Re: [PATCH] btrfs: fix qgroup extent_changeset leak in page_mkwrite

Next message: Jianfeng Liu: "[PATCH] media: rkvdec: set ctx-&gt;image_fmt in rkvdec_s_capture_fmt"
Previous message: Mostafa Saleh: "Re: [PATCH v5 05/27] iommu/arm-smmu-v3: Split code with hyp"
In reply to: Qu Wenruo: "Re: [PATCH] btrfs: fix qgroup extent_changeset leak in page_mkwrite"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Sterba

Date: Fri Dec 12 2025 - 10:41:40 EST

On Fri, Dec 12, 2025 at 08:09:48AM +0300, Ahmet Eray Karadag wrote:
> syzbot reported a memory leak originating from ulist_prealloc()
> called from qgroup_reserve_data() in the btrfs_page_mkwrite()
> path. When btrfs_check_data_free_space() succeeds and
> btrfs_delalloc_reserve_metadata() later fails, we free the data
> reservation via btrfs_free_reserved_data_space(), but we never
> free the extent_changeset pointed to by data_reserved.
>
> Add the missing extent_changeset_free(data_reserved) in this
> error path, matching the other exit paths in btrfs_page_mkwrite()
> and the failure handling in btrfs_check_data_free_space().
>
> Reported-by: syzbot+2f8aa76e6acc9fce6638@xxxxxxxxxxxxxxxxxxxxxxxxx
> Closes: https://syzkaller.appspot.com/bug?extid=2f8aa76e6acc9fce6638
> Signed-off-by: Ahmet Eray Karadag <eraykrdg1@xxxxxxxxx>

Thanks a fix is already available and will be in linux-next. Pull
request with the fix will be sent after rc1.