* memory leak in batadv_tvlv_handler_register
@ 2019-05-21 13:39 syzbot
2019-05-21 19:58 ` [PATCH net] batadv: fix for leaked TVLV handler Jeremy Sowden
0 siblings, 1 reply; 5+ messages in thread
From: syzbot @ 2019-05-21 13:39 UTC (permalink / raw)
To: a, b.a.t.m.a.n, davem, linux-kernel, mareklindner, netdev, sw,
syzkaller-bugs
Hello,
syzbot found the following crash on:
HEAD commit: f49aa1de Merge tag 'for-5.2-rc1-tag' of git://git.kernel.o..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16ca4654a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=61dd9e15a761691d
dashboard link: https://syzkaller.appspot.com/bug?extid=d454a826e670502484b8
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17b81d9ca00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1500bd9ca00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d454a826e670502484b8@syzkaller.appspotmail.com
57.000820][ T7044] team0 (unregistering): Port device team_slave_0
removed
BUG: memory leak
unreferenced object 0xffff888113c48bc0 (size 64):
comm "softirq", pid 0, jiffies 4294942488 (age 34.850s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 cc 4c 13 81 88 ff ff ..........L.....
00 00 00 00 00 00 00 00 a0 81 15 83 ff ff ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004b89e436>] kmalloc include/linux/slab.h:547 [inline]
[<000000004b89e436>] kzalloc include/linux/slab.h:742 [inline]
[<000000004b89e436>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<00000000b3d9e02d>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009ae2cc39>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<000000005fc0d64d>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<00000000ecdf3bd4>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000f14c9819>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3203
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff888114921200 (size 128):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 33.900s)
hex dump (first 32 bytes):
f0 a8 c1 12 81 88 ff ff f0 a8 c1 12 81 88 ff ff ................
0a 57 ac 57 c4 a5 6e 00 af d0 6c 97 81 88 ff ff .W.W..n...l.....
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004cc7ff0e>] kmalloc include/linux/slab.h:547 [inline]
[<000000004cc7ff0e>] hsr_create_self_node+0x42/0x150
net/hsr/hsr_framereg.c:84
[<0000000015dc75a8>] hsr_dev_finalize+0xa4/0x233
net/hsr/hsr_device.c:441
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff88811483f940 (size 64):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 33.900s)
hex dump (first 32 bytes):
c0 e3 11 16 81 88 ff ff 00 02 00 00 00 00 ad de ................
00 a0 c1 12 81 88 ff ff c0 a8 c1 12 81 88 ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<00000000fda8b63f>] kmalloc include/linux/slab.h:547 [inline]
[<00000000fda8b63f>] kzalloc include/linux/slab.h:742 [inline]
[<00000000fda8b63f>] hsr_add_port+0xe7/0x220 net/hsr/hsr_slave.c:142
[<000000009bd8bf70>] hsr_dev_finalize+0x14f/0x233
net/hsr/hsr_device.c:472
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff888113c48bc0 (size 64):
comm "softirq", pid 0, jiffies 4294942488 (age 36.440s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 cc 4c 13 81 88 ff ff ..........L.....
00 00 00 00 00 00 00 00 a0 81 15 83 ff ff ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004b89e436>] kmalloc include/linux/slab.h:547 [inline]
[<000000004b89e436>] kzalloc include/linux/slab.h:742 [inline]
[<000000004b89e436>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<00000000b3d9e02d>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009ae2cc39>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<000000005fc0d64d>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<00000000ecdf3bd4>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000f14c9819>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3203
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff888114921200 (size 128):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 35.490s)
hex dump (first 32 bytes):
f0 a8 c1 12 81 88 ff ff f0 a8 c1 12 81 88 ff ff ................
0a 57 ac 57 c4 a5 6e 00 af d0 6c 97 81 88 ff ff .W.W..n...l.....
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004cc7ff0e>] kmalloc include/linux/slab.h:547 [inline]
[<000000004cc7ff0e>] hsr_create_self_node+0x42/0x150
net/hsr/hsr_framereg.c:84
[<0000000015dc75a8>] hsr_dev_finalize+0xa4/0x233
net/hsr/hsr_device.c:441
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff88811483f940 (size 64):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 35.490s)
hex dump (first 32 bytes):
c0 e3 11 16 81 88 ff ff 00 02 00 00 00 00 ad de ................
00 a0 c1 12 81 88 ff ff c0 a8 c1 12 81 88 ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<00000000fda8b63f>] kmalloc include/linux/slab.h:547 [inline]
[<00000000fda8b63f>] kzalloc include/linux/slab.h:742 [inline]
[<00000000fda8b63f>] hsr_add_port+0xe7/0x220 net/hsr/hsr_slave.c:142
[<000000009bd8bf70>] hsr_dev_finalize+0x14f/0x233
net/hsr/hsr_device.c:472
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff888113c48bc0 (size 64):
comm "softirq", pid 0, jiffies 4294942488 (age 38.040s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 cc 4c 13 81 88 ff ff ..........L.....
00 00 00 00 00 00 00 00 a0 81 15 83 ff ff ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004b89e436>] kmalloc include/linux/slab.h:547 [inline]
[<000000004b89e436>] kzalloc include/linux/slab.h:742 [inline]
[<000000004b89e436>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<00000000b3d9e02d>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009ae2cc39>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<000000005fc0d64d>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<00000000ecdf3bd4>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000f14c9819>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3203
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff888114921200 (size 128):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.090s)
hex dump (first 32 bytes):
f0 a8 c1 12 81 88 ff ff f0 a8 c1 12 81 88 ff ff ................
0a 57 ac 57 c4 a5 6e 00 af d0 6c 97 81 88 ff ff .W.W..n...l.....
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004cc7ff0e>] kmalloc include/linux/slab.h:547 [inline]
[<000000004cc7ff0e>] hsr_create_self_node+0x42/0x150
net/hsr/hsr_framereg.c:84
[<0000000015dc75a8>] hsr_dev_finalize+0xa4/0x233
net/hsr/hsr_device.c:441
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff88811483f940 (size 64):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.090s)
hex dump (first 32 bytes):
c0 e3 11 16 81 88 ff ff 00 02 00 00 00 00 ad de ................
00 a0 c1 12 81 88 ff ff c0 a8 c1 12 81 88 ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<00000000fda8b63f>] kmalloc include/linux/slab.h:547 [inline]
[<00000000fda8b63f>] kzalloc include/linux/slab.h:742 [inline]
[<00000000fda8b63f>] hsr_add_port+0xe7/0x220 net/hsr/hsr_slave.c:142
[<000000009bd8bf70>] hsr_dev_finalize+0x14f/0x233
net/hsr/hsr_device.c:472
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff888113c48bc0 (size 64):
comm "softirq", pid 0, jiffies 4294942488 (age 38.130s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 cc 4c 13 81 88 ff ff ..........L.....
00 00 00 00 00 00 00 00 a0 81 15 83 ff ff ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004b89e436>] kmalloc include/linux/slab.h:547 [inline]
[<000000004b89e436>] kzalloc include/linux/slab.h:742 [inline]
[<000000004b89e436>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<00000000b3d9e02d>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009ae2cc39>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<000000005fc0d64d>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<00000000ecdf3bd4>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000f14c9819>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3203
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff888114921200 (size 128):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.180s)
hex dump (first 32 bytes):
f0 a8 c1 12 81 88 ff ff f0 a8 c1 12 81 88 ff ff ................
0a 57 ac 57 c4 a5 6e 00 af d0 6c 97 81 88 ff ff .W.W..n...l.....
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004cc7ff0e>] kmalloc include/linux/slab.h:547 [inline]
[<000000004cc7ff0e>] hsr_create_self_node+0x42/0x150
net/hsr/hsr_framereg.c:84
[<0000000015dc75a8>] hsr_dev_finalize+0xa4/0x233
net/hsr/hsr_device.c:441
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff88811483f940 (size 64):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.180s)
hex dump (first 32 bytes):
c0 e3 11 16 81 88 ff ff 00 02 00 00 00 00 ad de ................
00 a0 c1 12 81 88 ff ff c0 a8 c1 12 81 88 ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<00000000fda8b63f>] kmalloc include/linux/slab.h:547 [inline]
[<00000000fda8b63f>] kzalloc include/linux/slab.h:742 [inline]
[<00000000fda8b63f>] hsr_add_port+0xe7/0x220 net/hsr/hsr_slave.c:142
[<000000009bd8bf70>] hsr_dev_finalize+0x14f/0x233
net/hsr/hsr_device.c:472
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff888113c48bc0 (size 64):
comm "softirq", pid 0, jiffies 4294942488 (age 38.210s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 cc 4c 13 81 88 ff ff ..........L.....
00 00 00 00 00 00 00 00 a0 81 15 83 ff ff ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004b89e436>] kmalloc include/linux/slab.h:547 [inline]
[<000000004b89e436>] kzalloc include/linux/slab.h:742 [inline]
[<000000004b89e436>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<00000000b3d9e02d>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009ae2cc39>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<000000005fc0d64d>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<00000000ecdf3bd4>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000f14c9819>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3203
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff888114921200 (size 128):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.260s)
hex dump (first 32 bytes):
f0 a8 c1 12 81 88 ff ff f0 a8 c1 12 81 88 ff ff ................
0a 57 ac 57 c4 a5 6e 00 af d0 6c 97 81 88 ff ff .W.W..n...l.....
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004cc7ff0e>] kmalloc include/linux/slab.h:547 [inline]
[<000000004cc7ff0e>] hsr_create_self_node+0x42/0x150
net/hsr/hsr_framereg.c:84
[<0000000015dc75a8>] hsr_dev_finalize+0xa4/0x233
net/hsr/hsr_device.c:441
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff88811483f940 (size 64):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.260s)
hex dump (first 32 bytes):
c0 e3 11 16 81 88 ff ff 00 02 00 00 00 00 ad de ................
00 a0 c1 12 81 88 ff ff c0 a8 c1 12 81 88 ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<00000000fda8b63f>] kmalloc include/linux/slab.h:547 [inline]
[<00000000fda8b63f>] kzalloc include/linux/slab.h:742 [inline]
[<00000000fda8b63f>] hsr_add_port+0xe7/0x220 net/hsr/hsr_slave.c:142
[<000000009bd8bf70>] hsr_dev_finalize+0x14f/0x233
net/hsr/hsr_device.c:472
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff888113c48bc0 (size 64):
comm "softirq", pid 0, jiffies 4294942488 (age 38.290s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 cc 4c 13 81 88 ff ff ..........L.....
00 00 00 00 00 00 00 00 a0 81 15 83 ff ff ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004b89e436>] kmalloc include/linux/slab.h:547 [inline]
[<000000004b89e436>] kzalloc include/linux/slab.h:742 [inline]
[<000000004b89e436>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<00000000b3d9e02d>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009ae2cc39>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<000000005fc0d64d>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<00000000ecdf3bd4>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000f14c9819>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3203
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff888114921200 (size 128):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.350s)
hex dump (first 32 bytes):
f0 a8 c1 12 81 88 ff ff f0 a8 c1 12 81 88 ff ff ................
0a 57 ac 57 c4 a5 6e 00 af d0 6c 97 81 88 ff ff .W.W..n...l.....
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<000000004cc7ff0e>] kmalloc include/linux/slab.h:547 [inline]
[<000000004cc7ff0e>] hsr_create_self_node+0x42/0x150
net/hsr/hsr_framereg.c:84
[<0000000015dc75a8>] hsr_dev_finalize+0xa4/0x233
net/hsr/hsr_device.c:441
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff88811483f940 (size 64):
comm "syz-executor123", pid 7016, jiffies 4294942583 (age 37.350s)
hex dump (first 32 bytes):
c0 e3 11 16 81 88 ff ff 00 02 00 00 00 00 ad de ................
00 a0 c1 12 81 88 ff ff c0 a8 c1 12 81 88 ff ff ................
backtrace:
[<00000000e8f47afd>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000e8f47afd>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000e8f47afd>] slab_alloc mm/slab.c:3326 [inline]
[<00000000e8f47afd>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
[<00000000fda8b63f>] kmalloc include/linux/slab.h:547 [inline]
[<00000000fda8b63f>] kzalloc include/linux/slab.h:742 [inline]
[<00000000fda8b63f>] hsr_add_port+0xe7/0x220 net/hsr/hsr_slave.c:142
[<000000009bd8bf70>] hsr_dev_finalize+0x14f/0x233
net/hsr/hsr_device.c:472
[<00000000cb1acb7e>] hsr_newlink+0xf3/0x140 net/hsr/hsr_netlink.c:69
[<00000000e468583b>] __rtnl_newlink+0x892/0xb30
net/core/rtnetlink.c:3191
[<000000008fd2d6fa>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3249
[<0000000029fa04eb>] rtnetlink_rcv_msg+0x178/0x4b0
net/core/rtnetlink.c:5218
[<0000000092499169>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<0000000072c4499d>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5236
[<00000000f89d63a1>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<00000000f89d63a1>] netlink_unicast+0x1ec/0x2d0
net/netlink/af_netlink.c:1337
[<000000006e2fb165>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<0000000068f29576>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<0000000068f29576>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000707b1f6b>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<0000000015b6ba89>] __do_sys_sendto net/socket.c:1976 [inline]
[<0000000015b6ba89>] __se_sys_sendto net/socket.c:1972 [inline]
[<0000000015b6ba89>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
[<00000000b8ae154c>] do_syscall_64+0x76/0x1a0
arch/x86/entry/common.c:301
[<000000002d5a7be6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
executing program
executing program
executing program
executing program
executing program
executing program
executing program
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH net] batadv: fix for leaked TVLV handler.
2019-05-21 13:39 memory leak in batadv_tvlv_handler_register syzbot
@ 2019-05-21 19:58 ` Jeremy Sowden
2019-05-21 20:48 ` Sven Eckelmann
0 siblings, 1 reply; 5+ messages in thread
From: Jeremy Sowden @ 2019-05-21 19:58 UTC (permalink / raw)
To: b.a.t.m.a.n, netdev, Marek Lindner, Simon Wunderlich,
Antonio Quartulli, David S. Miller
Cc: syzbot+d454a826e670502484b8
A handler for BATADV_TVLV_ROAM was being registered when the
translation-table was initialized, but not unregistered when the
translation-table was freed. Unregister it.
Reported-by: syzbot+d454a826e670502484b8@syzkaller.appspotmail.com
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
net/batman-adv/translation-table.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c
index 1ddfd5e011ee..8a482c5ec67b 100644
--- a/net/batman-adv/translation-table.c
+++ b/net/batman-adv/translation-table.c
@@ -3813,6 +3813,8 @@ static void batadv_tt_purge(struct work_struct *work)
*/
void batadv_tt_free(struct batadv_priv *bat_priv)
{
+ batadv_tvlv_handler_unregister(bat_priv, BATADV_TVLV_ROAM, 1);
+
batadv_tvlv_container_unregister(bat_priv, BATADV_TVLV_TT, 1);
batadv_tvlv_handler_unregister(bat_priv, BATADV_TVLV_TT, 1);
--
2.20.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH net] batadv: fix for leaked TVLV handler.
2019-05-21 19:58 ` [PATCH net] batadv: fix for leaked TVLV handler Jeremy Sowden
@ 2019-05-21 20:48 ` Sven Eckelmann
2019-05-24 7:56 ` Sven Eckelmann
0 siblings, 1 reply; 5+ messages in thread
From: Sven Eckelmann @ 2019-05-21 20:48 UTC (permalink / raw)
To: b.a.t.m.a.n
Cc: Jeremy Sowden, netdev, Marek Lindner, Simon Wunderlich,
Antonio Quartulli, David S. Miller, syzbot+d454a826e670502484b8
[-- Attachment #1: Type: text/plain, Size: 542 bytes --]
On Tuesday, 21 May 2019 21:58:57 CEST Jeremy Sowden wrote:
> A handler for BATADV_TVLV_ROAM was being registered when the
> translation-table was initialized, but not unregistered when the
> translation-table was freed. Unregister it.
>
> Reported-by: syzbot+d454a826e670502484b8@syzkaller.appspotmail.com
> Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Fixes: 122edaa05940 ("batman-adv: tvlv - convert roaming adv packet to use tvlv unicast packets")
@Marek, @Antonio, please check whether this looks good to you.
Kind regards,
Sven
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net] batadv: fix for leaked TVLV handler.
2019-05-21 20:48 ` Sven Eckelmann
@ 2019-05-24 7:56 ` Sven Eckelmann
2019-05-24 9:59 ` [PATCH net v2] batman-adv: " Jeremy Sowden
0 siblings, 1 reply; 5+ messages in thread
From: Sven Eckelmann @ 2019-05-24 7:56 UTC (permalink / raw)
To: b.a.t.m.a.n
Cc: Jeremy Sowden, Marek Lindner, netdev,
syzbot+d454a826e670502484b8, Antonio Quartulli, David S. Miller
[-- Attachment #1: Type: text/plain, Size: 1086 bytes --]
On Tuesday, 21 May 2019 22:48:32 CEST Sven Eckelmann wrote:
> Fixes: 122edaa05940 ("batman-adv: tvlv - convert roaming adv packet to use tvlv unicast packets")
This patch was queued up [1] for submission but it is the only queued patch at
the moment. And I already saw that David marked this patch as "Under review"
in patchwork [2]. May I ask whether this means that you (David) would directly
apply it (unless there are objections)? If so then we could save ourselves an
extra PR for just this patch. Just depends on what you (David) prefers.
Reviewed-by: Sven Eckelmann <sven@narfation.org>
The only adjustments I personally would like to see when it is applied:
* the Fixes: line
* prefix "batman-adv:" (at least this still seems the one which is usually
used for net/batman-adv/ related code)
But this isn't really a hard requirement and I also use the shorter
"batadv" all the time in other contexts
Kind regards,
Sven
[1] https://git.open-mesh.org/linux-merge.git/commit/17f78dd1bd624a4dd78ed5db3284a63ee807fcc3
[2] https://patchwork.ozlabs.org/patch/1102982/
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH net v2] batman-adv: fix for leaked TVLV handler.
2019-05-24 7:56 ` Sven Eckelmann
@ 2019-05-24 9:59 ` Jeremy Sowden
0 siblings, 0 replies; 5+ messages in thread
From: Jeremy Sowden @ 2019-05-24 9:59 UTC (permalink / raw)
To: b.a.t.m.a.n, netdev, Marek Lindner, Simon Wunderlich,
Antonio Quartulli, David S. Miller
Cc: syzbot+d454a826e670502484b8, Sven Eckelmann
A handler for BATADV_TVLV_ROAM was being registered when the
translation-table was initialized, but not unregistered when the
translation-table was freed. Unregister it.
Fixes: 122edaa05940 ("batman-adv: tvlv - convert roaming adv packet to use tvlv unicast packets")
Reported-by: syzbot+d454a826e670502484b8@syzkaller.appspotmail.com
Reviewed-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
Since v1.
* Added "Fixes:" tag.
* Added "Reviewed-by:" tag.
* Changed prefix to "batman-adv:".
net/batman-adv/translation-table.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c
index 1ddfd5e011ee..8a482c5ec67b 100644
--- a/net/batman-adv/translation-table.c
+++ b/net/batman-adv/translation-table.c
@@ -3813,6 +3813,8 @@ static void batadv_tt_purge(struct work_struct *work)
*/
void batadv_tt_free(struct batadv_priv *bat_priv)
{
+ batadv_tvlv_handler_unregister(bat_priv, BATADV_TVLV_ROAM, 1);
+
batadv_tvlv_container_unregister(bat_priv, BATADV_TVLV_TT, 1);
batadv_tvlv_handler_unregister(bat_priv, BATADV_TVLV_TT, 1);
--
2.20.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-05-24 9:59 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-21 13:39 memory leak in batadv_tvlv_handler_register syzbot
2019-05-21 19:58 ` [PATCH net] batadv: fix for leaked TVLV handler Jeremy Sowden
2019-05-21 20:48 ` Sven Eckelmann
2019-05-24 7:56 ` Sven Eckelmann
2019-05-24 9:59 ` [PATCH net v2] batman-adv: " Jeremy Sowden
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.