syzbot


memory leak in hci_inquiry_cache_update

Status: auto-obsoleted due to no activity on 2022/09/14 23:40
Reported-by: syzbot+82e5dfb66f1a36c0ffbb@syzkaller.appspotmail.com
First crash: 1122d, last: 814d
Patch testing requests:
Created Duration User Patch Repo Result
2022/09/14 21:29 13m upstream OK log
2022/09/14 19:29 13m upstream OK log
2022/09/14 17:29 13m upstream OK log
2022/09/14 15:29 14m upstream OK log
2022/09/14 13:27 13m upstream OK log
2020/09/25 15:44 14m anant.thazhemadam@gmail.com upstream OK
2020/09/23 20:33 14m anant.thazhemadam@gmail.com patch upstream OK

Sample crash report:
2020/07/04 09:27:20 executed programs: 9
2020/07/04 09:27:31 executed programs: 10
BUG: memory leak
unreferenced object 0xffff88811420be40 (size 64):
  comm "kworker/u5:0", pid 1501, jiffies 4295007105 (age 46.060s)
  hex dump (first 32 bytes):
    70 ca 1a 14 81 88 ff ff 80 be 20 14 81 88 ff ff  p......... .....
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000004b0c31b2>] kmalloc include/linux/slab.h:555 [inline]
    [<000000004b0c31b2>] kzalloc include/linux/slab.h:669 [inline]
    [<000000004b0c31b2>] hci_inquiry_cache_update+0x138/0x2b0 net/bluetooth/hci_core.c:1213
    [<0000000024d46891>] hci_extended_inquiry_result_evt.isra.0+0x132/0x250 net/bluetooth/hci_event.c:4410
    [<00000000c83307ce>] hci_event_packet+0x1824/0x3399 net/bluetooth/hci_event.c:6115
    [<00000000ad573fdf>] hci_rx_work+0x1c3/0x330 net/bluetooth/hci_core.c:4705
    [<000000001fcf46ac>] process_one_work+0x213/0x4d0 kernel/workqueue.c:2269
    [<000000005b2900f8>] worker_thread+0x58/0x4b0 kernel/workqueue.c:2415
    [<0000000046696954>] kthread+0x164/0x190 kernel/kthread.c:291
    [<00000000763eabf8>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

BUG: memory leak
unreferenced object 0xffff88811420be80 (size 64):
  comm "kworker/u5:0", pid 1501, jiffies 4295007105 (age 46.060s)
  hex dump (first 32 bytes):
    40 be 20 14 81 88 ff ff 40 92 07 14 81 88 ff ff  @. .....@.......
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000004b0c31b2>] kmalloc include/linux/slab.h:555 [inline]
    [<000000004b0c31b2>] kzalloc include/linux/slab.h:669 [inline]
    [<000000004b0c31b2>] hci_inquiry_cache_update+0x138/0x2b0 net/bluetooth/hci_core.c:1213
    [<0000000024d46891>] hci_extended_inquiry_result_evt.isra.0+0x132/0x250 net/bluetooth/hci_event.c:4410
    [<00000000c83307ce>] hci_event_packet+0x1824/0x3399 net/bluetooth/hci_event.c:6115
    [<00000000ad573fdf>] hci_rx_work+0x1c3/0x330 net/bluetooth/hci_core.c:4705
    [<000000001fcf46ac>] process_one_work+0x213/0x4d0 kernel/workqueue.c:2269
    [<000000005b2900f8>] worker_thread+0x58/0x4b0 kernel/workqueue.c:2415
    [<0000000046696954>] kthread+0x164/0x190 kernel/kthread.c:291
    [<00000000763eabf8>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

BUG: memory leak
unreferenced object 0xffff888114079240 (size 64):
  comm "kworker/u5:0", pid 1501, jiffies 4295007105 (age 46.060s)
  hex dump (first 32 bytes):
    80 be 20 14 81 88 ff ff c0 e5 2e 14 81 88 ff ff  .. .............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000004b0c31b2>] kmalloc include/linux/slab.h:555 [inline]
    [<000000004b0c31b2>] kzalloc include/linux/slab.h:669 [inline]
    [<000000004b0c31b2>] hci_inquiry_cache_update+0x138/0x2b0 net/bluetooth/hci_core.c:1213
    [<0000000024d46891>] hci_extended_inquiry_result_evt.isra.0+0x132/0x250 net/bluetooth/hci_event.c:4410
    [<00000000c83307ce>] hci_event_packet+0x1824/0x3399 net/bluetooth/hci_event.c:6115
    [<00000000ad573fdf>] hci_rx_work+0x1c3/0x330 net/bluetooth/hci_core.c:4705
    [<000000001fcf46ac>] process_one_work+0x213/0x4d0 kernel/workqueue.c:2269
    [<000000005b2900f8>] worker_thread+0x58/0x4b0 kernel/workqueue.c:2415
    [<0000000046696954>] kthread+0x164/0x190 kernel/kthread.c:291
    [<00000000763eabf8>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

BUG: memory leak
unreferenced object 0xffff8881142ee5c0 (size 64):
  comm "kworker/u5:0", pid 1501, jiffies 4295007105 (age 46.060s)
  hex dump (first 32 bytes):
    40 92 07 14 81 88 ff ff 80 e5 2e 14 81 88 ff ff  @...............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000004b0c31b2>] kmalloc include/linux/slab.h:555 [inline]
    [<000000004b0c31b2>] kzalloc include/linux/slab.h:669 [inline]
    [<000000004b0c31b2>] hci_inquiry_cache_update+0x138/0x2b0 net/bluetooth/hci_core.c:1213
    [<0000000024d46891>] hci_extended_inquiry_result_evt.isra.0+0x132/0x250 net/bluetooth/hci_event.c:4410
    [<00000000c83307ce>] hci_event_packet+0x1824/0x3399 net/bluetooth/hci_event.c:6115
    [<00000000ad573fdf>] hci_rx_work+0x1c3/0x330 net/bluetooth/hci_core.c:4705
    [<000000001fcf46ac>] process_one_work+0x213/0x4d0 kernel/workqueue.c:2269
    [<000000005b2900f8>] worker_thread+0x58/0x4b0 kernel/workqueue.c:2415
    [<0000000046696954>] kthread+0x164/0x190 kernel/kthread.c:291
    [<00000000763eabf8>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

BUG: memory leak
unreferenced object 0xffff8881142ee580 (size 64):
  comm "kworker/u5:0", pid 1501, jiffies 4295007105 (age 46.060s)
  hex dump (first 32 bytes):
    c0 e5 2e 14 81 88 ff ff 40 e5 2e 14 81 88 ff ff  ........@.......
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000004b0c31b2>] kmalloc include/linux/slab.h:555 [inline]
    [<000000004b0c31b2>] kzalloc include/linux/slab.h:669 [inline]
    [<000000004b0c31b2>] hci_inquiry_cache_update+0x138/0x2b0 net/bluetooth/hci_core.c:1213
    [<0000000024d46891>] hci_extended_inquiry_result_evt.isra.0+0x132/0x250 net/bluetooth/hci_event.c:4410
    [<00000000c83307ce>] hci_event_packet+0x1824/0x3399 net/bluetooth/hci_event.c:6115
    [<00000000ad573fdf>] hci_rx_work+0x1c3/0x330 net/bluetooth/hci_core.c:4705
    [<000000001fcf46ac>] process_one_work+0x213/0x4d0 kernel/workqueue.c:2269
    [<000000005b2900f8>] worker_thread+0x58/0x4b0 kernel/workqueue.c:2415
    [<0000000046696954>] kthread+0x164/0x190 kernel/kthread.c:291
    [<00000000763eabf8>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293


Crashes (5):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-gce-leak 2020/07/04 09:38 upstream 7cc2a8ea1048 51095195 .config log report syz
ci-upstream-gce-leak 2020/04/15 03:44 upstream 8632e9b5645b 3f3c5574 .config log report syz
ci-upstream-gce-leak 2019/11/05 04:12 upstream a99d8080aaf3 76630fc9 .config log report syz
ci-upstream-gce-leak 2019/08/30 12:24 upstream 6525771f58cb fd37b39e .config log report syz
ci-upstream-gce-leak 2019/08/30 10:23 upstream 6525771f58cb fd37b39e .config log report syz
* Struck through repros no longer work on HEAD.