syzbot


memory leak in prepare_creds (4)

Status: auto-obsoleted due to no activity on 2024/04/17 09:09
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+2a478080bd86d36bb5ea@syzkaller.appspotmail.com
First crash: 248d, last: 145d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] memory leak in prepare_creds (4) 0 (2) 2023/11/08 07:31
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in prepare_creds (3) kernel C 24 492d 770d 0/26 auto-obsoleted due to no activity on 2023/05/24 05:02
upstream memory leak in prepare_creds (2) kernel C 2 1071d 1166d 20/26 fixed on 2021/11/10 00:50
upstream memory leak in prepare_creds kernel C 10 1197d 1372d 19/26 fixed on 2021/03/10 01:48
Last patch testing requests (9)
Created Duration User Patch Repo Result
2024/04/17 08:10 58m retest repro upstream OK log
2024/02/04 15:32 20m retest repro upstream OK log
2024/02/04 15:32 24m retest repro upstream report log
2024/01/21 03:39 22m retest repro upstream OK log
2024/01/21 03:39 23m retest repro upstream OK log
2023/12/19 04:02 27m retest repro upstream OK log
2023/11/25 02:03 10m retest repro upstream report log
2023/11/25 02:03 15m retest repro upstream report log
2023/10/09 17:11 19m retest repro upstream report log

Sample crash report:
Warning: Permanently added '10.128.1.7' (ED25519) to the list of known hosts.
executing program
executing program
BUG: memory leak
unreferenced object 0xffff8881029f2840 (size 192):
  comm "syz-executor848", pid 5030, jiffies 4294941802 (age 13.450s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81631b88>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff81631b88>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff81631b88>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff81631b88>] slab_alloc mm/slub.c:3486 [inline]
    [<ffffffff81631b88>] __kmem_cache_alloc_lru mm/slub.c:3493 [inline]
    [<ffffffff81631b88>] kmem_cache_alloc+0x298/0x430 mm/slub.c:3502
    [<ffffffff812e120b>] prepare_creds+0x2b/0x4f0 kernel/cred.c:212
    [<ffffffff812e1c84>] copy_creds+0x44/0x280 kernel/cred.c:312
    [<ffffffff8129295a>] copy_process+0x6aa/0x25c0 kernel/fork.c:2366
    [<ffffffff81294a1b>] kernel_clone+0x11b/0x690 kernel/fork.c:2907
    [<ffffffff8129500c>] __do_sys_clone+0x7c/0xb0 kernel/fork.c:3050
    [<ffffffff84b71e0f>] do_syscall_x64 arch/x86/entry/common.c:52 [inline]
    [<ffffffff84b71e0f>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:83
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b

BUG: memory leak
unreferenced object 0xffff8881009b9210 (size 16):
  comm "syz-executor848", pid 5030, jiffies 4294941802 (age 13.450s)
  hex dump (first 16 bytes):
    00 00 00 00 00 00 00 00 00 c3 87 00 81 88 ff ff  ................
  backtrace:
    [<ffffffff8163470d>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff8163470d>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff8163470d>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff8163470d>] __kmem_cache_alloc_node+0x2dd/0x3f0 mm/slub.c:3517
    [<ffffffff8157f9db>] __do_kmalloc_node mm/slab_common.c:1006 [inline]
    [<ffffffff8157f9db>] __kmalloc+0x4b/0x150 mm/slab_common.c:1020
    [<ffffffff82369a2d>] kmalloc include/linux/slab.h:604 [inline]
    [<ffffffff82369a2d>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff82369a2d>] lsm_cred_alloc security/security.c:577 [inline]
    [<ffffffff82369a2d>] security_prepare_creds+0x12d/0x150 security/security.c:2950
    [<ffffffff812e150d>] prepare_creds+0x32d/0x4f0 kernel/cred.c:242
    [<ffffffff812e1c84>] copy_creds+0x44/0x280 kernel/cred.c:312
    [<ffffffff8129295a>] copy_process+0x6aa/0x25c0 kernel/fork.c:2366
    [<ffffffff81294a1b>] kernel_clone+0x11b/0x690 kernel/fork.c:2907
    [<ffffffff8129500c>] __do_sys_clone+0x7c/0xb0 kernel/fork.c:3050
    [<ffffffff84b71e0f>] do_syscall_x64 arch/x86/entry/common.c:52 [inline]
    [<ffffffff84b71e0f>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:83
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b

BUG: memory leak
unreferenced object 0xffff888102264400 (size 128):
  comm "syz-executor848", pid 5030, jiffies 4294941802 (age 13.450s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81631b88>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff81631b88>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff81631b88>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff81631b88>] slab_alloc mm/slub.c:3486 [inline]
    [<ffffffff81631b88>] __kmem_cache_alloc_lru mm/slub.c:3493 [inline]
    [<ffffffff81631b88>] kmem_cache_alloc+0x298/0x430 mm/slub.c:3502
    [<ffffffff812d312a>] alloc_pid+0x6a/0x570 kernel/pid.c:183
    [<ffffffff81293af8>] copy_process+0x1848/0x25c0 kernel/fork.c:2518
    [<ffffffff81294a1b>] kernel_clone+0x11b/0x690 kernel/fork.c:2907
    [<ffffffff8129500c>] __do_sys_clone+0x7c/0xb0 kernel/fork.c:3050
    [<ffffffff84b71e0f>] do_syscall_x64 arch/x86/entry/common.c:52 [inline]
    [<ffffffff84b71e0f>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:83
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b

BUG: memory leak
unreferenced object 0xffff88810c0b5dc0 (size 1088):
  comm "syz-executor848", pid 5031, jiffies 4294941802 (age 13.450s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 9b 00 00 00 00 00 00 00  ................
    01 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00  ...@............
  backtrace:
    [<ffffffff81631b88>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff81631b88>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff81631b88>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff81631b88>] slab_alloc mm/slub.c:3486 [inline]
    [<ffffffff81631b88>] __kmem_cache_alloc_lru mm/slub.c:3493 [inline]
    [<ffffffff81631b88>] kmem_cache_alloc+0x298/0x430 mm/slub.c:3502
    [<ffffffff83eccb6e>] sk_prot_alloc+0x3e/0x1b0 net/core/sock.c:2076
    [<ffffffff83ecffb6>] sk_alloc+0x36/0x2f0 net/core/sock.c:2135
    [<ffffffff84372b74>] unix_create1+0x84/0x320 net/unix/af_unix.c:982
    [<ffffffff84372ea8>] unix_create+0x98/0x130 net/unix/af_unix.c:1049
    [<ffffffff83ec53cf>] __sock_create+0x19f/0x2e0 net/socket.c:1571
    [<ffffffff83ec8ee0>] sock_create net/socket.c:1622 [inline]
    [<ffffffff83ec8ee0>] __sys_socketpair+0x160/0x370 net/socket.c:1773
    [<ffffffff83ec910f>] __do_sys_socketpair net/socket.c:1822 [inline]
    [<ffffffff83ec910f>] __se_sys_socketpair net/socket.c:1819 [inline]
    [<ffffffff83ec910f>] __x64_sys_socketpair+0x1f/0x30 net/socket.c:1819
    [<ffffffff84b71e0f>] do_syscall_x64 arch/x86/entry/common.c:52 [inline]
    [<ffffffff84b71e0f>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:83
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b

BUG: memory leak
unreferenced object 0xffff88810b536e90 (size 16):
  comm "syz-executor848", pid 5031, jiffies 4294941802 (age 13.450s)
  hex dump (first 16 bytes):
    00 c3 87 00 81 88 ff ff 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8163470d>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff8163470d>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff8163470d>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff8163470d>] __kmem_cache_alloc_node+0x2dd/0x3f0 mm/slub.c:3517
    [<ffffffff8157f335>] kmalloc_trace+0x25/0x90 mm/slab_common.c:1098
    [<ffffffff823a7a92>] kmalloc include/linux/slab.h:600 [inline]
    [<ffffffff823a7a92>] kzalloc include/linux/slab.h:721 [inline]
    [<ffffffff823a7a92>] apparmor_sk_alloc_security+0x52/0xd0 security/apparmor/lsm.c:997
    [<ffffffff8236b887>] security_sk_alloc+0x47/0x80 security/security.c:4411
    [<ffffffff83eccbbf>] sk_prot_alloc+0x8f/0x1b0 net/core/sock.c:2085
    [<ffffffff83ecffb6>] sk_alloc+0x36/0x2f0 net/core/sock.c:2135
    [<ffffffff84372b74>] unix_create1+0x84/0x320 net/unix/af_unix.c:982
    [<ffffffff84372ea8>] unix_create+0x98/0x130 net/unix/af_unix.c:1049
    [<ffffffff83ec53cf>] __sock_create+0x19f/0x2e0 net/socket.c:1571
    [<ffffffff83ec8ee0>] sock_create net/socket.c:1622 [inline]
    [<ffffffff83ec8ee0>] __sys_socketpair+0x160/0x370 net/socket.c:1773
    [<ffffffff83ec910f>] __do_sys_socketpair net/socket.c:1822 [inline]
    [<ffffffff83ec910f>] __se_sys_socketpair net/socket.c:1819 [inline]
    [<ffffffff83ec910f>] __x64_sys_socketpair+0x1f/0x30 net/socket.c:1819
    [<ffffffff84b71e0f>] do_syscall_x64 arch/x86/entry/common.c:52 [inline]
    [<ffffffff84b71e0f>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:83
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b


Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/01/06 16:39 upstream 95c8a35f1c01 d0304e9c .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in prepare_creds
2023/12/27 06:26 upstream fbafc3e621c3 fb427a07 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in prepare_creds
2023/11/08 07:31 upstream 13d88ac54ddd 83211397 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in prepare_creds
2023/11/09 21:01 upstream 6bc986ab839c 56230772 .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in prepare_creds
2023/09/25 13:04 upstream 6465e260f487 0b6a67ac .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in prepare_creds
* Struck through repros no longer work on HEAD.