From: syzbot <syzbot+6bf095f9becf5efef645@syzkaller.appspotmail.com>
To: davem@davemloft.net, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com,
xiyou.wangcong@gmail.com
Subject: memory leak in llc_ui_create (2)
Date: Fri, 21 Jun 2019 05:57:08 -0700 [thread overview]
Message-ID: <000000000000058a0f058bd50068@google.com> (raw)
Hello,
syzbot found the following crash on:
HEAD commit: abf02e29 Merge tag 'pm-5.2-rc6' of git://git.kernel.org/pu..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14cc10b1a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=56f1da14935c3cce
dashboard link: https://syzkaller.appspot.com/bug?extid=6bf095f9becf5efef645
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1698d45ea00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+6bf095f9becf5efef645@syzkaller.appspotmail.com
85.529503][ T7031] 8021q: adding VLAN 0 to HW filter on device batadv0
2019/06/20 19:36:46 executed programs: 1
2019/06/20 19:36:51 executed programs: 3
BUG: memory leak
unreferenced object 0xffff888118b8d800 (size 2048):
comm "syz-executor.0", pid 7054, jiffies 4295036362 (age 12.560s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............
backtrace:
[<000000004a3a66c0>] kmemleak_alloc_recursive
include/linux/kmemleak.h:43 [inline]
[<000000004a3a66c0>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<000000004a3a66c0>] slab_alloc mm/slab.c:3326 [inline]
[<000000004a3a66c0>] __do_kmalloc mm/slab.c:3658 [inline]
[<000000004a3a66c0>] __kmalloc+0x161/0x2c0 mm/slab.c:3669
[<00000000cc5a7d28>] kmalloc include/linux/slab.h:552 [inline]
[<00000000cc5a7d28>] sk_prot_alloc+0xd6/0x170 net/core/sock.c:1602
[<000000000c449f88>] sk_alloc+0x35/0x2f0 net/core/sock.c:1656
[<0000000008b99378>] llc_sk_alloc+0x35/0x170 net/llc/llc_conn.c:950
[<00000000d4e72aed>] llc_ui_create+0x7b/0x140 net/llc/af_llc.c:173
[<00000000d0bfef06>] __sock_create+0x164/0x250 net/socket.c:1424
[<0000000058cf7a3c>] sock_create net/socket.c:1475 [inline]
[<0000000058cf7a3c>] __sys_socket+0x69/0x110 net/socket.c:1517
[<000000003ce548ba>] __do_sys_socket net/socket.c:1526 [inline]
[<000000003ce548ba>] __se_sys_socket net/socket.c:1524 [inline]
[<000000003ce548ba>] __x64_sys_socket+0x1e/0x30 net/socket.c:1524
[<0000000029c8eba9>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<00000000dba589d4>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff888120dd7a00 (size 224):
comm "syz-executor.0", pid 7054, jiffies 4295036362 (age 12.560s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 10 0c 24 81 88 ff ff 00 d8 b8 18 81 88 ff ff ...$............
backtrace:
[<00000000b6c096c6>] kmemleak_alloc_recursive
include/linux/kmemleak.h:43 [inline]
[<00000000b6c096c6>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000b6c096c6>] slab_alloc_node mm/slab.c:3269 [inline]
[<00000000b6c096c6>] kmem_cache_alloc_node+0x153/0x2a0 mm/slab.c:3579
[<00000000556a01d4>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:194
[<0000000085622924>] alloc_skb include/linux/skbuff.h:1054 [inline]
[<0000000085622924>] alloc_skb_with_frags+0x5f/0x250
net/core/skbuff.c:5328
[<00000000ca5b438b>] sock_alloc_send_pskb+0x269/0x2a0
net/core/sock.c:2222
[<0000000044a5b8c6>] sock_alloc_send_skb+0x32/0x40 net/core/sock.c:2239
[<00000000b19d8ca2>] llc_ui_sendmsg+0x10a/0x540 net/llc/af_llc.c:933
[<00000000aaeaeaf3>] sock_sendmsg_nosec net/socket.c:646 [inline]
[<00000000aaeaeaf3>] sock_sendmsg+0x54/0x70 net/socket.c:665
[<000000009ae2ec20>] ___sys_sendmsg+0x393/0x3c0 net/socket.c:2286
[<000000003ac4094d>] __sys_sendmsg+0x80/0xf0 net/socket.c:2324
[<00000000d3b808ba>] __do_sys_sendmsg net/socket.c:2333 [inline]
[<00000000d3b808ba>] __se_sys_sendmsg net/socket.c:2331 [inline]
[<00000000d3b808ba>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2331
[<0000000029c8eba9>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<00000000dba589d4>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff8881178e3800 (size 512):
comm "syz-executor.0", pid 7054, jiffies 4295036362 (age 12.560s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 ad ad f3 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000baa5fe0c>] kmemleak_alloc_recursive
include/linux/kmemleak.h:43 [inline]
[<00000000baa5fe0c>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000baa5fe0c>] slab_alloc_node mm/slab.c:3269 [inline]
[<00000000baa5fe0c>] kmem_cache_alloc_node_trace+0x15b/0x2a0
mm/slab.c:3597
[<00000000ef42ca2e>] __do_kmalloc_node mm/slab.c:3619 [inline]
[<00000000ef42ca2e>] __kmalloc_node_track_caller+0x38/0x50
mm/slab.c:3634
[<00000000792340d3>] __kmalloc_reserve.isra.0+0x40/0xb0
net/core/skbuff.c:138
[<000000003b989a40>] __alloc_skb+0xa0/0x210 net/core/skbuff.c:206
[<0000000085622924>] alloc_skb include/linux/skbuff.h:1054 [inline]
[<0000000085622924>] alloc_skb_with_frags+0x5f/0x250
net/core/skbuff.c:5328
[<00000000ca5b438b>] sock_alloc_send_pskb+0x269/0x2a0
net/core/sock.c:2222
[<0000000044a5b8c6>] sock_alloc_send_skb+0x32/0x40 net/core/sock.c:2239
[<00000000b19d8ca2>] llc_ui_sendmsg+0x10a/0x540 net/llc/af_llc.c:933
[<00000000aaeaeaf3>] sock_sendmsg_nosec net/socket.c:646 [inline]
[<00000000aaeaeaf3>] sock_sendmsg+0x54/0x70 net/socket.c:665
[<000000009ae2ec20>] ___sys_sendmsg+0x393/0x3c0 net/socket.c:2286
[<000000003ac4094d>] __sys_sendmsg+0x80/0xf0 net/socket.c:2324
[<00000000d3b808ba>] __do_sys_sendmsg net/socket.c:2333 [inline]
[<00000000d3b808ba>] __se_sys_sendmsg net/socket.c:2331 [inline]
[<00000000d3b808ba>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2331
[<0000000029c8eba9>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<00000000dba589d4>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
next reply other threads:[~2019-06-21 12:57 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-21 12:57 syzbot [this message]
2019-07-17 8:09 ` memory leak in llc_ui_create (2) syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=000000000000058a0f058bd50068@google.com \
--to=syzbot+6bf095f9becf5efef645@syzkaller.appspotmail.com \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.