[syzbot] memory leak in blk_ioprio_init
From: syzbot
Date: Wed May 11 2022 - 15:21:39 EST
Hello,
syzbot found the following issue on:
HEAD commit: feb9c5e19e91 Merge tag 'for_linus' of git://git.kernel.org..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=104f2666f00000
kernel config: https://syzkaller.appspot.com/x/.config?x=f33cdac6164584bd
dashboard link: https://syzkaller.appspot.com/bug?extid=5d564137a4c4677abcf1
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12071811f00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16ffd166f00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+5d564137a4c4677abcf1@xxxxxxxxxxxxxxxxxxxxxxxxx
executing program
BUG: memory leak
unreferenced object 0xffff88810a36cc80 (size 64):
comm "syz-executor844", pid 3616, jiffies 4294958438 (age 12.560s)
hex dump (first 32 bytes):
80 99 ca 85 ff ff ff ff 40 16 93 04 81 88 ff ff ........@.......
03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff82338d25>] kmalloc include/linux/slab.h:581 [inline]
[<ffffffff82338d25>] kzalloc include/linux/slab.h:714 [inline]
[<ffffffff82338d25>] blk_ioprio_init+0x25/0xf0 block/blk-ioprio.c:233
[<ffffffff8233169d>] blkcg_init_queue+0xcd/0x1f0 block/blk-cgroup.c:1216
[<ffffffff82317c6e>] __alloc_disk_node+0x11e/0x230 block/genhd.c:1381
[<ffffffff82317db5>] __blk_alloc_disk+0x35/0x70 block/genhd.c:1421
[<ffffffff832f7574>] md_alloc+0x5d4/0x830 drivers/md/md.c:5697
[<ffffffff832f7839>] md_probe+0x69/0x70 drivers/md/md.c:5746
[<ffffffff8231858a>] blk_request_module+0x8a/0x110 block/genhd.c:716
[<ffffffff822e79f7>] blkdev_get_no_open+0x77/0xc0 block/bdev.c:737
[<ffffffff822e7a63>] blkdev_get_by_dev.part.0+0x23/0x520 block/bdev.c:794
[<ffffffff822e7fcb>] blkdev_get_by_dev+0x6b/0x80 block/bdev.c:850
[<ffffffff822e9337>] blkdev_open+0xb7/0x130 block/fops.c:498
[<ffffffff815b4be6>] do_dentry_open+0x1e6/0x650 fs/open.c:824
[<ffffffff815db0a1>] do_open fs/namei.c:3476 [inline]
[<ffffffff815db0a1>] path_openat+0x18a1/0x1e70 fs/namei.c:3609
[<ffffffff815ddd71>] do_filp_open+0xc1/0x1b0 fs/namei.c:3636
[<ffffffff815b83bd>] do_sys_openat2+0xed/0x260 fs/open.c:1213
[<ffffffff815b8e0f>] do_sys_open fs/open.c:1229 [inline]
[<ffffffff815b8e0f>] __do_sys_openat fs/open.c:1245 [inline]
[<ffffffff815b8e0f>] __se_sys_openat fs/open.c:1240 [inline]
[<ffffffff815b8e0f>] __x64_sys_openat+0x7f/0xe0 fs/open.c:1240
BUG: memory leak
unreferenced object 0xffff88810f6c7780 (size 96):
comm "syz-executor844", pid 3616, jiffies 4294958438 (age 12.560s)
hex dump (first 32 bytes):
c0 9f ca 85 ff ff ff ff 40 16 93 04 81 88 ff ff ........@.......
01 00 00 00 00 00 00 00 80 cc 36 0a 81 88 ff ff ..........6.....
backtrace:
[<ffffffff8233b228>] kmalloc include/linux/slab.h:581 [inline]
[<ffffffff8233b228>] kzalloc include/linux/slab.h:714 [inline]
[<ffffffff8233b228>] blk_iolatency_init+0x28/0x190 block/blk-iolatency.c:725
[<ffffffff823316f5>] blkcg_init_queue+0x125/0x1f0 block/blk-cgroup.c:1224
[<ffffffff82317c6e>] __alloc_disk_node+0x11e/0x230 block/genhd.c:1381
[<ffffffff82317db5>] __blk_alloc_disk+0x35/0x70 block/genhd.c:1421
[<ffffffff832f7574>] md_alloc+0x5d4/0x830 drivers/md/md.c:5697
[<ffffffff832f7839>] md_probe+0x69/0x70 drivers/md/md.c:5746
[<ffffffff8231858a>] blk_request_module+0x8a/0x110 block/genhd.c:716
[<ffffffff822e79f7>] blkdev_get_no_open+0x77/0xc0 block/bdev.c:737
[<ffffffff822e7a63>] blkdev_get_by_dev.part.0+0x23/0x520 block/bdev.c:794
[<ffffffff822e7fcb>] blkdev_get_by_dev+0x6b/0x80 block/bdev.c:850
[<ffffffff822e9337>] blkdev_open+0xb7/0x130 block/fops.c:498
[<ffffffff815b4be6>] do_dentry_open+0x1e6/0x650 fs/open.c:824
[<ffffffff815db0a1>] do_open fs/namei.c:3476 [inline]
[<ffffffff815db0a1>] path_openat+0x18a1/0x1e70 fs/namei.c:3609
[<ffffffff815ddd71>] do_filp_open+0xc1/0x1b0 fs/namei.c:3636
[<ffffffff815b83bd>] do_sys_openat2+0xed/0x260 fs/open.c:1213
[<ffffffff815b8e0f>] do_sys_open fs/open.c:1229 [inline]
[<ffffffff815b8e0f>] __do_sys_openat fs/open.c:1245 [inline]
[<ffffffff815b8e0f>] __se_sys_openat fs/open.c:1240 [inline]
[<ffffffff815b8e0f>] __x64_sys_openat+0x7f/0xe0 fs/open.c:1240
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@xxxxxxxxxxxxxxxx.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches