syzbot


memory leak in tcf_ctinfo_init

Status: fixed on 2020/02/18 14:31
Subsystems: net
[Documentation on labels]
Fix commit: 09d4f10a5e78 net: sched: act_ctinfo: fix memory leak
First crash: 1609d, last: 1607d

Sample crash report:
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888121ddf540 (size 64):
  comm "syz-executor749", pid 7205, jiffies 4294946705 (age 13.420s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 34 60 84 ff ff ff ff 00 00 00 00 00 00 00 00  .4`.............
  backtrace:
    [<000000009f5c30fb>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000009f5c30fb>] slab_post_alloc_hook mm/slab.h:586 [inline]
    [<000000009f5c30fb>] slab_alloc mm/slab.c:3320 [inline]
    [<000000009f5c30fb>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3549
    [<000000001877b1c8>] kmalloc include/linux/slab.h:556 [inline]
    [<000000001877b1c8>] kzalloc include/linux/slab.h:670 [inline]
    [<000000001877b1c8>] tcf_ctinfo_init+0x21a/0x530 net/sched/act_ctinfo.c:236
    [<00000000416a1b36>] tcf_action_init_1+0x400/0x5b0 net/sched/act_api.c:944
    [<00000000ca8a36b1>] tcf_action_init+0x135/0x1c0 net/sched/act_api.c:1000
    [<00000000694ae72a>] tcf_action_add+0x9a/0x200 net/sched/act_api.c:1410
    [<000000006e7ec80f>] tc_ctl_action+0x14d/0x1bb net/sched/act_api.c:1465
    [<00000000d798823f>] rtnetlink_rcv_msg+0x178/0x4b0 net/core/rtnetlink.c:5424
    [<0000000046818567>] netlink_rcv_skb+0x61/0x170 net/netlink/af_netlink.c:2477
    [<00000000547d42f6>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5442
    [<00000000d417ad67>] netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
    [<00000000d417ad67>] netlink_unicast+0x223/0x310 net/netlink/af_netlink.c:1328
    [<00000000c8535206>] netlink_sendmsg+0x2c0/0x570 net/netlink/af_netlink.c:1917
    [<000000008f2661b3>] sock_sendmsg_nosec net/socket.c:639 [inline]
    [<000000008f2661b3>] sock_sendmsg+0x54/0x70 net/socket.c:659
    [<00000000a3c148f6>] ____sys_sendmsg+0x2d0/0x300 net/socket.c:2330
    [<00000000f276c05c>] ___sys_sendmsg+0x8a/0xd0 net/socket.c:2384
    [<00000000369ca2bc>] __sys_sendmsg+0x80/0xf0 net/socket.c:2417
    [<000000003e9f2f93>] __do_sys_sendmsg net/socket.c:2426 [inline]
    [<000000003e9f2f93>] __se_sys_sendmsg net/socket.c:2424 [inline]
    [<000000003e9f2f93>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2424

BUG: memory leak
unreferenced object 0xffff8881212f4800 (size 64):
  comm "syz-executor749", pid 7206, jiffies 4294947282 (age 7.650s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 34 60 84 ff ff ff ff 00 00 00 00 00 00 00 00  .4`.............
  backtrace:
    [<000000009f5c30fb>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000009f5c30fb>] slab_post_alloc_hook mm/slab.h:586 [inline]
    [<000000009f5c30fb>] slab_alloc mm/slab.c:3320 [inline]
    [<000000009f5c30fb>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3549
    [<000000001877b1c8>] kmalloc include/linux/slab.h:556 [inline]
    [<000000001877b1c8>] kzalloc include/linux/slab.h:670 [inline]
    [<000000001877b1c8>] tcf_ctinfo_init+0x21a/0x530 net/sched/act_ctinfo.c:236
    [<00000000416a1b36>] tcf_action_init_1+0x400/0x5b0 net/sched/act_api.c:944
    [<00000000ca8a36b1>] tcf_action_init+0x135/0x1c0 net/sched/act_api.c:1000
    [<00000000694ae72a>] tcf_action_add+0x9a/0x200 net/sched/act_api.c:1410
    [<000000006e7ec80f>] tc_ctl_action+0x14d/0x1bb net/sched/act_api.c:1465
    [<00000000d798823f>] rtnetlink_rcv_msg+0x178/0x4b0 net/core/rtnetlink.c:5424
    [<0000000046818567>] netlink_rcv_skb+0x61/0x170 net/netlink/af_netlink.c:2477
    [<00000000547d42f6>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5442
    [<00000000d417ad67>] netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
    [<00000000d417ad67>] netlink_unicast+0x223/0x310 net/netlink/af_netlink.c:1328
    [<00000000c8535206>] netlink_sendmsg+0x2c0/0x570 net/netlink/af_netlink.c:1917
    [<000000008f2661b3>] sock_sendmsg_nosec net/socket.c:639 [inline]
    [<000000008f2661b3>] sock_sendmsg+0x54/0x70 net/socket.c:659
    [<00000000a3c148f6>] ____sys_sendmsg+0x2d0/0x300 net/socket.c:2330
    [<00000000f276c05c>] ___sys_sendmsg+0x8a/0xd0 net/socket.c:2384
    [<00000000369ca2bc>] __sys_sendmsg+0x80/0xf0 net/socket.c:2417
    [<000000003e9f2f93>] __do_sys_sendmsg net/socket.c:2426 [inline]
    [<000000003e9f2f93>] __se_sys_sendmsg net/socket.c:2424 [inline]
    [<000000003e9f2f93>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2424


Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/01/19 22:41 upstream 8f8972a3127f 0342f8c7 .config console log report syz C ci-upstream-gce-leak
2020/01/18 18:53 upstream 25e73aadf297 3de7aabb .config console log report syz C ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.