syzbot


memory leak in virtual_ncidev_write (2)

Status: fixed on 2024/03/26 17:39
Subsystems: net nfc
[Documentation on labels]
Reported-by: syzbot+6b7c68d9c21e4ee4251b@syzkaller.appspotmail.com
Fix commit: bfb007aebe6b nfc: nci: free rx_data_reassembly skb on NCI device cleanup
First crash: 290d, last: 125d
Discussions (5)
Title Replies (including bot) Last reply
[PATCH net] nfc: nci: free rx_data_reassembly skb on NCI device cleanup 2 (2) 2024/01/29 12:10
[syzbot] Monthly nfc report (Dec 2023) 0 (1) 2023/12/11 13:29
[syzbot] Monthly nfc report (Nov 2023) 0 (1) 2023/11/10 06:20
[syzbot] Monthly nfc report (Sep 2023) 0 (1) 2023/09/06 08:12
[syzbot] [nfc?] memory leak in virtual_ncidev_write (2) 0 (1) 2023/07/12 05:54
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in virtual_ncidev_write net nfc C 1 523d 523d 22/26 fixed on 2023/02/24 13:50
Last patch testing requests (4)
Created Duration User Patch Repo Result
2024/01/14 12:08 10m retest repro upstream report log
2023/12/19 23:07 11m retest repro upstream report log
2023/11/04 00:06 13m retest repro upstream report log
2023/08/25 16:36 44m retest repro upstream report log

Sample crash report:
executing program
BUG: memory leak
unreferenced object 0xffff88810bbd3000 (size 240):
  comm "syz-executor315", pid 5055, jiffies 4294943667 (age 8.140s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81631987>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff81631987>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff81631987>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff81631987>] kmem_cache_alloc_node+0x2c7/0x450 mm/slub.c:3523
    [<ffffffff83edb09f>] __alloc_skb+0x1ef/0x230 net/core/skbuff.c:641
    [<ffffffff82cc97b4>] alloc_skb include/linux/skbuff.h:1286 [inline]
    [<ffffffff82cc97b4>] virtual_ncidev_write+0x34/0xf0 drivers/nfc/virtual_ncidev.c:120
    [<ffffffff81695fee>] vfs_write+0x16e/0x590 fs/read_write.c:582
    [<ffffffff8169666d>] ksys_write+0xad/0x170 fs/read_write.c:637
    [<ffffffff84b6fdcf>] do_syscall_x64 arch/x86/entry/common.c:51 [inline]
    [<ffffffff84b6fdcf>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b

BUG: memory leak
unreferenced object 0xffff88810b882a00 (size 640):
  comm "syz-executor315", pid 5055, jiffies 4294943667 (age 8.140s)
  hex dump (first 32 bytes):
    10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81631987>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff81631987>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff81631987>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff81631987>] kmem_cache_alloc_node+0x2c7/0x450 mm/slub.c:3523
    [<ffffffff83ed73f2>] kmalloc_reserve+0xe2/0x170 net/core/skbuff.c:560
    [<ffffffff83edaf85>] __alloc_skb+0xd5/0x230 net/core/skbuff.c:651
    [<ffffffff82cc97b4>] alloc_skb include/linux/skbuff.h:1286 [inline]
    [<ffffffff82cc97b4>] virtual_ncidev_write+0x34/0xf0 drivers/nfc/virtual_ncidev.c:120
    [<ffffffff81695fee>] vfs_write+0x16e/0x590 fs/read_write.c:582
    [<ffffffff8169666d>] ksys_write+0xad/0x170 fs/read_write.c:637
    [<ffffffff84b6fdcf>] do_syscall_x64 arch/x86/entry/common.c:51 [inline]
    [<ffffffff84b6fdcf>] do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82
    [<ffffffff84c0008b>] entry_SYSCALL_64_after_hwframe+0x63/0x6b


Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/12/05 23:00 upstream bee0e7762ad2 f819d6f7 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in virtual_ncidev_write
2023/07/08 05:45 upstream 4f6b6c2b2f86 668cb1fa .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in virtual_ncidev_write
* Struck through repros no longer work on HEAD.