BUG: memory leak unreferenced object 0xffff888122448d80 (size 64): comm "syz-executor.6", pid 5783, jiffies 4294945452 (age 13.590s) hex dump (first 32 bytes): 00 00 51 00 00 00 00 00 ff ff 51 00 00 00 00 00 ..Q.......Q..... 60 36 71 03 00 c9 ff ff 60 36 71 03 00 c9 ff ff `6q.....`6q..... backtrace: [] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline] [] slab_post_alloc_hook mm/slab.h:766 [inline] [] slab_alloc_node mm/slub.c:3478 [inline] [] __kmem_cache_alloc_node+0x2dd/0x3f0 mm/slub.c:3517 [] kmalloc_trace+0x25/0x90 mm/slab_common.c:1098 [] kmalloc include/linux/slab.h:600 [inline] [] ulist_add_merge fs/btrfs/ulist.c:210 [inline] [] ulist_add_merge+0xcb/0x2b0 fs/btrfs/ulist.c:198 [] add_extent_changeset fs/btrfs/extent-io-tree.c:199 [inline] [] add_extent_changeset fs/btrfs/extent-io-tree.c:186 [inline] [] clear_state_bit+0xa4/0x1f0 fs/btrfs/extent-io-tree.c:559 [] __clear_extent_bit+0x432/0x840 fs/btrfs/extent-io-tree.c:731 [] __btrfs_qgroup_release_data+0x21d/0x4a0 fs/btrfs/qgroup.c:4123 [] alloc_ordered_extent+0x57/0x2c0 fs/btrfs/ordered-data.c:159 [] btrfs_alloc_ordered_extent+0x78/0x4f0 fs/btrfs/ordered-data.c:274 [] btrfs_create_dio_extent+0xba/0x1b0 fs/btrfs/inode.c:6953 [] btrfs_get_blocks_direct_write fs/btrfs/inode.c:7343 [inline] [] btrfs_dio_iomap_begin+0xcbc/0x11a0 fs/btrfs/inode.c:7594 [] iomap_iter+0x219/0x590 fs/iomap/iter.c:91 [] __iomap_dio_rw+0x2bb/0xd40 fs/iomap/direct-io.c:658 [] btrfs_dio_write+0x73/0xa0 fs/btrfs/inode.c:7798 [] btrfs_direct_write fs/btrfs/file.c:1543 [inline] [] btrfs_do_write_iter+0x454/0x960 fs/btrfs/file.c:1684 [] call_write_iter include/linux/fs.h:2020 [inline] [] do_iter_readv_writev+0x154/0x220 fs/read_write.c:735 [] do_iter_write+0xec/0x370 fs/read_write.c:860 BUG: memory leak unreferenced object 0xffff888125f8a580 (size 64): comm "syz-executor.7", pid 6014, jiffies 4294945882 (age 9.290s) hex dump (first 32 bytes): 00 00 18 00 00 00 00 00 ff ff 18 00 00 00 00 00 ................ 60 b6 94 06 00 c9 ff ff 60 b6 94 06 00 c9 ff ff `.......`....... backtrace: [] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline] [] slab_post_alloc_hook mm/slab.h:766 [inline] [] slab_alloc_node mm/slub.c:3478 [inline] [] __kmem_cache_alloc_node+0x2dd/0x3f0 mm/slub.c:3517 [] kmalloc_trace+0x25/0x90 mm/slab_common.c:1098 [] kmalloc include/linux/slab.h:600 [inline] [] ulist_add_merge fs/btrfs/ulist.c:210 [inline] [] ulist_add_merge+0xcb/0x2b0 fs/btrfs/ulist.c:198 [] add_extent_changeset fs/btrfs/extent-io-tree.c:199 [inline] [] add_extent_changeset fs/btrfs/extent-io-tree.c:186 [inline] [] clear_state_bit+0xa4/0x1f0 fs/btrfs/extent-io-tree.c:559 [] __clear_extent_bit+0x432/0x840 fs/btrfs/extent-io-tree.c:731 [] __btrfs_qgroup_release_data+0x21d/0x4a0 fs/btrfs/qgroup.c:4123 [] alloc_ordered_extent+0x57/0x2c0 fs/btrfs/ordered-data.c:159 [] btrfs_alloc_ordered_extent+0x78/0x4f0 fs/btrfs/ordered-data.c:274 [] btrfs_create_dio_extent+0xba/0x1b0 fs/btrfs/inode.c:6953 [] btrfs_get_blocks_direct_write fs/btrfs/inode.c:7343 [inline] [] btrfs_dio_iomap_begin+0xcbc/0x11a0 fs/btrfs/inode.c:7594 [] iomap_iter+0x219/0x590 fs/iomap/iter.c:91 [] __iomap_dio_rw+0x2bb/0xd40 fs/iomap/direct-io.c:658 [] btrfs_dio_write+0x73/0xa0 fs/btrfs/inode.c:7798 [] btrfs_direct_write fs/btrfs/file.c:1543 [inline] [] btrfs_do_write_iter+0x454/0x960 fs/btrfs/file.c:1684 [] call_write_iter include/linux/fs.h:2020 [inline] [] do_iter_readv_writev+0x154/0x220 fs/read_write.c:735 [] do_iter_write+0xec/0x370 fs/read_write.c:860 BUG: memory leak unreferenced object 0xffff888125e6ce80 (size 64): comm "syz-executor.4", pid 6095, jiffies 4294945926 (age 8.850s) hex dump (first 32 bytes): 00 00 0c 00 00 00 00 00 ff ff 0c 00 00 00 00 00 ................ 60 f6 f6 07 00 c9 ff ff 60 f6 f6 07 00 c9 ff ff `.......`....... backtrace: [] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline] [] slab_post_alloc_hook mm/slab.h:766 [inline] [] slab_alloc_node mm/slub.c:3478 [inline] [] __kmem_cache_alloc_node+0x2dd/0x3f0 mm/slub.c:3517 [] kmalloc_trace+0x25/0x90 mm/slab_common.c:1098 [] kmalloc include/linux/slab.h:600 [inline] [] ulist_add_merge fs/btrfs/ulist.c:210 [inline] [] ulist_add_merge+0xcb/0x2b0 fs/btrfs/ulist.c:198 [] add_extent_changeset fs/btrfs/extent-io-tree.c:199 [inline] [] add_extent_changeset fs/btrfs/extent-io-tree.c:186 [inline] [] clear_state_bit+0xa4/0x1f0 fs/btrfs/extent-io-tree.c:559 [] __clear_extent_bit+0x432/0x840 fs/btrfs/extent-io-tree.c:731 [] __btrfs_qgroup_release_data+0x21d/0x4a0 fs/btrfs/qgroup.c:4123 [] alloc_ordered_extent+0x57/0x2c0 fs/btrfs/ordered-data.c:159 [] btrfs_alloc_ordered_extent+0x78/0x4f0 fs/btrfs/ordered-data.c:274 [] btrfs_create_dio_extent+0xba/0x1b0 fs/btrfs/inode.c:6953 [] btrfs_get_blocks_direct_write fs/btrfs/inode.c:7343 [inline] [] btrfs_dio_iomap_begin+0xcbc/0x11a0 fs/btrfs/inode.c:7594 [] iomap_iter+0x219/0x590 fs/iomap/iter.c:91 [] __iomap_dio_rw+0x2bb/0xd40 fs/iomap/direct-io.c:658 [] btrfs_dio_write+0x73/0xa0 fs/btrfs/inode.c:7798 [] btrfs_direct_write fs/btrfs/file.c:1543 [inline] [] btrfs_do_write_iter+0x454/0x960 fs/btrfs/file.c:1684 [] call_write_iter include/linux/fs.h:2020 [inline] [] do_iter_readv_writev+0x154/0x220 fs/read_write.c:735 [] do_iter_write+0xec/0x370 fs/read_write.c:860