syzbot


memory leak in mrp_request_join

Status: fixed on 2021/11/10 00:50
Reported-by: syzbot+5cfab121b54dff775399@syzkaller.appspotmail.com
Fix commit: 996af62167d0 net/802/mrp: fix memleak in mrp_request_join()
First crash: 980d, last: 461d
Patch testing requests:
Created Duration User Patch Repo Result
2021/07/18 20:11 16m paskripkin@gmail.com patch upstream OK

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888108151ec0 (size 64):
  comm "syz-executor341", pid 8407, jiffies 4294942175 (age 12.720s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 01 00 00 00 01 02 00 00  ................
  backtrace:
    [<00000000f42179ad>] kmalloc include/linux/slab.h:557 [inline]
    [<00000000f42179ad>] mrp_attr_create net/802/mrp.c:276 [inline]
    [<00000000f42179ad>] mrp_request_join+0x153/0x260 net/802/mrp.c:530
    [<000000004d76c4d1>] vlan_mvrp_request_join+0x96/0xa0 net/8021q/vlan_mvrp.c:40
    [<000000008556b254>] vlan_dev_open+0x1e7/0x330 net/8021q/vlan_dev.c:292
    [<000000007baf5a44>] __dev_open+0x175/0x260 net/core/dev.c:1528
    [<000000003d950a66>] __dev_change_flags+0x2fd/0x390 net/core/dev.c:8479
    [<0000000019beedf3>] rtnl_configure_link+0x64/0x130 net/core/rtnetlink.c:3125
    [<00000000f7de871a>] __rtnl_newlink+0xa84/0xd80 net/core/rtnetlink.c:3451
    [<00000000f9671163>] rtnl_newlink+0x49/0x70 net/core/rtnetlink.c:3491
    [<000000009abdba2d>] rtnetlink_rcv_msg+0x1fc/0x520 net/core/rtnetlink.c:5553
    [<00000000587e5344>] netlink_rcv_skb+0x87/0x1d0 net/netlink/af_netlink.c:2494
    [<00000000211295f6>] netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline]
    [<00000000211295f6>] netlink_unicast+0x392/0x4c0 net/netlink/af_netlink.c:1330
    [<000000009c5b9994>] netlink_sendmsg+0x368/0x6a0 net/netlink/af_netlink.c:1919
    [<00000000f6a284bc>] sock_sendmsg_nosec net/socket.c:652 [inline]
    [<00000000f6a284bc>] sock_sendmsg+0x56/0x80 net/socket.c:672
    [<000000006bb437f6>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2345
    [<00000000a42ff66f>] ___sys_sendmsg+0x8b/0xd0 net/socket.c:2399
    [<0000000083a789ec>] __sys_sendmsg+0x88/0x100 net/socket.c:2432

BUG: memory leak
unreferenced object 0xffff88810e9753c0 (size 64):
  comm "syz-executor341", pid 8458, jiffies 4294942713 (age 7.340s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 01 00 00 00 01 02 00 00  ................
  backtrace:
    [<00000000f42179ad>] kmalloc include/linux/slab.h:557 [inline]
    [<00000000f42179ad>] mrp_attr_create net/802/mrp.c:276 [inline]
    [<00000000f42179ad>] mrp_request_join+0x153/0x260 net/802/mrp.c:530
    [<000000004d76c4d1>] vlan_mvrp_request_join+0x96/0xa0 net/8021q/vlan_mvrp.c:40
    [<000000008556b254>] vlan_dev_open+0x1e7/0x330 net/8021q/vlan_dev.c:292
    [<000000007baf5a44>] __dev_open+0x175/0x260 net/core/dev.c:1528
    [<000000003d950a66>] __dev_change_flags+0x2fd/0x390 net/core/dev.c:8479
    [<0000000019beedf3>] rtnl_configure_link+0x64/0x130 net/core/rtnetlink.c:3125
    [<00000000f7de871a>] __rtnl_newlink+0xa84/0xd80 net/core/rtnetlink.c:3451
    [<00000000f9671163>] rtnl_newlink+0x49/0x70 net/core/rtnetlink.c:3491
    [<000000009abdba2d>] rtnetlink_rcv_msg+0x1fc/0x520 net/core/rtnetlink.c:5553
    [<00000000587e5344>] netlink_rcv_skb+0x87/0x1d0 net/netlink/af_netlink.c:2494
    [<00000000211295f6>] netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline]
    [<00000000211295f6>] netlink_unicast+0x392/0x4c0 net/netlink/af_netlink.c:1330
    [<000000009c5b9994>] netlink_sendmsg+0x368/0x6a0 net/netlink/af_netlink.c:1919
    [<00000000f6a284bc>] sock_sendmsg_nosec net/socket.c:652 [inline]
    [<00000000f6a284bc>] sock_sendmsg+0x56/0x80 net/socket.c:672
    [<000000006bb437f6>] ____sys_sendmsg+0x36c/0x390 net/socket.c:2345
    [<00000000a42ff66f>] ___sys_sendmsg+0x8b/0xd0 net/socket.c:2399
    [<0000000083a789ec>] __sys_sendmsg+0x88/0x100 net/socket.c:2432


Crashes (215):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-gce-leak 2021/02/20 08:32 upstream f40ddce88593 f689d40a .config log report syz C memory leak in mrp_request_join
ci-upstream-gce-leak 2021/02/13 05:55 upstream dcc0b49040c7 98682e5e .config log report syz C memory leak in mrp_request_join
ci-upstream-gce-leak 2021/02/11 04:42 upstream 291009f656e8 a52ee10a .config log report syz C memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/18 00:46 upstream a1339d6355ac 813be542 .config log report syz C memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/17 03:38 upstream 0da0a8a0a0e1 65a7a854 .config log report syz C
ci-upstream-gce-leak 2021/01/15 05:13 upstream 146620506274 65a7a854 .config log report syz C
ci-upstream-gce-leak 2021/01/11 22:48 upstream 7c53f6b671f4 2c1f2513 .config log report syz C
ci-upstream-gce-leak 2020/12/26 10:17 upstream 5814bc2d4cc2 821e0b09 .config log report syz C
ci-upstream-gce-leak 2020/12/16 21:17 upstream 5e60366d56c6 04201c06 .config log report syz C
ci-upstream-gce-leak 2020/12/14 03:52 upstream 6bff9bb8a292 b22a7ec3 .config log report syz C
ci-upstream-gce-leak 2020/12/11 00:30 upstream a2f5ea9e314b f900b48c .config log report syz C
ci-upstream-gce-leak 2020/12/07 07:03 upstream 7059c2c00a21 c521566d .config log report syz C
ci-upstream-gce-leak 2020/12/02 08:25 upstream 509a15421674 c42a35e9 .config log report syz C
ci-upstream-gce-leak 2020/11/28 00:53 upstream 99c710c46dfc 486f93ef .config log report syz C
ci-upstream-gce-leak 2020/11/27 13:56 upstream 85a2c56cb445 5018c946 .config log report syz C
ci-upstream-gce-leak 2020/01/21 16:10 upstream d96d875ef5dd 8eda0b95 .config log report syz C
ci-upstream-gce-leak 2021/06/22 22:27 upstream 0c18f29aae7c aba2b2fb .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/06/21 06:40 upstream cba5e97280f5 aba2b2fb .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/06/17 18:33 upstream 70585216fe77 aba2b2fb .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/06/15 18:33 upstream 009c9aa5be65 58636922 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/06/04 04:36 upstream f88cd3fb9df2 0740de69 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/05/29 13:02 upstream 5ff2756afde0 858ea628 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/05/10 18:38 upstream 6efb943b8616 ca873091 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/05/08 09:27 upstream 1ad77a05cfae bc5434be .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/05/07 21:26 upstream e48661230cc3 f6da8120 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/05/01 22:12 upstream 9f67672a817e 77e2b668 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/04/17 16:53 upstream 9cdbf6467424 7e2b734b .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/04/16 11:34 upstream 7e25f40eab52 c59079a6 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/03/29 09:46 upstream 36a14638f7c0 a8529b82 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/02/20 07:16 upstream f40ddce88593 f689d40a .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/02/17 22:28 upstream f40ddce88593 14052202 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/02/15 04:59 upstream f40ddce88593 98682e5e .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/02/07 15:14 upstream 825b5991a46e 2ce644fc .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/31 02:36 upstream 8c947645151c fc9fd31e .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/30 17:54 upstream 0e9bcda5d286 fc9fd31e .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/30 02:13 upstream bec4c2968fce fc9fd31e .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/24 07:08 upstream e1ae4b0be158 52e37319 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/23 20:08 upstream fe75a21824e7 52e37319 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/17 16:43 upstream 0da0a8a0a0e1 813be542 .config log report syz memory leak in mrp_request_join
ci-upstream-gce-leak 2021/01/16 13:02 upstream 1d94330a437a 65a7a854 .config log report syz
ci-upstream-gce-leak 2021/01/15 21:05 upstream 5ee88057889b 65a7a854 .config log report syz
ci-upstream-gce-leak 2021/01/12 23:24 upstream e609571b5ffa 0cdd6185 .config log report syz
ci-upstream-gce-leak 2021/01/04 14:46 upstream e71ba9452f0b 79264ae3 .config log report syz
ci-upstream-gce-leak 2020/12/23 20:18 upstream 614cb5894306 c2c1d1dd .config log report syz
ci-upstream-gce-leak 2020/12/21 15:10 upstream e37b12e4bb21 04201c06 .config log report syz
ci-upstream-gce-leak 2020/12/01 00:44 upstream b65054597872 78d50c1d .config log report syz
ci-upstream-gce-leak 2020/11/25 16:48 upstream 127c501a03d5 1a1f4bd8 .config log report syz
ci-upstream-gce-leak 2020/11/25 15:53 upstream 127c501a03d5 1a1f4bd8 .config log report syz
* Struck through repros no longer work on HEAD.