syzbot


memory leak in sctp_get_port_local

Status: fixed on 2019/08/05 13:45
Reported-by: syzbot+079bf326b38072f849d9@syzkaller.appspotmail.com
Fix commit: 9b6c08878e23 sctp: not bind the socket in sctp_connect
First crash: 1226d, last: 1158d
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in sctp_get_port_local (2) C 34 1095d 1153d 14/24 fixed on 2019/10/09 10:54
upstream memory leak in sctp_get_port_local (3) C 4 1080d 1086d 14/24 fixed on 2019/11/04 14:50

Sample crash report:
executing program
BUG: memory leak
unreferenced object 0xffff88812530d380 (size 64):
  comm "syz-executor157", pid 7027, jiffies 4294948873 (age 14.160s)
  hex dump (first 32 bytes):
    23 4e 00 00 0f 86 d6 04 00 00 00 00 00 00 00 00  #N..............
    48 cd e2 24 81 88 ff ff 00 00 00 00 00 00 00 00  H..$............
  backtrace:
    [<00000000024baf51>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<00000000024baf51>] slab_post_alloc_hook mm/slab.h:522 [inline]
    [<00000000024baf51>] slab_alloc mm/slab.c:3319 [inline]
    [<00000000024baf51>] kmem_cache_alloc+0x13f/0x2c0 mm/slab.c:3483
    [<0000000027b55ef8>] sctp_bucket_create net/sctp/socket.c:8374 [inline]
    [<0000000027b55ef8>] sctp_get_port_local+0x189/0x5b0 net/sctp/socket.c:8121
    [<00000000191c31d9>] sctp_do_bind+0xcc/0x1e0 net/sctp/socket.c:402
    [<00000000a150b8f8>] sctp_bindx_add+0x4b/0xd0 net/sctp/socket.c:496
    [<00000000cd5e6687>] sctp_setsockopt_bindx+0x18b/0x1f0 net/sctp/socket.c:1023
    [<0000000077086a48>] sctp_setsockopt net/sctp/socket.c:4635 [inline]
    [<0000000077086a48>] sctp_setsockopt+0x924/0x2bd0 net/sctp/socket.c:4605
    [<000000005a3593aa>] sock_common_setsockopt+0x38/0x50 net/core/sock.c:3130
    [<0000000074597073>] __sys_setsockopt+0x10f/0x220 net/socket.c:2084
    [<00000000fb76dbd5>] __do_sys_setsockopt net/socket.c:2100 [inline]
    [<00000000fb76dbd5>] __se_sys_setsockopt net/socket.c:2097 [inline]
    [<00000000fb76dbd5>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2097
    [<000000007ca4e96b>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:296
    [<000000006e970357>] entry_SYSCALL_64_after_hwframe+0x44/0xa9


Crashes (28):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-gce-leak 2019/08/04 01:04 upstream dcb8cfbd8fe9 6affd8e8 .config log report syz C
ci-upstream-gce-leak 2019/07/26 02:53 upstream 6789f873ed37 732bc5a0 .config log report syz C
ci-upstream-gce-leak 2019/07/25 09:22 upstream bed38c3e2dca 32329ceb .config log report syz C
ci-upstream-gce-leak 2019/07/25 03:23 upstream bed38c3e2dca 32329ceb .config log report syz C
ci-upstream-gce-leak 2019/07/24 17:04 upstream c6dd78fcb8ee 32329ceb .config log report syz C
ci-upstream-gce-leak 2019/07/23 22:02 upstream c6dd78fcb8ee de453f34 .config log report syz C
ci-upstream-gce-leak 2019/07/23 01:26 upstream c6dd78fcb8ee 55e0c077 .config log report syz C
ci-upstream-gce-leak 2019/07/22 19:24 upstream c6dd78fcb8ee b3c615f5 .config log report syz C
ci-upstream-gce-leak 2019/07/22 00:53 upstream c6dd78fcb8ee 1656845f .config log report syz C
ci-upstream-gce-leak 2019/07/21 01:34 upstream c6dd78fcb8ee 1656845f .config log report syz C
ci-upstream-gce-leak 2019/07/20 12:54 upstream abdfd52a295f 1656845f .config log report syz C
ci-upstream-gce-leak 2019/07/19 20:14 upstream 3bfe1fc46794 1656845f .config log report syz C
ci-upstream-gce-leak 2019/07/08 19:46 upstream 0ecfebd2b524 f62e1e85 .config log report syz C
ci-upstream-gce-leak 2019/07/07 16:11 upstream 46713c3d2f8d f62e1e85 .config log report syz C
ci-upstream-gce-leak 2019/07/04 13:28 upstream 550d1f5bda33 55565fa0 .config log report syz C
ci-upstream-gce-leak 2019/06/29 17:12 upstream 01305db842e1 7509bf36 .config log report syz C
ci-upstream-gce-leak 2019/06/28 09:51 upstream c84afab02c31 7509bf36 .config log report syz C
ci-upstream-gce-leak 2019/06/26 06:25 upstream 249155c20f9b 0a8d1a96 .config log report syz C
ci-upstream-gce-leak 2019/06/21 04:59 upstream abf02e2964b3 34bf9440 .config log report syz C
ci-upstream-gce-leak 2019/06/18 02:08 upstream 9e0babf2c06c 442206d7 .config log report syz C
ci-upstream-gce-leak 2019/06/12 12:45 upstream aa7235483a83 794a1ad7 .config log report syz C
ci-upstream-gce-leak 2019/06/06 14:23 upstream 156c05917e09 a547defc .config log report syz C
ci-upstream-gce-leak 2019/06/03 02:50 upstream 9221dced3069 53c81ea5 .config log report syz C
ci-upstream-gce-leak 2019/05/29 01:16 upstream 9fb67d643f6f 6bd61501 .config log report syz C
ci-upstream-gce-leak 2019/05/28 21:32 upstream 9fb67d643f6f 6bd61501 .config log report syz C
ci-upstream-gce-leak 2019/05/28 05:38 upstream cd6c84d8f0cd 6bd61501 .config log report syz C
ci-upstream-gce-leak 2019/05/28 01:15 upstream cd6c84d8f0cd 6bd61501 .config log report syz C
ci-upstream-gce-leak 2019/07/25 04:28 upstream bed38c3e2dca 32329ceb .config log report syz
* Struck through repros no longer work on HEAD.