syzbot


memory leak in llc_conn_ac_send_sabme_cmd_p_set_x

Status: fixed on 2019/11/04 14:50
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+6b825a6494a04cc0e3f7@syzkaller.appspotmail.com
Fix commit: b74555de21ac llc: fix sk_buff leak in llc_conn_service()
First crash: 1828d, last: 1676d
Discussions (18)
Title Replies (including bot) Last reply
[PATCH AUTOSEL 4.14 01/33] iommu/arm-smmu: Free context bitmap in the err path of arm_smmu_init_domain_context 37 (37) 2020/09/08 12:12
[PATCH 4.19 000/149] 4.19.82-stable review 169 (169) 2019/11/11 09:36
[PATCH 4.9 00/62] 4.9.199-stable review 72 (72) 2019/11/06 11:17
[PATCH 5.3 000/163] 5.3.9-stable review 174 (174) 2019/11/06 10:49
[PATCH 4.14 00/95] 4.14.152-stable review 102 (102) 2019/11/05 23:37
[PATCH 4.4 00/46] 4.4.199-stable review 52 (52) 2019/11/05 23:36
[PATCH AUTOSEL 4.4 01/17] iommu/arm-smmu: Free context bitmap in the err path of arm_smmu_init_domain_context 16 (16) 2019/10/26 13:23
[PATCH AUTOSEL 4.9 01/21] iommu/arm-smmu: Free context bitmap in the err path of arm_smmu_init_domain_context 20 (20) 2019/10/26 13:22
[PATCH AUTOSEL 4.19 01/59] tools: bpf: Use !building_out_of_srctree to determine srctree 59 (59) 2019/10/26 13:19
[PATCH AUTOSEL 5.3 01/99] tools: bpf: Use !building_out_of_srctree to determine srctree 98 (98) 2019/10/26 13:16
[PATCH AUTOSEL 4.19 01/37] PCI/ASPM: Do not initialize link state when aspm_disabled is set 37 (37) 2019/10/26 07:44
[PATCH AUTOSEL 5.3 01/33] net: ipv6: fix listify ip6_rcv_finish in case of forwarding 35 (35) 2019/10/25 15:49
[PATCH AUTOSEL 4.9 01/20] PCI/ASPM: Do not initialize link state when aspm_disabled is set 20 (20) 2019/10/25 15:32
[PATCH AUTOSEL 4.4 01/16] PCI/ASPM: Do not initialize link state when aspm_disabled is set 16 (16) 2019/10/25 13:58
[PATCH AUTOSEL 4.14 01/25] PCI/ASPM: Do not initialize link state when aspm_disabled is set 24 (24) 2019/10/25 13:57
[PATCH net 0/4] llc: fix sk_buff refcounting 6 (6) 2019/10/08 21:15
Reminder: 3 open syzbot bugs in "net/llc" subsystem 1 (1) 2019/07/24 02:39
memory leak in llc_conn_ac_send_sabme_cmd_p_set_x 0 (1) 2019/05/21 13:43

Sample crash report:
executing program
executing program
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff88812a2c8100 (size 224):
  comm "syz-executor731", pid 7051, jiffies 4294943916 (age 13.380s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 b0 45 2a 81 88 ff ff 00 10 d5 12 81 88 ff ff  ..E*............
  backtrace:
    [<000000004cdb90c6>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000004cdb90c6>] slab_post_alloc_hook mm/slab.h:586 [inline]
    [<000000004cdb90c6>] slab_alloc_node mm/slab.c:3262 [inline]
    [<000000004cdb90c6>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3574
    [<00000000511b9e1e>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197
    [<0000000047c15d7b>] alloc_skb include/linux/skbuff.h:1049 [inline]
    [<0000000047c15d7b>] llc_alloc_frame+0x66/0x110 net/llc/llc_sap.c:54
    [<00000000263d2d60>] llc_conn_ac_send_sabme_cmd_p_set_x+0x2f/0x140 net/llc/llc_c_ac.c:777
    [<000000008b6ca187>] llc_exec_conn_trans_actions net/llc/llc_conn.c:475 [inline]
    [<000000008b6ca187>] llc_conn_service net/llc/llc_conn.c:400 [inline]
    [<000000008b6ca187>] llc_conn_state_process+0x1ac/0x640 net/llc/llc_conn.c:75
    [<00000000c96ab5a9>] llc_establish_connection+0x110/0x170 net/llc/llc_if.c:109
    [<000000004e8111ab>] llc_ui_connect+0x10e/0x370 net/llc/af_llc.c:477
    [<0000000056980476>] __sys_connect+0x11d/0x170 net/socket.c:1828
    [<000000001ac6b0b9>] __do_sys_connect net/socket.c:1839 [inline]
    [<000000001ac6b0b9>] __se_sys_connect net/socket.c:1836 [inline]
    [<000000001ac6b0b9>] __x64_sys_connect+0x1e/0x30 net/socket.c:1836
    [<00000000ad3cde79>] do_syscall_64+0x73/0x1f0 arch/x86/entry/common.c:290
    [<00000000f66a66f1>] entry_SYSCALL_64_after_hwframe+0x44/0xa9


Crashes (225):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/10/20 01:31 upstream 998d75510e37 8c88c9c1 .config console log report syz C ci-upstream-gce-leak
2019/10/17 02:51 upstream bc88f85c6c09 8c88c9c1 .config console log report syz C ci-upstream-gce-leak
2019/10/17 02:15 upstream bc88f85c6c09 8c88c9c1 .config console log report syz C ci-upstream-gce-leak
2019/10/16 09:03 upstream 3b1f00aceb7a d4ea592f .config console log report syz C ci-upstream-gce-leak
2019/10/15 16:33 upstream 5bc52f64e884 b5268b89 .config console log report syz C ci-upstream-gce-leak
2019/10/15 08:28 upstream 5bc52f64e884 05ad7292 .config console log report syz C ci-upstream-gce-leak
2019/10/14 23:25 upstream 4f5cafb5cb84 05ad7292 .config console log report syz C ci-upstream-gce-leak
2019/10/13 17:56 upstream da94001239cc 2f661ec4 .config console log report syz C ci-upstream-gce-leak
2019/10/13 05:42 upstream 328fefadd9cf 426631dd .config console log report syz C ci-upstream-gce-leak
2019/10/12 21:25 upstream 1c0cc5f1ae5e 426631dd .config console log report syz C ci-upstream-gce-leak
2019/10/12 20:52 upstream 1c0cc5f1ae5e 426631dd .config console log report syz C ci-upstream-gce-leak
2019/10/12 19:19 upstream 1c0cc5f1ae5e 426631dd .config console log report syz C ci-upstream-gce-leak
2019/10/12 18:20 upstream 1c0cc5f1ae5e 426631dd .config console log report syz C ci-upstream-gce-leak
2019/10/12 06:15 upstream 9892f9f6cf83 426631dd .config console log report syz C ci-upstream-gce-leak
2019/10/11 02:22 upstream 9e208aa06c21 1a3bad90 .config console log report syz C ci-upstream-gce-leak
2019/10/10 12:24 upstream 8a8c600de5dc a4efa8c0 .config console log report syz C ci-upstream-gce-leak
2019/10/10 04:39 upstream 8a8c600de5dc c4b9981b .config console log report syz C ci-upstream-gce-leak
2019/10/09 21:44 upstream e3280b54afed 312c6a5a .config console log report syz C ci-upstream-gce-leak
2019/10/07 07:35 upstream 7cdb85df6061 f3f7d9c8 .config console log report syz C ci-upstream-gce-leak
2019/10/07 00:44 upstream 7cdb85df6061 f3f7d9c8 .config console log report syz C ci-upstream-gce-leak
2019/10/06 22:50 upstream 7cdb85df6061 f3f7d9c8 .config console log report syz C ci-upstream-gce-leak
2019/10/06 12:46 upstream 43b815c6a8e7 f3f7d9c8 .config console log report syz C ci-upstream-gce-leak
2019/10/06 03:03 upstream 4ea655343ce4 f3f7d9c8 .config console log report syz C ci-upstream-gce-leak
2019/10/05 17:28 upstream 4ea655343ce4 f3f7d9c8 .config console log report syz C ci-upstream-gce-leak
2019/10/04 10:14 upstream cc3a7bfe62b9 fc17ba49 .config console log report syz C ci-upstream-gce-leak
2019/10/03 18:17 upstream 0f1a7b3fac05 fc17ba49 .config console log report syz C ci-upstream-gce-leak
2019/10/02 21:32 upstream 54ecb8f7028c 2e29b534 .config console log report syz C ci-upstream-gce-leak
2019/10/02 15:53 upstream 54ecb8f7028c 2e29b534 .config console log report syz C ci-upstream-gce-leak
2019/10/02 05:48 upstream 54ecb8f7028c b7a87a83 .config console log report syz C ci-upstream-gce-leak
2019/10/01 05:40 upstream 54ecb8f7028c c7a4fb99 .config console log report syz C ci-upstream-gce-leak
2019/09/30 06:11 upstream a3c0e7b1fe1f c1ad5441 .config console log report syz C ci-upstream-gce-leak
2019/09/29 19:03 upstream 02dc96ef6c25 c1ad5441 .config console log report syz C ci-upstream-gce-leak
2019/09/28 17:34 upstream f1f2f614d535 eb6b9855 .config console log report syz C ci-upstream-gce-leak
2019/09/28 04:39 upstream 8f744bdee4fe d8074e0b .config console log report syz C ci-upstream-gce-leak
2019/09/27 14:28 upstream da05b5ea12c1 d8074e0b .config console log report syz C ci-upstream-gce-leak
2019/09/27 00:04 upstream cbafe18c7102 2f1548bc .config console log report syz C ci-upstream-gce-leak
2019/09/26 09:24 upstream f41def397161 24d405a3 .config console log report syz C ci-upstream-gce-leak
2019/09/26 06:44 upstream f41def397161 24d405a3 .config console log report syz C ci-upstream-gce-leak
2019/09/26 02:16 upstream f41def397161 a3355dba .config console log report syz C ci-upstream-gce-leak
2019/09/25 12:04 upstream 351c8a09b00b e38a6630 .config console log report syz C ci-upstream-gce-leak
2019/09/25 07:20 upstream 351c8a09b00b e38a6630 .config console log report syz C ci-upstream-gce-leak
2019/09/25 00:34 upstream 4c07e2ddab5b 0942eab8 .config console log report syz C ci-upstream-gce-leak
2019/09/24 23:52 upstream 4c07e2ddab5b 0942eab8 .config console log report syz C ci-upstream-gce-leak
2019/09/24 05:20 upstream e94f8ccde471 c68252d2 .config console log report syz C ci-upstream-gce-leak
2019/09/23 19:59 upstream 3c6a6910a81e 1e9788a0 .config console log report syz C ci-upstream-gce-leak
2019/05/20 23:16 upstream f49aa1de9836 8285069f .config console log report syz C ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.