syzbot


memory leak in qrtr_create

Status: fixed on 2021/11/10 00:50
Subsystems: arm-msm net
[Documentation on labels]
Reported-by: syzbot+35a511c72ea7356cdcf3@syzkaller.appspotmail.com
Fix commit: 52f3456a96c0 net: qrtr: fix memory leaks
First crash: 1407d, last: 1224d
Discussions (4)
Title Replies (including bot) Last reply
[PATCH 5.10 00/67] 5.10.56-rc1 review 83 (83) 2021/08/04 06:35
[PATCH 5.13 000/104] 5.13.8-rc1 review 109 (109) 2021/08/03 19:37
[PATCH] net: qrtr: fix memory leak in qrtr_local_enqueue 6 (6) 2021/07/23 16:50
memory leak in qrtr_create 0 (1) 2021/02/08 11:10
Last patch testing requests (1)
Created Duration User Patch Repo Result
2021/07/22 12:03 16m paskripkin@gmail.com patch upstream OK

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 28.900s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 28.960s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 29.020s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 29.090s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 29.150s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 29.210s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 29.270s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114f69740 (size 824):
  comm "syz-executor828", pid 8802, jiffies 4294952673 (age 29.330s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    2a 00 01 40 00 00 00 00 00 00 00 00 00 00 00 00  *..@............
  backtrace:
    [<000000004be4e1f1>] sk_prot_alloc+0x3e/0x1c0 net/core/sock.c:1679
    [<000000007f2f489d>] sk_alloc+0x30/0x3f0 net/core/sock.c:1739
    [<00000000757a0f8f>] qrtr_create+0x4d/0xb0 net/qrtr/qrtr.c:1258
    [<00000000bbc4ee06>] __sock_create+0x1ab/0x2b0 net/socket.c:1406
    [<00000000db625ed5>] sock_create net/socket.c:1457 [inline]
    [<00000000db625ed5>] __sys_socket+0x6f/0x140 net/socket.c:1499
    [<000000007aee78f9>] __do_sys_socket net/socket.c:1508 [inline]
    [<000000007aee78f9>] __se_sys_socket net/socket.c:1506 [inline]
    [<000000007aee78f9>] __x64_sys_socket+0x1a/0x20 net/socket.c:1506
    [<000000007941a062>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b7d67485>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/02/15 11:08 upstream f40ddce88593 98682e5e .config console log report syz C ci-upstream-gce-leak memory leak in qrtr_create
2021/01/27 06:50 upstream 13391c60da33 55a7d4df .config console log report syz C ci-upstream-gce-leak memory leak in qrtr_create
2021/07/29 06:56 upstream 4010a528219e 9a4781d4 .config console log report syz ci-upstream-gce-leak memory leak in qrtr_create
* Struck through repros no longer work on HEAD.