syzbot


memory leak in inet_create

Status: fixed on 2019/06/18 17:49
Subsystems: net
[Documentation on labels]
Fix commit: 100f6d8e0990 net: correct zerocopy refcnt with udp MSG_MORE
First crash: 1860d, last: 1845d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in inet_create (2) net C 10 1307d 1517d 0/27 auto-obsoleted due to no activity on 2022/09/29 04:08

Sample crash report:
executing program
executing program
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff88812ad1e940 (size 1088):
  comm "syz-executor452", pid 7243, jiffies 4294956447 (age 18.930s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 bc d9 bf 32 00 00 00 00  ...........2....
    02 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00  ...@............
  backtrace:
    [<0000000079d75534>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
    [<0000000079d75534>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<0000000079d75534>] slab_alloc mm/slab.c:3326 [inline]
    [<0000000079d75534>] kmem_cache_alloc+0x134/0x270 mm/slab.c:3488
    [<00000000dbd8a37e>] sk_prot_alloc+0x41/0x170 net/core/sock.c:1596
    [<00000000803601ea>] sk_alloc+0x35/0x2f0 net/core/sock.c:1656
    [<0000000037b11206>] inet_create net/ipv4/af_inet.c:321 [inline]
    [<0000000037b11206>] inet_create+0x11c/0x470 net/ipv4/af_inet.c:247
    [<000000007e8218dc>] __sock_create+0x164/0x250 net/socket.c:1424
    [<0000000011585ca1>] sock_create net/socket.c:1475 [inline]
    [<0000000011585ca1>] __sys_socket+0x69/0x110 net/socket.c:1517
    [<0000000033778504>] __do_sys_socket net/socket.c:1526 [inline]
    [<0000000033778504>] __se_sys_socket net/socket.c:1524 [inline]
    [<0000000033778504>] __x64_sys_socket+0x1e/0x30 net/socket.c:1524
    [<00000000884a6d68>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<00000000e726fa7a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881227112a0 (size 32):
  comm "syz-executor452", pid 7243, jiffies 4294956447 (age 18.930s)
  hex dump (first 32 bytes):
    02 00 00 00 00 00 00 00 c0 65 58 08 81 88 ff ff  .........eX.....
    e0 00 00 00 03 00 00 00 11 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000005ea9741e>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
    [<000000005ea9741e>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000005ea9741e>] slab_alloc mm/slab.c:3326 [inline]
    [<000000005ea9741e>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<0000000040adf5d3>] kmalloc include/linux/slab.h:547 [inline]
    [<0000000040adf5d3>] kzalloc include/linux/slab.h:742 [inline]
    [<0000000040adf5d3>] selinux_sk_alloc_security+0x48/0xb0 security/selinux/hooks.c:5059
    [<00000000e40ca3a6>] security_sk_alloc+0x49/0x70 security/security.c:2026
    [<0000000066598504>] sk_prot_alloc+0x6e/0x170 net/core/sock.c:1605
    [<00000000803601ea>] sk_alloc+0x35/0x2f0 net/core/sock.c:1656
    [<0000000037b11206>] inet_create net/ipv4/af_inet.c:321 [inline]
    [<0000000037b11206>] inet_create+0x11c/0x470 net/ipv4/af_inet.c:247
    [<000000007e8218dc>] __sock_create+0x164/0x250 net/socket.c:1424
    [<0000000011585ca1>] sock_create net/socket.c:1475 [inline]
    [<0000000011585ca1>] __sys_socket+0x69/0x110 net/socket.c:1517
    [<0000000033778504>] __do_sys_socket net/socket.c:1526 [inline]
    [<0000000033778504>] __se_sys_socket net/socket.c:1524 [inline]
    [<0000000033778504>] __x64_sys_socket+0x1e/0x30 net/socket.c:1524
    [<00000000884a6d68>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<00000000e726fa7a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888124291300 (size 224):
  comm "syz-executor452", pid 7243, jiffies 4294956447 (age 18.930s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 40 e9 d1 2a 81 88 ff ff  ........@..*....
  backtrace:
    [<00000000c053c965>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
    [<00000000c053c965>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<00000000c053c965>] slab_alloc_node mm/slab.c:3269 [inline]
    [<00000000c053c965>] kmem_cache_alloc_node+0x153/0x2a0 mm/slab.c:3579
    [<00000000192098b2>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:194
    [<0000000067779a11>] alloc_skb include/linux/skbuff.h:1054 [inline]
    [<0000000067779a11>] sock_omalloc+0x4e/0x90 net/core/sock.c:2098
    [<0000000051f51372>] sock_zerocopy_alloc+0x3c/0xf0 net/core/skbuff.c:975
    [<0000000050eb1439>] sock_zerocopy_realloc+0x7b/0x110 net/core/skbuff.c:1045
    [<00000000b3e10bed>] __ip_append_data.isra.0+0x6cf/0xe60 net/ipv4/ip_output.c:918
    [<0000000035102747>] ip_append_data.part.0+0x9a/0x100 net/ipv4/ip_output.c:1216
    [<000000009f418ebe>] ip_append_data+0x5b/0x80 net/ipv4/ip_output.c:1205
    [<000000002ec59bd2>] udp_sendmsg+0x30f/0xf60 net/ipv4/udp.c:1209
    [<000000007ebe0d45>] inet_sendmsg+0x64/0x120 net/ipv4/af_inet.c:798
    [<00000000df20e9d3>] sock_sendmsg_nosec net/socket.c:646 [inline]
    [<00000000df20e9d3>] sock_sendmsg+0x54/0x70 net/socket.c:665
    [<000000007937e813>] __sys_sendto+0x148/0x1f0 net/socket.c:1958
    [<00000000ee879a37>] __do_sys_sendto net/socket.c:1970 [inline]
    [<00000000ee879a37>] __se_sys_sendto net/socket.c:1966 [inline]
    [<00000000ee879a37>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1966
    [<00000000884a6d68>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<00000000e726fa7a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9


Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/06/04 22:55 upstream 788a024921c4 e41a20c5 .config console log report syz C ci-upstream-gce-leak
2019/05/21 08:12 upstream f49aa1de9836 8285069f .config console log report syz C ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.