lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <000000000000f50fb505ac9a72c9@google.com>
Date:   Tue, 11 Aug 2020 06:57:17 -0700
From:   syzbot <syzbot+a730016dc0bdce4f6ff5@...kaller.appspotmail.com>
To:     axboe@...nel.dk, io-uring@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        syzkaller-bugs@...glegroups.com, viro@...iv.linux.org.uk
Subject: memory leak in io_submit_sqes

Hello,

syzbot found the following issue on:

HEAD commit:    d6efb3ac Merge tag 'tty-5.9-rc1' of git://git.kernel.org/p..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=13cb0762900000
kernel config:  https://syzkaller.appspot.com/x/.config?x=42163327839348a9
dashboard link: https://syzkaller.appspot.com/bug?extid=a730016dc0bdce4f6ff5
compiler:       gcc (GCC) 10.1.0-syz 20200507
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=16e877dc900000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1608291a900000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a730016dc0bdce4f6ff5@...kaller.appspotmail.com

executing program
executing program
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888124949100 (size 256):
  comm "syz-executor808", pid 6480, jiffies 4294949911 (age 33.960s)
  hex dump (first 32 bytes):
    00 78 74 2a 81 88 ff ff 00 00 00 00 00 00 00 00  .xt*............
    90 b0 51 81 ff ff ff ff 00 00 00 00 00 00 00 00  ..Q.............
  backtrace:
    [<0000000084e46f34>] io_alloc_req fs/io_uring.c:1503 [inline]
    [<0000000084e46f34>] io_submit_sqes+0x5dc/0xc00 fs/io_uring.c:6306
    [<000000006d4e19eb>] __do_sys_io_uring_enter+0x582/0x830 fs/io_uring.c:8036
    [<00000000a4116b07>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<0000000067b2aefc>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811751d200 (size 96):
  comm "syz-executor808", pid 6480, jiffies 4294949911 (age 33.960s)
  hex dump (first 32 bytes):
    00 78 74 2a 81 88 ff ff 00 00 00 00 00 00 00 00  .xt*............
    0e 01 00 00 00 00 75 22 00 00 00 00 00 0f 1f 04  ......u"........
  backtrace:
    [<00000000073ea2ba>] kmalloc include/linux/slab.h:555 [inline]
    [<00000000073ea2ba>] io_arm_poll_handler fs/io_uring.c:4773 [inline]
    [<00000000073ea2ba>] __io_queue_sqe+0x445/0x6b0 fs/io_uring.c:5988
    [<000000001551bde0>] io_queue_sqe+0x309/0x550 fs/io_uring.c:6060
    [<000000002dfb908f>] io_submit_sqe fs/io_uring.c:6130 [inline]
    [<000000002dfb908f>] io_submit_sqes+0x8b8/0xc00 fs/io_uring.c:6327
    [<000000006d4e19eb>] __do_sys_io_uring_enter+0x582/0x830 fs/io_uring.c:8036
    [<00000000a4116b07>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<0000000067b2aefc>] entry_SYSCALL_64_after_hwframe+0x44/0xa9



---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ