syzbot


memory leak in llc_ui_create

Status: fixed on 2019/06/18 17:49
Subsystems: net
[Documentation on labels]
Fix commit: 8fb44d60d414 llc: fix skb leak in llc_build_and_send_ui_pkt()
First crash: 1849d, last: 1831d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in llc_ui_create (2) C done 19 1699d 1819d 13/28 fixed on 2019/11/04 14:50

Sample crash report:
executing program
executing program
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888121d16800 (size 2048):
  comm "syz-executor466", pid 7175, jiffies 4294947016 (age 39.900s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    1a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00  ...@............
  backtrace:
    [<000000004b78b264>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
    [<000000004b78b264>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000004b78b264>] slab_alloc mm/slab.c:3326 [inline]
    [<000000004b78b264>] __do_kmalloc mm/slab.c:3658 [inline]
    [<000000004b78b264>] __kmalloc+0x161/0x2c0 mm/slab.c:3669
    [<000000006fbf3bc0>] kmalloc include/linux/slab.h:552 [inline]
    [<000000006fbf3bc0>] sk_prot_alloc+0xd6/0x170 net/core/sock.c:1602
    [<000000007e3266e5>] sk_alloc+0x35/0x2f0 net/core/sock.c:1656
    [<0000000026c97c03>] llc_sk_alloc+0x35/0x170 net/llc/llc_conn.c:950
    [<00000000f401c8af>] llc_ui_create+0x7b/0x140 net/llc/af_llc.c:173
    [<000000004d3603cb>] __sock_create+0x164/0x250 net/socket.c:1424
    [<0000000007a1f6ee>] sock_create net/socket.c:1475 [inline]
    [<0000000007a1f6ee>] __sys_socket+0x69/0x110 net/socket.c:1517
    [<0000000013bcf545>] __do_sys_socket net/socket.c:1526 [inline]
    [<0000000013bcf545>] __se_sys_socket net/socket.c:1524 [inline]
    [<0000000013bcf545>] __x64_sys_socket+0x1e/0x30 net/socket.c:1524
    [<00000000b3afd02d>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<00000000bd9d81cb>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888114ebab80 (size 32):
  comm "syz-executor466", pid 7175, jiffies 4294947016 (age 39.900s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    e0 00 00 00 03 00 00 00 0f 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000649afb24>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
    [<00000000649afb24>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<00000000649afb24>] slab_alloc mm/slab.c:3326 [inline]
    [<00000000649afb24>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<0000000097e20cc5>] kmalloc include/linux/slab.h:547 [inline]
    [<0000000097e20cc5>] kzalloc include/linux/slab.h:742 [inline]
    [<0000000097e20cc5>] selinux_sk_alloc_security+0x48/0xb0 security/selinux/hooks.c:5059
    [<00000000d3f8e3cf>] security_sk_alloc+0x49/0x70 security/security.c:2026
    [<000000000cae2c30>] sk_prot_alloc+0xf1/0x170 net/core/sock.c:1605
    [<000000007e3266e5>] sk_alloc+0x35/0x2f0 net/core/sock.c:1656
    [<0000000026c97c03>] llc_sk_alloc+0x35/0x170 net/llc/llc_conn.c:950
    [<00000000f401c8af>] llc_ui_create+0x7b/0x140 net/llc/af_llc.c:173
    [<000000004d3603cb>] __sock_create+0x164/0x250 net/socket.c:1424
    [<0000000007a1f6ee>] sock_create net/socket.c:1475 [inline]
    [<0000000007a1f6ee>] __sys_socket+0x69/0x110 net/socket.c:1517
    [<0000000013bcf545>] __do_sys_socket net/socket.c:1526 [inline]
    [<0000000013bcf545>] __se_sys_socket net/socket.c:1524 [inline]
    [<0000000013bcf545>] __x64_sys_socket+0x1e/0x30 net/socket.c:1524
    [<00000000b3afd02d>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<00000000bd9d81cb>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888117e85c00 (size 224):
  comm "syz-executor466", pid 7175, jiffies 4294947016 (age 39.900s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 30 30 24 81 88 ff ff 00 68 d1 21 81 88 ff ff  .00$.....h.!....
  backtrace:
    [<00000000b79bf2a0>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
    [<00000000b79bf2a0>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<00000000b79bf2a0>] slab_alloc_node mm/slab.c:3269 [inline]
    [<00000000b79bf2a0>] kmem_cache_alloc_node+0x153/0x2a0 mm/slab.c:3579
    [<00000000ac4fb87a>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:194
    [<00000000e18f5085>] alloc_skb include/linux/skbuff.h:1054 [inline]
    [<00000000e18f5085>] alloc_skb_with_frags+0x5f/0x250 net/core/skbuff.c:5327
    [<000000002a66b9b5>] sock_alloc_send_pskb+0x269/0x2a0 net/core/sock.c:2219
    [<00000000f366408f>] sock_alloc_send_skb+0x32/0x40 net/core/sock.c:2236
    [<00000000667131f8>] llc_ui_sendmsg+0x10a/0x540 net/llc/af_llc.c:933
    [<00000000aba10227>] sock_sendmsg_nosec net/socket.c:646 [inline]
    [<00000000aba10227>] sock_sendmsg+0x54/0x70 net/socket.c:665
    [<000000003ac4f347>] ___sys_sendmsg+0x393/0x3c0 net/socket.c:2286
    [<000000003c337612>] __sys_sendmsg+0x80/0xf0 net/socket.c:2324
    [<000000005ccb165d>] __do_sys_sendmsg net/socket.c:2333 [inline]
    [<000000005ccb165d>] __se_sys_sendmsg net/socket.c:2331 [inline]
    [<000000005ccb165d>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2331
    [<00000000b3afd02d>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<00000000bd9d81cb>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811b80f800 (size 2048):
  comm "syz-executor466", pid 7178, jiffies 4294947561 (age 34.450s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    1a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00  ...@............
  backtrace:
    [<000000004b78b264>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
    [<000000004b78b264>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000004b78b264>] slab_alloc mm/slab.c:3326 [inline]
    [<000000004b78b264>] __do_kmalloc mm/slab.c:3658 [inline]
    [<000000004b78b264>] __kmalloc+0x161/0x2c0 mm/slab.c:3669
    [<000000006fbf3bc0>] kmalloc include/linux/slab.h:552 [inline]
    [<000000006fbf3bc0>] sk_prot_alloc+0xd6/0x170 net/core/sock.c:1602
    [<000000007e3266e5>] sk_alloc+0x35/0x2f0 net/core/sock.c:1656
    [<0000000026c97c03>] llc_sk_alloc+0x35/0x170 net/llc/llc_conn.c:950
    [<00000000f401c8af>] llc_ui_create+0x7b/0x140 net/llc/af_llc.c:173
    [<000000004d3603cb>] __sock_create+0x164/0x250 net/socket.c:1424
    [<0000000007a1f6ee>] sock_create net/socket.c:1475 [inline]
    [<0000000007a1f6ee>] __sys_socket+0x69/0x110 net/socket.c:1517
    [<0000000013bcf545>] __do_sys_socket net/socket.c:1526 [inline]
    [<0000000013bcf545>] __se_sys_socket net/socket.c:1524 [inline]
    [<0000000013bcf545>] __x64_sys_socket+0x1e/0x30 net/socket.c:1524
    [<00000000b3afd02d>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<00000000bd9d81cb>] entry_SYSCALL_64_after_hwframe+0x44/0xa9


Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/06/09 02:24 upstream 8d72e5bd86cb 0159583c .config console log report syz C ci-upstream-gce-leak
2019/06/03 04:21 upstream 9221dced3069 53c81ea5 .config console log report syz C ci-upstream-gce-leak
2019/06/03 01:05 upstream 9221dced3069 53c81ea5 .config console log report syz C ci-upstream-gce-leak
2019/05/21 21:02 upstream 5bdd9ad875b6 13427bd9 .config console log report syz C ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.