [inline]
    hci_uart_set_proto drivers/bluetooth/hci_ldisc.c:752 [inline]
    hci_uart_tty_ioctl+0x173/0x460 drivers/bluetooth/hci_ldisc.c:806
    tty_ioctl+0xaca/0xd60 drivers/tty/tty_io.c:2801
    vfs_ioctl fs/ioctl.c:51 [inline]
    __do_sys_ioctl fs/ioctl.c:597 [inline]
    __se_sys_ioctl fs/ioctl.c:583 [inline]
    __x64_sys_ioctl+0xf4/0x140 fs/ioctl.c:583
    do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
    do_syscall_64+0xee/0x600 arch/x86/entry/syscall_64.c:94
    entry_SYSCALL_64_after_hwframe+0x77/0x7f

BUG: memory leak
unreferenced object (percpu) 0x607e4db7f8c0 (size 384):
  comm "syz.0.18", pid 6619, jiffies 4294948711
  hex dump (first 32 bytes on cpu 0):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace (crc 593bdea7):
    pcpu_alloc_noprof+0x7c7/0xed0 mm/percpu.c:1956
    init_srcu_struct_fields+0x2eb/0x350 kernel/rcu/srcutree.c:224
    hci_alloc_dev_priv+0x37/0x680 net/bluetooth/hci_core.c:2416
    hci_alloc_dev include/net/bluetooth/hci_core.h:1763 [inline]
    hci_uart_register_dev drivers/bluetooth/hci_ldisc.c:672 [inline]
    hci_uart_set_proto drivers/bluetooth/hci_ldisc.c:752 [inline]
    hci_uart_tty_ioctl+0x173/0x460 drivers/bluetooth/hci_ldisc.c:806
    tty_ioctl+0xaca/0xd60 drivers/tty/tty_io.c:2801
    vfs_ioctl fs/ioctl.c:51 [inline]
    __do_sys_ioctl fs/ioctl.c:597 [inline]
    __se_sys_ioctl fs/ioctl.c:583 [inline]
    __x64_sys_ioctl+0xf4/0x140 fs/ioctl.c:583
    do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
    do_syscall_64+0xee/0x600 arch/x86/entry/syscall_64.c:94
    entry_SYSCALL_64_after_hwframe+0x77/0x7f

BUG: memory leak
unreferenced object (percpu) 0x607e4db7fa40 (size 384):
  comm "syz.0.19", pid 6624, jiffies 4294948716
  hex dump (first 32 bytes on cpu 0):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace (crc 593bdea7):
    pcpu_alloc_noprof+0x7c7/0xed0 mm/percpu.c:1956
    init_srcu_struct_fields+0x2eb/0x350 kernel/rcu/srcutree.c:224
    hci_alloc_dev_priv+0x37/0x680 net/bluetooth/hci_core.c:2416
    hci_alloc_dev include/net/bluetooth/hci_core.h:1763 [inline]
    hci_uart_register_dev drivers/bluetooth/hci_ldisc.c:672 [inline]
    hci_uart_set_proto drivers/bluetooth/hci_ldisc.c:752 [inline]
    hci_uart_tty_ioctl+0x173/0x460 drivers/bluetooth/hci_ldisc.c:806
    tty_ioctl+0xaca/0xd60 drivers/tty/tty_io.c:2801
    vfs_ioctl fs/ioctl.c:51 [inline]
    __do_sys_ioctl fs/ioctl.c:597 [inline]
    __se_sys_ioctl fs/ioctl.c:583 [inline]
    __x64_sys_ioctl+0xf4/0x140 fs/ioctl.c:583
    do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
    do_syscall_64+0xee/0x600 arch/x86/entry/syscall_64.c:94
    entry_SYSCALL_64_after_hwframe+0x77/0x7f

connection error: failed to recv *flatrpc.ExecutorMessageRawT: EOF


Tested on:

commit:         7da7f071 Add linux-next specific files for 20260529
git tree:       linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=14bf17a6580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=3dd1e35bbd92239d
dashboard link: https://syzkaller.appspot.com/bug?extid=535ecc844591e50588a5
compiler:       gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44
patch:          https://syzkaller.appspot.com/x/patch.diff?x=10cd7ed2580000