memory leak in nf_tables_parse_netdev

Title	Replies (including bot)	Last reply
[PATCH 0/9] Netfilter updates for net	11 (11)	2020/01/17 09:37
[PATCH] netfilter: nf_tables: fix memory leak in nf_tables_parse_netdev_hooks()	3 (3)	2020/01/16 13:59
memory leak in nf_tables_parse_netdev_hooks	0 (1)	2020/01/16 05:45

Title

Replies (including bot)

Last reply

[PATCH 0/9] Netfilter updates for net

11 (11)

2020/01/17 09:37

[PATCH] netfilter: nf_tables: fix memory leak in nf_tables_parse_netdev_hooks()

3 (3)

2020/01/16 13:59

memory leak in nf_tables_parse_netdev_hooks

0 (1)

2020/01/16 05:45

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	memory leak in nf_tables_parse_netdev_hooks (3) netfilter	C			1	1412d	1409d	15/26	fixed on 2020/07/17 17:58
upstream	memory leak in nf_tables_parse_netdev_hooks (2) netfilter	C			2	1504d	1509d	15/26	fixed on 2020/04/15 17:19

executing program executing program BUG: memory leak unreferenced object 0xffff888108c17680 (size 96): comm "syz-executor643", pid 7230, jiffies 4294942422 (age 13.930s) hex dump (first 32 bytes): 40 12 51 15 81 88 ff ff 40 12 51 15 81 88 ff ff @.Q.....@.Q..... 70 34 c7 82 ff ff ff ff 00 a0 15 25 81 88 ff ff p4.........%.... backtrace: [<00000000c001f92d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<00000000c001f92d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<00000000c001f92d>] slab_alloc mm/slab.c:3320 [inline] [<00000000c001f92d>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3549 [<00000000cd983960>] kmalloc include/linux/slab.h:555 [inline] [<00000000cd983960>] nft_netdev_hook_alloc+0x3f/0xd0 net/netfilter/nf_tables_api.c:1653 [<000000007e4ddde1>] nf_tables_parse_netdev_hooks+0xaa/0x220 net/netfilter/nf_tables_api.c:1702 [<00000000a270c5a0>] nf_tables_flowtable_parse_hook net/netfilter/nf_tables_api.c:6097 [inline] [<00000000a270c5a0>] nf_tables_newflowtable+0x407/0x930 net/netfilter/nf_tables_api.c:6297 [<00000000a574a28c>] nfnetlink_rcv_batch+0x353/0x8c0 net/netfilter/nfnetlink.c:433 [<00000000313ebe82>] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:543 [inline] [<00000000313ebe82>] nfnetlink_rcv+0x189/0x1c0 net/netfilter/nfnetlink.c:561 [<0000000050afd799>] netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline] [<0000000050afd799>] netlink_unicast+0x223/0x310 net/netlink/af_netlink.c:1328 [<0000000015724d8b>] netlink_sendmsg+0x2c0/0x570 net/netlink/af_netlink.c:1917 [<00000000018961ba>] sock_sendmsg_nosec net/socket.c:652 [inline] [<00000000018961ba>] sock_sendmsg+0x54/0x70 net/socket.c:672 [<000000000faaceaa>] ____sys_sendmsg+0x2d0/0x300 net/socket.c:2343 [<000000007f98b36a>] ___sys_sendmsg+0x8a/0xd0 net/socket.c:2397 [<00000000f3f00253>] __sys_sendmsg+0x80/0xf0 net/socket.c:2430 [<000000008654ee6c>] __do_sys_sendmsg net/socket.c:2439 [inline] [<000000008654ee6c>] __se_sys_sendmsg net/socket.c:2437 [inline] [<000000008654ee6c>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2437 [<00000000fd28efcd>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000e72f4bfb>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff888108874200 (size 96): comm "syz-executor643", pid 7231, jiffies 4294943021 (age 7.940s) hex dump (first 32 bytes): 40 0a 62 15 81 88 ff ff 40 0a 62 15 81 88 ff ff @.b.....@.b..... 70 34 c7 82 ff ff ff ff 00 a0 15 25 81 88 ff ff p4.........%.... backtrace: [<00000000c001f92d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<00000000c001f92d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<00000000c001f92d>] slab_alloc mm/slab.c:3320 [inline] [<00000000c001f92d>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3549 [<00000000cd983960>] kmalloc include/linux/slab.h:555 [inline] [<00000000cd983960>] nft_netdev_hook_alloc+0x3f/0xd0 net/netfilter/nf_tables_api.c:1653 [<000000007e4ddde1>] nf_tables_parse_netdev_hooks+0xaa/0x220 net/netfilter/nf_tables_api.c:1702 [<00000000a270c5a0>] nf_tables_flowtable_parse_hook net/netfilter/nf_tables_api.c:6097 [inline] [<00000000a270c5a0>] nf_tables_newflowtable+0x407/0x930 net/netfilter/nf_tables_api.c:6297 [<00000000a574a28c>] nfnetlink_rcv_batch+0x353/0x8c0 net/netfilter/nfnetlink.c:433 [<00000000313ebe82>] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:543 [inline] [<00000000313ebe82>] nfnetlink_rcv+0x189/0x1c0 net/netfilter/nfnetlink.c:561 [<0000000050afd799>] netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline] [<0000000050afd799>] netlink_unicast+0x223/0x310 net/netlink/af_netlink.c:1328 [<0000000015724d8b>] netlink_sendmsg+0x2c0/0x570 net/netlink/af_netlink.c:1917 [<00000000018961ba>] sock_sendmsg_nosec net/socket.c:652 [inline] [<00000000018961ba>] sock_sendmsg+0x54/0x70 net/socket.c:672 [<000000000faaceaa>] ____sys_sendmsg+0x2d0/0x300 net/socket.c:2343 [<000000007f98b36a>] ___sys_sendmsg+0x8a/0xd0 net/socket.c:2397 [<00000000f3f00253>] __sys_sendmsg+0x80/0xf0 net/socket.c:2430 [<000000008654ee6c>] __do_sys_sendmsg net/socket.c:2439 [inline] [<000000008654ee6c>] __se_sys_sendmsg net/socket.c:2437 [inline] [<000000008654ee6c>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2437 [<00000000fd28efcd>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000e72f4bfb>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

Crashes (6):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Manager
2020/02/14 20:44	upstream	b19e8c684703	5d7b90f1	.config	console log	report	syz	C	ci-upstream-gce-leak
2020/02/04 18:09	upstream	322bf2d3446a	93e5e335	.config	console log	report	syz	C	ci-upstream-gce-leak
2020/02/01 02:50	upstream	ccaaaf6fe5a5	c30117b2	.config	console log	report	syz	C	ci-upstream-gce-leak
2020/01/22 10:27	upstream	d96d875ef5dd	8eda0b95	.config	console log	report	syz	C	ci-upstream-gce-leak
2020/01/19 08:37	upstream	244dc2689085	bc8bc756	.config	console log	report	syz	C	ci-upstream-gce-leak
2020/01/16 04:51	upstream	51d69817519f	f9b69507	.config	console log	report	syz	C	ci-upstream-gce-leak

Crashes (6):

Assets (help?)