lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <000000000000bd78e706031e8c02@google.com>
Date:   Thu, 17 Aug 2023 06:40:05 -0700
From:   syzbot <syzbot+f3d40299952f55df8614@...kaller.appspotmail.com>
To:     adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        syzkaller-bugs@...glegroups.com, tytso@....edu
Subject: [syzbot] [ext4?] memory leak in __es_insert_extent

Hello,

syzbot found the following issue on:

HEAD commit:    a785fd28d31f Merge tag 'for-6.5-rc5-tag' of git://git.kern..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=141ddd73a80000
kernel config:  https://syzkaller.appspot.com/x/.config?x=2bf8962e4f7984f4
dashboard link: https://syzkaller.appspot.com/bug?extid=f3d40299952f55df8614
compiler:       gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1471c04ba80000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/5b766dfb84ba/disk-a785fd28.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/c3ee7bb9fc27/vmlinux-a785fd28.xz
kernel image: https://storage.googleapis.com/syzbot-assets/ffbde03d2df8/bzImage-a785fd28.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+f3d40299952f55df8614@...kaller.appspotmail.com

BUG: memory leak
unreferenced object 0xffff888131b41000 (size 40):
  comm "syz-executor.2", pid 17149, jiffies 4294966508 (age 33.030s)
  hex dump (first 32 bytes):
    29 ff b6 31 81 88 ff ff 00 00 00 00 00 00 00 00  )..1............
    00 00 00 00 00 00 00 00 0b 0c 00 00 09 00 00 00  ................
  backtrace:
    [<ffffffff81824c5a>] __es_alloc_extent fs/ext4/extents_status.c:467 [inline]
    [<ffffffff81824c5a>] __es_alloc_extent fs/ext4/extents_status.c:464 [inline]
    [<ffffffff81824c5a>] __es_insert_extent+0x28a/0x540 fs/ext4/extents_status.c:815
    [<ffffffff81826ef0>] ext4_es_insert_extent+0x1e0/0x890 fs/ext4/extents_status.c:882
    [<ffffffff81842145>] ext4_map_blocks+0x575/0xad0 fs/ext4/inode.c:680
    [<ffffffff81842790>] _ext4_get_block+0xf0/0x1a0 fs/ext4/inode.c:763
    [<ffffffff8183ead6>] ext4_block_write_begin+0x216/0x730 fs/ext4/inode.c:1043
    [<ffffffff8184b4e0>] ext4_write_begin+0x2a0/0x7c0 fs/ext4/inode.c:1183
    [<ffffffff8184bada>] ext4_da_write_begin+0xda/0x3c0 fs/ext4/inode.c:2867
    [<ffffffff814fcf36>] generic_perform_write+0x116/0x2e0 mm/filemap.c:3923
    [<ffffffff81829f20>] ext4_buffered_write_iter+0xa0/0x1a0 fs/ext4/file.c:299
    [<ffffffff8182a0d2>] ext4_file_write_iter+0xb2/0xde0 fs/ext4/file.c:722
    [<ffffffff81665edd>] __kernel_write_iter+0x10d/0x370 fs/read_write.c:517
    [<ffffffff8173cc81>] dump_emit_page fs/coredump.c:888 [inline]
    [<ffffffff8173cc81>] dump_user_range+0x141/0x3a0 fs/coredump.c:915
    [<ffffffff8172d344>] elf_core_dump+0x10c4/0x1570 fs/binfmt_elf.c:2142
    [<ffffffff8173c4c8>] do_coredump+0x19b8/0x2030 fs/coredump.c:764
    [<ffffffff812a2f92>] get_signal+0xf52/0xfb0 kernel/signal.c:2867
    [<ffffffff81132f69>] arch_do_signal_or_restart+0x39/0x280 arch/x86/kernel/signal.c:308



---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ