syzbot

 sign-in | mailing list | source | docs
🐞 Open [984] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

memory leak in dma_buf_ioctl

Status: fixed on 2020/04/15 17:19
Reported-by: syzbot+b2098bc44728a4efb3e9@syzkaller.appspotmail.com
Fix commit: d1f37226431f dma-buf: free dmabuf->name in dma_buf_release()
First crash: 1735d, last: 1515d
Cause bisection: introduced by (bisect log) :
commit 04cf31a759ef575f750a63777cee95500e410994
Author: Michael Ellerman <mpe@ellerman.id.au>
Date: Thu Mar 24 11:04:01 2016 +0000

  ftrace: Make ftrace_location_range() global

Crash: INFO: rcu detected stall in corrupted (log)
Repro: C syz .config
  
Discussions (7)
Title Replies (including bot) Last reply
[PATCH 5.5 000/189] 5.5.9-stable review 206 (206) 2020/03/25 17:53
[PATCH 5.4 000/168] 5.4.25-stable review 177 (177) 2020/03/11 18:09
[PATCH] dma-buf: free dmabuf->name in dma_buf_release() 4 (4) 2020/02/27 21:45
Re: + dma-buf-free-dmabuf-name-in-dma_buf_release.patch added to -mm tree 3 (3) 2020/02/27 04:20
[PATCH] dma-buf: free dmabuf->name in dma_buf_release() 3 (3) 2020/02/18 18:41
[PATCH] dma-buf: Fix memory leak in dma_buf_set_name 3 (3) 2019/08/18 18:05
memory leak in dma_buf_ioctl 2 (4) 2019/07/26 02:46

Sample crash report:
executing program
executing program
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888115155a80 (size 32):
  comm "syz-executor325", pid 7213, jiffies 4294945183 (age 13.880s)
  hex dump (first 32 bytes):
    00 64 6d 61 62 75 66 3a 00 00 00 00 00 00 00 00  .dmabuf:........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000f8304b8a>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<00000000f8304b8a>] slab_post_alloc_hook mm/slab.h:586 [inline]
    [<00000000f8304b8a>] slab_alloc mm/slab.c:3320 [inline]
    [<00000000f8304b8a>] __do_kmalloc mm/slab.c:3654 [inline]
    [<00000000f8304b8a>] __kmalloc_track_caller+0x165/0x300 mm/slab.c:3671
    [<0000000095f9874f>] memdup_user+0x26/0xc0 mm/util.c:172
    [<0000000091387f74>] strndup_user+0x62/0x80 mm/util.c:231
    [<00000000103003fc>] dma_buf_set_name drivers/dma-buf/dma-buf.c:331 [inline]
    [<00000000103003fc>] dma_buf_ioctl+0x60/0x1e0 drivers/dma-buf/dma-buf.c:391
    [<000000008abb93fd>] vfs_ioctl fs/ioctl.c:47 [inline]
    [<000000008abb93fd>] ksys_ioctl+0xb4/0xe0 fs/ioctl.c:763
    [<0000000092c5b5eb>] __do_sys_ioctl fs/ioctl.c:772 [inline]
    [<0000000092c5b5eb>] __se_sys_ioctl fs/ioctl.c:770 [inline]
    [<0000000092c5b5eb>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:770
    [<00000000f725912c>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294
    [<000000003836dd1c>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

Crashes (129):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/02/25 08:25 upstream f8788d86ab28 59b57593 .config console log report syz C ci-upstream-gce-leak
2020/02/25 08:02 upstream f8788d86ab28 59b57593 .config console log report syz C ci-upstream-gce-leak
2020/02/23 09:23 upstream 54dedb5b571d 2c36e7a7 .config console log report syz C ci-upstream-gce-leak
2020/02/20 18:54 upstream ca7e1fd1026c 81230308 .config console log report syz C ci-upstream-gce-leak
2020/02/13 15:23 upstream f2850dd5ee01 84f4fc8a .config console log report syz C ci-upstream-gce-leak
2020/02/10 09:20 upstream d1ea35f4cdd4 35f5e45e .config console log report syz C ci-upstream-gce-leak
2020/02/05 03:58 upstream 33b40134e5cf 93e5e335 .config console log report syz C ci-upstream-gce-leak
2020/02/03 13:20 upstream 46d6b7becb1d 93e5e335 .config console log report syz C ci-upstream-gce-leak
2020/02/01 23:23 upstream 94f2630b1897 2274ad39 .config console log report syz C ci-upstream-gce-leak
2020/01/28 04:47 upstream d5226fa6dbae 56cd6c9b .config console log report syz C ci-upstream-gce-leak
2020/01/24 18:11 upstream 4703d9119972 2e95ab33 .config console log report syz C ci-upstream-gce-leak
2020/01/24 04:14 upstream 4703d9119972 2e95ab33 .config console log report syz C ci-upstream-gce-leak
2020/01/21 09:10 upstream d96d875ef5dd 8eda0b95 .config console log report syz C ci-upstream-gce-leak
2020/01/20 23:53 upstream def9d2780727 d2557fb5 .config console log report syz C ci-upstream-gce-leak
2020/01/19 07:00 upstream 244dc2689085 bc8bc756 .config console log report syz C ci-upstream-gce-leak
2020/01/10 15:19 upstream e69ec487b2c7 4de4e9f0 .config console log report syz C ci-upstream-gce-leak
2020/01/08 16:51 upstream ae6088216ce4 ddc3e859 .config console log report syz C ci-upstream-gce-leak
2020/01/08 05:23 upstream ae6088216ce4 6738e0b3 .config console log report syz C ci-upstream-gce-leak
2020/01/07 06:40 upstream ec7b3f5372e2 53430d97 .config console log report syz C ci-upstream-gce-leak
2019/12/30 17:40 upstream fd6988496e79 af6b8ef8 .config console log report syz C ci-upstream-gce-leak
2019/12/29 08:38 upstream bf8d1cd43865 af6b8ef8 .config console log report syz C ci-upstream-gce-leak
2019/12/24 07:45 upstream 46cf053efec6 be5c2c81 .config console log report syz C ci-upstream-gce-leak
2019/12/24 07:19 upstream 46cf053efec6 be5c2c81 .config console log report syz C ci-upstream-gce-leak
2019/12/18 05:41 upstream 9065e0636036 a6bc9c88 .config console log report syz C ci-upstream-gce-leak
2019/12/13 07:39 upstream ae4b064e2a61 08003f64 .config console log report syz C ci-upstream-gce-leak
2019/12/08 15:06 upstream 9455d25f4e3b 1508f453 .config console log report syz C ci-upstream-gce-leak
2019/12/07 05:30 upstream 7ada90eb9c7a 85f26751 .config console log report syz C ci-upstream-gce-leak
2019/12/06 10:17 upstream b0d4beaa5a4b 98b4ef2d .config console log report syz C ci-upstream-gce-leak
2019/12/05 00:15 upstream 63de37476ebd b2088328 .config console log report syz C ci-upstream-gce-leak
2019/12/04 05:41 upstream 76bb8b05960c ae13a849 .config console log report syz C ci-upstream-gce-leak
2019/12/02 16:37 upstream ceb307474506 f879db37 .config console log report syz C ci-upstream-gce-leak
2019/11/30 08:42 upstream 81b6b96475ac 3a75be00 .config console log report syz C ci-upstream-gce-leak
2019/11/30 08:12 upstream 81b6b96475ac 3a75be00 .config console log report syz C ci-upstream-gce-leak
2019/11/29 11:20 upstream 81b6b96475ac 76357d6f .config console log report syz C ci-upstream-gce-leak
2019/11/25 22:18 upstream 219d54332a09 371caf77 .config console log report syz C ci-upstream-gce-leak
2019/11/24 11:56 upstream 6b8a79467876 598ca6c8 .config console log report syz C ci-upstream-gce-leak
2019/11/23 08:57 upstream a6b0373ffcd8 598ca6c8 .config console log report syz C ci-upstream-gce-leak
2019/11/21 12:20 upstream c74386d50fba 8098ea0f .config console log report syz C ci-upstream-gce-leak
2019/11/18 17:43 upstream af42d3466bdc 1daed50a .config console log report syz C ci-upstream-gce-leak
2019/11/16 06:05 upstream eb70e26cd79d cdac920b .config console log report syz C ci-upstream-gce-leak
2019/07/20 08:46 upstream abdfd52a295f 1656845f .config console log report syz C ci-upstream-gce-leak
2020/01/12 10:34 upstream ac61145a725a 4c04afaa .config console log report syz ci-upstream-gce-leak
2020/01/11 08:54 upstream e69ec487b2c7 4de4e9f0 .config console log report syz ci-upstream-gce-leak
2020/01/08 22:06 upstream ae6088216ce4 ddc3e859 .config console log report syz ci-upstream-gce-leak
2020/01/04 23:10 upstream 3a562aee727a 68256974 .config console log report syz ci-upstream-gce-leak
2020/01/04 08:03 upstream bed723519a72 68256974 .config console log report syz ci-upstream-gce-leak
2020/01/02 08:25 upstream 738d2902773e 25a0186e .config console log report syz ci-upstream-gce-leak
2019/12/29 16:49 upstream bf8d1cd43865 af6b8ef8 .config console log report syz ci-upstream-gce-leak
2019/12/29 15:08 upstream bf8d1cd43865 af6b8ef8 .config console log report syz ci-upstream-gce-leak
2019/12/27 22:39 upstream 46cf053efec6 be5c2c81 .config console log report syz ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.