syzbot

 sign-in | mailing list | source | docs
🐞 Open [1006] Subsystems 🐞 Fixed [5250] 🐞 Invalid [12557] Missing Backports [84] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

memory leak in skb_clone (2)

Status: auto-obsoleted due to no activity on 2024/01/29 21:56
Subsystems: batman
[Documentation on labels]
Reported-by: syzbot+92f9b5fba2df252a3569@syzkaller.appspotmail.com
First crash: 252d, last: 193d
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] Monthly batman report (Oct 2023) 0 (1) 2023/10/09 09:23
[syzbot] [batman?] memory leak in skb_clone (2) 0 (1) 2023/08/28 02:35
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in skb_clone wpan C 2 1013d 1118d 20/26 fixed on 2021/11/10 00:50
Last patch testing requests (3)
Created Duration User Patch Repo Result
2023/12/31 01:03 15m retest repro upstream OK log
2023/10/21 21:34 21m retest repro upstream report log
2023/09/08 07:53 24m retest repro upstream OK log

Sample crash report:
2023/10/07 05:00:36 executed programs: 145
BUG: memory leak
unreferenced object 0xffff88811a575300 (size 240):
  comm "kworker/u4:3", pid 56, jiffies 4295047880 (age 273.390s)
  hex dump (first 32 bytes):
    00 57 57 1a 81 88 ff ff 00 00 00 00 00 00 00 00  .WW.............
    00 f0 e2 19 81 88 ff ff 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff83eb30ba>] skb_clone+0xaa/0x190 net/core/skbuff.c:1911
    [<ffffffff84a008cf>] batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:387 [inline]
    [<ffffffff84a008cf>] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]
    [<ffffffff84a008cf>] batadv_iv_send_outstanding_bat_ogm_packet+0x2ef/0x370 net/batman-adv/bat_iv_ogm.c:1700
    [<ffffffff812c8d9d>] process_one_work+0x23d/0x530 kernel/workqueue.c:2630
    [<ffffffff812c99c7>] process_scheduled_works kernel/workqueue.c:2703 [inline]
    [<ffffffff812c99c7>] worker_thread+0x327/0x590 kernel/workqueue.c:2784
    [<ffffffff812d6d9b>] kthread+0x12b/0x170 kernel/kthread.c:388
    [<ffffffff81149f85>] ret_from_fork+0x45/0x50 arch/x86/kernel/process.c:147
    [<ffffffff81002be1>] ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304

BUG: memory leak
unreferenced object 0xffff88811a5c8000 (size 1024):
  comm "kworker/u4:3", pid 56, jiffies 4295047880 (age 273.390s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8157467c>] __do_kmalloc_node mm/slab_common.c:1022 [inline]
    [<ffffffff8157467c>] __kmalloc_node_track_caller+0x4c/0x150 mm/slab_common.c:1043
    [<ffffffff83ea9586>] kmalloc_reserve+0x96/0x170 net/core/skbuff.c:581
    [<ffffffff83eb1728>] pskb_expand_head+0xd8/0x5f0 net/core/skbuff.c:2093
    [<ffffffff84a2dbff>] __skb_cow include/linux/skbuff.h:3586 [inline]
    [<ffffffff84a2dbff>] skb_cow_head include/linux/skbuff.h:3620 [inline]
    [<ffffffff84a2dbff>] batadv_skb_head_push+0x8f/0x110 net/batman-adv/soft-interface.c:72
    [<ffffffff84a2b643>] batadv_send_skb_packet+0x83/0x1c0 net/batman-adv/send.c:86
    [<ffffffff84a0090a>] batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]
    [<ffffffff84a0090a>] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]
    [<ffffffff84a0090a>] batadv_iv_send_outstanding_bat_ogm_packet+0x32a/0x370 net/batman-adv/bat_iv_ogm.c:1700
    [<ffffffff812c8d9d>] process_one_work+0x23d/0x530 kernel/workqueue.c:2630
    [<ffffffff812c99c7>] process_scheduled_works kernel/workqueue.c:2703 [inline]
    [<ffffffff812c99c7>] worker_thread+0x327/0x590 kernel/workqueue.c:2784
    [<ffffffff812d6d9b>] kthread+0x12b/0x170 kernel/kthread.c:388
    [<ffffffff81149f85>] ret_from_fork+0x45/0x50 arch/x86/kernel/process.c:147
    [<ffffffff81002be1>] ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304

BUG: memory leak
unreferenced object 0xffff88811a575400 (size 240):
  comm "kworker/u4:3", pid 56, jiffies 4295047880 (age 273.390s)
  hex dump (first 32 bytes):
    00 53 57 1a 81 88 ff ff 00 00 00 00 00 00 00 00  .SW.............
    00 f0 e2 19 81 88 ff ff 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff83eb30ba>] skb_clone+0xaa/0x190 net/core/skbuff.c:1911
    [<ffffffff83fdf06d>] netem_enqueue+0xccd/0x1490 net/sched/sch_netem.c:487
    [<ffffffff83ed62e5>] dev_qdisc_enqueue+0x25/0xf0 net/core/dev.c:3739
    [<ffffffff83ee0a0f>] __dev_xmit_skb net/core/dev.c:3828 [inline]
    [<ffffffff83ee0a0f>] __dev_queue_xmit+0xd1f/0x17a0 net/core/dev.c:4306
    [<ffffffff84a2b710>] dev_queue_xmit include/linux/netdevice.h:3082 [inline]
    [<ffffffff84a2b710>] batadv_send_skb_packet+0x150/0x1c0 net/batman-adv/send.c:108
    [<ffffffff84a0090a>] batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]
    [<ffffffff84a0090a>] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]
    [<ffffffff84a0090a>] batadv_iv_send_outstanding_bat_ogm_packet+0x32a/0x370 net/batman-adv/bat_iv_ogm.c:1700
    [<ffffffff812c8d9d>] process_one_work+0x23d/0x530 kernel/workqueue.c:2630
    [<ffffffff812c99c7>] process_scheduled_works kernel/workqueue.c:2703 [inline]
    [<ffffffff812c99c7>] worker_thread+0x327/0x590 kernel/workqueue.c:2784
    [<ffffffff812d6d9b>] kthread+0x12b/0x170 kernel/kthread.c:388
    [<ffffffff81149f85>] ret_from_fork+0x45/0x50 arch/x86/kernel/process.c:147
    [<ffffffff81002be1>] ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304

BUG: memory leak
unreferenced object 0xffff88811a575600 (size 240):
  comm "kworker/u4:3", pid 56, jiffies 4295047880 (age 273.390s)
  hex dump (first 32 bytes):
    00 5d 57 1a 81 88 ff ff 00 00 00 00 00 00 00 00  .]W.............
    00 f0 e2 19 81 88 ff ff 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff83eb30ba>] skb_clone+0xaa/0x190 net/core/skbuff.c:1911
    [<ffffffff84a008cf>] batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:387 [inline]
    [<ffffffff84a008cf>] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]
    [<ffffffff84a008cf>] batadv_iv_send_outstanding_bat_ogm_packet+0x2ef/0x370 net/batman-adv/bat_iv_ogm.c:1700
    [<ffffffff812c8d9d>] process_one_work+0x23d/0x530 kernel/workqueue.c:2630
    [<ffffffff812c99c7>] process_scheduled_works kernel/workqueue.c:2703 [inline]
    [<ffffffff812c99c7>] worker_thread+0x327/0x590 kernel/workqueue.c:2784
    [<ffffffff812d6d9b>] kthread+0x12b/0x170 kernel/kthread.c:388
    [<ffffffff81149f85>] ret_from_fork+0x45/0x50 arch/x86/kernel/process.c:147
    [<ffffffff81002be1>] ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304

BUG: memory leak
unreferenced object 0xffff88811a5ca000 (size 1024):
  comm "kworker/u4:3", pid 56, jiffies 4295047880 (age 273.390s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8157467c>] __do_kmalloc_node mm/slab_common.c:1022 [inline]
    [<ffffffff8157467c>] __kmalloc_node_track_caller+0x4c/0x150 mm/slab_common.c:1043
    [<ffffffff83ea9586>] kmalloc_reserve+0x96/0x170 net/core/skbuff.c:581
    [<ffffffff83eb1728>] pskb_expand_head+0xd8/0x5f0 net/core/skbuff.c:2093
    [<ffffffff84a2dbff>] __skb_cow include/linux/skbuff.h:3586 [inline]
    [<ffffffff84a2dbff>] skb_cow_head include/linux/skbuff.h:3620 [inline]
    [<ffffffff84a2dbff>] batadv_skb_head_push+0x8f/0x110 net/batman-adv/soft-interface.c:72
    [<ffffffff84a2b643>] batadv_send_skb_packet+0x83/0x1c0 net/batman-adv/send.c:86
    [<ffffffff84a0090a>] batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]
    [<ffffffff84a0090a>] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]
    [<ffffffff84a0090a>] batadv_iv_send_outstanding_bat_ogm_packet+0x32a/0x370 net/batman-adv/bat_iv_ogm.c:1700
    [<ffffffff812c8d9d>] process_one_work+0x23d/0x530 kernel/workqueue.c:2630
    [<ffffffff812c99c7>] process_scheduled_works kernel/workqueue.c:2703 [inline]
    [<ffffffff812c99c7>] worker_thread+0x327/0x590 kernel/workqueue.c:2784
    [<ffffffff812d6d9b>] kthread+0x12b/0x170 kernel/kthread.c:388
    [<ffffffff81149f85>] ret_from_fork+0x45/0x50 arch/x86/kernel/process.c:147
    [<ffffffff81002be1>] ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/10/07 05:11 upstream af95dc6fdc25 ea12a918 .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in skb_clone
2023/08/24 02:23 upstream a5e505a99ca7 4d7ae7ab .config console log report syz [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in skb_clone
* Struck through repros no longer work on HEAD.