syzbot


memory leak in skb_copy (2)

Status: fixed on 2024/01/20 21:18
Subsystems: nfc net
[Documentation on labels]
Reported-by: syzbot+6eb09d75211863f15e3e@syzkaller.appspotmail.com
Fix commit: 84d2db91f14a nfc: virtual_ncidev: Add variable to check if ndev is running
First crash: 282d, last: 161d
Discussions (6)
Title Replies (including bot) Last reply
[PATCH AUTOSEL 6.6 32/40] nfc: virtual_ncidev: Add variable to check if ndev is running 1 (1) 2023/11/28 21:05
[PATCH v2] nfc: virtual_ncidev: Add variable to check if ndev is running 4 (4) 2023/11/22 11:00
[syzbot] [nfc?] memory leak in skb_copy (2) 0 (5) 2023/11/21 07:16
[PATCH] nfc: virtual_ncidev: Add variable to check if ndev is running 11 (11) 2023/11/21 07:05
[syzbot] Monthly nfc report (Nov 2023) 0 (1) 2023/11/10 06:20
[syzbot] Monthly nfc report (Sep 2023) 0 (1) 2023/09/06 08:12
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in skb_copy tipc C 1 1089d 1087d 0/26 closed as invalid on 2021/10/06 01:09
Last patch testing requests (10)
Created Duration User Patch Repo Result
2023/11/21 07:16 21m phind.uet@gmail.com patch linux-next OK log
2023/11/20 09:39 22m phind.uet@gmail.com patch linux-next OK log
2023/11/20 09:33 31m phind.uet@gmail.com patch linux-next error OK
2023/11/20 09:20 19m phind.uet@gmail.com patch linux-next error OK
2023/10/12 10:35 12m osmtendev@gmail.com patch upstream report log
2023/10/12 09:32 58m osmtendev@gmail.com patch https://github.com/torvalds/linux.git master report log
2023/09/11 19:27 26m retest repro upstream report log
2023/09/11 19:27 44m retest repro upstream OK log
2023/08/23 06:45 27m rauji.raut@gmail.com patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v6.5-rc7 report log
2023/08/20 05:38 34m rauji.raut@gmail.com patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git v6.5-rc2 report log

Sample crash report:
BUG: memory leak
unreferenced object 0xffff88811f44dd00 (size 240):
  comm "kworker/u4:4", pid 58, jiffies 4294970809 (age 15.900s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81630f07>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff81630f07>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff81630f07>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff81630f07>] kmem_cache_alloc_node+0x2c7/0x450 mm/slub.c:3523
    [<ffffffff83ed49af>] __alloc_skb+0x1ef/0x230 net/core/skbuff.c:641
    [<ffffffff83ed7e4f>] skb_copy+0x5f/0x160 net/core/skbuff.c:1981
    [<ffffffff82cc3a2f>] virtual_nci_send+0x3f/0xb0 drivers/nfc/virtual_ncidev.c:58
    [<ffffffff84a7a079>] nci_send_frame+0x69/0xb0 net/nfc/nci/core.c:1352
    [<ffffffff84a7a149>] nci_cmd_work+0x89/0xb0 net/nfc/nci/core.c:1572
    [<ffffffff812cb50d>] process_one_work+0x23d/0x530 kernel/workqueue.c:2630
    [<ffffffff812cc137>] process_scheduled_works kernel/workqueue.c:2703 [inline]
    [<ffffffff812cc137>] worker_thread+0x327/0x590 kernel/workqueue.c:2784
    [<ffffffff812d8afb>] kthread+0x12b/0x170 kernel/kthread.c:388
    [<ffffffff8114b9a5>] ret_from_fork+0x45/0x50 arch/x86/kernel/process.c:147
    [<ffffffff81002c01>] ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

BUG: memory leak
unreferenced object 0xffff88810ad3a000 (size 640):
  comm "kworker/u4:4", pid 58, jiffies 4294970809 (age 15.900s)
  hex dump (first 32 bytes):
    20 00 01 01 00 00 00 00 00 00 00 00 00 00 00 00   ...............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff81630f07>] kmemleak_alloc_recursive include/linux/kmemleak.h:42 [inline]
    [<ffffffff81630f07>] slab_post_alloc_hook mm/slab.h:766 [inline]
    [<ffffffff81630f07>] slab_alloc_node mm/slub.c:3478 [inline]
    [<ffffffff81630f07>] kmem_cache_alloc_node+0x2c7/0x450 mm/slub.c:3523
    [<ffffffff83ed0d02>] kmalloc_reserve+0xe2/0x170 net/core/skbuff.c:560
    [<ffffffff83ed4895>] __alloc_skb+0xd5/0x230 net/core/skbuff.c:651
    [<ffffffff83ed7e4f>] skb_copy+0x5f/0x160 net/core/skbuff.c:1981
    [<ffffffff82cc3a2f>] virtual_nci_send+0x3f/0xb0 drivers/nfc/virtual_ncidev.c:58
    [<ffffffff84a7a079>] nci_send_frame+0x69/0xb0 net/nfc/nci/core.c:1352
    [<ffffffff84a7a149>] nci_cmd_work+0x89/0xb0 net/nfc/nci/core.c:1572
    [<ffffffff812cb50d>] process_one_work+0x23d/0x530 kernel/workqueue.c:2630
    [<ffffffff812cc137>] process_scheduled_works kernel/workqueue.c:2703 [inline]
    [<ffffffff812cc137>] worker_thread+0x327/0x590 kernel/workqueue.c:2784
    [<ffffffff812d8afb>] kthread+0x12b/0x170 kernel/kthread.c:388
    [<ffffffff8114b9a5>] ret_from_fork+0x45/0x50 arch/x86/kernel/process.c:147
    [<ffffffff81002c01>] ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242


Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/11/09 08:51 upstream 6bc986ab839c 4862372a .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in skb_copy
2023/08/27 17:38 upstream 28f20a19294d 03d9c195 .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in skb_copy
2023/07/11 03:10 upstream 3f01e9fed845 52ae002a .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in skb_copy
* Struck through repros no longer work on HEAD.