syzbot


memory leak in do_eventfd

Status: fixed on 2020/10/10 01:52
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+f196caa45793d6374707@syzkaller.appspotmail.com
Fix commit: f65886606c2d KVM: fix memory leak in kvm_io_bus_unregister_dev()
First crash: 1600d, last: 1501d
Discussions (10)
Title Replies (including bot) Last reply
[PATCH 4.9 000/121] 4.9.238-rc1 review 128 (128) 2020/10/01 09:01
[PATCH 4.4 00/85] 4.4.238-rc1 review 90 (90) 2020/10/01 01:45
[PATCH 4.14 000/166] 4.14.200-rc1 review 170 (170) 2020/10/01 01:33
[PATCH 4.19 00/37] 4.19.148-rc1 review 46 (46) 2020/09/29 12:26
[PATCH 5.8 000/177] 5.8.10-rc1 review 196 (196) 2020/09/17 17:40
[PATCH 5.4 000/132] 5.4.66-rc1 review 139 (139) 2020/09/15 16:41
[RESEND PATCH v2] KVM: fix memory leak in kvm_io_bus_unregister_dev() 2 (2) 2020/09/11 16:02
[PATCH v2] KVM: fix memory leak in kvm_io_bus_unregister_dev() 5 (5) 2020/09/04 14:37
[PATCH] KVM: fix memory leak in kvm_io_bus_unregister_dev() 3 (3) 2020/09/01 22:45
memory leak in do_eventfd 2 (3) 2020/08/07 07:04
Last patch testing requests (4)
Created Duration User Patch Repo Result
2020/09/02 20:26 15m rkovhaev@gmail.com patch upstream OK
2020/09/02 20:24 7m rkovhaev@gmail.com upstream report log
2020/08/07 07:26 15m rkovhaev@gmail.com patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git bcf87687 OK
2020/08/03 14:45 8m rkovhaev@gmail.com upstream report log

Sample crash report:
BUG: memory leak
unreferenced object 0xffff88811a80e380 (size 64):
  comm "syz-executor837", pid 6503, jiffies 4294942647 (age 13.320s)
  hex dump (first 32 bytes):
    01 00 00 00 20 77 72 69 00 00 00 00 65 62 75 67  .... wri....ebug
    90 e3 80 1a 81 88 ff ff 90 e3 80 1a 81 88 ff ff  ................
  backtrace:
    [<000000003487e1c6>] kmalloc include/linux/slab.h:554 [inline]
    [<000000003487e1c6>] do_eventfd+0x37/0x150 fs/eventfd.c:417
    [<000000005cdebdb8>] __do_sys_eventfd2 fs/eventfd.c:450 [inline]
    [<000000005cdebdb8>] __se_sys_eventfd2 fs/eventfd.c:448 [inline]
    [<000000005cdebdb8>] __x64_sys_eventfd2+0x16/0x20 fs/eventfd.c:448
    [<0000000062b03843>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000005fa0ba9c>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a80e400 (size 64):
  comm "syz-executor837", pid 6503, jiffies 4294942647 (age 13.320s)
  hex dump (first 32 bytes):
    e8 99 dd 00 00 c9 ff ff e8 99 dd 00 00 c9 ff ff  ................
    80 03 00 20 00 00 00 00 00 00 00 00 00 00 00 00  ... ............
  backtrace:
    [<000000002cfd7df9>] kmalloc include/linux/slab.h:554 [inline]
    [<000000002cfd7df9>] kzalloc include/linux/slab.h:666 [inline]
    [<000000002cfd7df9>] kvm_assign_ioeventfd_idx+0x52/0x260 arch/x86/kvm/../../../virt/kvm/eventfd.c:798
    [<00000000bb72c591>] kvm_assign_ioeventfd arch/x86/kvm/../../../virt/kvm/eventfd.c:934 [inline]
    [<00000000bb72c591>] kvm_ioeventfd+0xbe/0x197 arch/x86/kvm/../../../virt/kvm/eventfd.c:961
    [<00000000c3fe6a7b>] kvm_vm_ioctl+0x1e6/0x1010 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3762
    [<00000000cf0723b7>] vfs_ioctl fs/ioctl.c:48 [inline]
    [<00000000cf0723b7>] __do_sys_ioctl fs/ioctl.c:753 [inline]
    [<00000000cf0723b7>] __se_sys_ioctl fs/ioctl.c:739 [inline]
    [<00000000cf0723b7>] __x64_sys_ioctl+0xd6/0x110 fs/ioctl.c:739
    [<0000000062b03843>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000005fa0ba9c>] entry_SYSCALL_64_after_hwframe+0x44/0xa9


Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/08/24 09:21 upstream cb95712138ec cef5ae68 .config console log report syz C ci-upstream-gce-leak
2020/05/17 23:44 upstream 5a9ffb954a39 37bccd4e .config console log report syz C ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.