syzbot

 sign-in | mailing list | source | docs
🐞 Open [1603]
Subsystems
🐞 Fixed [6144]
🐞 Invalid [15368]
Missing Backports [172]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

memory leak in kvm_dev_ioctl

Status: fixed on 2021/11/10 00:50
Subsystems: kvm
[Documentation on labels]
Reported-by: syzbot+c87d2efb740931ec76c7@syzkaller.appspotmail.com
Fix commit: 004d62eb4e57 kvm: debugfs: fix memory leak in kvm_create_vm_debugfs
First crash: 1372d, last: 1356d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] memory leak in kvm_dev_ioctl 5 (6) 2021/07/05 13:31

Sample crash report:
executing program
BUG: memory leak
unreferenced object 0xffff888101a59a00 (size 32):
  comm "syz-executor334", pid 8441, jiffies 4294943490 (age 12.710s)
  hex dump (first 32 bytes):
    00 90 fc 00 00 c9 ff ff 80 ee 80 84 ff ff ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81043510>] kmalloc include/linux/slab.h:591 [inline]
    [<ffffffff81043510>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff81043510>] kvm_create_vm_debugfs arch/x86/kvm/../../../virt/kvm/kvm_main.c:916 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:4471 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl+0x710/0xb60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4498
    [<ffffffff8158c8ec>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff8158c8ec>] __do_sys_ioctl fs/ioctl.c:1069 [inline]
    [<ffffffff8158c8ec>] __se_sys_ioctl fs/ioctl.c:1055 [inline]
    [<ffffffff8158c8ec>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:1055
    [<ffffffff843af915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff843af915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff888101a592c0 (size 32):
  comm "syz-executor334", pid 8441, jiffies 4294943490 (age 12.710s)
  hex dump (first 32 bytes):
    00 90 fc 00 00 c9 ff ff c0 ee 80 84 ff ff ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81043510>] kmalloc include/linux/slab.h:591 [inline]
    [<ffffffff81043510>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff81043510>] kvm_create_vm_debugfs arch/x86/kvm/../../../virt/kvm/kvm_main.c:916 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:4471 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl+0x710/0xb60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4498
    [<ffffffff8158c8ec>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff8158c8ec>] __do_sys_ioctl fs/ioctl.c:1069 [inline]
    [<ffffffff8158c8ec>] __se_sys_ioctl fs/ioctl.c:1055 [inline]
    [<ffffffff8158c8ec>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:1055
    [<ffffffff843af915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff843af915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff888101a59d40 (size 32):
  comm "syz-executor334", pid 8441, jiffies 4294943490 (age 12.710s)
  hex dump (first 32 bytes):
    00 90 fc 00 00 c9 ff ff 00 ef 80 84 ff ff ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81043510>] kmalloc include/linux/slab.h:591 [inline]
    [<ffffffff81043510>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff81043510>] kvm_create_vm_debugfs arch/x86/kvm/../../../virt/kvm/kvm_main.c:916 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:4471 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl+0x710/0xb60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4498
    [<ffffffff8158c8ec>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff8158c8ec>] __do_sys_ioctl fs/ioctl.c:1069 [inline]
    [<ffffffff8158c8ec>] __se_sys_ioctl fs/ioctl.c:1055 [inline]
    [<ffffffff8158c8ec>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:1055
    [<ffffffff843af915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff843af915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff888101a59dc0 (size 32):
  comm "syz-executor334", pid 8441, jiffies 4294943490 (age 12.710s)
  hex dump (first 32 bytes):
    00 90 fc 00 00 c9 ff ff 40 ef 80 84 ff ff ff ff  ........@.......
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81043510>] kmalloc include/linux/slab.h:591 [inline]
    [<ffffffff81043510>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff81043510>] kvm_create_vm_debugfs arch/x86/kvm/../../../virt/kvm/kvm_main.c:916 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:4471 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl+0x710/0xb60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4498
    [<ffffffff8158c8ec>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff8158c8ec>] __do_sys_ioctl fs/ioctl.c:1069 [inline]
    [<ffffffff8158c8ec>] __se_sys_ioctl fs/ioctl.c:1055 [inline]
    [<ffffffff8158c8ec>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:1055
    [<ffffffff843af915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff843af915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff888101a59ec0 (size 32):
  comm "syz-executor334", pid 8441, jiffies 4294943490 (age 12.710s)
  hex dump (first 32 bytes):
    00 90 fc 00 00 c9 ff ff 80 ef 80 84 ff ff ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81043510>] kmalloc include/linux/slab.h:591 [inline]
    [<ffffffff81043510>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff81043510>] kvm_create_vm_debugfs arch/x86/kvm/../../../virt/kvm/kvm_main.c:916 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:4471 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl+0x710/0xb60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4498
    [<ffffffff8158c8ec>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff8158c8ec>] __do_sys_ioctl fs/ioctl.c:1069 [inline]
    [<ffffffff8158c8ec>] __se_sys_ioctl fs/ioctl.c:1055 [inline]
    [<ffffffff8158c8ec>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:1055
    [<ffffffff843af915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff843af915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff888101a59240 (size 32):
  comm "syz-executor334", pid 8441, jiffies 4294943490 (age 12.710s)
  hex dump (first 32 bytes):
    00 90 fc 00 00 c9 ff ff c0 ef 80 84 ff ff ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81043510>] kmalloc include/linux/slab.h:591 [inline]
    [<ffffffff81043510>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff81043510>] kvm_create_vm_debugfs arch/x86/kvm/../../../virt/kvm/kvm_main.c:916 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:4471 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl+0x710/0xb60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4498
    [<ffffffff8158c8ec>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff8158c8ec>] __do_sys_ioctl fs/ioctl.c:1069 [inline]
    [<ffffffff8158c8ec>] __se_sys_ioctl fs/ioctl.c:1055 [inline]
    [<ffffffff8158c8ec>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:1055
    [<ffffffff843af915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff843af915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff888101a59b40 (size 32):
  comm "syz-executor334", pid 8441, jiffies 4294943490 (age 12.710s)
  hex dump (first 32 bytes):
    00 90 fc 00 00 c9 ff ff 00 f0 80 84 ff ff ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81043510>] kmalloc include/linux/slab.h:591 [inline]
    [<ffffffff81043510>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff81043510>] kvm_create_vm_debugfs arch/x86/kvm/../../../virt/kvm/kvm_main.c:916 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl_create_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:4471 [inline]
    [<ffffffff81043510>] kvm_dev_ioctl+0x710/0xb60 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4498
    [<ffffffff8158c8ec>] vfs_ioctl fs/ioctl.c:51 [inline]
    [<ffffffff8158c8ec>] __do_sys_ioctl fs/ioctl.c:1069 [inline]
    [<ffffffff8158c8ec>] __se_sys_ioctl fs/ioctl.c:1055 [inline]
    [<ffffffff8158c8ec>] __x64_sys_ioctl+0xfc/0x140 fs/ioctl.c:1055
    [<ffffffff843af915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline]
    [<ffffffff843af915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

Crashes (37):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/07/15 07:16 upstream 8096acd7442e b9a2f64e .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/15 01:46 upstream 8096acd7442e 94e0b707 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/14 22:31 upstream 8096acd7442e 94e0b707 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/14 01:07 upstream 40226a3d96ef fa0594c3 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/14 00:19 upstream 40226a3d96ef fa0594c3 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/13 18:52 upstream 7fef2edf7cc7 fa0594c3 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/13 11:17 upstream 7fef2edf7cc7 f415556d .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/13 00:17 upstream 7fef2edf7cc7 f415556d .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/12 23:11 upstream 7fef2edf7cc7 f415556d .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/12 09:00 upstream e73f0f0ee754 a4869c92 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/12 02:08 upstream 98f7fdced2e0 8f5a7b8c .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/11 22:02 upstream 98f7fdced2e0 8f5a7b8c .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/11 14:04 upstream 3dbdb38e2869 8f5a7b8c .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/10 13:44 upstream 3dbdb38e2869 8f5a7b8c .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/10 06:35 upstream 3dbdb38e2869 8f5a7b8c .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/10 05:37 upstream 3dbdb38e2869 8f5a7b8c .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/09 16:29 upstream 3dbdb38e2869 281e815f .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/08 22:54 upstream 3dbdb38e2869 1b20171a .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/08 16:03 upstream 3dbdb38e2869 95793bce .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/08 12:49 upstream 3dbdb38e2869 95793bce .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/08 06:28 upstream 3dbdb38e2869 95793bce .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/08 06:09 upstream 3dbdb38e2869 95793bce .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/07 15:12 upstream 3dbdb38e2869 4846d5c1 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/06 05:39 upstream 3dbdb38e2869 55aa55c2 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/02 09:41 upstream e058a84bfddc 658ebc66 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/01 11:18 upstream dbe69e433722 658ebc66 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/01 03:55 upstream df04fbe8680b 38a885d1 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/06/30 12:34 upstream 007b350a5875 84fd4c77 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/06/30 11:44 upstream 007b350a5875 84fd4c77 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/06/30 05:25 upstream c54b245d0118 a4fccb01 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/06/30 03:17 upstream c54b245d0118 a4fccb01 .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/06/29 06:03 upstream 233a806b00e3 9d2ab5df .config console log report syz C ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/13 09:41 upstream 7fef2edf7cc7 f415556d .config console log report syz ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/13 04:10 upstream 7fef2edf7cc7 f415556d .config console log report syz ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/07/03 06:00 upstream 3dbdb38e2869 55aa55c2 .config console log report syz ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/06/30 14:32 upstream 007b350a5875 84fd4c77 .config console log report syz ci-upstream-gce-leak memory leak in kvm_dev_ioctl
2021/06/30 13:18 upstream 007b350a5875 84fd4c77 .config console log report syz ci-upstream-gce-leak memory leak in kvm_dev_ioctl
* Struck through repros no longer work on HEAD.