syzbot

 sign-in | mailing list | source | docs
🐞 Open [1166] 🐞 Fixed [4299] 🐞 Invalid [9646] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

memory leak in tcp_cdg_init

Status: fixed on 2021/11/10 00:50
Reported-by: syzbot+f1e24a0594d4e3a895d3@syzkaller.appspotmail.com
Fix commit: be5d1b61a2ad tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized
First crash: 754d, last: 610d
Last patch testing requests:
Created Duration User Patch Repo Result
2021/06/28 15:55 11m phind.uet@gmail.com git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 8919a9b31eb4fb4c0a93e5fb350a626924302aa6 report log
2021/06/28 13:56 13m phind.uet@gmail.com patch upstream OK
2021/06/22 00:07 9m phind.uet@gmail.com upstream report log
2021/06/21 13:38 15m phind.uet@gmail.com https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master error

Sample crash report:
2021/05/29 09:39:42 executed programs: 158
BUG: memory leak
unreferenced object 0xffff888128c67180 (size 64):
  comm "syz-executor.3", pid 11010, jiffies 4294980753 (age 15.590s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff83a88ff7>] kmalloc_array include/linux/slab.h:596 [inline]
    [<ffffffff83a88ff7>] kcalloc include/linux/slab.h:625 [inline]
    [<ffffffff83a88ff7>] tcp_cdg_init+0x37/0x60 net/ipv4/tcp_cdg.c:380
    [<ffffffff839f1274>] tcp_init_congestion_control+0x34/0x170 net/ipv4/tcp_cong.c:183
    [<ffffffff839f1d05>] tcp_reinit_congestion_control net/ipv4/tcp_cong.c:207 [inline]
    [<ffffffff839f1d05>] tcp_set_congestion_control+0x365/0x390 net/ipv4/tcp_cong.c:381
    [<ffffffff839c41cc>] do_tcp_setsockopt net/ipv4/tcp.c:3371 [inline]
    [<ffffffff839c41cc>] tcp_setsockopt+0x3fc/0x1420 net/ipv4/tcp.c:3658
    [<ffffffff83692490>] __sys_setsockopt+0x1b0/0x360 net/socket.c:2117
    [<ffffffff83692662>] __do_sys_setsockopt net/socket.c:2128 [inline]
    [<ffffffff83692662>] __se_sys_setsockopt net/socket.c:2125 [inline]
    [<ffffffff83692662>] __x64_sys_setsockopt+0x22/0x30 net/socket.c:2125
    [<ffffffff8435302a>] do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47
    [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae

Crashes (6):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-gce-leak 2021/05/29 10:20 upstream 5ff2756afde0 858ea628 .config console log report syz memory leak in tcp_cdg_init
ci-upstream-gce-leak 2021/05/23 05:05 upstream 23d729263037 3c7fef33 .config console log report syz memory leak in tcp_cdg_init
ci-upstream-gce-leak 2021/04/26 09:37 upstream d2d09fbe33f8 2a82f1b3 .config console log report syz memory leak in tcp_cdg_init
ci-upstream-gce-leak 2021/04/21 01:32 upstream 1fe5501ba1ab c0ced557 .config console log report syz memory leak in tcp_cdg_init
ci-upstream-gce-leak 2021/03/23 01:52 upstream 84196390620a 8092f30d .config console log report syz memory leak in tcp_cdg_init
ci-upstream-gce-leak 2021/01/05 18:01 upstream 36bbbd0e234d a0234d98 .config console log report syz
* Struck through repros no longer work on HEAD.