syzbot


memory leak in kobject_set_name_vargs (2)

Status: fixed on 2020/02/18 14:31
Reported-by: syzbot+ad8ca40ecd77896d51e2@syzkaller.appspotmail.com
Fix commit: cb626bf566eb net-sysfs: Fix reference count leak
First crash: 1776d, last: 1587d
Cause bisection: introduced by (bisect log) :
commit 0e034f5c4bc408c943f9c4a06244415d75d7108c
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Wed May 18 18:51:25 2016 +0000

  iwlwifi: fix mis-merge that breaks the driver

Crash: memory leak in next_bio (log)
Repro: C syz .config
  
Discussions (10)
Title Replies (including bot) Last reply
[PATCH 4.19 00/92] 4.19.100-stable review 98 (98) 2020/01/31 13:57
[PATCH 5.4 000/104] 5.4.16-stable review 113 (113) 2020/01/29 15:36
[PATCH 4.14 00/46] 4.14.169-stable review 51 (51) 2020/01/29 14:42
[PATCH 4.19 000/306] 4.19.87-stable review 359 (359) 2020/01/28 13:29
[PATCH] net-sysfs: Fix reference count leak 4 (4) 2020/01/21 09:44
[PATCH v3] net-sysfs: Fix reference count leak 5 (5) 2019/11/19 09:00
[PATCH v3] net-sysfs: Fix reference count leak 2 (2) 2019/11/18 12:25
[PATCH] net-sysfs: Fix reference count leak 3 (3) 2019/11/18 09:25
memory leak in kobject_set_name_vargs (2) 4 (6) 2019/08/08 17:04
Reminder: 99 open syzbot bugs in net subsystem 14 (14) 2019/07/31 15:13
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in kobject_set_name_vargs kernel C 12 1794d 1827d 12/26 fixed on 2019/07/10 21:40
upstream memory leak in kobject_set_name_vargs (3) nilfs C 19 1291d 1346d 15/26 fixed on 2020/11/16 12:12
upstream memory leak in kobject_set_name_vargs (5) nilfs C 4 605d 707d 22/26 fixed on 2023/02/24 13:51
upstream memory leak in kobject_set_name_vargs (4) kernel C 171 999d 1286d 20/26 fixed on 2021/11/10 00:51

Sample crash report:
BUG: memory leak
unreferenced object 0xffff88810df7a380 (size 32):
  comm "syz-executor765", pid 7372, jiffies 4294944563 (age 19.060s)
  hex dump (first 32 bytes):
    62 6f 6e 64 31 00 00 00 00 00 00 00 00 00 00 00  bond1...........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000007cb7bd90>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000007cb7bd90>] slab_post_alloc_hook mm/slab.h:586 [inline]
    [<000000007cb7bd90>] slab_alloc mm/slab.c:3320 [inline]
    [<000000007cb7bd90>] __do_kmalloc mm/slab.c:3654 [inline]
    [<000000007cb7bd90>] __kmalloc_track_caller+0x165/0x300 mm/slab.c:3671
    [<00000000af2a9d98>] kstrdup+0x3a/0x70 mm/util.c:60
    [<000000003e23e481>] kstrdup_const+0x48/0x60 mm/util.c:82
    [<00000000fc74365a>] kvasprintf_const+0x7e/0xe0 lib/kasprintf.c:48
    [<00000000e4521d6b>] kobject_set_name_vargs+0x40/0xe0 lib/kobject.c:289
    [<00000000b4f8ddab>] dev_set_name+0x63/0x90 drivers/base/core.c:2265
    [<00000000e3d84494>] netdev_register_kobject+0x5a/0x1b0 net/core/net-sysfs.c:1736
    [<00000000cd01fe3d>] register_netdevice+0x1ce/0x650 net/core/dev.c:9304
    [<000000002e333573>] bond_newlink drivers/net/bonding/bond_netlink.c:458 [inline]
    [<000000002e333573>] bond_newlink+0x41/0x80 drivers/net/bonding/bond_netlink.c:448
    [<000000003b4042ca>] __rtnl_newlink+0x89a/0xb80 net/core/rtnetlink.c:3305
    [<00000000bd44508b>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3363
    [<00000000b392515b>] rtnetlink_rcv_msg+0x178/0x4b0 net/core/rtnetlink.c:5424
    [<0000000099050a96>] netlink_rcv_skb+0x61/0x170 net/netlink/af_netlink.c:2477
    [<000000001fdf241e>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5442
    [<000000005e604184>] netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
    [<000000005e604184>] netlink_unicast+0x223/0x310 net/netlink/af_netlink.c:1328
    [<000000007ff53ffa>] netlink_sendmsg+0x2c0/0x570 net/netlink/af_netlink.c:1917

BUG: memory leak
unreferenced object 0xffff888121a75980 (size 32):
  comm "syz-executor765", pid 7374, jiffies 4294945126 (age 13.430s)
  hex dump (first 32 bytes):
    62 6f 6e 64 31 00 00 00 00 00 00 00 20 00 00 00  bond1....... ...
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000007cb7bd90>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000007cb7bd90>] slab_post_alloc_hook mm/slab.h:586 [inline]
    [<000000007cb7bd90>] slab_alloc mm/slab.c:3320 [inline]
    [<000000007cb7bd90>] __do_kmalloc mm/slab.c:3654 [inline]
    [<000000007cb7bd90>] __kmalloc_track_caller+0x165/0x300 mm/slab.c:3671
    [<00000000af2a9d98>] kstrdup+0x3a/0x70 mm/util.c:60
    [<000000003e23e481>] kstrdup_const+0x48/0x60 mm/util.c:82
    [<00000000fc74365a>] kvasprintf_const+0x7e/0xe0 lib/kasprintf.c:48
    [<00000000e4521d6b>] kobject_set_name_vargs+0x40/0xe0 lib/kobject.c:289
    [<00000000b4f8ddab>] dev_set_name+0x63/0x90 drivers/base/core.c:2265
    [<00000000e3d84494>] netdev_register_kobject+0x5a/0x1b0 net/core/net-sysfs.c:1736
    [<00000000cd01fe3d>] register_netdevice+0x1ce/0x650 net/core/dev.c:9304
    [<000000002e333573>] bond_newlink drivers/net/bonding/bond_netlink.c:458 [inline]
    [<000000002e333573>] bond_newlink+0x41/0x80 drivers/net/bonding/bond_netlink.c:448
    [<000000003b4042ca>] __rtnl_newlink+0x89a/0xb80 net/core/rtnetlink.c:3305
    [<00000000bd44508b>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3363
    [<00000000b392515b>] rtnetlink_rcv_msg+0x178/0x4b0 net/core/rtnetlink.c:5424
    [<0000000099050a96>] netlink_rcv_skb+0x61/0x170 net/netlink/af_netlink.c:2477
    [<000000001fdf241e>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5442
    [<000000005e604184>] netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
    [<000000005e604184>] netlink_unicast+0x223/0x310 net/netlink/af_netlink.c:1328
    [<000000007ff53ffa>] netlink_sendmsg+0x2c0/0x570 net/netlink/af_netlink.c:1917


Crashes (47):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/01/24 08:18 upstream 4703d9119972 2e95ab33 .config console log report syz C ci-upstream-gce-leak
2020/01/23 18:16 upstream 131701c697e8 3334d684 .config console log report syz C ci-upstream-gce-leak
2020/01/20 22:36 upstream def9d2780727 d2557fb5 .config console log report syz C ci-upstream-gce-leak
2020/01/20 01:22 upstream 8f8972a3127f 0342f8c7 .config console log report syz C ci-upstream-gce-leak
2020/01/19 13:27 upstream 244dc2689085 bc8bc756 .config console log report syz C ci-upstream-gce-leak
2020/01/18 22:24 upstream 25e73aadf297 3de7aabb .config console log report syz C ci-upstream-gce-leak
2020/01/16 03:50 upstream 51d69817519f f9b69507 .config console log report syz C ci-upstream-gce-leak
2020/01/12 01:04 upstream bef1d88263ff 4c04afaa .config console log report syz C ci-upstream-gce-leak
2020/01/09 13:56 upstream b07f636fca1c ddc3e859 .config console log report syz C ci-upstream-gce-leak
2020/01/06 03:33 upstream c79f46a28239 438e1227 .config console log report syz C ci-upstream-gce-leak
2019/12/31 23:50 upstream 738d2902773e 25a0186e .config console log report syz C ci-upstream-gce-leak
2019/12/30 23:41 upstream fd6988496e79 af6b8ef8 .config console log report syz C ci-upstream-gce-leak
2019/12/29 06:16 upstream bf8d1cd43865 af6b8ef8 .config console log report syz C ci-upstream-gce-leak
2019/12/22 00:23 upstream f1fd1610cbb6 bc586918 .config console log report syz C ci-upstream-gce-leak
2019/12/15 14:45 upstream 07c4b9e9f71a eef6e580 .config console log report syz C ci-upstream-gce-leak
2019/12/13 04:26 upstream ae4b064e2a61 08003f64 .config console log report syz C ci-upstream-gce-leak
2019/12/12 14:20 upstream 687dec9b9459 d973f528 .config console log report syz C ci-upstream-gce-leak
2019/11/26 11:31 upstream 0be0ee71816b f746151a .config console log report syz C ci-upstream-gce-leak
2019/11/25 09:33 upstream 219d54332a09 598ca6c8 .config console log report syz C ci-upstream-gce-leak
2019/11/24 16:39 upstream 6b8a79467876 598ca6c8 .config console log report syz C ci-upstream-gce-leak
2019/11/23 09:59 upstream a6b0373ffcd8 598ca6c8 .config console log report syz C ci-upstream-gce-leak
2019/11/22 06:26 upstream 81429eb8d9ca 8098ea0f .config console log report syz C ci-upstream-gce-leak
2019/11/21 17:25 upstream c74386d50fba 8098ea0f .config console log report syz C ci-upstream-gce-leak
2019/11/18 08:04 upstream cbb104f91dfe d5696d51 .config console log report syz C ci-upstream-gce-leak
2019/11/13 14:20 upstream 0e3f1ad80fc8 048f2d49 .config console log report syz C ci-upstream-gce-leak
2019/11/11 07:27 upstream 9805a68371ce dc438b91 .config console log report syz C ci-upstream-gce-leak
2019/11/11 06:41 upstream 9805a68371ce dc438b91 .config console log report syz C ci-upstream-gce-leak
2019/11/03 11:58 upstream 9d2345057538 a41ca8fa .config console log report syz C ci-upstream-gce-leak
2019/11/01 08:17 upstream e472c64aa4fa a41ca8fa .config console log report syz C ci-upstream-gce-leak
2019/10/29 15:59 upstream 8005803a2ca0 5ea87a66 .config console log report syz C ci-upstream-gce-leak
2019/10/29 00:50 upstream 9e5eefba3d09 439d7b14 .config console log report syz C ci-upstream-gce-leak
2019/10/28 12:03 upstream d6d5df1db6e9 25bb509e .config console log report syz C ci-upstream-gce-leak
2019/10/23 03:48 upstream 3b7c59a1950c 5681358a .config console log report syz C ci-upstream-gce-leak
2019/10/19 08:13 upstream b9959c7a347d 8c88c9c1 .config console log report syz C ci-upstream-gce-leak
2019/10/10 06:18 upstream 8a8c600de5dc c4b9981b .config console log report syz C ci-upstream-gce-leak
2019/10/04 07:15 upstream cc3a7bfe62b9 fc17ba49 .config console log report syz C ci-upstream-gce-leak
2019/08/02 08:22 upstream 1e78030e5e5b 835dffe7 .config console log report syz C ci-upstream-gce-leak
2019/07/31 23:06 upstream 4010b622f1d2 c692b5bd .config console log report syz C ci-upstream-gce-leak
2019/07/31 13:31 upstream 629f8205a6cc 7c7ded69 .config console log report syz C ci-upstream-gce-leak
2019/07/29 04:56 upstream a9815a4fa2fd c85e1c5b .config console log report syz C ci-upstream-gce-leak
2019/07/28 11:52 upstream 5168afe6ef59 c85e1c5b .config console log report syz C ci-upstream-gce-leak
2019/07/25 10:54 upstream bed38c3e2dca 32329ceb .config console log report syz C ci-upstream-gce-leak
2019/07/24 04:22 upstream c6dd78fcb8ee de453f34 .config console log report syz C ci-upstream-gce-leak
2019/07/22 17:48 upstream c6dd78fcb8ee b3c615f5 .config console log report syz C ci-upstream-gce-leak
2019/07/22 01:49 upstream c6dd78fcb8ee 1656845f .config console log report syz C ci-upstream-gce-leak
2019/07/21 10:42 upstream c6dd78fcb8ee 1656845f .config console log report syz C ci-upstream-gce-leak
2019/07/19 22:03 upstream 3bfe1fc46794 1656845f .config console log report syz C ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.