memory leak in __ieee80211_beacon

memory leak in __ieee80211_beacon_get
Status: upstream: reported syz repro on 2021/02/07 07:20
Reported-by: syzbot+e832ab33619901afc64a@syzkaller.appspotmail.com
First crash: 25d, last: 15d

Sample crash report:

BUG: memory leak
unreferenced object 0xffff888122f7ef00 (size 232):
  comm "softirq", pid 0, jiffies 4295052969 (age 10.930s)
  hex dump (first 32 bytes):
    10 45 7a 21 81 88 ff ff 10 45 7a 21 81 88 ff ff  .Ez!.....Ez!....
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000005f84d0c0>] __alloc_skb+0x6d/0x280 net/core/skbuff.c:198
    [<0000000011f3557f>] __netdev_alloc_skb+0x6a/0x210 net/core/skbuff.c:446
    [<00000000d7e8762f>] netdev_alloc_skb include/linux/skbuff.h:2832 [inline]
    [<00000000d7e8762f>] dev_alloc_skb include/linux/skbuff.h:2845 [inline]
    [<00000000d7e8762f>] __ieee80211_beacon_get+0x662/0x7a0 net/mac80211/tx.c:4814
    [<00000000a095a74a>] ieee80211_beacon_get_tim+0x47/0x1c0 net/mac80211/tx.c:4928
    [<000000009cb66745>] ieee80211_beacon_get include/net/mac80211.h:4918 [inline]
    [<000000009cb66745>] mac80211_hwsim_beacon_tx+0xa1/0x2c0 drivers/net/wireless/mac80211_hwsim.c:1729
    [<000000004a1a37e5>] __iterate_interfaces+0x125/0x260 net/mac80211/util.c:793
    [<00000000042c8a74>] ieee80211_iterate_active_interfaces_atomic+0x2e/0x40 net/mac80211/util.c:829
    [<00000000c9a56a12>] mac80211_hwsim_beacon+0x52/0xb0 drivers/net/wireless/mac80211_hwsim.c:1782
    [<00000000c2837cce>] __run_hrtimer kernel/time/hrtimer.c:1519 [inline]
    [<00000000c2837cce>] __hrtimer_run_queues+0x1ba/0x470 kernel/time/hrtimer.c:1583
    [<00000000169504f7>] hrtimer_run_softirq+0x7e/0x100 kernel/time/hrtimer.c:1600
    [<00000000f083cd9b>] __do_softirq+0xbf/0x2ab kernel/softirq.c:343
    [<000000009feb6d19>] asm_call_irq_on_stack+0xf/0x20
    [<0000000027dc5ec5>] __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline]
    [<0000000027dc5ec5>] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline]
    [<0000000027dc5ec5>] do_softirq_own_stack+0x32/0x40 arch/x86/kernel/irq_64.c:77
    [<0000000017e3a349>] invoke_softirq kernel/softirq.c:226 [inline]
    [<0000000017e3a349>] __irq_exit_rcu kernel/softirq.c:420 [inline]
    [<0000000017e3a349>] irq_exit_rcu+0x93/0xc0 kernel/softirq.c:432
    [<000000001c769408>] sysvec_apic_timer_interrupt+0x36/0x80 arch/x86/kernel/apic/apic.c:1100
    [<00000000b605f0b9>] asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629

Crashes (3):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	Title
ci-upstream-gce-leak	2021/02/13 04:34	upstream	dcc0b490	98682e5e	.config	log	report	syz	memory leak in __ieee80211_beacon_get
ci-upstream-gce-leak	2021/02/13 02:43	upstream	dcc0b490	98682e5e	.config	log	report	syz	memory leak in __ieee80211_beacon_get
ci-upstream-gce-leak	2021/02/03 07:14	upstream	3aaf0a27	624dad51	.config	log	report	syz	memory leak in __ieee80211_beacon_get