* Re: [f2fs-dev] [syzbot] [mm?] [exfat?] [f2fs?] memory leak in __kfree_rcu_sheaf [not found] <13bb1c13-98b6-4a4a-b03d-ba0f88680f1e@dev.snart.me> @ 2026-05-04 21:12 ` syzbot 0 siblings, 0 replies; 5+ messages in thread From: syzbot @ 2026-05-04 21:12 UTC (permalink / raw) To: dxdt, linux-f2fs-devel, linux-fsdevel, linux-kernel, linux-mm, syzkaller-bugs Hello, syzbot has tested the proposed patch but the reproducer is still triggering an issue: memory leak in __pcs_replace_empty_main BUG: memory leak unreferenced object 0xffff88810005f600 (size 512): comm "swapper/0", pid 0, jiffies 4294937296 hex dump (first 32 bytes): 40 a0 ce 2f 81 88 ff ff e0 13 ad 81 ff ff ff ff @../............ 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 6fa78c59): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_empty_main+0x22a/0x2a0 mm/slub.c:4646 alloc_from_pcs mm/slub.c:4749 [inline] slab_alloc_node mm/slub.c:4883 [inline] __kmalloc_cache_noprof+0x3a6/0x480 mm/slub.c:5414 kmalloc_noprof include/linux/slab.h:950 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __irq_domain_alloc_fwnode+0x37/0x140 kernel/irq/irqdomain.c:95 irq_domain_alloc_named_fwnode include/linux/irqdomain.h:271 [inline] arch_early_irq_init+0x1c/0x70 arch/x86/kernel/apic/vector.c:803 start_kernel+0x931/0xb80 init/main.c:1123 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310 x86_64_start_kernel+0xce/0xd0 arch/x86/kernel/head64.c:291 common_startup_64+0x13e/0x148 BUG: memory leak unreferenced object 0xffff888100902c00 (size 512): comm "kthreadd", pid 2, jiffies 4294937340 hex dump (first 32 bytes): 70 09 2a 29 81 88 ff ff e0 13 ad 81 ff ff ff ff p.*)............ 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 638a9d9a): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_empty_main+0x22a/0x2a0 mm/slub.c:4646 alloc_from_pcs mm/slub.c:4749 [inline] slab_alloc_node mm/slub.c:4883 [inline] __kmalloc_cache_node_noprof+0x3e9/0x4d0 mm/slub.c:5427 kmalloc_node_noprof include/linux/slab.h:1077 [inline] __get_vm_area_node+0xc6/0x1d0 mm/vmalloc.c:3215 __vmalloc_node_range_noprof+0x1bc/0xdf0 mm/vmalloc.c:4024 __vmalloc_node_noprof+0x71/0x90 mm/vmalloc.c:4124 alloc_thread_stack_node kernel/fork.c:357 [inline] dup_task_struct kernel/fork.c:926 [inline] copy_process+0x51f/0x2c90 kernel/fork.c:2090 kernel_clone+0xde/0x700 kernel/fork.c:2721 kernel_thread+0x80/0xb0 kernel/fork.c:2782 create_kthread kernel/kthread.c:459 [inline] kthreadd+0x186/0x250 kernel/kthread.c:817 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff888100f8fa00 (size 512): comm "kworker/1:1", pid 41, jiffies 4294937424 hex dump (first 32 bytes): 38 42 0d 30 81 88 ff ff e0 13 ad 81 ff ff ff ff 8B.0............ 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 185e046f): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5761 free_to_pcs mm/slub.c:5814 [inline] slab_free mm/slub.c:6253 [inline] kfree+0x361/0x3a0 mm/slub.c:6565 vfree mm/vmalloc.c:3476 [inline] vfree+0x14d/0x3d0 mm/vmalloc.c:3436 delayed_vfree_work+0x29/0x40 mm/vmalloc.c:3392 process_one_work+0x277/0x5b0 kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x255/0x4a0 kernel/workqueue.c:3466 kthread+0x14e/0x1a0 kernel/kthread.c:436 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff88810255bc00 (size 512): comm "kworker/u8:2", pid 498, jiffies 4294937434 hex dump (first 32 bytes): 80 35 67 2e 81 88 ff ff e0 13 ad 81 ff ff ff ff .5g............. 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 804b7261): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5761 free_to_pcs mm/slub.c:5814 [inline] slab_free mm/slub.c:6253 [inline] kfree+0x361/0x3a0 mm/slub.c:6565 call_usermodehelper_freeinfo kernel/umh.c:43 [inline] umh_complete kernel/umh.c:57 [inline] call_usermodehelper_exec_async+0x1c7/0x1f0 kernel/umh.c:119 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff88810256da00 (size 512): comm "kworker/0:1", pid 10, jiffies 4294937506 hex dump (first 32 bytes): 40 40 38 2d 81 88 ff ff e0 13 ad 81 ff ff ff ff @@8-............ 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc e83216dd): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5761 free_to_pcs mm/slub.c:5814 [inline] slab_free mm/slub.c:6253 [inline] kfree+0x361/0x3a0 mm/slub.c:6565 blk_free_flush_queue+0x28/0x40 block/blk-flush.c:514 srcu_invoke_callbacks+0x11a/0x1c0 kernel/rcu/srcutree.c:1917 process_one_work+0x277/0x5b0 kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x255/0x4a0 kernel/workqueue.c:3466 kthread+0x14e/0x1a0 kernel/kthread.c:436 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff8881069d1400 (size 512): comm "kworker/0:1", pid 10, jiffies 4294937917 hex dump (first 32 bytes): 78 b7 d0 2f 81 88 ff ff e0 13 ad 81 ff ff ff ff x../............ 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 927c2de1): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5761 free_to_pcs mm/slub.c:5814 [inline] slab_free mm/slub.c:6253 [inline] kfree+0x361/0x3a0 mm/slub.c:6565 vfree mm/vmalloc.c:3476 [inline] vfree+0x14d/0x3d0 mm/vmalloc.c:3436 delayed_vfree_work+0x29/0x40 mm/vmalloc.c:3392 process_one_work+0x277/0x5b0 kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x255/0x4a0 kernel/workqueue.c:3466 kthread+0x14e/0x1a0 kernel/kthread.c:436 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 connection error: failed to recv *flatrpc.ExecutorMessageRawT: EOF Tested on: commit: c7e4e4d5 Merge tag 'for-linus-7.1-2' of https://github.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=16963a36580000 kernel config: https://syzkaller.appspot.com/x/.config?x=9645c21cfd1d3e8f dashboard link: https://syzkaller.appspot.com/bug?extid=cae7809e9dc1459e4e63 compiler: gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44 patch: https://syzkaller.appspot.com/x/patch.diff?x=1650eb26580000 _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <2956b248-c79f-4eae-8bfc-81178b5899af@dev.snart.me>]
* Re: [f2fs-dev] [syzbot] [mm?] [exfat?] [f2fs?] memory leak in __kfree_rcu_sheaf [not found] <2956b248-c79f-4eae-8bfc-81178b5899af@dev.snart.me> @ 2026-05-04 20:51 ` syzbot 0 siblings, 0 replies; 5+ messages in thread From: syzbot @ 2026-05-04 20:51 UTC (permalink / raw) To: dxdt, linux-f2fs-devel, linux-fsdevel, linux-kernel, linux-mm, syzkaller-bugs Hello, syzbot has tested the proposed patch but the reproducer is still triggering an issue: kernel panic: !!! sbi at ADDR used after freeing !!! F2FS-fs (loop1): f2fs_record_error_work() Kernel panic - not syncing: !!! sbi at ffff888129322000 used after freeing !!! CPU: 1 UID: 0 PID: 6598 Comm: kworker/1:5 Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 Workqueue: events f2fs_record_error_work Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x97/0xe0 lib/dump_stack.c:120 vpanic+0x383/0x6d0 kernel/panic.c:650 panic+0x6e/0x70 kernel/panic.c:787 f2fs_record_error_work.cold+0x14/0x14 fs/f2fs/super.c:4747 process_one_work+0x277/0x5b0 kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x255/0x4a0 kernel/workqueue.c:3466 kthread+0x14e/0x1a0 kernel/kthread.c:436 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> Kernel Offset: disabled Tested on: commit: 6d35786d Merge tag 'for-linus' of git://git.kernel.org.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=17a63a36580000 kernel config: https://syzkaller.appspot.com/x/.config?x=9645c21cfd1d3e8f dashboard link: https://syzkaller.appspot.com/bug?extid=cae7809e9dc1459e4e63 compiler: gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44 patch: https://syzkaller.appspot.com/x/patch.diff?x=172b8ad2580000 _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <e50ceb6c-4239-4009-9578-51ece89fdc77@dev.snart.me>]
* Re: [f2fs-dev] [syzbot] [mm?] [exfat?] [f2fs?] memory leak in __kfree_rcu_sheaf [not found] <e50ceb6c-4239-4009-9578-51ece89fdc77@dev.snart.me> @ 2026-05-03 7:27 ` syzbot 2026-05-03 7:41 ` David Timber via Linux-f2fs-devel 0 siblings, 1 reply; 5+ messages in thread From: syzbot @ 2026-05-03 7:27 UTC (permalink / raw) To: dxdt, linux-f2fs-devel, linux-fsdevel, linux-kernel, linux-mm, syzkaller-bugs Hello, syzbot has tested the proposed patch and the reproducer did not trigger any issue: Reported-by: syzbot+cae7809e9dc1459e4e63@syzkaller.appspotmail.com Tested-by: syzbot+cae7809e9dc1459e4e63@syzkaller.appspotmail.com Tested on: commit: 66edb901 Merge tag 'v7.1-p3' of git://git.kernel.org/p.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=11fb7082580000 kernel config: https://syzkaller.appspot.com/x/.config?x=9645c21cfd1d3e8f dashboard link: https://syzkaller.appspot.com/bug?extid=cae7809e9dc1459e4e63 compiler: gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44 patch: https://syzkaller.appspot.com/x/patch.diff?x=17f2f326580000 Note: testing is done by a robot and is best-effort only. _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [f2fs-dev] [syzbot] [mm?] [exfat?] [f2fs?] memory leak in __kfree_rcu_sheaf 2026-05-03 7:27 ` syzbot @ 2026-05-03 7:41 ` David Timber via Linux-f2fs-devel 0 siblings, 0 replies; 5+ messages in thread From: David Timber via Linux-f2fs-devel @ 2026-05-03 7:41 UTC (permalink / raw) To: syzbot, Liam.Howlett, akpm, chao, jaegeuk, jannh, linkinjeon, linux-f2fs-devel, linux-fsdevel, linux-kernel, linux-mm, lorenzo.stoakes, pfalcato, sj1557.seo, syzkaller-bugs, vbabka On 5/3/26 16:27, syzbot wrote: > Hello, > > syzbot has tested the proposed patch and the reproducer did not trigger any issue: > > Reported-by: syzbot+cae7809e9dc1459e4e63@syzkaller.appspotmail.com > Tested-by: syzbot+cae7809e9dc1459e4e63@syzkaller.appspotmail.com > > Tested on: > > commit: 66edb901 Merge tag 'v7.1-p3' of git://git.kernel.org/p.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=11fb7082580000 > kernel config: https://syzkaller.appspot.com/x/.config?x=9645c21cfd1d3e8f > dashboard link: https://syzkaller.appspot.com/bug?extid=cae7809e9dc1459e4e63 > compiler: gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44 > patch: https://syzkaller.appspot.com/x/patch.diff?x=17f2f326580000 > > Note: testing is done by a robot and is best-effort only. The error message might be misleading. 1. the report is done after f2fs attempted to mount the corrupt image, not before 2. f2fs exhibits undefined behaviour, evident from the fs attempting to do I/O out of blockdev bounds This might have been cause by f2fs corrupting memory in which case the leak report is invalid. Davo _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <4b30ba28-6f75-43a1-a108-5c0288ab021a@dev.snart.me>]
* Re: [f2fs-dev] [syzbot] [mm?] [exfat?] [f2fs?] memory leak in __kfree_rcu_sheaf [not found] <4b30ba28-6f75-43a1-a108-5c0288ab021a@dev.snart.me> @ 2026-05-03 7:17 ` syzbot 0 siblings, 0 replies; 5+ messages in thread From: syzbot @ 2026-05-03 7:17 UTC (permalink / raw) To: dxdt, linux-f2fs-devel, linux-fsdevel, linux-kernel, linux-mm, syzkaller-bugs Hello, syzbot has tested the proposed patch but the reproducer is still triggering an issue: memory leak in __pcs_replace_empty_main BUG: memory leak unreferenced object 0xffff88810005f600 (size 512): comm "swapper/0", pid 0, jiffies 4294937296 hex dump (first 32 bytes): e0 e2 ee 2c 81 88 ff ff a0 13 ad 81 ff ff ff ff ...,............ 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 2486057c): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_empty_main+0x22a/0x2a0 mm/slub.c:4646 alloc_from_pcs mm/slub.c:4749 [inline] slab_alloc_node mm/slub.c:4883 [inline] __kmalloc_cache_noprof+0x3a6/0x480 mm/slub.c:5410 kmalloc_noprof include/linux/slab.h:950 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __irq_domain_alloc_fwnode+0x37/0x140 kernel/irq/irqdomain.c:95 irq_domain_alloc_named_fwnode include/linux/irqdomain.h:271 [inline] arch_early_irq_init+0x1c/0x70 arch/x86/kernel/apic/vector.c:803 start_kernel+0x931/0xb80 init/main.c:1123 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310 x86_64_start_kernel+0xce/0xd0 arch/x86/kernel/head64.c:291 common_startup_64+0x13e/0x148 BUG: memory leak unreferenced object 0xffff888101d04e00 (size 512): comm "kworker/u8:5", pid 311, jiffies 4294937428 hex dump (first 32 bytes): b8 1c b8 28 81 88 ff ff a0 13 ad 81 ff ff ff ff ...(............ 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 1d48d83d): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5757 free_to_pcs mm/slub.c:5810 [inline] slab_free mm/slub.c:6249 [inline] kfree+0x361/0x3a0 mm/slub.c:6561 call_usermodehelper_freeinfo kernel/umh.c:43 [inline] umh_complete kernel/umh.c:57 [inline] call_usermodehelper_exec_async+0x1c7/0x1f0 kernel/umh.c:119 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff888101d18800 (size 512): comm "kworker/0:1", pid 10, jiffies 4294937813 hex dump (first 32 bytes): 00 c8 ec 0b 81 88 ff ff 00 18 d3 0b 81 88 ff ff ................ 00 12 04 00 81 88 ff ff 00 00 00 00 00 00 00 00 ................ backtrace (crc 307f46be): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5757 free_to_pcs mm/slub.c:5810 [inline] slab_free mm/slub.c:6249 [inline] kfree+0x361/0x3a0 mm/slub.c:6561 vfree mm/vmalloc.c:3476 [inline] vfree+0x14d/0x3d0 mm/vmalloc.c:3436 delayed_vfree_work+0x29/0x40 mm/vmalloc.c:3392 process_one_work+0x277/0x5b0 kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x255/0x4a0 kernel/workqueue.c:3466 kthread+0x14e/0x1a0 kernel/kthread.c:436 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff888101d2be00 (size 512): comm "kworker/0:1", pid 10, jiffies 4294937856 hex dump (first 32 bytes): c8 2c 04 00 81 88 ff ff 00 90 b7 2a 81 88 ff ff .,.........*.... 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc 9ff75ca2): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5757 free_to_pcs mm/slub.c:5810 [inline] slab_free mm/slub.c:6249 [inline] kfree+0x361/0x3a0 mm/slub.c:6561 vfree mm/vmalloc.c:3476 [inline] vfree+0x14d/0x3d0 mm/vmalloc.c:3436 delayed_vfree_work+0x29/0x40 mm/vmalloc.c:3392 process_one_work+0x277/0x5b0 kernel/workqueue.c:3302 process_scheduled_works kernel/workqueue.c:3385 [inline] worker_thread+0x255/0x4a0 kernel/workqueue.c:3466 kthread+0x14e/0x1a0 kernel/kthread.c:436 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff888101d2b000 (size 512): comm "kworker/u8:9", pid 4643, jiffies 4294937873 hex dump (first 32 bytes): 00 72 5a 03 81 88 ff ff c8 2c 04 00 81 88 ff ff .rZ......,...... 00 12 04 00 81 88 ff ff 3c 00 00 00 00 00 00 00 ........<....... backtrace (crc bcccad5b): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_full_main+0xdf/0x300 mm/slub.c:5757 free_to_pcs mm/slub.c:5810 [inline] slab_free mm/slub.c:6249 [inline] kfree+0x361/0x3a0 mm/slub.c:6561 call_usermodehelper_freeinfo kernel/umh.c:43 [inline] umh_complete kernel/umh.c:57 [inline] call_usermodehelper_exec_async+0x1c7/0x1f0 kernel/umh.c:119 ret_from_fork+0x219/0x490 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 BUG: memory leak unreferenced object 0xffff8881035a7400 (size 512): comm "udevadm", pid 4981, jiffies 4294938333 hex dump (first 32 bytes): 00 88 b7 2a 81 88 ff ff 00 4e d0 01 81 88 ff ff ...*.....N...... 00 12 04 00 81 88 ff ff 00 00 00 00 00 00 00 00 ................ backtrace (crc 82d289ee): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4574 [inline] slab_alloc_node mm/slub.c:4898 [inline] __do_kmalloc_node mm/slub.c:5294 [inline] __kmalloc_noprof+0x3b7/0x550 mm/slub.c:5307 kmalloc_noprof include/linux/slab.h:954 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] __alloc_empty_sheaf+0x35/0x50 mm/slub.c:2768 alloc_empty_sheaf mm/slub.c:2783 [inline] __pcs_replace_empty_main+0x22a/0x2a0 mm/slub.c:4646 alloc_from_pcs mm/slub.c:4749 [inline] slab_alloc_node mm/slub.c:4883 [inline] __kmalloc_cache_noprof+0x3a6/0x480 mm/slub.c:5410 kmalloc_noprof include/linux/slab.h:950 [inline] kzalloc_noprof include/linux/slab.h:1188 [inline] kernfs_get_open_node fs/kernfs/file.c:543 [inline] kernfs_fop_open+0x4f4/0x580 fs/kernfs/file.c:718 do_dentry_open+0x1fc/0x8c0 fs/open.c:947 vfs_open+0x3d/0x1b0 fs/open.c:1079 do_open fs/namei.c:4699 [inline] path_openat+0x154d/0x1e20 fs/namei.c:4858 do_file_open+0x121/0x200 fs/namei.c:4887 do_sys_openat2+0xa5/0x140 fs/open.c:1364 do_sys_open fs/open.c:1370 [inline] __do_sys_openat fs/open.c:1386 [inline] __se_sys_openat fs/open.c:1381 [inline] __x64_sys_openat+0x82/0xf0 fs/open.c:1381 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xee/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f connection error: failed to recv *flatrpc.ExecutorMessageRawT: EOF Tested on: commit: 66edb901 Merge tag 'v7.1-p3' of git://git.kernel.org/p.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=13db0ad2580000 kernel config: https://syzkaller.appspot.com/x/.config?x=9645c21cfd1d3e8f dashboard link: https://syzkaller.appspot.com/bug?extid=cae7809e9dc1459e4e63 compiler: gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44 patch: https://syzkaller.appspot.com/x/patch.diff?x=153b7ece580000 _______________________________________________ Linux-f2fs-devel mailing list Linux-f2fs-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2026-05-04 21:12 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <13bb1c13-98b6-4a4a-b03d-ba0f88680f1e@dev.snart.me>
2026-05-04 21:12 ` [f2fs-dev] [syzbot] [mm?] [exfat?] [f2fs?] memory leak in __kfree_rcu_sheaf syzbot
[not found] <2956b248-c79f-4eae-8bfc-81178b5899af@dev.snart.me>
2026-05-04 20:51 ` syzbot
[not found] <e50ceb6c-4239-4009-9578-51ece89fdc77@dev.snart.me>
2026-05-03 7:27 ` syzbot
2026-05-03 7:41 ` David Timber via Linux-f2fs-devel
[not found] <4b30ba28-6f75-43a1-a108-5c0288ab021a@dev.snart.me>
2026-05-03 7:17 ` syzbot
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox