syzbot


memory leak in reiserfs_parse_options (2)

Status: upstream: reported C repro on 2023/01/11 10:44
Labels: reiserfs (incorrect?)
Reported-by: syzbot+67d4d8261283b46b21ac@syzkaller.appspotmail.com
First crash: 142d, last: 22d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [reiserfs?] memory leak in reiserfs_parse_options (2) 0 (1) 2023/01/11 10:44
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in reiserfs_parse_options reiserfs C 4 989d 1184d 17/24 fixed on 2020/11/16 12:12
Last patch testing requests (1)
Created Duration User Patch Repo Result
2023/04/18 14:40 13m retest repro upstream report log

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888104a863c0 (size 32):
  comm "syz-executor194", pid 5001, jiffies 4294957272 (age 13.020s)
  hex dump (first 32 bytes):
    73 79 7a 00 00 00 00 00 00 00 00 00 00 00 00 00  syz.............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81545d4b>] __do_kmalloc_node mm/slab_common.c:965 [inline]
    [<ffffffff81545d4b>] __kmalloc_node_track_caller+0x4b/0x120 mm/slab_common.c:986
    [<ffffffff815352df>] kstrdup+0x3f/0x70 mm/util.c:62
    [<ffffffff817d7995>] reiserfs_parse_options+0xad5/0x10a0 fs/reiserfs/super.c:1279
    [<ffffffff817dbba1>] reiserfs_fill_super+0x181/0x15e0 fs/reiserfs/super.c:1933
    [<ffffffff8165fa31>] mount_bdev+0x221/0x260 fs/super.c:1380
    [<ffffffff816c3d8f>] legacy_get_tree+0x2f/0x90 fs/fs_context.c:610
    [<ffffffff8165d4fc>] vfs_get_tree+0x2c/0x110 fs/super.c:1510
    [<ffffffff816a07c3>] do_new_mount fs/namespace.c:3039 [inline]
    [<ffffffff816a07c3>] path_mount+0xc53/0x10f0 fs/namespace.c:3369
    [<ffffffff816a1402>] do_mount fs/namespace.c:3382 [inline]
    [<ffffffff816a1402>] __do_sys_mount fs/namespace.c:3591 [inline]
    [<ffffffff816a1402>] __se_sys_mount fs/namespace.c:3568 [inline]
    [<ffffffff816a1402>] __x64_sys_mount+0x192/0x1e0 fs/namespace.c:3568
    [<ffffffff84a127b9>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff84a127b9>] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff888104a86640 (size 32):
  comm "syz-executor194", pid 5001, jiffies 4294957272 (age 13.020s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81545d4b>] __do_kmalloc_node mm/slab_common.c:965 [inline]
    [<ffffffff81545d4b>] __kmalloc_node_track_caller+0x4b/0x120 mm/slab_common.c:986
    [<ffffffff815352df>] kstrdup+0x3f/0x70 mm/util.c:62
    [<ffffffff817d7995>] reiserfs_parse_options+0xad5/0x10a0 fs/reiserfs/super.c:1279
    [<ffffffff817dbba1>] reiserfs_fill_super+0x181/0x15e0 fs/reiserfs/super.c:1933
    [<ffffffff8165fa31>] mount_bdev+0x221/0x260 fs/super.c:1380
    [<ffffffff816c3d8f>] legacy_get_tree+0x2f/0x90 fs/fs_context.c:610
    [<ffffffff8165d4fc>] vfs_get_tree+0x2c/0x110 fs/super.c:1510
    [<ffffffff816a07c3>] do_new_mount fs/namespace.c:3039 [inline]
    [<ffffffff816a07c3>] path_mount+0xc53/0x10f0 fs/namespace.c:3369
    [<ffffffff816a1402>] do_mount fs/namespace.c:3382 [inline]
    [<ffffffff816a1402>] __do_sys_mount fs/namespace.c:3591 [inline]
    [<ffffffff816a1402>] __se_sys_mount fs/namespace.c:3568 [inline]
    [<ffffffff816a1402>] __x64_sys_mount+0x192/0x1e0 fs/namespace.c:3568
    [<ffffffff84a127b9>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff84a127b9>] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff88810126a360 (size 32):
  comm "syz-executor194", pid 5008, jiffies 4294957816 (age 7.580s)
  hex dump (first 32 bytes):
    73 79 7a 00 00 00 00 00 00 00 00 00 00 00 00 00  syz.............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81545d4b>] __do_kmalloc_node mm/slab_common.c:965 [inline]
    [<ffffffff81545d4b>] __kmalloc_node_track_caller+0x4b/0x120 mm/slab_common.c:986
    [<ffffffff815352df>] kstrdup+0x3f/0x70 mm/util.c:62
    [<ffffffff817d7995>] reiserfs_parse_options+0xad5/0x10a0 fs/reiserfs/super.c:1279
    [<ffffffff817dbba1>] reiserfs_fill_super+0x181/0x15e0 fs/reiserfs/super.c:1933
    [<ffffffff8165fa31>] mount_bdev+0x221/0x260 fs/super.c:1380
    [<ffffffff816c3d8f>] legacy_get_tree+0x2f/0x90 fs/fs_context.c:610
    [<ffffffff8165d4fc>] vfs_get_tree+0x2c/0x110 fs/super.c:1510
    [<ffffffff816a07c3>] do_new_mount fs/namespace.c:3039 [inline]
    [<ffffffff816a07c3>] path_mount+0xc53/0x10f0 fs/namespace.c:3369
    [<ffffffff816a1402>] do_mount fs/namespace.c:3382 [inline]
    [<ffffffff816a1402>] __do_sys_mount fs/namespace.c:3591 [inline]
    [<ffffffff816a1402>] __se_sys_mount fs/namespace.c:3568 [inline]
    [<ffffffff816a1402>] __x64_sys_mount+0x192/0x1e0 fs/namespace.c:3568
    [<ffffffff84a127b9>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff84a127b9>] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff88810126a340 (size 32):
  comm "syz-executor194", pid 5008, jiffies 4294957816 (age 7.580s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81545d4b>] __do_kmalloc_node mm/slab_common.c:965 [inline]
    [<ffffffff81545d4b>] __kmalloc_node_track_caller+0x4b/0x120 mm/slab_common.c:986
    [<ffffffff815352df>] kstrdup+0x3f/0x70 mm/util.c:62
    [<ffffffff817d7995>] reiserfs_parse_options+0xad5/0x10a0 fs/reiserfs/super.c:1279
    [<ffffffff817dbba1>] reiserfs_fill_super+0x181/0x15e0 fs/reiserfs/super.c:1933
    [<ffffffff8165fa31>] mount_bdev+0x221/0x260 fs/super.c:1380
    [<ffffffff816c3d8f>] legacy_get_tree+0x2f/0x90 fs/fs_context.c:610
    [<ffffffff8165d4fc>] vfs_get_tree+0x2c/0x110 fs/super.c:1510
    [<ffffffff816a07c3>] do_new_mount fs/namespace.c:3039 [inline]
    [<ffffffff816a07c3>] path_mount+0xc53/0x10f0 fs/namespace.c:3369
    [<ffffffff816a1402>] do_mount fs/namespace.c:3382 [inline]
    [<ffffffff816a1402>] __do_sys_mount fs/namespace.c:3591 [inline]
    [<ffffffff816a1402>] __se_sys_mount fs/namespace.c:3568 [inline]
    [<ffffffff816a1402>] __x64_sys_mount+0x192/0x1e0 fs/namespace.c:3568
    [<ffffffff84a127b9>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff84a127b9>] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0xcd


Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/05/08 05:30 upstream 17784de648be 90c93c40 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-leak memory leak in reiserfs_parse_options
2023/01/07 10:33 upstream a689b938df39 1dac8c7a .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-leak memory leak in reiserfs_parse_options
* Struck through repros no longer work on HEAD.