lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <000000000000e1877405ad662415@google.com>
Date:   Fri, 21 Aug 2020 09:58:20 -0700
From:   syzbot <syzbot+6e14de8b553308b5507c@...kaller.appspotmail.com>
To:     linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        syzkaller-bugs@...glegroups.com, viro@...iv.linux.org.uk
Subject: memory leak in rw_copy_check_uvector

Hello,

syzbot found the following issue on:

HEAD commit:    da2968ff Merge tag 'pci-v5.9-fixes-1' of git://git.kernel...
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=124577f9900000
kernel config:  https://syzkaller.appspot.com/x/.config?x=948134d9ff96e950
dashboard link: https://syzkaller.appspot.com/bug?extid=6e14de8b553308b5507c
compiler:       gcc (GCC) 10.1.0-syz 20200507
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=12a9ab36900000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=17049fa1900000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+6e14de8b553308b5507c@...kaller.appspotmail.com

BUG: memory leak
unreferenced object 0xffff88811c405400 (size 1024):
  comm "syz-executor386", pid 6503, jiffies 4294942347 (age 13.130s)
  hex dump (first 32 bytes):
    00 01 00 20 00 00 00 00 14 00 00 00 00 00 00 00  ... ............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000001a62dd57>] kmalloc_array include/linux/slab.h:594 [inline]
    [<000000001a62dd57>] rw_copy_check_uvector+0x171/0x1a0 fs/read_write.c:812
    [<0000000016ad020b>] import_iovec+0x4a/0x140 lib/iov_iter.c:1681
    [<00000000fb58399a>] io_import_iovec+0x271/0x640 fs/io_uring.c:2879
    [<0000000002d03b50>] io_rw_prep_async fs/io_uring.c:3006 [inline]
    [<0000000002d03b50>] io_read_prep+0x94/0xf0 fs/io_uring.c:3031
    [<000000008ab01d5d>] io_req_defer_prep fs/io_uring.c:5462 [inline]
    [<000000008ab01d5d>] io_req_defer_prep+0x1c6/0x720 fs/io_uring.c:5442
    [<0000000075ed8a70>] io_submit_sqe fs/io_uring.c:6262 [inline]
    [<0000000075ed8a70>] io_submit_sqes+0x306/0xc00 fs/io_uring.c:6488
    [<00000000d1d617da>] __do_sys_io_uring_enter+0x582/0x830 fs/io_uring.c:8265
    [<00000000334cee0e>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<0000000053cdb89f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9



---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ