Re: [syzbot] memory leak in __get_metapage

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+389b82b29093b3e2640a@syzkaller.appspotmail.com>
To: akpm@linux-foundation.org, fmdefrancesco@gmail.com,
	 linux-kernel@vger.kernel.org, linux-mm@kvack.org,
	 syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] memory leak in __get_metapage
Date: Thu, 06 Oct 2022 16:54:20 -0700	[thread overview]
Message-ID: <0000000000007cd19505ea66692e@google.com> (raw)
In-Reply-To: <2387955.jE0xQCEvom@mypc>

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
memory leak in __get_metapage

BUG: memory leak
unreferenced object 0xffff88810abfae80 (size 128):
  comm "syz-executor.0", pid 4206, jiffies 4294944336 (age 14.270s)
  hex dump (first 32 bytes):
    00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8148f863>] mempool_alloc+0x73/0x230 mm/mempool.c:392
    [<ffffffff81c5adba>] alloc_metapage fs/jfs/jfs_metapage.c:176 [inline]
    [<ffffffff81c5adba>] __get_metapage+0x38a/0x9b0 fs/jfs/jfs_metapage.c:651
    [<ffffffff81c43722>] diNewExt+0x3f2/0x9d0 fs/jfs/jfs_imap.c:2265
    [<ffffffff81c45114>] diAllocExt fs/jfs/jfs_imap.c:1945 [inline]
    [<ffffffff81c45114>] diAllocAG+0x9a4/0xd50 fs/jfs/jfs_imap.c:1662
    [<ffffffff81c46f3f>] diAlloc+0x31f/0x900 fs/jfs/jfs_imap.c:1583
    [<ffffffff81c57c5a>] ialloc+0x6a/0x3a0 fs/jfs/jfs_inode.c:56
    [<ffffffff81c3a397>] jfs_mkdir+0xf7/0x480 fs/jfs/namei.c:225
    [<ffffffff815f9a23>] vfs_mkdir+0x223/0x340 fs/namei.c:4013
    [<ffffffff81602a05>] do_mkdirat+0x1a5/0x1e0 fs/namei.c:4038
    [<ffffffff81602b79>] __do_sys_mkdir fs/namei.c:4058 [inline]
    [<ffffffff81602b79>] __se_sys_mkdir fs/namei.c:4056 [inline]
    [<ffffffff81602b79>] __x64_sys_mkdir+0x69/0x90 fs/namei.c:4056
    [<ffffffff846099a5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff846099a5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff88810abfaf00 (size 128):
  comm "syz-executor.0", pid 4206, jiffies 4294944336 (age 14.270s)
  hex dump (first 32 bytes):
    00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8148f863>] mempool_alloc+0x73/0x230 mm/mempool.c:392
    [<ffffffff81c5adba>] alloc_metapage fs/jfs/jfs_metapage.c:176 [inline]
    [<ffffffff81c5adba>] __get_metapage+0x38a/0x9b0 fs/jfs/jfs_metapage.c:651
    [<ffffffff81c43722>] diNewExt+0x3f2/0x9d0 fs/jfs/jfs_imap.c:2265
    [<ffffffff81c45114>] diAllocExt fs/jfs/jfs_imap.c:1945 [inline]
    [<ffffffff81c45114>] diAllocAG+0x9a4/0xd50 fs/jfs/jfs_imap.c:1662
    [<ffffffff81c46f3f>] diAlloc+0x31f/0x900 fs/jfs/jfs_imap.c:1583
    [<ffffffff81c57c5a>] ialloc+0x6a/0x3a0 fs/jfs/jfs_inode.c:56
    [<ffffffff81c3a397>] jfs_mkdir+0xf7/0x480 fs/jfs/namei.c:225
    [<ffffffff815f9a23>] vfs_mkdir+0x223/0x340 fs/namei.c:4013
    [<ffffffff81602a05>] do_mkdirat+0x1a5/0x1e0 fs/namei.c:4038
    [<ffffffff81602b79>] __do_sys_mkdir fs/namei.c:4058 [inline]
    [<ffffffff81602b79>] __se_sys_mkdir fs/namei.c:4056 [inline]
    [<ffffffff81602b79>] __x64_sys_mkdir+0x69/0x90 fs/namei.c:4056
    [<ffffffff846099a5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff846099a5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff88810a5a7080 (size 128):
  comm "syz-executor.0", pid 4206, jiffies 4294944336 (age 14.270s)
  hex dump (first 32 bytes):
    00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8148f863>] mempool_alloc+0x73/0x230 mm/mempool.c:392
    [<ffffffff81c5adba>] alloc_metapage fs/jfs/jfs_metapage.c:176 [inline]
    [<ffffffff81c5adba>] __get_metapage+0x38a/0x9b0 fs/jfs/jfs_metapage.c:651
    [<ffffffff81c43722>] diNewExt+0x3f2/0x9d0 fs/jfs/jfs_imap.c:2265
    [<ffffffff81c45114>] diAllocExt fs/jfs/jfs_imap.c:1945 [inline]
    [<ffffffff81c45114>] diAllocAG+0x9a4/0xd50 fs/jfs/jfs_imap.c:1662
    [<ffffffff81c46f3f>] diAlloc+0x31f/0x900 fs/jfs/jfs_imap.c:1583
    [<ffffffff81c57c5a>] ialloc+0x6a/0x3a0 fs/jfs/jfs_inode.c:56
    [<ffffffff81c3a397>] jfs_mkdir+0xf7/0x480 fs/jfs/namei.c:225
    [<ffffffff815f9a23>] vfs_mkdir+0x223/0x340 fs/namei.c:4013
    [<ffffffff81602a05>] do_mkdirat+0x1a5/0x1e0 fs/namei.c:4038
    [<ffffffff81602b79>] __do_sys_mkdir fs/namei.c:4058 [inline]
    [<ffffffff81602b79>] __se_sys_mkdir fs/namei.c:4056 [inline]
    [<ffffffff81602b79>] __x64_sys_mkdir+0x69/0x90 fs/namei.c:4056
    [<ffffffff846099a5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff846099a5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff888114d44e80 (size 128):
  comm "syz-executor.0", pid 4734, jiffies 4294944949 (age 8.140s)
  hex dump (first 32 bytes):
    00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8148f863>] mempool_alloc+0x73/0x230 mm/mempool.c:392
    [<ffffffff81c5adba>] alloc_metapage fs/jfs/jfs_metapage.c:176 [inline]
    [<ffffffff81c5adba>] __get_metapage+0x38a/0x9b0 fs/jfs/jfs_metapage.c:651
    [<ffffffff81c43722>] diNewExt+0x3f2/0x9d0 fs/jfs/jfs_imap.c:2265
    [<ffffffff81c45114>] diAllocExt fs/jfs/jfs_imap.c:1945 [inline]
    [<ffffffff81c45114>] diAllocAG+0x9a4/0xd50 fs/jfs/jfs_imap.c:1662
    [<ffffffff81c46f3f>] diAlloc+0x31f/0x900 fs/jfs/jfs_imap.c:1583
    [<ffffffff81c57c5a>] ialloc+0x6a/0x3a0 fs/jfs/jfs_inode.c:56
    [<ffffffff81c3a397>] jfs_mkdir+0xf7/0x480 fs/jfs/namei.c:225
    [<ffffffff815f9a23>] vfs_mkdir+0x223/0x340 fs/namei.c:4013
    [<ffffffff81602a05>] do_mkdirat+0x1a5/0x1e0 fs/namei.c:4038
    [<ffffffff81602b79>] __do_sys_mkdir fs/namei.c:4058 [inline]
    [<ffffffff81602b79>] __se_sys_mkdir fs/namei.c:4056 [inline]
    [<ffffffff81602b79>] __x64_sys_mkdir+0x69/0x90 fs/namei.c:4056
    [<ffffffff846099a5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff846099a5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84800087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd



Tested on:

commit:         ffb39098 Merge tag 'linux-kselftest-kunit-6.1-rc1' of ..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14c99b0a880000
kernel config:  https://syzkaller.appspot.com/x/.config?x=10f41fbb818af57a
dashboard link: https://syzkaller.appspot.com/bug?extid=389b82b29093b3e2640a
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2

Note: no patches were applied.

     prev parent reply	other threads:[~2022-10-06 23:54 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-04  8:49 [syzbot] memory leak in __get_metapage syzbot
2022-10-04  8:52 ` Dmitry Vyukov
2022-10-06  1:15 ` Fabio M. De Francesco
2022-10-06  1:16   ` syzbot
2022-10-11 11:00   ` syzbot
2022-10-06  1:20 ` Fabio M. De Francesco
2022-10-06  1:20   ` syzbot
2022-10-11 10:32   ` syzbot
2022-10-06  1:23 ` Fabio M. De Francesco
2022-10-06  1:23   ` syzbot
2022-10-11 10:32   ` syzbot
2022-10-06  1:28 ` Fabio M. De Francesco
2022-10-06  9:43   ` syzbot
2022-10-06 19:43 ` Fabio M. De Francesco
2022-10-06 22:03   ` syzbot
2022-10-06 23:26 ` Fabio M. De Francesco
2022-10-06 23:54   ` syzbot [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0000000000007cd19505ea66692e@google.com \
    --to=syzbot+389b82b29093b3e2640a@syzkaller.appspotmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=fmdefrancesco@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.