lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <69369d82.a70a0220.38f243.009f.GAE@google.com>
Date: Mon, 08 Dec 2025 01:42:26 -0800
From: syzbot <syzbot+3d7ca9c802c547f8550a@...kaller.appspotmail.com>
To: dakr@...nel.org, gregkh@...uxfoundation.org, linux-fsdevel@...r.kernel.org, 
	linux-kernel@...r.kernel.org, rafael@...nel.org, 
	syzkaller-bugs@...glegroups.com
Subject: [syzbot] [fs?] memory leak in debugfs_change_name

Hello,

syzbot found the following issue on:

HEAD commit:    8f7aa3d3c732 Merge tag 'net-next-6.19' of git://git.kernel..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1350c01a580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=3bdbe6509b080086
dashboard link: https://syzkaller.appspot.com/bug?extid=3d7ca9c802c547f8550a
compiler:       gcc (Debian 12.2.0-14+deb12u1) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=13b9d192580000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=10aceab4580000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/75704c8ef83a/disk-8f7aa3d3.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/fc039c7b45ea/vmlinux-8f7aa3d3.xz
kernel image: https://storage.googleapis.com/syzbot-assets/80c77928126a/bzImage-8f7aa3d3.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3d7ca9c802c547f8550a@...kaller.appspotmail.com

BUG: memory leak
unreferenced object 0xffff8881110bb308 (size 8):
  comm "syz.0.17", pid 6090, jiffies 4294942958
  hex dump (first 8 bytes):
    2e 00 00 00 00 00 00 00                          ........
  backtrace (crc ecfc7064):
    kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]
    slab_post_alloc_hook mm/slub.c:4953 [inline]
    slab_alloc_node mm/slub.c:5258 [inline]
    __do_kmalloc_node mm/slub.c:5651 [inline]
    __kmalloc_node_track_caller_noprof+0x3b2/0x670 mm/slub.c:5759
    __kmemdup_nul mm/util.c:64 [inline]
    kstrdup+0x3c/0x80 mm/util.c:84
    kstrdup_const+0x63/0x80 mm/util.c:104
    kvasprintf_const+0xca/0x110 lib/kasprintf.c:48
    debugfs_change_name+0xf6/0x5d0 fs/debugfs/inode.c:854
    cfg80211_dev_rename+0xd8/0x110 net/wireless/core.c:149
    nl80211_set_wiphy+0x102/0x1770 net/wireless/nl80211.c:3844
    genl_family_rcv_msg_doit+0x11e/0x190 net/netlink/genetlink.c:1115
    genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
    genl_rcv_msg+0x2fd/0x440 net/netlink/genetlink.c:1210
    netlink_rcv_skb+0x93/0x1d0 net/netlink/af_netlink.c:2550
    genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
    netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
    netlink_unicast+0x3a3/0x4f0 net/netlink/af_netlink.c:1344
    netlink_sendmsg+0x335/0x6b0 net/netlink/af_netlink.c:1894
    sock_sendmsg_nosec net/socket.c:718 [inline]
    __sock_sendmsg net/socket.c:733 [inline]
    ____sys_sendmsg+0x562/0x5a0 net/socket.c:2608
    ___sys_sendmsg+0xc8/0x130 net/socket.c:2662
    __sys_sendmsg+0xc7/0x140 net/socket.c:2694

connection error: failed to recv *flatrpc.ExecutorMessageRawT: EOF


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ