lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <000000000000443d8a05afcff2b5@google.com>
Date:   Mon, 21 Sep 2020 03:02:21 -0700
From:   syzbot <syzbot+9f864abad79fae7c17e1@...kaller.appspotmail.com>
To:     adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org,
        linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com,
        tytso@....edu
Subject: memory leak in kobject_set_name_vargs (3)

Hello,

syzbot found the following issue on:

HEAD commit:    bdcf11de Merge tag 'riscv-for-linus-5.9-rc6' of git://git...
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=179e18d3900000
kernel config:  https://syzkaller.appspot.com/x/.config?x=a1f3c5052e8097e9
dashboard link: https://syzkaller.appspot.com/bug?extid=9f864abad79fae7c17e1
compiler:       gcc (GCC) 10.1.0-syz 20200507
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=14c33cad900000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=154bc6c3900000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+9f864abad79fae7c17e1@...kaller.appspotmail.com

BUG: memory leak
unreferenced object 0xffff88811a0d75c0 (size 32):
  comm "syz-executor307", pid 6444, jiffies 4294941412 (age 12.730s)
  hex dump (first 32 bytes):
    6c 6f 6f 70 30 00 00 00 00 00 00 00 00 00 00 00  loop0...........
    01 00 00 00 03 00 00 00 2b 00 00 00 00 00 00 00  ........+.......
  backtrace:
    [<00000000f89b0bef>] kstrdup+0x36/0x70 mm/util.c:60
    [<000000004b68a0da>] kstrdup_const+0x35/0x60 mm/util.c:82
    [<000000008eb65a51>] kvasprintf_const+0x72/0xe0 lib/kasprintf.c:48
    [<00000000691729e7>] kobject_set_name_vargs+0x3b/0xe0 lib/kobject.c:289
    [<00000000dfb16dfe>] kobject_add_varg lib/kobject.c:384 [inline]
    [<00000000dfb16dfe>] kobject_init_and_add+0x6d/0xc0 lib/kobject.c:473
    [<000000005849f02f>] ext4_register_sysfs+0x6b/0x160 fs/ext4/sysfs.c:508
    [<0000000027523718>] ext4_fill_super+0x2d04/0x46c0 fs/ext4/super.c:4799
    [<0000000095f0e4f3>] mount_bdev+0x1d3/0x210 fs/super.c:1417
    [<00000000415e8d00>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000bf686d81>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<00000000fd6d6aba>] do_new_mount fs/namespace.c:2875 [inline]
    [<00000000fd6d6aba>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<000000008d02c1d0>] do_mount fs/namespace.c:3205 [inline]
    [<000000008d02c1d0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<000000008d02c1d0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<000000008d02c1d0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<000000001c682859>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<0000000095c447b2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a0d74e0 (size 32):
  comm "syz-executor307", pid 6451, jiffies 4294941943 (age 7.420s)
  hex dump (first 32 bytes):
    6c 6f 6f 70 30 00 00 00 00 00 00 00 00 00 00 00  loop0...........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f89b0bef>] kstrdup+0x36/0x70 mm/util.c:60
    [<000000004b68a0da>] kstrdup_const+0x35/0x60 mm/util.c:82
    [<000000008eb65a51>] kvasprintf_const+0x72/0xe0 lib/kasprintf.c:48
    [<00000000691729e7>] kobject_set_name_vargs+0x3b/0xe0 lib/kobject.c:289
    [<00000000dfb16dfe>] kobject_add_varg lib/kobject.c:384 [inline]
    [<00000000dfb16dfe>] kobject_init_and_add+0x6d/0xc0 lib/kobject.c:473
    [<000000005849f02f>] ext4_register_sysfs+0x6b/0x160 fs/ext4/sysfs.c:508
    [<0000000027523718>] ext4_fill_super+0x2d04/0x46c0 fs/ext4/super.c:4799
    [<0000000095f0e4f3>] mount_bdev+0x1d3/0x210 fs/super.c:1417
    [<00000000415e8d00>] legacy_get_tree+0x26/0x70 fs/fs_context.c:592
    [<00000000bf686d81>] vfs_get_tree+0x28/0xe0 fs/super.c:1547
    [<00000000fd6d6aba>] do_new_mount fs/namespace.c:2875 [inline]
    [<00000000fd6d6aba>] path_mount+0x90e/0xda0 fs/namespace.c:3192
    [<000000008d02c1d0>] do_mount fs/namespace.c:3205 [inline]
    [<000000008d02c1d0>] __do_sys_mount fs/namespace.c:3413 [inline]
    [<000000008d02c1d0>] __se_sys_mount fs/namespace.c:3390 [inline]
    [<000000008d02c1d0>] __x64_sys_mount+0x140/0x190 fs/namespace.c:3390
    [<000000001c682859>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<0000000095c447b2>] entry_SYSCALL_64_after_hwframe+0x44/0xa9



---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ