syzbot

 sign-in | mailing list | source | docs
🐞 Open [1026] Subsystems 🐞 Fixed [5278] 🐞 Invalid [12603] Missing Backports [86] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

memory leak in ndisc_send_rs (3)

Status: closed as invalid on 2024/03/12 15:57
Subsystems: net
[Documentation on labels]
First crash: 326d, last: 326d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in ndisc_send_rs net C 2 936d 984d 22/26 fixed on 2023/02/24 13:50
upstream memory leak in ndisc_send_rs (2) net C 1 432d 432d 0/26 closed as invalid on 2023/04/12 12:24
Last patch testing requests (3)
Created Duration User Patch Repo Result
2024/01/06 04:25 21m retest repro upstream log
2023/10/27 13:35 2h39m edumazet@google.com upstream log
2023/08/25 15:49 25m retest repro upstream log

Sample crash report:
BUG: memory leak
unreferenced object 0xffff8881017ef340 (size 640):
  comm "kworker/1:8", pid 5077, jiffies 4294970221 (age 197.940s)
  hex dump (first 32 bytes):
    00 00 33 33 00 00 00 02 aa aa aa aa aa 1c 86 dd  ..33............
    60 00 00 00 00 10 3a ff fe 80 00 00 00 00 00 00  `.....:.........
  backtrace:
    [<ffffffff83dcb316>] kmalloc_reserve+0xe6/0x180 net/core/skbuff.c:568
    [<ffffffff83dce755>] __alloc_skb+0xd5/0x230 net/core/skbuff.c:654
    [<ffffffff84293ef6>] alloc_skb include/linux/skbuff.h:1288 [inline]
    [<ffffffff84293ef6>] ndisc_alloc_skb+0x56/0x100 net/ipv6/ndisc.c:421
    [<ffffffff842994a0>] ndisc_send_rs+0x1c0/0x2a0 net/ipv6/ndisc.c:702
    [<ffffffff8426df8e>] addrconf_dad_completed+0x17e/0x5d0 net/ipv6/addrconf.c:4254
    [<ffffffff8426e7b9>] addrconf_dad_work+0x3d9/0x920 net/ipv6/addrconf.c:4162
    [<ffffffff812afd6a>] process_one_work+0x2ba/0x650 kernel/workqueue.c:2405
    [<ffffffff812b06ed>] worker_thread+0x5d/0x5c0 kernel/workqueue.c:2552
    [<ffffffff812ba8b3>] kthread+0x133/0x180 kernel/kthread.c:379
    [<ffffffff810031cf>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

BUG: memory leak
unreferenced object 0xffff8881166e0800 (size 2048):
  comm "kworker/1:2", pid 2489, jiffies 4294970244 (age 197.710s)
  hex dump (first 32 bytes):
    00 00 33 33 00 00 00 16 aa aa aa aa aa 1c 86 dd  ..33............
    60 00 00 00 00 38 00 01 fe 80 00 00 00 00 00 00  `....8..........
  backtrace:
    [<ffffffff81545fdb>] __do_kmalloc_node mm/slab_common.c:965 [inline]
    [<ffffffff81545fdb>] __kmalloc_node_track_caller+0x4b/0x120 mm/slab_common.c:986
    [<ffffffff83dcb2cc>] kmalloc_reserve+0x9c/0x180 net/core/skbuff.c:585
    [<ffffffff83dce755>] __alloc_skb+0xd5/0x230 net/core/skbuff.c:654
    [<ffffffff83dd723f>] alloc_skb include/linux/skbuff.h:1288 [inline]
    [<ffffffff83dd723f>] alloc_skb_with_frags+0x6f/0x340 net/core/skbuff.c:6380
    [<ffffffff83dc40a3>] sock_alloc_send_pskb+0x3a3/0x3e0 net/core/sock.c:2729
    [<ffffffff842aaa01>] sock_alloc_send_skb include/net/sock.h:1872 [inline]
    [<ffffffff842aaa01>] mld_newpack.isra.0+0x81/0x220 net/ipv6/mcast.c:1748
    [<ffffffff842aac6c>] add_grhead+0xcc/0xf0 net/ipv6/mcast.c:1851
    [<ffffffff842ab463>] add_grec+0x7d3/0x840 net/ipv6/mcast.c:1989
    [<ffffffff842ab622>] mld_send_initial_cr.part.0.isra.0+0x52/0x80 net/ipv6/mcast.c:2236
    [<ffffffff842adeaf>] mld_send_initial_cr net/ipv6/mcast.c:1232 [inline]
    [<ffffffff842adeaf>] mld_dad_work+0xaf/0x340 net/ipv6/mcast.c:2262
    [<ffffffff812afd6a>] process_one_work+0x2ba/0x650 kernel/workqueue.c:2405
    [<ffffffff812b06ed>] worker_thread+0x5d/0x5c0 kernel/workqueue.c:2552
    [<ffffffff812ba8b3>] kthread+0x133/0x180 kernel/kthread.c:379
    [<ffffffff810031cf>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

BUG: memory leak
unreferenced object 0xffff8881156ef800 (size 2048):
  comm "kworker/1:2", pid 2489, jiffies 4294970293 (age 197.220s)
  hex dump (first 32 bytes):
    00 00 33 33 00 00 00 16 aa aa aa aa aa 1b 86 dd  ..33............
    60 00 00 00 00 38 00 01 fe 80 00 00 00 00 00 00  `....8..........
  backtrace:
    [<ffffffff81545fdb>] __do_kmalloc_node mm/slab_common.c:965 [inline]
    [<ffffffff81545fdb>] __kmalloc_node_track_caller+0x4b/0x120 mm/slab_common.c:986
    [<ffffffff83dcb2cc>] kmalloc_reserve+0x9c/0x180 net/core/skbuff.c:585
    [<ffffffff83dce755>] __alloc_skb+0xd5/0x230 net/core/skbuff.c:654
    [<ffffffff83dd723f>] alloc_skb include/linux/skbuff.h:1288 [inline]
    [<ffffffff83dd723f>] alloc_skb_with_frags+0x6f/0x340 net/core/skbuff.c:6380
    [<ffffffff83dc40a3>] sock_alloc_send_pskb+0x3a3/0x3e0 net/core/sock.c:2729
    [<ffffffff842aaa01>] sock_alloc_send_skb include/net/sock.h:1872 [inline]
    [<ffffffff842aaa01>] mld_newpack.isra.0+0x81/0x220 net/ipv6/mcast.c:1748
    [<ffffffff842aac6c>] add_grhead+0xcc/0xf0 net/ipv6/mcast.c:1851
    [<ffffffff842ab463>] add_grec+0x7d3/0x840 net/ipv6/mcast.c:1989
    [<ffffffff842ab622>] mld_send_initial_cr.part.0.isra.0+0x52/0x80 net/ipv6/mcast.c:2236
    [<ffffffff842b1b35>] mld_send_initial_cr net/ipv6/mcast.c:1232 [inline]
    [<ffffffff842b1b35>] ipv6_mc_dad_complete+0xd5/0x2c0 net/ipv6/mcast.c:2247
    [<ffffffff8426e1f2>] addrconf_dad_completed+0x3e2/0x5d0 net/ipv6/addrconf.c:4234
    [<ffffffff8426e7b9>] addrconf_dad_work+0x3d9/0x920 net/ipv6/addrconf.c:4162
    [<ffffffff812afd6a>] process_one_work+0x2ba/0x650 kernel/workqueue.c:2405
    [<ffffffff812b06ed>] worker_thread+0x5d/0x5c0 kernel/workqueue.c:2552
    [<ffffffff812ba8b3>] kthread+0x133/0x180 kernel/kthread.c:379
    [<ffffffff810031cf>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

BUG: memory leak
unreferenced object 0xffff88810ad93d40 (size 640):
  comm "kworker/1:2", pid 2489, jiffies 4294970293 (age 197.220s)
  hex dump (first 32 bytes):
    00 00 33 33 00 00 00 02 aa aa aa aa aa 1b 86 dd  ..33............
    60 00 00 00 00 10 3a ff fe 80 00 00 00 00 00 00  `.....:.........
  backtrace:
    [<ffffffff83dcb316>] kmalloc_reserve+0xe6/0x180 net/core/skbuff.c:568
    [<ffffffff83dce755>] __alloc_skb+0xd5/0x230 net/core/skbuff.c:654
    [<ffffffff84293ef6>] alloc_skb include/linux/skbuff.h:1288 [inline]
    [<ffffffff84293ef6>] ndisc_alloc_skb+0x56/0x100 net/ipv6/ndisc.c:421
    [<ffffffff842994a0>] ndisc_send_rs+0x1c0/0x2a0 net/ipv6/ndisc.c:702
    [<ffffffff8426df8e>] addrconf_dad_completed+0x17e/0x5d0 net/ipv6/addrconf.c:4254
    [<ffffffff8426e7b9>] addrconf_dad_work+0x3d9/0x920 net/ipv6/addrconf.c:4162
    [<ffffffff812afd6a>] process_one_work+0x2ba/0x650 kernel/workqueue.c:2405
    [<ffffffff812b06ed>] worker_thread+0x5d/0x5c0 kernel/workqueue.c:2552
    [<ffffffff812ba8b3>] kthread+0x133/0x180 kernel/kthread.c:379
    [<ffffffff810031cf>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/17 22:15 upstream 1639fae5132b f3921d4d .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in ndisc_send_rs
* Struck through repros no longer work on HEAD.