memory leak in __nf_hook_entries_try

memory leak in __nf_hook_entries_try_shrink
Status: upstream: reported C repro on 2019/06/13 20:06
Reported-by: syzbot+c51f73e78e7e2ce3a31e@syzkaller.appspotmail.com
First crash: 252d, last: 229d

Cause bisection: introduced by (bisect log):

commit fc79168a7c75423047d60a033dc4844955ccae0b
Author: Helge Deller <deller@gmx.de>
Date: Wed Apr 13 20:44:54 2016 +0000

parisc: Add syscall tracepoint support

Crash: memory leak in next_bio (log)
Repro: C syz .config

Sample crash report:

executing program
executing program
BUG: memory leak
unreferenced object 0xffff888121ce8880 (size 96):
  comm "syz-executor898", pid 6944, jiffies 4294951724 (age 15.520s)
  hex dump (first 32 bytes):
    02 00 00 00 00 00 00 00 20 06 bc 82 ff ff ff ff  ........ .......
    00 00 00 00 00 00 00 00 00 1a bc 82 ff ff ff ff  ................
  backtrace:
    [<00000000b1b49de8>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<00000000b1b49de8>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<00000000b1b49de8>] slab_alloc_node mm/slab.c:3269 [inline]
    [<00000000b1b49de8>] kmem_cache_alloc_node_trace+0x15b/0x2a0 mm/slab.c:3597
    [<00000000fb94d141>] __do_kmalloc_node mm/slab.c:3619 [inline]
    [<00000000fb94d141>] __kmalloc_node+0x38/0x50 mm/slab.c:3627
    [<00000000403fc4f1>] kmalloc_node include/linux/slab.h:590 [inline]
    [<00000000403fc4f1>] kvmalloc_node+0x4a/0xd0 mm/util.c:431
    [<00000000477c2f27>] kvmalloc include/linux/mm.h:648 [inline]
    [<00000000477c2f27>] kvzalloc include/linux/mm.h:656 [inline]
    [<00000000477c2f27>] allocate_hook_entries_size+0x3b/0x60 net/netfilter/core.c:61
    [<000000003680c5e7>] __nf_hook_entries_try_shrink+0xbd/0x190 net/netfilter/core.c:248
    [<000000005a7902d9>] __nf_unregister_net_hook+0x12f/0x1b0 net/netfilter/core.c:416
    [<00000000b7ae4d54>] nf_unregister_net_hook+0x32/0x70 net/netfilter/core.c:431
    [<0000000045b31790>] nf_unregister_net_hooks+0x3d/0x50 net/netfilter/core.c:499
    [<000000005e6b778b>] selinux_nf_unregister+0x22/0x30 security/selinux/hooks.c:7103
    [<00000000d9d86cef>] ops_exit_list.isra.0+0x4c/0x80 net/core/net_namespace.c:154
    [<000000003704c33e>] setup_net+0x14a/0x230 net/core/net_namespace.c:333
    [<00000000cae83c02>] copy_net_ns+0xf0/0x1e0 net/core/net_namespace.c:439
    [<0000000074a72560>] create_new_namespaces+0x141/0x2a0 kernel/nsproxy.c:103
    [<00000000447e141c>] unshare_nsproxy_namespaces+0x7f/0x100 kernel/nsproxy.c:202
    [<00000000c40130b5>] ksys_unshare+0x236/0x490 kernel/fork.c:2675
    [<0000000050077794>] __do_sys_unshare kernel/fork.c:2743 [inline]
    [<0000000050077794>] __se_sys_unshare kernel/fork.c:2741 [inline]
    [<0000000050077794>] __x64_sys_unshare+0x16/0x20 kernel/fork.c:2741

executing program
executing program
executing program
executing program

Crashes (4):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Maintainers
ci-upstream-gce-leak	2019/07/07 05:10	upstream	46713c3d	f62e1e85	.config	log	report	syz	C	coreteam@netfilter.org, davem@davemloft.net, fw@strlen.de, kadlec@blackhole.kfki.hu, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, pablo@netfilter.org
ci-upstream-gce-leak	2019/06/20 17:13	upstream	abf02e29	34bf9440	.config	log	report	syz	C	coreteam@netfilter.org, davem@davemloft.net, fw@strlen.de, kadlec@blackhole.kfki.hu, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, pablo@netfilter.org
ci-upstream-gce-leak	2019/06/17 02:43	upstream	963172d9	442206d7	.config	log	report	syz	C	coreteam@netfilter.org, davem@davemloft.net, fw@strlen.de, kadlec@blackhole.kfki.hu, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, pablo@netfilter.org
ci-upstream-gce-leak	2019/06/13 15:40	upstream	b076173a	3f4e812b	.config	log	report	syz	C	coreteam@netfilter.org, davem@davemloft.net, fw@strlen.de, kadlec@blackhole.kfki.hu, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, pablo@netfilter.org