syzbot


memory leak in v9fs_cache_session_get_cookie (2)

Status: upstream: reported C repro on 2019/10/16 19:52
Reported-by: syzbot+f577fd1dae1f5b0fd8c7@syzkaller.appspotmail.com
First crash: 1076d, last: 772d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in v9fs_cache_session_get_cookie C 242 1076d 1223d 14/24 fixed on 2019/10/15 23:40
Patch testing requests:
Created Duration User Patch Repo Result
2022/09/26 06:30 16m upstream OK log
2022/09/26 04:30 17m upstream OK log
2022/09/26 02:30 16m upstream OK log
2022/09/25 23:30 15m upstream OK log
2022/09/25 21:30 16m upstream OK log
2022/09/25 20:30 16m upstream OK log
2022/09/25 19:30 16m upstream OK log
2022/09/25 17:30 16m upstream OK log
2022/09/25 15:30 16m upstream OK log
2022/09/25 13:30 16m upstream OK log
2022/09/25 10:30 16m upstream OK log
2022/09/25 08:30 16m upstream OK log
2022/09/25 06:30 16m upstream OK log
2022/09/25 04:30 16m upstream OK log
2022/09/25 02:30 16m upstream OK log
2022/09/25 01:30 16m upstream OK log
2022/09/24 23:30 16m upstream OK log
2022/09/24 20:30 16m upstream OK log
2022/09/24 18:30 16m upstream OK log
2022/09/24 16:30 16m upstream OK log
2022/09/24 14:30 16m upstream OK log
2022/09/24 12:30 16m upstream OK log
2022/09/24 10:30 16m upstream OK log
2022/09/24 07:30 16m upstream OK log
2022/09/24 05:30 16m upstream OK log
2022/09/24 03:30 16m upstream OK log
2022/09/24 01:30 16m upstream OK log
2022/09/23 23:30 16m upstream OK log
2022/09/23 21:30 16m upstream OK log
2022/09/23 18:30 5m upstream error
2022/09/23 16:30 16m upstream OK log
2022/09/23 14:30 16m upstream OK log
2022/09/23 12:30 16m upstream OK log
2020/09/23 10:40 15m anant.thazhemadam@gmail.com upstream OK
2020/04/08 18:18 15m rikard.falkeborn@gmail.com patch upstream OK

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888119f09600 (size 32):
  comm "syz-executor821", pid 6502, jiffies 4294951481 (age 21.240s)
  hex dump (first 32 bytes):
    34 32 39 34 39 35 31 34 38 31 00 1a 81 88 ff ff  4294951481......
    01 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f9703af4>] kmalloc include/linux/slab.h:554 [inline]
    [<00000000f9703af4>] v9fs_random_cachetag fs/9p/cache.c:36 [inline]
    [<00000000f9703af4>] v9fs_cache_session_get_cookie+0x98/0x100 fs/9p/cache.c:52
    [<00000000de3f9446>] v9fs_session_init+0x5a1/0x840 fs/9p/v9fs.c:470
    [<00000000b79bf12c>] v9fs_mount+0x56/0x390 fs/9p/vfs_super.c:124
    [<000000001e1a098f>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000ac8cfb68>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<000000004529d8df>] do_new_mount fs/namespace.c:2875 [inline]
    [<000000004529d8df>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<00000000dc5c0ff0>] do_mount fs/namespace.c:3205 [inline]
    [<00000000dc5c0ff0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<00000000dc5c0ff0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<00000000dc5c0ff0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<00000000a8b90db4>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000167cbb6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888119f09600 (size 32):
  comm "syz-executor821", pid 6502, jiffies 4294951481 (age 22.480s)
  hex dump (first 32 bytes):
    34 32 39 34 39 35 31 34 38 31 00 1a 81 88 ff ff  4294951481......
    01 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f9703af4>] kmalloc include/linux/slab.h:554 [inline]
    [<00000000f9703af4>] v9fs_random_cachetag fs/9p/cache.c:36 [inline]
    [<00000000f9703af4>] v9fs_cache_session_get_cookie+0x98/0x100 fs/9p/cache.c:52
    [<00000000de3f9446>] v9fs_session_init+0x5a1/0x840 fs/9p/v9fs.c:470
    [<00000000b79bf12c>] v9fs_mount+0x56/0x390 fs/9p/vfs_super.c:124
    [<000000001e1a098f>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000ac8cfb68>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<000000004529d8df>] do_new_mount fs/namespace.c:2875 [inline]
    [<000000004529d8df>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<00000000dc5c0ff0>] do_mount fs/namespace.c:3205 [inline]
    [<00000000dc5c0ff0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<00000000dc5c0ff0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<00000000dc5c0ff0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<00000000a8b90db4>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000167cbb6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888119f09600 (size 32):
  comm "syz-executor821", pid 6502, jiffies 4294951481 (age 23.700s)
  hex dump (first 32 bytes):
    34 32 39 34 39 35 31 34 38 31 00 1a 81 88 ff ff  4294951481......
    01 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f9703af4>] kmalloc include/linux/slab.h:554 [inline]
    [<00000000f9703af4>] v9fs_random_cachetag fs/9p/cache.c:36 [inline]
    [<00000000f9703af4>] v9fs_cache_session_get_cookie+0x98/0x100 fs/9p/cache.c:52
    [<00000000de3f9446>] v9fs_session_init+0x5a1/0x840 fs/9p/v9fs.c:470
    [<00000000b79bf12c>] v9fs_mount+0x56/0x390 fs/9p/vfs_super.c:124
    [<000000001e1a098f>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000ac8cfb68>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<000000004529d8df>] do_new_mount fs/namespace.c:2875 [inline]
    [<000000004529d8df>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<00000000dc5c0ff0>] do_mount fs/namespace.c:3205 [inline]
    [<00000000dc5c0ff0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<00000000dc5c0ff0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<00000000dc5c0ff0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<00000000a8b90db4>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000167cbb6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888119f09600 (size 32):
  comm "syz-executor821", pid 6502, jiffies 4294951481 (age 24.930s)
  hex dump (first 32 bytes):
    34 32 39 34 39 35 31 34 38 31 00 1a 81 88 ff ff  4294951481......
    01 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f9703af4>] kmalloc include/linux/slab.h:554 [inline]
    [<00000000f9703af4>] v9fs_random_cachetag fs/9p/cache.c:36 [inline]
    [<00000000f9703af4>] v9fs_cache_session_get_cookie+0x98/0x100 fs/9p/cache.c:52
    [<00000000de3f9446>] v9fs_session_init+0x5a1/0x840 fs/9p/v9fs.c:470
    [<00000000b79bf12c>] v9fs_mount+0x56/0x390 fs/9p/vfs_super.c:124
    [<000000001e1a098f>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000ac8cfb68>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<000000004529d8df>] do_new_mount fs/namespace.c:2875 [inline]
    [<000000004529d8df>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<00000000dc5c0ff0>] do_mount fs/namespace.c:3205 [inline]
    [<00000000dc5c0ff0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<00000000dc5c0ff0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<00000000dc5c0ff0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<00000000a8b90db4>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000167cbb6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888119f09600 (size 32):
  comm "syz-executor821", pid 6502, jiffies 4294951481 (age 26.160s)
  hex dump (first 32 bytes):
    34 32 39 34 39 35 31 34 38 31 00 1a 81 88 ff ff  4294951481......
    01 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f9703af4>] kmalloc include/linux/slab.h:554 [inline]
    [<00000000f9703af4>] v9fs_random_cachetag fs/9p/cache.c:36 [inline]
    [<00000000f9703af4>] v9fs_cache_session_get_cookie+0x98/0x100 fs/9p/cache.c:52
    [<00000000de3f9446>] v9fs_session_init+0x5a1/0x840 fs/9p/v9fs.c:470
    [<00000000b79bf12c>] v9fs_mount+0x56/0x390 fs/9p/vfs_super.c:124
    [<000000001e1a098f>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000ac8cfb68>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<000000004529d8df>] do_new_mount fs/namespace.c:2875 [inline]
    [<000000004529d8df>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<00000000dc5c0ff0>] do_mount fs/namespace.c:3205 [inline]
    [<00000000dc5c0ff0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<00000000dc5c0ff0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<00000000dc5c0ff0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<00000000a8b90db4>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000167cbb6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888119f09600 (size 32):
  comm "syz-executor821", pid 6502, jiffies 4294951481 (age 27.380s)
  hex dump (first 32 bytes):
    34 32 39 34 39 35 31 34 38 31 00 1a 81 88 ff ff  4294951481......
    01 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f9703af4>] kmalloc include/linux/slab.h:554 [inline]
    [<00000000f9703af4>] v9fs_random_cachetag fs/9p/cache.c:36 [inline]
    [<00000000f9703af4>] v9fs_cache_session_get_cookie+0x98/0x100 fs/9p/cache.c:52
    [<00000000de3f9446>] v9fs_session_init+0x5a1/0x840 fs/9p/v9fs.c:470
    [<00000000b79bf12c>] v9fs_mount+0x56/0x390 fs/9p/vfs_super.c:124
    [<000000001e1a098f>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000ac8cfb68>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<000000004529d8df>] do_new_mount fs/namespace.c:2875 [inline]
    [<000000004529d8df>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<00000000dc5c0ff0>] do_mount fs/namespace.c:3205 [inline]
    [<00000000dc5c0ff0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<00000000dc5c0ff0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<00000000dc5c0ff0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<00000000a8b90db4>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000167cbb6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888119f09600 (size 32):
  comm "syz-executor821", pid 6502, jiffies 4294951481 (age 28.630s)
  hex dump (first 32 bytes):
    34 32 39 34 39 35 31 34 38 31 00 1a 81 88 ff ff  4294951481......
    01 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f9703af4>] kmalloc include/linux/slab.h:554 [inline]
    [<00000000f9703af4>] v9fs_random_cachetag fs/9p/cache.c:36 [inline]
    [<00000000f9703af4>] v9fs_cache_session_get_cookie+0x98/0x100 fs/9p/cache.c:52
    [<00000000de3f9446>] v9fs_session_init+0x5a1/0x840 fs/9p/v9fs.c:470
    [<00000000b79bf12c>] v9fs_mount+0x56/0x390 fs/9p/vfs_super.c:124
    [<000000001e1a098f>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000ac8cfb68>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<000000004529d8df>] do_new_mount fs/namespace.c:2875 [inline]
    [<000000004529d8df>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<00000000dc5c0ff0>] do_mount fs/namespace.c:3205 [inline]
    [<00000000dc5c0ff0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<00000000dc5c0ff0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<00000000dc5c0ff0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<00000000a8b90db4>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000167cbb6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

executing program

Crashes (319):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-gce-leak 2020/08/11 09:41 upstream 00e4db51259a bacaf5fa .config log report syz C
ci-upstream-gce-leak 2020/08/07 23:36 upstream d6efb3ac3e6c cb436c69 .config log report syz
ci-upstream-gce-leak 2020/08/05 03:28 upstream 2baa85d6927d 80a06902 .config log report syz
ci-upstream-gce-leak 2020/08/02 19:09 upstream ac3a0c847296 63a73341 .config log report syz
ci-upstream-gce-leak 2020/08/02 13:19 upstream ac3a0c847296 63a73341 .config log report syz
ci-upstream-gce-leak 2020/07/26 07:23 upstream 23ee3e4e5bd2 1f7cc1ca .config log report syz
ci-upstream-gce-leak 2020/07/24 16:37 upstream f37e99aca03f 554af388 .config log report syz
ci-upstream-gce-leak 2020/07/19 09:06 upstream f932d58abc38 9c812472 .config log report syz
ci-upstream-gce-leak 2020/07/19 02:38 upstream 6a70f89cc58f 9c812472 .config log report syz
ci-upstream-gce-leak 2020/07/17 21:41 upstream 8882572675c1 9c812472 .config log report syz
ci-upstream-gce-leak 2020/07/16 05:27 upstream e9919e11e219 f3bec699 .config log report syz
ci-upstream-gce-leak 2020/07/13 08:59 upstream 4437dd6e8f71 9ebcc5b1 .config log report syz
ci-upstream-gce-leak 2020/07/07 06:32 upstream 7cc2a8ea1048 51095195 .config log report syz
ci-upstream-gce-leak 2020/07/06 12:03 upstream 7cc2a8ea1048 51095195 .config log report syz
ci-upstream-gce-leak 2020/07/06 07:06 upstream 7cc2a8ea1048 51095195 .config log report syz
ci-upstream-gce-leak 2020/07/05 13:09 upstream 7cc2a8ea1048 51095195 .config log report syz
ci-upstream-gce-leak 2020/07/04 07:06 upstream 7cc2a8ea1048 51095195 .config log report syz
ci-upstream-gce-leak 2020/07/04 00:57 upstream 7cc2a8ea1048 51095195 .config log report syz
ci-upstream-gce-leak 2020/06/11 22:13 upstream 7ae77150d94d 3ab7a05a .config log report syz
ci-upstream-gce-leak 2020/08/14 14:58 upstream a1d21081a60d 424dd8e7 .config log report syz C
ci-upstream-gce-leak 2020/08/12 20:01 upstream fb893de323e2 bc15f7db .config log report syz C
ci-upstream-gce-leak 2020/08/11 18:24 upstream 00e4db51259a bacaf5fa .config log report syz C
ci-upstream-gce-leak 2020/08/10 10:12 upstream 9420f1ce0186 70301872 .config log report syz C
ci-upstream-gce-leak 2020/08/08 12:24 upstream 5631c5e0eb90 ff51e522 .config log report syz C
ci-upstream-gce-leak 2020/08/06 21:51 upstream 47ec5303d73e 1f122f88 .config log report syz C
ci-upstream-gce-leak 2020/08/04 19:39 upstream 2baa85d6927d 80a06902 .config log report syz C
ci-upstream-gce-leak 2020/08/04 03:03 upstream bcf876870b95 196277c4 .config log report syz C
ci-upstream-gce-leak 2020/08/03 17:19 upstream 5a30a78924ec 196277c4 .config log report syz C
ci-upstream-gce-leak 2020/08/01 06:00 upstream d8b9faec54ae d895b3be .config log report syz C
ci-upstream-gce-leak 2020/07/31 12:14 upstream 83bdc7275e62 8df85ed9 .config log report syz C
ci-upstream-gce-leak 2020/07/30 10:34 upstream d3590ebf6f91 233283a1 .config log report syz C
ci-upstream-gce-leak 2020/07/28 14:25 upstream 92ed30191993 cb93dc6a .config log report syz C
ci-upstream-gce-leak 2020/07/24 14:09 upstream f37e99aca03f 554af388 .config log report syz C
ci-upstream-gce-leak 2020/07/24 06:21 upstream d15be546031c 70c104a1 .config log report syz C
ci-upstream-gce-leak 2020/07/20 21:28 upstream 5714ee50bb43 4285ffa3 .config log report syz C
ci-upstream-gce-leak 2020/07/19 16:53 upstream f932d58abc38 9c812472 .config log report syz C
ci-upstream-gce-leak 2020/07/17 21:02 upstream 8882572675c1 9c812472 .config log report syz C
ci-upstream-gce-leak 2020/07/16 21:23 upstream 994e99a96c9b f3bec699 .config log report syz C
ci-upstream-gce-leak 2020/07/15 21:10 upstream e9919e11e219 f3bec699 .config log report syz C
ci-upstream-gce-leak 2020/07/11 11:52 upstream a581387e415b 18d18b59 .config log report syz C
ci-upstream-gce-leak 2020/07/09 21:19 upstream 0bddd227f3dc bc238812 .config log report syz C
ci-upstream-gce-leak 2020/07/04 17:30 upstream 7cc2a8ea1048 51095195 .config log report syz C
ci-upstream-gce-leak 2020/06/27 11:28 upstream 4a21185cda0f ffec44b5 .config log report syz C
ci-upstream-gce-leak 2020/06/18 18:19 upstream 1b5044021070 d45a4d69 .config log report syz C
ci-upstream-gce-leak 2020/06/17 12:16 upstream 69119673bd50 b9f3810b .config log report syz C
ci-upstream-gce-leak 2020/06/12 08:30 upstream 7ae77150d94d 58802067 .config log report syz C
ci-upstream-gce-leak 2020/06/01 00:20 upstream bdc48fa11e46 a0331e89 .config log report syz C
ci-upstream-gce-leak 2020/05/30 01:50 upstream e2fce151d2b4 3905eaae .config log report syz C
ci-upstream-gce-leak 2020/05/25 09:07 upstream 9cb1fd0efd19 11284182 .config log report syz C
ci-upstream-gce-leak 2020/04/07 05:55 upstream 7e63420847ae 99a96044 .config log report syz C
ci-upstream-gce-leak 2019/10/16 06:54 upstream 3b1f00aceb7a d4ea592f .config log report syz C
* Struck through repros no longer work on HEAD.