Re: [syzbot] [hfs?] memory leak in __hfs_bnode_create

Next message: Andy Shevchenko: "Re: [PATCH 2/3] pinctrl: mediatek: Add acpi support"
Previous message: Greg Kroah-Hartman: "Re: [PATCH 6.12 00/70] 6.12.82-rc1 review"
In reply to: syzbot: "Re: [syzbot] [hfs?] memory leak in __hfs_bnode_create"
Next in thread: syzbot: "Re: [syzbot] [hfs?] memory leak in __hfs_bnode_create"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Edward Adam Davis

Date: Fri Apr 17 2026 - 02:26:33 EST

#syz test

diff --git a/fs/hfsplus/bnode.c b/fs/hfsplus/bnode.c
index f8b5a8ae58ff..65902104882a 100644
--- a/fs/hfsplus/bnode.c
+++ b/fs/hfsplus/bnode.c
@@ -598,14 +598,18 @@ struct hfs_bnode *hfs_bnode_find(struct hfs_btree *tree, u32 num)
if (key_size >= entry_size || key_size & 1)
goto node_error;
}
- clear_bit(HFS_BNODE_NEW, &node->flags);
- wake_up(&node->lock_wq);
+ if (num != HFSPLUS_TREE_HEAD) {
+ clear_bit(HFS_BNODE_NEW, &node->flags);
+ wake_up(&node->lock_wq);
+ }
return node;

node_error:
set_bit(HFS_BNODE_ERROR, &node->flags);
- clear_bit(HFS_BNODE_NEW, &node->flags);
- wake_up(&node->lock_wq);
+ if (num != HFSPLUS_TREE_HEAD) {
+ clear_bit(HFS_BNODE_NEW, &node->flags);
+ wake_up(&node->lock_wq);
+ }
hfs_bnode_put(node);
return ERR_PTR(-EIO);
}
@@ -694,6 +698,10 @@ void hfs_bnode_put(struct hfs_bnode *node)
hfs_bnode_free(node);
return;
}
+ if (test_bit(HFS_BNODE_NEW, &node->flags)) {
+ hfs_bnode_unhash(node);
+ hfs_bnode_free(node);
+ }
spin_unlock(&tree->hash_lock);
}
}