memory leak in j1939_sk

Title	Replies (including bot)	Last reply
[syzbot] memory leak in j1939_sk_sendmsg	0 (1)	2021/06/28 04:28

Title

Replies (including bot)

Last reply

[syzbot] memory leak in j1939_sk_sendmsg

0 (1)

2021/06/28 04:28


Created	Duration	User	Patch	Repo	Result
2023/04/14 15:40	15m	retest repro		upstream	OK log
2023/04/14 14:40	17m	retest repro		upstream	OK log
2023/04/14 13:40	15m	retest repro		upstream	OK log
2023/04/14 12:40	17m	retest repro		upstream	report log
2023/04/14 11:40	21m	retest repro		upstream	OK log
2022/12/24 06:31	14m	retest repro		upstream	OK log
2022/12/23 23:31	14m	retest repro		upstream	OK log
2022/12/23 22:31	14m	retest repro		upstream	OK log
2022/12/23 18:31	11m	retest repro		upstream	report log
2022/12/23 16:31	14m	retest repro		upstream	report log
2022/04/22 04:07	7m	k.kahurani@gmail.com	patch	upstream	report log
2022/04/19 07:11	11m	k.kahurani@gmail.com	patch	upstream	report log
2022/04/18 07:10	6m	k.kahurani@gmail.com		upstream	report log
2021/06/28 12:52	13m	kael_w@yeah.net		https://github.com/wanjb2115/linux.git 4b7d586b0179	report log

BUG: memory leak unreferenced object 0xffff888118809c00 (size 240): comm "syz-executor.1", pid 5231, jiffies 4294968343 (age 14.970s) hex dump (first 32 bytes): 00 9b 80 18 81 88 ff ff 68 9a 41 16 81 88 ff ff ........h.A..... 00 00 50 15 81 88 ff ff 00 e8 75 19 81 88 ff ff ..P.......u..... backtrace: [<ffffffff83dccd6d>] __alloc_skb+0x1fd/0x230 net/core/skbuff.c:644 [<ffffffff83dd5acf>] alloc_skb include/linux/skbuff.h:1288 [inline] [<ffffffff83dd5acf>] alloc_skb_with_frags+0x6f/0x340 net/core/skbuff.c:6378 [<ffffffff83dc25a3>] sock_alloc_send_pskb+0x3a3/0x3e0 net/core/sock.c:2729 [<ffffffff84411d56>] sock_alloc_send_skb include/net/sock.h:1860 [inline] [<ffffffff84411d56>] j1939_sk_alloc_skb net/can/j1939/socket.c:864 [inline] [<ffffffff84411d56>] j1939_sk_send_loop net/can/j1939/socket.c:1121 [inline] [<ffffffff84411d56>] j1939_sk_sendmsg+0x2d6/0x810 net/can/j1939/socket.c:1256 [<ffffffff83db7078>] sock_sendmsg_nosec net/socket.c:724 [inline] [<ffffffff83db7078>] sock_sendmsg+0x58/0xb0 net/socket.c:747 [<ffffffff83dbd993>] sock_no_sendpage+0x93/0xc0 net/core/sock.c:3230 [<ffffffff83db7bc1>] kernel_sendpage net/socket.c:3582 [inline] [<ffffffff83db7bc1>] kernel_sendpage+0xd1/0x2b0 net/socket.c:3576 [<ffffffff83db7de9>] sock_sendpage+0x49/0x80 net/socket.c:1082 [<ffffffff816b9996>] pipe_to_sendpage+0xa6/0x110 fs/splice.c:471 [<ffffffff816bb201>] splice_from_pipe_feed fs/splice.c:525 [inline] [<ffffffff816bb201>] __splice_from_pipe+0x1f1/0x330 fs/splice.c:669 [<ffffffff816bbb13>] splice_from_pipe fs/splice.c:704 [inline] [<ffffffff816bbb13>] generic_splice_sendpage+0x73/0xb0 fs/splice.c:852 [<ffffffff816b9a4f>] do_splice_from fs/splice.c:873 [inline] [<ffffffff816b9a4f>] direct_splice_actor+0x4f/0x70 fs/splice.c:1039 [<ffffffff816ba48d>] splice_direct_to_actor+0x14d/0x350 fs/splice.c:994 [<ffffffff816ba77c>] do_splice_direct+0xec/0x150 fs/splice.c:1082 [<ffffffff81656d1f>] do_sendfile+0x57f/0x7d0 fs/read_write.c:1254 [<ffffffff8165acd6>] __do_sys_sendfile64 fs/read_write.c:1322 [inline] [<ffffffff8165acd6>] __se_sys_sendfile64 fs/read_write.c:1308 [inline] [<ffffffff8165acd6>] __x64_sys_sendfile64+0xe6/0x100 fs/read_write.c:1308 BUG: memory leak unreferenced object 0xffff888116419a00 (size 512): comm "syz-executor.1", pid 5231, jiffies 4294968343 (age 14.970s) hex dump (first 32 bytes): 00 00 38 19 81 88 ff ff 08 9a 41 16 81 88 ff ff ..8.......A..... 08 9a 41 16 81 88 ff ff 18 9a 41 16 81 88 ff ff ..A.......A..... backtrace: [<ffffffff81545984>] kmalloc_trace+0x24/0x90 mm/slab_common.c:1057 [<ffffffff844133cb>] kmalloc include/linux/slab.h:559 [inline] [<ffffffff844133cb>] kzalloc include/linux/slab.h:680 [inline] [<ffffffff844133cb>] j1939_session_new+0x5b/0x160 net/can/j1939/transport.c:1494 [<ffffffff84418a84>] j1939_tp_send+0x154/0x350 net/can/j1939/transport.c:2004 [<ffffffff84411f28>] j1939_sk_send_loop net/can/j1939/socket.c:1133 [inline] [<ffffffff84411f28>] j1939_sk_sendmsg+0x4a8/0x810 net/can/j1939/socket.c:1256 [<ffffffff83db7078>] sock_sendmsg_nosec net/socket.c:724 [inline] [<ffffffff83db7078>] sock_sendmsg+0x58/0xb0 net/socket.c:747 [<ffffffff83dbd993>] sock_no_sendpage+0x93/0xc0 net/core/sock.c:3230 [<ffffffff83db7bc1>] kernel_sendpage net/socket.c:3582 [inline] [<ffffffff83db7bc1>] kernel_sendpage+0xd1/0x2b0 net/socket.c:3576 [<ffffffff83db7de9>] sock_sendpage+0x49/0x80 net/socket.c:1082 [<ffffffff816b9996>] pipe_to_sendpage+0xa6/0x110 fs/splice.c:471 [<ffffffff816bb201>] splice_from_pipe_feed fs/splice.c:525 [inline] [<ffffffff816bb201>] __splice_from_pipe+0x1f1/0x330 fs/splice.c:669 [<ffffffff816bbb13>] splice_from_pipe fs/splice.c:704 [inline] [<ffffffff816bbb13>] generic_splice_sendpage+0x73/0xb0 fs/splice.c:852 [<ffffffff816b9a4f>] do_splice_from fs/splice.c:873 [inline] [<ffffffff816b9a4f>] direct_splice_actor+0x4f/0x70 fs/splice.c:1039 [<ffffffff816ba48d>] splice_direct_to_actor+0x14d/0x350 fs/splice.c:994 [<ffffffff816ba77c>] do_splice_direct+0xec/0x150 fs/splice.c:1082 [<ffffffff81656d1f>] do_sendfile+0x57f/0x7d0 fs/read_write.c:1254 [<ffffffff8165acd6>] __do_sys_sendfile64 fs/read_write.c:1322 [inline] [<ffffffff8165acd6>] __se_sys_sendfile64 fs/read_write.c:1308 [inline] [<ffffffff8165acd6>] __x64_sys_sendfile64+0xe6/0x100 fs/read_write.c:1308 BUG: memory leak unreferenced object 0xffff888118809b00 (size 240): comm "syz-executor.1", pid 5231, jiffies 4294968343 (age 14.970s) hex dump (first 32 bytes): 00 9a 80 18 81 88 ff ff 00 9c 80 18 81 88 ff ff ................ 00 00 50 15 81 88 ff ff 00 e8 75 19 81 88 ff ff ..P.......u..... backtrace: [<ffffffff83dccd6d>] __alloc_skb+0x1fd/0x230 net/core/skbuff.c:644 [<ffffffff83dd5acf>] alloc_skb include/linux/skbuff.h:1288 [inline] [<ffffffff83dd5acf>] alloc_skb_with_frags+0x6f/0x340 net/core/skbuff.c:6378 [<ffffffff83dc25a3>] sock_alloc_send_pskb+0x3a3/0x3e0 net/core/sock.c:2729 [<ffffffff84411d56>] sock_alloc_send_skb include/net/sock.h:1860 [inline] [<ffffffff84411d56>] j1939_sk_alloc_skb net/can/j1939/socket.c:864 [inline] [<ffffffff84411d56>] j1939_sk_send_loop net/can/j1939/socket.c:1121 [inline] [<ffffffff84411d56>] j1939_sk_sendmsg+0x2d6/0x810 net/can/j1939/socket.c:1256 [<ffffffff83db7078>] sock_sendmsg_nosec net/socket.c:724 [inline] [<ffffffff83db7078>] sock_sendmsg+0x58/0xb0 net/socket.c:747 [<ffffffff83dbd993>] sock_no_sendpage+0x93/0xc0 net/core/sock.c:3230 [<ffffffff83db7bc1>] kernel_sendpage net/socket.c:3582 [inline] [<ffffffff83db7bc1>] kernel_sendpage+0xd1/0x2b0 net/socket.c:3576 [<ffffffff83db7de9>] sock_sendpage+0x49/0x80 net/socket.c:1082 [<ffffffff816b9996>] pipe_to_sendpage+0xa6/0x110 fs/splice.c:471 [<ffffffff816bb201>] splice_from_pipe_feed fs/splice.c:525 [inline] [<ffffffff816bb201>] __splice_from_pipe+0x1f1/0x330 fs/splice.c:669 [<ffffffff816bbb13>] splice_from_pipe fs/splice.c:704 [inline] [<ffffffff816bbb13>] generic_splice_sendpage+0x73/0xb0 fs/splice.c:852 [<ffffffff816b9a4f>] do_splice_from fs/splice.c:873 [inline] [<ffffffff816b9a4f>] direct_splice_actor+0x4f/0x70 fs/splice.c:1039 [<ffffffff816ba48d>] splice_direct_to_actor+0x14d/0x350 fs/splice.c:994 [<ffffffff816ba77c>] do_splice_direct+0xec/0x150 fs/splice.c:1082 [<ffffffff81656d1f>] do_sendfile+0x57f/0x7d0 fs/read_write.c:1254 [<ffffffff8165acd6>] __do_sys_sendfile64 fs/read_write.c:1322 [inline] [<ffffffff8165acd6>] __se_sys_sendfile64 fs/read_write.c:1308 [inline] [<ffffffff8165acd6>] __x64_sys_sendfile64+0xe6/0x100 fs/read_write.c:1308

Crashes (18):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Assets	Manager	Title
2023/05/25 17:21	upstream	933174ae28ba	0513b3e6	.config	console log	report	syz		[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/09/12 23:05	upstream	80e78fcce86d	f371ed7e	.config	console log	report	syz		[disk image] [vmlinux]	ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/08/04 09:24	upstream	200e340f2196	1c9013ac	.config	console log	report	syz	C		ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/08/04 08:54	upstream	200e340f2196	1c9013ac	.config	console log	report	syz	C		ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/05/14 05:26	upstream	ec7f49619d8e	107f6434	.config	console log	report	syz	C		ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/04/09 14:29	upstream	6c7376da2358	e22c3da3	.config	console log	report	syz	C		ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2021/09/10 16:34	upstream	bf9f243f23e6	5ae8508a	.config	console log	report	syz	C		ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2021/09/09 10:34	upstream	730bf31b8fc8	e2776ee4	.config	console log	report	syz	C		ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2021/06/24 04:18	upstream	7266f2030eb0	fe4ab389	.config	console log	report	syz	C		ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/08/07 12:18	upstream	20cf903a0c40	88e3a122	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/08/07 09:12	upstream	20cf903a0c40	88e3a122	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/06/01 08:35	upstream	2a5699b0de4e	3666edfe	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/05/28 20:34	upstream	9d004b2f4fea	a46af346	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/05/28 01:47	upstream	8291eaafed36	a46af346	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/05/26 09:34	upstream	7e062cda7d90	3037caa9	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/05/15 07:14	upstream	2fe1020d73ca	744a39e2	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/04/17 17:51	upstream	a2c29ccd9477	8bcc32a6	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg
2022/04/03 16:19	upstream	be2d3ecedd99	79a2a8fc	.config	console log	report	syz			ci-upstream-gce-leak	memory leak in j1939_sk_sendmsg

Crashes (18):

2023/05/25 17:21

upstream