| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <00000000000084c28705db2374a7@google.com>
Date: Sat, 26 Mar 2022 11:43:28 -0700
From: syzbot <syzbot+25ea042ae28f3888727a@...kaller.appspotmail.com>
To: christophe.jaillet@...adoo.fr, dhowells@...hat.com,
linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: [syzbot] memory leak in watch_queue_set_size
Hello,
syzbot found the following issue on:
HEAD commit: 34e047aa16c0 Merge tag 'arm64-fixes' of git://git.kernel.o..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16ac6f83700000
kernel config: https://syzkaller.appspot.com/x/.config?x=6c80259f3b3fdf91
dashboard link: https://syzkaller.appspot.com/bug?extid=25ea042ae28f3888727a
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15dc9c95700000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15dd7871700000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+25ea042ae28f3888727a@...kaller.appspotmail.com
Warning: Permanently added '10.128.10.51' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff88810d9bc140 (size 32):
comm "syz-executor335", pid 3603, jiffies 4294946994 (age 12.840s)
hex dump (first 32 bytes):
40 a7 40 04 00 ea ff ff 00 00 00 00 00 00 00 00 @.@.............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff81459bff>] kmalloc_array include/linux/slab.h:621 [inline]
[<ffffffff81459bff>] kcalloc include/linux/slab.h:652 [inline]
[<ffffffff81459bff>] watch_queue_set_size+0x12f/0x2e0 kernel/watch_queue.c:251
[<ffffffff8159fcf2>] pipe_ioctl+0x82/0x140 fs/pipe.c:632
[<ffffffff815b601c>] vfs_ioctl fs/ioctl.c:51 [inline]
[<ffffffff815b601c>] __do_sys_ioctl fs/ioctl.c:874 [inline]
[<ffffffff815b601c>] __se_sys_ioctl fs/ioctl.c:860 [inline]
[<ffffffff815b601c>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:860
[<ffffffff84493a05>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff84493a05>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84600068>] entry_SYSCALL_64_after_hwframe+0x44/0xae
BUG: memory leak
unreferenced object 0xffff88810d9b2440 (size 32):
comm "syz-executor335", pid 3606, jiffies 4294947528 (age 7.500s)
hex dump (first 32 bytes):
40 4d 36 04 00 ea ff ff 00 00 00 00 00 00 00 00 @M6.............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff81459bff>] kmalloc_array include/linux/slab.h:621 [inline]
[<ffffffff81459bff>] kcalloc include/linux/slab.h:652 [inline]
[<ffffffff81459bff>] watch_queue_set_size+0x12f/0x2e0 kernel/watch_queue.c:251
[<ffffffff8159fcf2>] pipe_ioctl+0x82/0x140 fs/pipe.c:632
[<ffffffff815b601c>] vfs_ioctl fs/ioctl.c:51 [inline]
[<ffffffff815b601c>] __do_sys_ioctl fs/ioctl.c:874 [inline]
[<ffffffff815b601c>] __se_sys_ioctl fs/ioctl.c:860 [inline]
[<ffffffff815b601c>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:860
[<ffffffff84493a05>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
[<ffffffff84493a05>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
[<ffffffff84600068>] entry_SYSCALL_64_after_hwframe+0x44/0xae
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Powered by blists - more mailing lists