syzbot


memory leak in gsmld_ioctl

Status: upstream: reported C repro on 2022/11/01 05:39
Subsystems: serial
[Documentation on labels]
Reported-by: syzbot+6e3e8f30f269f5028e5d@syzkaller.appspotmail.com
First crash: 708d, last: 275d
Discussions (3)
Title Replies (including bot) Last reply
tty: n_gsm: race condition in gsmld_ioctl 4 (4) 2024/04/17 10:19
[syzbot] Monthly serial report (Aug 2023) 0 (1) 2023/08/27 14:06
[syzbot] memory leak in gsmld_ioctl 0 (1) 2022/11/01 05:39
Last patch testing requests (11)
Created Duration User Patch Repo Result
2024/08/19 17:32 2h11m retest repro upstream report log
2024/06/10 20:11 20m retest repro upstream OK log
2024/06/10 16:37 20m retest repro upstream OK log
2024/06/10 16:37 19m retest repro upstream report log
2024/06/10 16:37 33m retest repro upstream OK log
2024/04/01 15:53 18m retest repro upstream report log
2024/04/01 15:53 18m retest repro upstream report log
2024/04/01 15:53 13m retest repro upstream report log
2024/04/01 15:53 12m retest repro upstream report log
2024/01/17 10:05 13m retest repro upstream report log
2022/11/11 11:22 8m mudongliangabcd@gmail.com patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git -- report log

Sample crash report:
executing program
executing program
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888107a74800 (size 1024):
  comm "syz-executor862", pid 5058, jiffies 4294945765 (age 13.090s)
  hex dump (first 32 bytes):
    00 6c a7 07 81 88 ff ff 03 00 00 00 00 00 00 00  .l..............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8163469d>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff8163469d>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff8163469d>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff8163469d>] __kmem_cache_alloc_node+0x2dd/0x3f0 mm/slub.c:3517
    [<ffffffff8157f2c5>] kmalloc_trace+0x25/0x90 mm/slab_common.c:1098
    [<ffffffff82813307>] kmalloc include/linux/slab.h:600 [inline]
    [<ffffffff82813307>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff82813307>] gsm_dlci_alloc+0x27/0x1f0 drivers/tty/n_gsm.c:2641
    [<ffffffff8281a28e>] gsmld_ioctl+0x93e/0x9f0 drivers/tty/n_gsm.c:3822
    [<ffffffff827feb2b>] tty_ioctl+0x3eb/0xc70 drivers/tty/tty_io.c:2789
    [<ffffffff816bf592>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff816bf592>] __do_sys_ioctl fs/ioctl.c:871 [inline]
    [<ffffffff816bf592>] __se_sys_ioctl fs/ioctl.c:857 [inline]
    [<ffffffff816bf592>] __x64_sys_ioctl+0xf2/0x140 fs/ioctl.c:857
    [<ffffffff84b71ebf>] do_syscall_x64 arch/x86/entry/common.c:52 [inline]
    [<ffffffff84b71ebf>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:83
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b

BUG: memory leak
unreferenced object 0xffff88810828c000 (size 4096):
  comm "syz-executor862", pid 5058, jiffies 4294945765 (age 13.090s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8163469d>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff8163469d>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff8163469d>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff8163469d>] __kmem_cache_alloc_node+0x2dd/0x3f0 mm/slub.c:3517
    [<ffffffff8157f96b>] __do_kmalloc_node mm/slab_common.c:1006 [inline]
    [<ffffffff8157f96b>] __kmalloc+0x4b/0x150 mm/slab_common.c:1020
    [<ffffffff82521719>] kmalloc_array include/linux/slab.h:637 [inline]
    [<ffffffff82521719>] __kfifo_alloc+0x89/0xe0 lib/kfifo.c:43
    [<ffffffff82813351>] gsm_dlci_alloc+0x71/0x1f0 drivers/tty/n_gsm.c:2646
    [<ffffffff8281a28e>] gsmld_ioctl+0x93e/0x9f0 drivers/tty/n_gsm.c:3822
    [<ffffffff827feb2b>] tty_ioctl+0x3eb/0xc70 drivers/tty/tty_io.c:2789
    [<ffffffff816bf592>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff816bf592>] __do_sys_ioctl fs/ioctl.c:871 [inline]
    [<ffffffff816bf592>] __se_sys_ioctl fs/ioctl.c:857 [inline]
    [<ffffffff816bf592>] __x64_sys_ioctl+0xf2/0x140 fs/ioctl.c:857
    [<ffffffff84b71ebf>] do_syscall_x64 arch/x86/entry/common.c:52 [inline]
    [<ffffffff84b71ebf>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:83
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b


Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/01/03 09:12 upstream 610a9b8f49fb fb427a07 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in gsmld_ioctl
2023/07/23 16:45 upstream c2782531397f 27cbe77f .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in gsmld_ioctl
2022/10/28 05:37 upstream b229b6ca5abb 86777b7f .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in gsmld_ioctl
2023/03/26 02:01 upstream 4bdec23f971b fbf0499a .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in gsmld_ioctl
2022/12/05 20:47 upstream 76dcd734eca2 045cbb84 .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in gsmld_ioctl
* Struck through repros no longer work on HEAD.