All of lore.kernel.org
 help / color / mirror / Atom feed
From: syzbot <syzbot+fee3a14d4cdf92646287@syzkaller.appspotmail.com>
To: akpm@linux-foundation.org, catalin.marinas@arm.com,
	dvyukov@google.com, linux-kernel@vger.kernel.org,
	syzkaller-bugs@googlegroups.com, torvalds@linux-foundation.org
Subject: memory leak in policydb_read
Date: Tue, 23 Jul 2019 02:18:05 -0700	[thread overview]
Message-ID: <0000000000009b2fe9058e55abbf@google.com> (raw)

Hello,

syzbot found the following crash on:

HEAD commit:    c6dd78fc Merge branch 'x86-urgent-for-linus' of git://git...
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1613751fa00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=8de7d700ea5ac607
dashboard link: https://syzkaller.appspot.com/bug?extid=fee3a14d4cdf92646287
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=15a7951fa00000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16206444600000

The bug was bisected to:

commit d9570ee3bd1d4f20ce63485f5ef05663866fe6c0
Author: Dmitry Vyukov <dvyukov@google.com>
Date:   Sat Jan 13 00:53:10 2018 +0000

     kmemleak: allow to coexist with fault injection

bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=1633cb00600000
final crash:    https://syzkaller.appspot.com/x/report.txt?x=1533cb00600000
console output: https://syzkaller.appspot.com/x/log.txt?x=1133cb00600000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+fee3a14d4cdf92646287@syzkaller.appspotmail.com
Fixes: d9570ee3bd1d ("kmemleak: allow to coexist with fault injection")

BUG: memory leak
unreferenced object 0xffff888123547c80 (size 64):
   comm "syz-executor647", pid 6976, jiffies 4294940919 (age 7.920s)
   hex dump (first 32 bytes):
     01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<0000000019b1b22a>] kmemleak_alloc_recursive  
/./include/linux/kmemleak.h:43 [inline]
     [<0000000019b1b22a>] slab_post_alloc_hook /mm/slab.h:522 [inline]
     [<0000000019b1b22a>] slab_alloc /mm/slab.c:3319 [inline]
     [<0000000019b1b22a>] kmem_cache_alloc_trace+0x145/0x280 /mm/slab.c:3548
     [<00000000d64c33c7>] kmalloc /./include/linux/slab.h:552 [inline]
     [<00000000d64c33c7>] kzalloc /./include/linux/slab.h:748 [inline]
     [<00000000d64c33c7>] roles_init /security/selinux/ss/policydb.c:188  
[inline]
     [<00000000d64c33c7>] policydb_init /security/selinux/ss/policydb.c:294  
[inline]
     [<00000000d64c33c7>] policydb_read+0x141/0x1b80  
/security/selinux/ss/policydb.c:2259
     [<000000004dd18ef6>] security_load_policy+0x182/0x740  
/security/selinux/ss/services.c:2141
     [<000000004f5bb277>] sel_write_load+0x101/0x1f0  
/security/selinux/selinuxfs.c:564
     [<00000000ee05c840>] __vfs_write+0x43/0xa0 /fs/read_write.c:494
     [<000000008ca23315>] vfs_write /fs/read_write.c:558 [inline]
     [<000000008ca23315>] vfs_write+0xee/0x210 /fs/read_write.c:542
     [<00000000d97bcbc9>] ksys_write+0x7c/0x130 /fs/read_write.c:611
     [<000000007a3f006b>] __do_sys_write /fs/read_write.c:623 [inline]
     [<000000007a3f006b>] __se_sys_write /fs/read_write.c:620 [inline]
     [<000000007a3f006b>] __x64_sys_write+0x1e/0x30 /fs/read_write.c:620
     [<000000001c16ef20>] do_syscall_64+0x76/0x1a0  
/arch/x86/entry/common.c:296
     [<000000007784189d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9



---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches

             reply	other threads:[~2019-07-23  9:18 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-23  9:18 syzbot [this message]
2019-07-23  9:41 ` memory leak in policydb_read Dmitry Vyukov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0000000000009b2fe9058e55abbf@google.com \
    --to=syzbot+fee3a14d4cdf92646287@syzkaller.appspotmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=catalin.marinas@arm.com \
    --cc=dvyukov@google.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.