| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Jan 2020 08:06:14 -0800
From: syzbot <syzbot+30edd0f34bfcdc548ac4@...kaller.appspotmail.com>
To: alsa-devel@...a-project.org, dri-devel@...ts.freedesktop.org,
linaro-mm-sig@...ts.linaro.org, linux-kernel@...r.kernel.org,
linux-media@...r.kernel.org, perex@...ex.cz,
sumit.semwal@...aro.org, syzkaller-bugs@...glegroups.com,
tglx@...utronix.de, tiwai@...e.com
Subject: memory leak in snd_pcm_hw_params
Hello,
syzbot found the following crash on:
HEAD commit: b3a60822 Merge branch 'for-v5.6' of git://git.kernel.org:/..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1351cf66e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=e97a1bc78afb77f
dashboard link: https://syzkaller.appspot.com/bug?extid=30edd0f34bfcdc548ac4
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14e97735e00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=13cd9bc9e00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+30edd0f34bfcdc548ac4@...kaller.appspotmail.com
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888108fdefc0 (size 64):
comm "syz-executor222", pid 7310, jiffies 4294946025 (age 13.660s)
hex dump (first 32 bytes):
07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 10 33 02 00 c9 ff ff 00 00 00 00 00 00 00 00 ..3.............
backtrace:
[<00000000c59c6b0c>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
[<00000000c59c6b0c>] slab_post_alloc_hook mm/slab.h:586 [inline]
[<00000000c59c6b0c>] slab_alloc mm/slab.c:3320 [inline]
[<00000000c59c6b0c>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3549
[<00000000478172ce>] kmalloc include/linux/slab.h:556 [inline]
[<00000000478172ce>] kzalloc include/linux/slab.h:670 [inline]
[<00000000478172ce>] snd_pcm_lib_malloc_pages+0x12b/0x200 sound/core/pcm_memory.c:404
[<0000000091532e16>] snd_pcm_hw_params+0x720/0x830 sound/core/pcm_native.c:691
[<000000002070a986>] snd_pcm_kernel_ioctl+0xb5/0x170 sound/core/pcm_native.c:3238
[<00000000394e99f4>] snd_pcm_oss_change_params_locked+0x745/0x1140 sound/core/oss/pcm_oss.c:944
[<00000000c81f42ac>] snd_pcm_oss_change_params+0x43/0x80 sound/core/oss/pcm_oss.c:1087
[<000000007710a1c0>] snd_pcm_oss_make_ready+0x55/0xc0 sound/core/oss/pcm_oss.c:1146
[<0000000069305204>] snd_pcm_oss_sync.isra.0+0xb8/0x310 sound/core/oss/pcm_oss.c:1707
[<00000000692460c8>] snd_pcm_oss_release+0xef/0x100 sound/core/oss/pcm_oss.c:2545
[<0000000013ba02c9>] __fput+0xed/0x300 fs/file_table.c:280
[<0000000080810f18>] ____fput+0x16/0x20 fs/file_table.c:313
[<00000000e6bb3aa6>] task_work_run+0x9d/0xc0 kernel/task_work.c:113
[<00000000b6ce71eb>] exit_task_work include/linux/task_work.h:22 [inline]
[<00000000b6ce71eb>] do_exit+0x3fa/0xe20 kernel/exit.c:801
[<0000000045ce7ad3>] do_group_exit+0x4b/0xe0 kernel/exit.c:899
[<00000000aeb85903>] __do_sys_exit_group kernel/exit.c:910 [inline]
[<00000000aeb85903>] __se_sys_exit_group kernel/exit.c:908 [inline]
[<00000000aeb85903>] __x64_sys_exit_group+0x1c/0x20 kernel/exit.c:908
[<000000008b12db16>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
Powered by blists - more mailing lists