syzbot


memory leak in fbcon_set_font (2)

Status: fixed on 2023/02/24 13:50
Subsystems: fbdev
[Documentation on labels]
Reported-by: syzbot+25bdb7b1703639abd498@syzkaller.appspotmail.com
Fix commit: 3c3bfb8586f8 fbdev: fbcon: release buffer when fbcon_do_set_font() failed
First crash: 454d, last: 454d
Discussions (3)
Title Replies (including bot) Last reply
[PATCH] fbdev: fbcon: release buffer when fbcon_do_set_font() failed 2 (2) 2022/12/10 16:18
[PATCH] fbcon: Fix memleak when fbcon_set_font() fails 1 (1) 2022/12/05 08:49
[syzbot] memory leak in fbcon_set_font (2) 0 (1) 2022/12/05 04:34
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in fbcon_set_font fbdev C 1 1144d 1144d 0/26 auto-obsoleted due to no activity on 2022/10/03 19:40
upstream memory leak in fbcon_set_font (3) fbdev C 1 76d 282d 0/26 upstream: reported C repro on 2023/05/25 11:17
Last patch testing requests (1)
Created Duration User Patch Repo Result
2022/12/05 10:56 16m penguin-kernel@i-love.sakura.ne.jp patch upstream OK log

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888111648000 (size 18448):
  comm "syz-executor148", pid 3653, jiffies 4294970435 (age 13.520s)
  hex dump (first 32 bytes):
    85 44 7e c7 00 00 00 00 00 48 00 00 00 00 00 00  .D~......H......
    92 30 86 d2 8c 38 30 9e e7 a3 05 00 9f 09 33 bb  .0...80.......3.
  backtrace:
    [<ffffffff814ee6d3>] __do_kmalloc_node mm/slab_common.c:943 [inline]
    [<ffffffff814ee6d3>] __kmalloc+0xb3/0x120 mm/slab_common.c:968
    [<ffffffff8250c359>] kmalloc include/linux/slab.h:558 [inline]
    [<ffffffff8250c359>] fbcon_set_font+0x1a9/0x470 drivers/video/fbdev/core/fbcon.c:2508
    [<ffffffff8262cd59>] con_font_set drivers/tty/vt/vt.c:4667 [inline]
    [<ffffffff8262cd59>] con_font_op+0x3a9/0x600 drivers/tty/vt/vt.c:4713
    [<ffffffff82618e3d>] vt_k_ioctl drivers/tty/vt/vt_ioctl.c:474 [inline]
    [<ffffffff82618e3d>] vt_ioctl+0x14fd/0x1a80 drivers/tty/vt/vt_ioctl.c:752
    [<ffffffff825fdaf5>] tty_ioctl+0x6d5/0xbe0 drivers/tty/tty_io.c:2771
    [<ffffffff816200bc>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff816200bc>] __do_sys_ioctl fs/ioctl.c:870 [inline]
    [<ffffffff816200bc>] __se_sys_ioctl fs/ioctl.c:856 [inline]
    [<ffffffff816200bc>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:856
    [<ffffffff8485c5e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff8485c5e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84a00087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

BUG: memory leak
unreferenced object 0xffff888110b18000 (size 18448):
  comm "syz-executor148", pid 3655, jiffies 4294971001 (age 7.860s)
  hex dump (first 32 bytes):
    85 44 7e c7 00 00 00 00 00 48 00 00 00 00 00 00  .D~......H......
    92 30 86 d2 8c 38 30 9e e7 a3 05 00 9f 09 33 bb  .0...80.......3.
  backtrace:
    [<ffffffff814ee6d3>] __do_kmalloc_node mm/slab_common.c:943 [inline]
    [<ffffffff814ee6d3>] __kmalloc+0xb3/0x120 mm/slab_common.c:968
    [<ffffffff8250c359>] kmalloc include/linux/slab.h:558 [inline]
    [<ffffffff8250c359>] fbcon_set_font+0x1a9/0x470 drivers/video/fbdev/core/fbcon.c:2508
    [<ffffffff8262cd59>] con_font_set drivers/tty/vt/vt.c:4667 [inline]
    [<ffffffff8262cd59>] con_font_op+0x3a9/0x600 drivers/tty/vt/vt.c:4713
    [<ffffffff82618e3d>] vt_k_ioctl drivers/tty/vt/vt_ioctl.c:474 [inline]
    [<ffffffff82618e3d>] vt_ioctl+0x14fd/0x1a80 drivers/tty/vt/vt_ioctl.c:752
    [<ffffffff825fdaf5>] tty_ioctl+0x6d5/0xbe0 drivers/tty/tty_io.c:2771
    [<ffffffff816200bc>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff816200bc>] __do_sys_ioctl fs/ioctl.c:870 [inline]
    [<ffffffff816200bc>] __se_sys_ioctl fs/ioctl.c:856 [inline]
    [<ffffffff816200bc>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:856
    [<ffffffff8485c5e5>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff8485c5e5>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84a00087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd

write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/12/04 20:31 upstream c2bf05db6c78 e080de16 .config console log report syz C ci-upstream-gce-leak memory leak in fbcon_set_font
* Struck through repros no longer work on HEAD.