Hey Linus, /* Summary */ This contains a fix for the backing file work from this cycle. When init_file() failed it would call file_free_rcu() on the file allocated by the caller of init_file(). It naively assumed that the correct cleanup operation would be called depending on whether it is a regular file or a backing file. However, that presupposes that the FMODE_BACKING flag would already be set which it won't be as that is done in the caller of init_file(). Fix that bug by moving the cleanup of the allocated file into the caller where it belongs in the first place. There's no good reason for init_file() to consume resources it didn't allocate. This is a mainline only fix and was reported by syzbot. The fix was validated by syzbot against the provided reproducer. /* Testing */ clang: Ubuntu clang version 15.0.7 gcc: (Ubuntu 12.2.0-3ubuntu1) 12.2.0 /* Conflicts */ At the time of creating this PR no merge conflicts were reported from linux-next and no merge conflicts showed up doing a test-merge with current mainline. All patches are based on current mainline. No build failures or warnings were observed. All old and new tests in fstests, selftests, and LTP pass without regressions. The following changes since commit 995b406c7e972fab181a4bb57f3b95e59b8e5bf3: Merge tag 'csky-for-linus-6.5' of https://github.com/c-sky/csky-linux (2023-07-01 21:12:32 -0700) are available in the Git repository at: git@xxxxxxxxxxxxxxxxxxx:pub/scm/linux/kernel/git/vfs/vfs tags/v6.5/vfs.fixes for you to fetch changes up to dff745c1221a402b4921d54f292288373cff500c: fs: move cleanup from init_file() into its callers (2023-07-02 13:15:49 +0200) Please consider pulling these changes from the signed v6.5/vfs.fixes tag. Thanks! Christian ---------------------------------------------------------------- v6.5/vfs.fixes ---------------------------------------------------------------- Amir Goldstein (1): fs: move cleanup from init_file() into its callers fs/file_table.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-)