syzbot

 sign-in | mailing list | source | docs
🐞 Open [961] 🐞 Fixed [3812] 🐞 Invalid [8186] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

memory leak in do_seccomp (2)
Status: upstream: reported C repro on 2021/02/22 09:25
Reported-by: syzbot+ab17848fe269b573eb71@syzkaller.appspotmail.com
First crash: 462d, last: 229d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in do_seccomp C 6 628d 655d 17/22 fixed on 2020/10/10 01:52
Patch testing requests:
Created Duration User Patch Repo Result
2022/04/15 11:51 6m mudongliangabcd@gmail.com git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git -- report log
2021/03/29 17:40 8m alaaemadhossney.ae@gmail.com upstream report log

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888118765f00 (size 256):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 25.900s)
  hex dump (first 32 bytes):
    01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000021396b5e>] kmalloc include/linux/slab.h:552 [inline]
    [<0000000021396b5e>] kzalloc include/linux/slab.h:682 [inline]
    [<0000000021396b5e>] seccomp_prepare_filter kernel/seccomp.c:656 [inline]
    [<0000000021396b5e>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<0000000021396b5e>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<0000000021396b5e>] do_seccomp+0x3d2/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffc90000ebf000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 25.900s)
  hex dump (first 32 bytes):
    01 00 03 00 00 00 00 00 00 00 00 00 05 00 00 00  ................
    1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<000000003278951f>] __vmalloc_node mm/vmalloc.c:2619 [inline]
    [<000000003278951f>] __vmalloc+0x49/0x50 mm/vmalloc.c:2633
    [<00000000cc2e0bf4>] bpf_prog_alloc_no_stats+0x32/0x160 kernel/bpf/core.c:85
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888117212800 (size 1024):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 25.900s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000003fd1055c>] kmalloc include/linux/slab.h:552 [inline]
    [<000000003fd1055c>] kzalloc include/linux/slab.h:682 [inline]
    [<000000003fd1055c>] bpf_prog_alloc_no_stats+0x7d/0x160 kernel/bpf/core.c:89
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881186046e0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 25.900s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 a0 55 77 18 81 88 ff ff  .........Uw.....
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002f7bb5fc>] kmalloc include/linux/slab.h:552 [inline]
    [<000000002f7bb5fc>] bpf_prog_store_orig_filter+0x33/0xa0 net/core/filter.c:1135
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881187755a0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 25.900s)
  hex dump (first 32 bytes):
    06 00 00 00 ff ff ff 7f 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002ba3f45d>] kmemdup+0x23/0x50 mm/util.c:128
    [<000000001aee1a49>] kmemdup include/linux/string.h:520 [inline]
    [<000000001aee1a49>] bpf_prog_store_orig_filter+0x5e/0xa0 net/core/filter.c:1142
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffffffa0050000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 25.900s)
  hex dump (first 32 bytes):
    01 00 00 00 cc cc cc cc cc cc cc cc cc cc cc cc  ................
    cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<00000000c67b690b>] module_alloc+0x4f/0x60 arch/x86/kernel/module.c:75
    [<00000000ee2a4550>] bpf_jit_binary_alloc+0xb9/0x180 kernel/bpf/core.c:868
    [<00000000c863a6a8>] bpf_int_jit_compile+0x1bb/0x6c0 arch/x86/net/bpf_jit_comp.c:2075
    [<00000000b342f60a>] bpf_prog_select_runtime+0x244/0x390 kernel/bpf/core.c:1809
    [<000000005f5008b0>] bpf_migrate_filter+0x188/0x1f0 net/core/filter.c:1294
    [<00000000fea53340>] bpf_prepare_filter net/core/filter.c:1342 [inline]
    [<00000000fea53340>] bpf_prog_create_from_user+0x24d/0x2b0 net/core/filter.c:1436
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888118765f00 (size 256):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 28.740s)
  hex dump (first 32 bytes):
    01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000021396b5e>] kmalloc include/linux/slab.h:552 [inline]
    [<0000000021396b5e>] kzalloc include/linux/slab.h:682 [inline]
    [<0000000021396b5e>] seccomp_prepare_filter kernel/seccomp.c:656 [inline]
    [<0000000021396b5e>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<0000000021396b5e>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<0000000021396b5e>] do_seccomp+0x3d2/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffc90000ebf000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 28.740s)
  hex dump (first 32 bytes):
    01 00 03 00 00 00 00 00 00 00 00 00 05 00 00 00  ................
    1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<000000003278951f>] __vmalloc_node mm/vmalloc.c:2619 [inline]
    [<000000003278951f>] __vmalloc+0x49/0x50 mm/vmalloc.c:2633
    [<00000000cc2e0bf4>] bpf_prog_alloc_no_stats+0x32/0x160 kernel/bpf/core.c:85
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888117212800 (size 1024):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 28.740s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000003fd1055c>] kmalloc include/linux/slab.h:552 [inline]
    [<000000003fd1055c>] kzalloc include/linux/slab.h:682 [inline]
    [<000000003fd1055c>] bpf_prog_alloc_no_stats+0x7d/0x160 kernel/bpf/core.c:89
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881186046e0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 28.740s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 a0 55 77 18 81 88 ff ff  .........Uw.....
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002f7bb5fc>] kmalloc include/linux/slab.h:552 [inline]
    [<000000002f7bb5fc>] bpf_prog_store_orig_filter+0x33/0xa0 net/core/filter.c:1135
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881187755a0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 28.740s)
  hex dump (first 32 bytes):
    06 00 00 00 ff ff ff 7f 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002ba3f45d>] kmemdup+0x23/0x50 mm/util.c:128
    [<000000001aee1a49>] kmemdup include/linux/string.h:520 [inline]
    [<000000001aee1a49>] bpf_prog_store_orig_filter+0x5e/0xa0 net/core/filter.c:1142
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffffffa0050000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 28.740s)
  hex dump (first 32 bytes):
    01 00 00 00 cc cc cc cc cc cc cc cc cc cc cc cc  ................
    cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<00000000c67b690b>] module_alloc+0x4f/0x60 arch/x86/kernel/module.c:75
    [<00000000ee2a4550>] bpf_jit_binary_alloc+0xb9/0x180 kernel/bpf/core.c:868
    [<00000000c863a6a8>] bpf_int_jit_compile+0x1bb/0x6c0 arch/x86/net/bpf_jit_comp.c:2075
    [<00000000b342f60a>] bpf_prog_select_runtime+0x244/0x390 kernel/bpf/core.c:1809
    [<000000005f5008b0>] bpf_migrate_filter+0x188/0x1f0 net/core/filter.c:1294
    [<00000000fea53340>] bpf_prepare_filter net/core/filter.c:1342 [inline]
    [<00000000fea53340>] bpf_prog_create_from_user+0x24d/0x2b0 net/core/filter.c:1436
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888118765f00 (size 256):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 30.180s)
  hex dump (first 32 bytes):
    01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000021396b5e>] kmalloc include/linux/slab.h:552 [inline]
    [<0000000021396b5e>] kzalloc include/linux/slab.h:682 [inline]
    [<0000000021396b5e>] seccomp_prepare_filter kernel/seccomp.c:656 [inline]
    [<0000000021396b5e>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<0000000021396b5e>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<0000000021396b5e>] do_seccomp+0x3d2/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffc90000ebf000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 30.180s)
  hex dump (first 32 bytes):
    01 00 03 00 00 00 00 00 00 00 00 00 05 00 00 00  ................
    1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<000000003278951f>] __vmalloc_node mm/vmalloc.c:2619 [inline]
    [<000000003278951f>] __vmalloc+0x49/0x50 mm/vmalloc.c:2633
    [<00000000cc2e0bf4>] bpf_prog_alloc_no_stats+0x32/0x160 kernel/bpf/core.c:85
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888117212800 (size 1024):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 30.180s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000003fd1055c>] kmalloc include/linux/slab.h:552 [inline]
    [<000000003fd1055c>] kzalloc include/linux/slab.h:682 [inline]
    [<000000003fd1055c>] bpf_prog_alloc_no_stats+0x7d/0x160 kernel/bpf/core.c:89
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881186046e0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 30.180s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 a0 55 77 18 81 88 ff ff  .........Uw.....
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002f7bb5fc>] kmalloc include/linux/slab.h:552 [inline]
    [<000000002f7bb5fc>] bpf_prog_store_orig_filter+0x33/0xa0 net/core/filter.c:1135
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881187755a0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 30.180s)
  hex dump (first 32 bytes):
    06 00 00 00 ff ff ff 7f 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002ba3f45d>] kmemdup+0x23/0x50 mm/util.c:128
    [<000000001aee1a49>] kmemdup include/linux/string.h:520 [inline]
    [<000000001aee1a49>] bpf_prog_store_orig_filter+0x5e/0xa0 net/core/filter.c:1142
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffffffa0050000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 30.180s)
  hex dump (first 32 bytes):
    01 00 00 00 cc cc cc cc cc cc cc cc cc cc cc cc  ................
    cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<00000000c67b690b>] module_alloc+0x4f/0x60 arch/x86/kernel/module.c:75
    [<00000000ee2a4550>] bpf_jit_binary_alloc+0xb9/0x180 kernel/bpf/core.c:868
    [<00000000c863a6a8>] bpf_int_jit_compile+0x1bb/0x6c0 arch/x86/net/bpf_jit_comp.c:2075
    [<00000000b342f60a>] bpf_prog_select_runtime+0x244/0x390 kernel/bpf/core.c:1809
    [<000000005f5008b0>] bpf_migrate_filter+0x188/0x1f0 net/core/filter.c:1294
    [<00000000fea53340>] bpf_prepare_filter net/core/filter.c:1342 [inline]
    [<00000000fea53340>] bpf_prog_create_from_user+0x24d/0x2b0 net/core/filter.c:1436
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888118765f00 (size 256):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 31.620s)
  hex dump (first 32 bytes):
    01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000021396b5e>] kmalloc include/linux/slab.h:552 [inline]
    [<0000000021396b5e>] kzalloc include/linux/slab.h:682 [inline]
    [<0000000021396b5e>] seccomp_prepare_filter kernel/seccomp.c:656 [inline]
    [<0000000021396b5e>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<0000000021396b5e>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<0000000021396b5e>] do_seccomp+0x3d2/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffc90000ebf000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 31.620s)
  hex dump (first 32 bytes):
    01 00 03 00 00 00 00 00 00 00 00 00 05 00 00 00  ................
    1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<000000003278951f>] __vmalloc_node mm/vmalloc.c:2619 [inline]
    [<000000003278951f>] __vmalloc+0x49/0x50 mm/vmalloc.c:2633
    [<00000000cc2e0bf4>] bpf_prog_alloc_no_stats+0x32/0x160 kernel/bpf/core.c:85
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888117212800 (size 1024):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 31.620s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000003fd1055c>] kmalloc include/linux/slab.h:552 [inline]
    [<000000003fd1055c>] kzalloc include/linux/slab.h:682 [inline]
    [<000000003fd1055c>] bpf_prog_alloc_no_stats+0x7d/0x160 kernel/bpf/core.c:89
    [<00000000b872251d>] bpf_prog_alloc+0x24/0xc0 kernel/bpf/core.c:113
    [<00000000bf2ace46>] bpf_prog_create_from_user+0x6e/0x2b0 net/core/filter.c:1413
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881186046e0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 31.620s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 a0 55 77 18 81 88 ff ff  .........Uw.....
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002f7bb5fc>] kmalloc include/linux/slab.h:552 [inline]
    [<000000002f7bb5fc>] bpf_prog_store_orig_filter+0x33/0xa0 net/core/filter.c:1135
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881187755a0 (size 32):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 31.620s)
  hex dump (first 32 bytes):
    06 00 00 00 ff ff ff 7f 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002ba3f45d>] kmemdup+0x23/0x50 mm/util.c:128
    [<000000001aee1a49>] kmemdup include/linux/string.h:520 [inline]
    [<000000001aee1a49>] bpf_prog_store_orig_filter+0x5e/0xa0 net/core/filter.c:1142
    [<00000000b2023fc7>] bpf_prog_create_from_user+0xfe/0x2b0 net/core/filter.c:1426
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffffffffa0050000 (size 4096):
  comm "syz-executor670", pid 10148, jiffies 4294952981 (age 31.620s)
  hex dump (first 32 bytes):
    01 00 00 00 cc cc cc cc cc cc cc cc cc cc cc cc  ................
    cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc  ................
  backtrace:
    [<00000000cbd981b5>] __vmalloc_node_range+0x3a5/0x410 mm/vmalloc.c:2587
    [<00000000c67b690b>] module_alloc+0x4f/0x60 arch/x86/kernel/module.c:75
    [<00000000ee2a4550>] bpf_jit_binary_alloc+0xb9/0x180 kernel/bpf/core.c:868
    [<00000000c863a6a8>] bpf_int_jit_compile+0x1bb/0x6c0 arch/x86/net/bpf_jit_comp.c:2075
    [<00000000b342f60a>] bpf_prog_select_runtime+0x244/0x390 kernel/bpf/core.c:1809
    [<000000005f5008b0>] bpf_migrate_filter+0x188/0x1f0 net/core/filter.c:1294
    [<00000000fea53340>] bpf_prepare_filter net/core/filter.c:1342 [inline]
    [<00000000fea53340>] bpf_prog_create_from_user+0x24d/0x2b0 net/core/filter.c:1436
    [<00000000e9cc9030>] seccomp_prepare_filter kernel/seccomp.c:661 [inline]
    [<00000000e9cc9030>] seccomp_prepare_user_filter kernel/seccomp.c:698 [inline]
    [<00000000e9cc9030>] seccomp_set_mode_filter kernel/seccomp.c:1802 [inline]
    [<00000000e9cc9030>] do_seccomp+0x41c/0x11c0 kernel/seccomp.c:1922
    [<000000004b7de4b6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<000000003adb0cc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-gce-leak 2021/02/20 10:11 upstream f40ddce88593 f689d40a .config log report syz C memory leak in do_seccomp
ci-upstream-gce-leak 2021/10/11 17:25 upstream 64570fbc14f8 838e7e2c .config log report syz memory leak in do_seccomp