All of lore.kernel.org
 help / color / mirror / Atom feed
* Re: memory leak in create_ctx
       [not found] <20190609025641.11448-1-hdanton@sina.com>
@ 2019-06-11 11:45 ` Dmitry Vyukov
  2019-06-11 17:16   ` Jakub Kicinski
  0 siblings, 1 reply; 7+ messages in thread
From: Dmitry Vyukov @ 2019-06-11 11:45 UTC (permalink / raw)
  To: Hillf Danton
  Cc: syzbot, aviadye, borisp, Daniel Borkmann, davejwatson,
	David Miller, John Fastabend, LKML, netdev, syzkaller-bugs,
	Jakub Kicinski, bpf, Eric Biggers

,On Sun, Jun 9, 2019 at 4:56 AM Hillf Danton <hdanton@sina.com> wrote:
>
>
> Hi
>
> On Sat, 08 Jun 2019 12:13:06 -0700 (PDT) syzbot wrote:
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit:    79c3ba32 Merge tag 'drm-fixes-2019-06-07-1' of git://anong..
> > git tree:       upstream
> > console output: https://syzkaller.appspot.com/x/log.txt?x=170e0bfea00000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=d5c73825cbdc7326
> > dashboard link: https://syzkaller.appspot.com/bug?extid=06537213db7ba2745c4a
> > compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10aa806aa00000
> >
> > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > Reported-by: syzbot+06537213db7ba2745c4a@syzkaller.appspotmail.com
> >
> > IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
> > 2019/06/08 14:55:51 executed programs: 15
> > 2019/06/08 14:55:56 executed programs: 31
> > 2019/06/08 14:56:02 executed programs: 51
> > BUG: memory leak
> > unreferenced object 0xffff888117ceae00 (size 512):
> >    comm "syz-executor.3", pid 7233, jiffies 4294949016 (age 13.640s)
> >    hex dump (first 32 bytes):
> >      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> >      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> >    backtrace:
> >      [<00000000e6550967>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
> >      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
> >      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
> >      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
> >      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
> >      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
> >      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
> >      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
> >      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
> >      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
> >      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
> >      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60 net/ipv4/tcp.c:2784
> >      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
> >      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50 net/core/sock.c:3124
> >      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
> >      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
> >      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
> >      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
> >      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
> >      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> >
> > BUG: memory leak
> > unreferenced object 0xffff88810965dc00 (size 512):
> >    comm "syz-executor.2", pid 7235, jiffies 4294949016 (age 13.640s)
> >    hex dump (first 32 bytes):
> >      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> >      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> >    backtrace:
> >      [<00000000e6550967>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
> >      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
> >      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
> >      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
> >      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
> >      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
> >      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
> >      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
> >      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
> >      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
> >      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
> >      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60 net/ipv4/tcp.c:2784
> >      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
> >      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50 net/core/sock.c:3124
> >      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
> >      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
> >      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
> >      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
> >      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
> >      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> >
> > BUG: memory leak
> > unreferenced object 0xffff8881207d7600 (size 512):
> >    comm "syz-executor.5", pid 7244, jiffies 4294949019 (age 13.610s)
> >    hex dump (first 32 bytes):
> >      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> >      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> >    backtrace:
> >      [<00000000e6550967>] kmemleak_alloc_recursive include/linux/kmemleak.h:55 [inline]
> >      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
> >      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
> >      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
> >      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
> >      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
> >      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
> >      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
> >      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
> >      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
> >      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
> >      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60 net/ipv4/tcp.c:2784
> >      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
> >      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50 net/core/sock.c:3124
> >      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
> >      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
> >      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
> >      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
> >      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0 ntry/common.c:301
> >      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> >
> >
> >
> > ---
> > This bug is generated by a bot. It may contain errors.
> > See https://goo.gl/tpsmEJ for more information about syzbot.
> > syzbot engineers can be reached at syzkaller@googlegroups.com.
> >
> > syzbot will keep track of this bug report. See:
> > https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> > syzbot can test patches for this bug, for details see:
> > https://goo.gl/tpsmEJ#testing-patches
> >
> Ignore my noise if you have no interest seeing the syzbot report.
>
> The following tiny diff, made in the hope that it may help you perhaps
> handle the report, adds memory barriers before and after allocating ctx
> slab to check the current ctx, and returns it if valid.

Hi Hillf,

Do you see the bug? Jakub said he can't repro.
The repro has these suspicious bpf syscalls and there is currently
some nasty bpf bug that plagues us and leads to random assorted
splats.
I've run the repro as "./syz-execprog -repeat=0 -procs=6 repro"  and
in 10 mins I got the following splat, which indeed suggests a bpf bug.
But we of course can have both bpf stack overflow and a memory leak in tls.



2019/06/11 10:26:52 executed programs: 887
2019/06/11 10:26:57 executed programs: 899
2019/06/11 10:27:02 executed programs: 916
[  429.171049][ T9870] BUG: stack guard page was hit at
00000000a78467b9 (stack is 000000001452e9df..000000004fb93e51)
[  429.173714][ T9870] kernel stack overflow (double-fault): 0000 [#1]
PREEMPT SMP
[  429.174819][ T9870] CPU: 3 PID: 9870 Comm: syz-executor Not tainted
5.2.0-rc4+ #6
[  429.175901][ T9870] Hardware name: QEMU Standard PC (i440FX + PIIX,
1996), BIOS 1.10.2-1 04/01/2014
[  429.177215][ T9870] RIP: 0010:tcp_bpf_unhash+0xc/0x80
[  429.177950][ T9870] Code: 28 4c 89 ee 48 89 df ff 10 e8 30 56 66 fe
5b 41 5c 41 5d 41 5e 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 55 41
54 53 48 89 fb <e8> 0f 56 66 fe e8 6a bb 5f fe 4c 8b a3 80 02 00 00 4d
85 e4 74 2f
[  429.180707][ T9870] RSP: 0018:ffffc90003690000 EFLAGS: 00010293
[  429.181562][ T9870] RAX: ffff888066a72000 RBX: ffff88806695b640
RCX: ffffffff82c82f80
[  429.182681][ T9870] RDX: 0000000000000000 RSI: 0000000000000007
RDI: ffff88806695b640
[  429.183807][ T9870] RBP: ffffc90003690018 R08: 0000000000000000
R09: 0000000000000000
[  429.184931][ T9870] R10: ffffc90003693e70 R11: 0000000000000000
R12: ffffffff82c82f10
[  429.186104][ T9870] R13: 0000000000000007 R14: ffff88806695b710
R15: ffff88806695b710
[  429.187303][ T9870] FS:  00005555569fc940(0000)
GS:ffff88807db80000(0000) knlGS:0000000000000000
[  429.188678][ T9870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  429.189674][ T9870] CR2: ffffc9000368fff8 CR3: 00000000762bc002
CR4: 00000000007606e0
[  429.190880][ T9870] DR0: 0000000000000000 DR1: 0000000000000000
DR2: 0000000000000000
[  429.192094][ T9870] DR3: 0000000000000000 DR6: 00000000fffe0ff0
DR7: 0000000000000400
[  429.193295][ T9870] PKRU: 55555554
[  429.193829][ T9870] Call Trace:
[  429.194326][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.195020][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.195706][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.196400][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.197079][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.197773][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.198454][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.199148][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.199833][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.200527][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.201208][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.201909][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.202590][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.203283][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.203973][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.204667][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.205347][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.206041][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.206721][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.207418][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.208100][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.208794][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.209474][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.210167][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.210846][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.211548][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.212228][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.212920][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.213600][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.214292][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.214973][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.215671][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.216353][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.217045][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.217728][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.218421][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.219101][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.219802][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.220483][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.221177][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.221857][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.222569][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.223253][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.223952][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.224636][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.225331][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.226013][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.226712][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.227395][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.228100][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.228783][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.229478][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.230161][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.230855][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.231539][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.232240][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.232921][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.233616][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.234315][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.235013][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.235702][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.236399][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.237083][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.237783][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.238467][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.239165][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.239855][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.240556][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.241241][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.241938][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.242622][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.243320][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.244008][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.244705][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.245388][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.246114][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.246800][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.247503][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.248187][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.248883][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.249569][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.250266][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.250951][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.251658][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.252342][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.253041][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.253726][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.254427][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.255121][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.255822][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.256505][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.257201][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.257890][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.258605][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.259291][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.259994][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.260681][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.261380][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.262067][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.262766][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.263457][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.264157][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.264842][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.265542][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.266200][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.266855][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.267501][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.268175][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.268814][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.269476][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.270142][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.270825][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.271494][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.272167][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.272839][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.273514][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.274179][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.274857][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.275529][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.276220][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.276892][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.277573][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.278247][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.278934][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.279608][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.280293][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.280969][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.281670][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.282360][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.283062][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.283771][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.284477][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.285170][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.285875][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.286565][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.287269][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.287977][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.288681][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.289376][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.290079][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.290769][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.291477][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.292177][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.292886][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.293558][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.294258][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.294930][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.295625][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.296289][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.296984][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.297662][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.298354][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.299036][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.299728][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.300412][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.301106][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.301800][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.302497][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.303179][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.303907][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.304599][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.305307][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.306001][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.306707][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.307414][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.308123][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.308817][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.309524][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.310217][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.310924][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.311631][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.312341][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.313036][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.313745][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.314457][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.315161][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.315860][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.316562][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.317252][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.317962][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.318653][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.319356][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.320049][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.320760][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.321332][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.321916][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.322484][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.323068][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.323643][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.324221][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.324792][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.325375][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.325948][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.326532][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.327104][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.327690][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.328270][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.328854][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.329427][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.330010][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.330583][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.331166][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.331743][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.332325][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.332913][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.333493][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.334063][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.334643][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.335213][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.335794][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.336364][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.336945][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.337515][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.338097][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.338664][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.339244][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.339822][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.340400][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.340970][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.341551][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.342121][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.342716][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.343284][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.343864][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.344436][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.345010][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.345575][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.346154][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.346717][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.347293][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.347873][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.348453][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.349020][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.349596][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.350164][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.350743][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.351306][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.351895][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.352479][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.353056][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.353621][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.354196][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.354761][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.355335][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.355899][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.356481][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.357046][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.357621][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.358184][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.358760][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.359336][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.359924][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.360489][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.361064][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.361627][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.362203][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.362785][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.363358][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.363941][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.364512][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.365075][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.365648][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.366212][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.366786][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.367349][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.367926][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.368488][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.369063][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.369627][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.370201][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.370765][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.371340][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.371937][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.372512][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.373091][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.373661][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.374216][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.374788][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.375352][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.375929][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.376489][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.377060][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.377622][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.378195][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.378755][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.379328][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.379896][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.380468][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.381029][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.381600][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.382161][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.382748][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.383309][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.383884][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.384449][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.385019][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.385580][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.386161][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.386725][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.387300][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.387867][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.388443][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.389006][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.389579][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.390144][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.390720][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.391282][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.391859][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.392419][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.392991][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.393552][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.394126][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.394688][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.395261][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.395827][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.396401][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.396964][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.397536][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.398096][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.398669][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.399230][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.399803][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.400364][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.400935][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.401495][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.402066][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.402629][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.403200][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.403773][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.404351][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.404917][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.405488][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.406056][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.406628][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.407189][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.407766][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.408327][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.408897][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.409458][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.410029][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.410589][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.411160][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.411738][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.412308][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.412869][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.413442][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.414004][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.414576][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.415138][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.415713][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.416275][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.416848][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.417410][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.417988][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.418550][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.419122][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.419689][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.420259][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.420819][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.421390][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.421951][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.422529][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.423090][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.423670][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.424235][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.424807][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.425369][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.425942][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.426504][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.427077][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.427643][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.428218][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.428779][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.429351][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.429911][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.430482][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.431045][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.431621][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.432182][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.432755][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.433316][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.433895][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.434456][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.435028][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.435592][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.436172][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.436733][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.437305][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.437865][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.438437][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.438997][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.439570][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.440133][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.440700][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.441261][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.441832][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.442391][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.442962][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.443525][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.444098][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.444660][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.445232][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.445793][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.446362][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.446922][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.447494][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.448054][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.448624][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.449184][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.449754][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.450314][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.450884][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.451448][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.452023][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.452583][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.453179][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.453744][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.454315][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.454874][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.455447][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.456016][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.456587][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.457146][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.457728][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.458295][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.458867][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.459430][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.460007][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.460568][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.461141][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.461702][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.462273][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.462836][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.463412][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.463976][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.464549][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.465113][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.465694][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.466257][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.466831][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.467394][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.467973][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.468535][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.469108][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.469668][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.470238][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.470800][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.471387][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.471954][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.472525][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.473085][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.473656][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.474217][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.474789][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.475349][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.475932][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.476493][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.477064][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.477625][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.478196][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.478755][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.479327][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.479892][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.480465][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.481025][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.481595][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.482155][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.482726][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.483285][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.483863][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.484424][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.484996][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.485557][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.486128][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.486694][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.487267][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.487839][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.488410][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.488970][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.489539][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.490098][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.490668][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.491227][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.491801][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.492363][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.492934][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.493495][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.494068][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.494628][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.495201][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.495771][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.496340][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.496898][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.497470][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.498028][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.498600][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.499158][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.499734][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.500295][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.500866][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.501427][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.502000][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.502561][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.503134][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.503700][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.504274][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.504836][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.505409][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.505971][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.506544][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.507106][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.507682][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.508242][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.508817][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.509376][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.509953][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.510514][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.511086][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.511651][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.512225][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.512787][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.513359][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.513919][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.514491][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.515050][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.515623][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.516184][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.516757][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.517318][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.517889][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.518449][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.519020][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.519590][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.520162][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.520733][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.521305][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.521865][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.522436][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.523000][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.523572][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.524139][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.524710][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.525267][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.525836][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.526394][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.526962][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.527542][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.528115][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.528674][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.529247][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.529814][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.530382][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.530945][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.531517][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.532082][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.532657][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.533220][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.533795][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.534351][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.534921][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.535483][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.536056][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.536614][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.537184][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.537743][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.538313][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.538872][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.539455][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.540018][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.540593][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.541156][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.541726][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.542284][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.542854][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.543416][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.543987][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.544548][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.545119][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.545680][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.546251][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.546812][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.547384][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.547952][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.548521][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.549080][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.549649][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.550209][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.550778][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.551337][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.551913][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.552473][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.553045][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.553606][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.554177][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.554737][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.555309][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.555873][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.556453][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.557013][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.557586][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.558145][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.558715][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.559285][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.559862][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.560420][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.560991][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.561550][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.562120][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.562679][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.563250][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.563814][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.564382][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.564940][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.565510][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.566068][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.566638][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.567197][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.567770][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.568329][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.568898][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.569457][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.570027][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.570586][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.571155][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.571717][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.572286][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.572848][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.573420][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.573982][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.574553][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.575115][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.575689][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.576248][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.576817][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.577376][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.577944][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.578501][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.579069][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.579630][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.580198][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.580757][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.581327][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.581894][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.582466][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.583027][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.583601][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.584163][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.584735][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.585295][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.585867][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.586427][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.586999][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.587562][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.588131][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.588690][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.589259][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.589818][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.590393][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.590954][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.591529][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.592089][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.592660][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.593217][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.593785][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.594344][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.594911][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.595471][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.596038][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.596596][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.597164][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.597723][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.598293][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.598853][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.599426][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.599984][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.600553][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.601110][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.601679][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.602235][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.602804][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.603361][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.603934][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.604493][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.605062][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.605619][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.606190][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.606754][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.607326][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.607887][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.608458][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.609017][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.609588][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.610147][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.610717][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.611277][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.611849][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.612407][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.612974][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.613532][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.614100][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.614657][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.615225][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.615785][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.616355][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.616914][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.617485][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.618044][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.618614][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.619173][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.619745][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.620303][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.620873][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.621432][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.622002][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.622562][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.623133][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.623695][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.624270][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.624829][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.625400][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.625959][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.626532][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.627094][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.627667][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.628225][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.628795][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.629354][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.629923][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.630481][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.631052][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.631615][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.632184][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.632742][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.633311][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.633866][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.634434][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.634992][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.635564][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.636121][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.636690][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.637250][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.637820][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.638380][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.638950][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.639513][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.640079][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.640637][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.641205][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.641763][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.642331][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.642888][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.643459][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.644027][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.644598][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.645160][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.645730][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.646288][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.646858][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.647420][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.647991][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.648550][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.649120][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.649679][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.650251][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.650812][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.651382][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.651942][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.652512][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.653071][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.653642][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.654201][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.654772][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.655331][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.655907][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.656467][ T9870]  ? tcp_bpf_close+0xa0/0xa0
[  429.657037][ T9870]  tcp_bpf_unhash+0x76/0x80
[  429.657600][ T9870]  tcp_set_state+0x7b/0x220
[  429.658160][ T9870]  ? put_object+0x20/0x30
[  429.658699][ T9870]  ? debug_smp_processor_id+0x2b/0x130
[  429.659382][ T9870]  tcp_disconnect+0x518/0x610
[  429.659973][ T9870]  tcp_close+0x41d/0x540
[  429.660501][ T9870]  ? tcp_check_oom+0x180/0x180
[  429.661095][ T9870]  tls_sk_proto_close+0x86/0x2a0
[  429.661711][ T9870]  ? locks_remove_posix+0x114/0x1c0
[  429.662359][ T9870]  inet_release+0x44/0x80
[  429.662899][ T9870]  inet6_release+0x36/0x50
[  429.663453][ T9870]  __sock_release+0x4b/0x100
[  429.664024][ T9870]  ? __sock_release+0x100/0x100
[  429.664625][ T9870]  sock_close+0x19/0x20
[  429.665141][ T9870]  __fput+0xe7/0x2f0
[  429.665624][ T9870]  ____fput+0x15/0x20
[  429.666120][ T9870]  task_work_run+0xa4/0xd0
[  429.666671][ T9870]  exit_to_usermode_loop+0x16f/0x180
[  429.667329][ T9870]  do_syscall_64+0x187/0x1b0
[  429.667920][ T9870]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  429.668654][ T9870] RIP: 0033:0x412451
[  429.669141][ T9870] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff
ff 0f 83 94 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03
00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4
08 48 3d 01
[  429.671586][ T9870] RSP: 002b:00007ffde18b5470 EFLAGS: 00000293
ORIG_RAX: 0000000000000003
[  429.672636][ T9870] RAX: 0000000000000000 RBX: 0000000000000005
RCX: 0000000000412451
[  429.673628][ T9870] RDX: 0000000000000000 RSI: 0000000000000081
RDI: 0000000000000004
[  429.674643][ T9870] RBP: 0000000000000000 R08: 0000000000721170
R09: 0000000000000000
[  429.675641][ T9870] R10: 00007ffde18b5580 R11: 0000000000000293
R12: 0000000000000000
[  429.676636][ T9870] R13: 000000000071bf00 R14: 00000000006e3140
R15: ffffffffffffffff
[  429.677630][ T9870] Modules linked in:
[  429.678119][ T9870] ---[ end trace a429c7ce256ca7bb ]---
[  429.678798][ T9870] RIP: 0010:tcp_bpf_unhash+0xc/0x80
[  429.679447][ T9870] Code: 28 4c 89 ee 48 89 df ff 10 e8 30 56 66 fe
5b 41 5c 41 5d 41 5e 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 55 41
54 53 48 89 fb <e8> 0f 56 66 fe e8 6a bb 5f fe 4c 8b a3 80 02 00 00 4d
85 e4 74 2f
[  429.681882][ T9870] RSP: 0018:ffffc90003690000 EFLAGS: 00010293
[  429.682637][ T9870] RAX: ffff888066a72000 RBX: ffff88806695b640
RCX: ffffffff82c82f80
[  429.683630][ T9870] RDX: 0000000000000000 RSI: 0000000000000007
RDI: ffff88806695b640
[  429.684622][ T9870] RBP: ffffc90003690018 R08: 0000000000000000
R09: 0000000000000000
[  429.685611][ T9870] R10: ffffc90003693e70 R11: 0000000000000000
R12: ffffffff82c82f10
[  429.686601][ T9870] R13: 0000000000000007 R14: ffff88806695b710
R15: ffff88806695b710
[  429.687592][ T9870] FS:  00005555569fc940(0000)
GS:ffff88807db80000(0000) knlGS:0000000000000000
[  429.688701][ T9870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  429.689519][ T9870] CR2: ffffc9000368fff8 CR3: 00000000762bc002
CR4: 00000000007606e0
[  429.690511][ T9870] DR0: 0000000000000000 DR1: 0000000000000000
DR2: 0000000000000000
[  429.691507][ T9870] DR3: 0000000000000000 DR6: 00000000fffe0ff0
DR7: 0000000000000400
[  429.692502][ T9870] PKRU: 55555554
[  429.692941][ T9870] Kernel panic - not syncing: Fatal exception
[  429.694377][ T9870] Kernel Offset: disabled
[  429.694913][ T9870] Rebooting in 86400 seconds..




>
> Thanks
> Hillf
> ---
>  net/tls/tls_main.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
> index 78cb4a5..2d0089d 100644
> --- a/net/tls/tls_main.c
> +++ b/net/tls/tls_main.c
> @@ -39,6 +39,7 @@
>  #include <linux/netdevice.h>
>  #include <linux/sched/signal.h>
>  #include <linux/inetdevice.h>
> +#include <linux/atomic.h>
>
>  #include <net/tls.h>
>
> @@ -539,12 +540,19 @@ static struct tls_context *create_ctx(struct sock *sk)
>  {
>         struct inet_connection_sock *icsk = inet_csk(sk);
>         struct tls_context *ctx;
> -
> +       struct tls_context *cur = xchg(&icsk->icsk_ulp_data,
> +                                       icsk->icsk_ulp_data);
> +       if (cur)
> +               return cur;
>         ctx = kzalloc(sizeof(*ctx), GFP_ATOMIC);
>         if (!ctx)
>                 return NULL;
>
> -       icsk->icsk_ulp_data = ctx;
> +       cur = cmpxchg(&icsk->icsk_ulp_data, cur, ctx);
> +       if (cur) {
> +               kfree(ctx);
> +               return cur;
> +       }
>         ctx->setsockopt = sk->sk_prot->setsockopt;
>         ctx->getsockopt = sk->sk_prot->getsockopt;
>         ctx->sk_proto_close = sk->sk_prot->close;

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: memory leak in create_ctx
  2019-06-11 11:45 ` memory leak in create_ctx Dmitry Vyukov
@ 2019-06-11 17:16   ` Jakub Kicinski
  0 siblings, 0 replies; 7+ messages in thread
From: Jakub Kicinski @ 2019-06-11 17:16 UTC (permalink / raw)
  To: Dmitry Vyukov
  Cc: Hillf Danton, syzbot, aviadye, borisp, Daniel Borkmann,
	davejwatson, David Miller, John Fastabend, LKML, netdev,
	syzkaller-bugs, bpf, Eric Biggers

On Tue, 11 Jun 2019 13:45:11 +0200, Dmitry Vyukov wrote:
> Do you see the bug? Jakub said he can't repro.
> The repro has these suspicious bpf syscalls and there is currently
> some nasty bpf bug that plagues us and leads to random assorted
> splats.

Ah, must be the BPF interaction indeed :S The reproducer text uses
incorrect names:

bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0xf, 0x4, 0x4, 0x400, 0x0, 0x1}, 0x3c)

# ^ this is a map create SOCKMAP

socket$rxrpc(0x21, 0x2, 0x800000000a)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x1d4)
connect$inet6(r0, &(0x7f0000000140), 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x5, 0x0, 0x0, 0x0, 0x80}, 0x3c)

# ^ another map create (perf event array?)

bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x10020000000, 0x0}, 0x2c)

# ^ but this is MAP_UPDATE, not MAP_CREATE, it probably inserts the r0
#   into the map

setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4)


That threw me off.

> I've run the repro as "./syz-execprog -repeat=0 -procs=6 repro"  and
> in 10 mins I got the following splat, which indeed suggests a bpf bug.
> But we of course can have both bpf stack overflow and a memory leak in tls.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: memory leak in create_ctx
  2019-07-01  5:28 ` John Fastabend
@ 2019-07-01  5:40   ` syzbot
  0 siblings, 0 replies; 7+ messages in thread
From: syzbot @ 2019-07-01  5:40 UTC (permalink / raw)
  To: aviadye, borisp, daniel, davejwatson, davem, john.fastabend,
	linux-kernel, netdev, syzkaller-bugs

Hello,

syzbot has tested the proposed patch but the reproducer still triggered  
crash:
memory leak in create_ctx

2019/07/01 05:38:26 executed programs: 23
BUG: memory leak
unreferenced object 0xffff888102914e00 (size 512):
   comm "syz-executor.4", pid 7333, jiffies 4294944085 (age 13.950s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<000000002f2bb8be>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<000000002f2bb8be>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<000000002f2bb8be>] slab_alloc mm/slab.c:3326 [inline]
     [<000000002f2bb8be>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
     [<00000000b76aef16>] kmalloc include/linux/slab.h:547 [inline]
     [<00000000b76aef16>] kzalloc include/linux/slab.h:742 [inline]
     [<00000000b76aef16>] create_ctx+0x25/0x70 net/tls/tls_main.c:648
     [<00000000dc9c9d2e>] tls_init net/tls/tls_main.c:837 [inline]
     [<00000000dc9c9d2e>] tls_init+0x97/0x1f0 net/tls/tls_main.c:819
     [<000000009d663c39>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
     [<000000009d663c39>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
     [<00000000551f7621>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
net/ipv4/tcp.c:2789
     [<00000000d02c41d7>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3103
     [<0000000085d221c1>] sock_common_setsockopt+0x38/0x50  
net/core/sock.c:3129
     [<00000000d294eeda>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
     [<00000000f1f1d607>] __do_sys_setsockopt net/socket.c:2083 [inline]
     [<00000000f1f1d607>] __se_sys_setsockopt net/socket.c:2080 [inline]
     [<00000000f1f1d607>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
     [<00000000fbd4f794>] do_syscall_64+0x76/0x1a0  
arch/x86/entry/common.c:301
     [<000000007383b736>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888103860c00 (size 512):
   comm "syz-executor.0", pid 7342, jiffies 4294944115 (age 13.650s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<000000002f2bb8be>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<000000002f2bb8be>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<000000002f2bb8be>] slab_alloc mm/slab.c:3326 [inline]
     [<000000002f2bb8be>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
     [<00000000b76aef16>] kmalloc include/linux/slab.h:547 [inline]
     [<00000000b76aef16>] kzalloc include/linux/slab.h:742 [inline]
     [<00000000b76aef16>] create_ctx+0x25/0x70 net/tls/tls_main.c:648
     [<00000000dc9c9d2e>] tls_init net/tls/tls_main.c:837 [inline]
     [<00000000dc9c9d2e>] tls_init+0x97/0x1f0 net/tls/tls_main.c:819
     [<000000009d663c39>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
     [<000000009d663c39>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
     [<00000000551f7621>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
net/ipv4/tcp.c:2789
     [<00000000d02c41d7>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3103
     [<0000000085d221c1>] sock_common_setsockopt+0x38/0x50  
net/core/sock.c:3129
     [<00000000d294eeda>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
     [<00000000f1f1d607>] __do_sys_setsockopt net/socket.c:2083 [inline]
     [<00000000f1f1d607>] __se_sys_setsockopt net/socket.c:2080 [inline]
     [<00000000f1f1d607>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
     [<00000000fbd4f794>] do_syscall_64+0x76/0x1a0  
arch/x86/entry/common.c:301
     [<000000007383b736>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88810e3e1c00 (size 512):
   comm "syz-executor.5", pid 7384, jiffies 4294944151 (age 13.290s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<000000002f2bb8be>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<000000002f2bb8be>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<000000002f2bb8be>] slab_alloc mm/slab.c:3326 [inline]
     [<000000002f2bb8be>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
     [<00000000b76aef16>] kmalloc include/linux/slab.h:547 [inline]
     [<00000000b76aef16>] kzalloc include/linux/slab.h:742 [inline]
     [<00000000b76aef16>] create_ctx+0x25/0x70 net/tls/tls_main.c:648
     [<00000000dc9c9d2e>] tls_init net/tls/tls_main.c:837 [inline]
     [<00000000dc9c9d2e>] tls_init+0x97/0x1f0 net/tls/tls_main.c:819
     [<000000009d663c39>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
     [<000000009d663c39>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
     [<00000000551f7621>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
net/ipv4/tcp.c:2789
     [<00000000d02c41d7>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3103
     [<0000000085d221c1>] sock_common_setsockopt+0x38/0x50  
net/core/sock.c:3129
     [<00000000d294eeda>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
     [<00000000f1f1d607>] __do_sys_setsockopt net/socket.c:2083 [inline]
     [<00000000f1f1d607>] __se_sys_setsockopt net/socket.c:2080 [inline]
     [<00000000f1f1d607>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
     [<00000000fbd4f794>] do_syscall_64+0x76/0x1a0  
arch/x86/entry/common.c:301
     [<000000007383b736>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a0a7200 (size 512):
   comm "syz-executor.0", pid 7423, jiffies 4294944702 (age 7.780s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<000000002f2bb8be>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<000000002f2bb8be>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<000000002f2bb8be>] slab_alloc mm/slab.c:3326 [inline]
     [<000000002f2bb8be>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
     [<00000000b76aef16>] kmalloc include/linux/slab.h:547 [inline]
     [<00000000b76aef16>] kzalloc include/linux/slab.h:742 [inline]
     [<00000000b76aef16>] create_ctx+0x25/0x70 net/tls/tls_main.c:648
     [<00000000dc9c9d2e>] tls_init net/tls/tls_main.c:837 [inline]
     [<00000000dc9c9d2e>] tls_init+0x97/0x1f0 net/tls/tls_main.c:819
     [<000000009d663c39>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
     [<000000009d663c39>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
     [<00000000551f7621>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
net/ipv4/tcp.c:2789
     [<00000000d02c41d7>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3103
     [<0000000085d221c1>] sock_common_setsockopt+0x38/0x50  
net/core/sock.c:3129
     [<00000000d294eeda>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
     [<00000000f1f1d607>] __do_sys_setsockopt net/socket.c:2083 [inline]
     [<00000000f1f1d607>] __se_sys_setsockopt net/socket.c:2080 [inline]
     [<00000000f1f1d607>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
     [<00000000fbd4f794>] do_syscall_64+0x76/0x1a0  
arch/x86/entry/common.c:301
     [<000000007383b736>] entry_SYSCALL_64_after_hwframe+0x44/0xa9



Tested on:

commit:         0b58d013 bpf: tls, implement unhash to avoid transition ou..
git tree:       git://github.com/cilium/linux ktls-unhash
console output: https://syzkaller.appspot.com/x/log.txt?x=134f2e0ba00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=3bd5897d1df43b97
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)


^ permalink raw reply	[flat|nested] 7+ messages in thread

* RE: memory leak in create_ctx
  2019-06-08 19:13 syzbot
  2019-06-08 23:47 ` Jakub Kicinski
@ 2019-07-01  5:28 ` John Fastabend
  2019-07-01  5:40   ` syzbot
  1 sibling, 1 reply; 7+ messages in thread
From: John Fastabend @ 2019-07-01  5:28 UTC (permalink / raw)
  To: syzbot, aviadye, borisp, daniel, davejwatson, davem,
	john.fastabend, linux-kernel, netdev, syzkaller-bugs

syzbot wrote:
> Hello,
> 
> syzbot found the following crash on:
> 
> HEAD commit:    79c3ba32 Merge tag 'drm-fixes-2019-06-07-1' of git://anong..
> git tree:       upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=170e0bfea00000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=d5c73825cbdc7326
> dashboard link: https://syzkaller.appspot.com/bug?extid=06537213db7ba2745c4a
> compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10aa806aa00000
> 
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+06537213db7ba2745c4a@syzkaller.appspotmail.com
> 
> IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
> 2019/06/08 14:55:51 executed programs: 15
> 2019/06/08 14:55:56 executed programs: 31
> 2019/06/08 14:56:02 executed programs: 51
> BUG: memory leak
> unreferenced object 0xffff888117ceae00 (size 512):
>    comm "syz-executor.3", pid 7233, jiffies 4294949016 (age 13.640s)
>    hex dump (first 32 bytes):
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>    backtrace:
>      [<00000000e6550967>] kmemleak_alloc_recursive  
> include/linux/kmemleak.h:55 [inline]
>      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
>      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
>      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
>      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
>      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
>      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
>      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
>      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
>      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
>      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
>      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
> net/ipv4/tcp.c:2784
>      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
>      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
> net/core/sock.c:3124
>      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
>      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
>      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
>      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
>      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
> arch/x86/entry/common.c:301
>      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> 
> BUG: memory leak
> unreferenced object 0xffff88810965dc00 (size 512):
>    comm "syz-executor.2", pid 7235, jiffies 4294949016 (age 13.640s)
>    hex dump (first 32 bytes):
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>    backtrace:
>      [<00000000e6550967>] kmemleak_alloc_recursive  
> include/linux/kmemleak.h:55 [inline]
>      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
>      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
>      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
>      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
>      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
>      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
>      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
>      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
>      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
>      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
>      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
> net/ipv4/tcp.c:2784
>      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
>      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
> net/core/sock.c:3124
>      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
>      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
>      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
>      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
>      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
> arch/x86/entry/common.c:301
>      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> 
> BUG: memory leak
> unreferenced object 0xffff8881207d7600 (size 512):
>    comm "syz-executor.5", pid 7244, jiffies 4294949019 (age 13.610s)
>    hex dump (first 32 bytes):
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>    backtrace:
>      [<00000000e6550967>] kmemleak_alloc_recursive  
> include/linux/kmemleak.h:55 [inline]
>      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
>      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
>      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
>      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
>      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
>      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
>      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
>      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
>      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
>      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
>      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
> net/ipv4/tcp.c:2784
>      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
>      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
> net/core/sock.c:3124
>      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
>      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
>      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
>      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
>      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
> arch/x86/entry/common.c:301
>      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> 
> 
> 
> ---
> This bug is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzkaller@googlegroups.com.
> 
> syzbot will keep track of this bug report. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> syzbot can test patches for this bug, for details see:
> https://goo.gl/tpsmEJ#testing-patches

#syz test: git://github.com/cilium/linux ktls-unhash

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: memory leak in create_ctx
       [not found] <20190612045828.10212-1-hdanton@sina.com>
@ 2019-06-14  4:21 ` John Fastabend
  0 siblings, 0 replies; 7+ messages in thread
From: John Fastabend @ 2019-06-14  4:21 UTC (permalink / raw)
  To: Hillf Danton, Dmitry Vyukov
  Cc: syzbot, aviadye, borisp, Daniel Borkmann, davejwatson,
	David Miller, John Fastabend, LKML, netdev, syzkaller-bugs,
	Jakub Kicinski, bpf, Eric Biggers

Hillf Danton wrote:
> 
> Hi Dmitry
> 
> On Tue, 11 Jun 2019 19:45:28 +0800 Dmitry Vyukov wrote:
> >
> > I've run the repro as "./syz-execprog -repeat=0 -procs=6 repro"  and
> > in 10 mins I got the following splat, which indeed suggests a bpf bug.
> > But we of course can have both bpf stack overflow and a memory leak in tls.
> >
> >
> >
> > 2019/06/11 10:26:52 executed programs: 887
> > 2019/06/11 10:26:57 executed programs: 899
> > 2019/06/11 10:27:02 executed programs: 916
> > [  429.171049][ T9870] BUG: stack guard page was hit at 00000000a78467b9 (stack is 000000001452e9df..000000004fb93e51)
> > [  429.173714][ T9870] kernel stack overflow (double-fault): 0000 [#1] PREEMPT SMP
> > [  429.174819][ T9870] CPU: 3 PID: 9870 Comm: syz-executor Not tainted 5.2.0-rc4+ #6
> > [  429.175901][ T9870] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
> > [  429.177215][ T9870] RIP: 0010:tcp_bpf_unhash+0xc/0x80
> > [  429.177950][ T9870] Code: 28 4c 89 ee 48 89 df ff 10 e8 30 56 66 fe
> > 5b 41 5c 41 5d 41 5e 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 55 41
> > 54 53 48 89 fb <e8> 0f 56 66 fe e8 6a bb 5f fe 4c 8b a3 80 02 00 00 4d
> > 85 e4 74 2f
> > [  429.180707][ T9870] RSP: 0018:ffffc90003690000 EFLAGS: 00010293
> > [  429.181562][ T9870] RAX: ffff888066a72000 RBX: ffff88806695b640 RCX: ffffffff82c82f80
> > [  429.182681][ T9870] RDX: 0000000000000000 RSI: 0000000000000007 RDI: ffff88806695b640
> > [  429.183807][ T9870] RBP: ffffc90003690018 R08: 0000000000000000 R09: 0000000000000000
> > [  429.184931][ T9870] R10: ffffc90003693e70 R11: 0000000000000000 R12: ffffffff82c82f10
> > [  429.186104][ T9870] R13: 0000000000000007 R14: ffff88806695b710 R15: ffff88806695b710
> > [  429.187303][ T9870] FS:  00005555569fc940(0000) GS:ffff88807db80000(0000) knlGS:0000000000000000
> > [  429.188678][ T9870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > [  429.189674][ T9870] CR2: ffffc9000368fff8 CR3: 00000000762bc002 CR4: 00000000007606e0
> > [  429.190880][ T9870] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> > [  429.192094][ T9870] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> > [  429.193295][ T9870] PKRU: 55555554
> > [  429.193829][ T9870] Call Trace:
> > [  429.194326][ T9870]  ? tcp_bpf_close+0xa0/0xa0
> > [  429.195020][ T9870]  tcp_bpf_unhash+0x76/0x80
> > [  429.195706][ T9870]  ? tcp_bpf_close+0xa0/0xa0
> > [  429.196400][ T9870]  tcp_bpf_unhash+0x76/0x80
> > [  429.197079][ T9870]  ? tcp_bpf_close+0xa0/0xa0
> > [  429.197773][ T9870]  tcp_bpf_unhash+0x76/0x80
> > [  429.651942][ T9870]  ? tcp_bpf_close+0xa0/0xa0
> >
> ... duplicated info trimed ...
> >
> > [  429.652512][ T9870]  tcp_bpf_unhash+0x76/0x80
> > [  429.656467][ T9870]  ? tcp_bpf_close+0xa0/0xa0
> > [  429.657037][ T9870]  tcp_bpf_unhash+0x76/0x80
> > [  429.657600][ T9870]  tcp_set_state+0x7b/0x220
> > [  429.658160][ T9870]  ? put_object+0x20/0x30
> > [  429.658699][ T9870]  ? debug_smp_processor_id+0x2b/0x130
> > [  429.659382][ T9870]  tcp_disconnect+0x518/0x610
> > [  429.659973][ T9870]  tcp_close+0x41d/0x540
> > [  429.660501][ T9870]  ? tcp_check_oom+0x180/0x180
> > [  429.661095][ T9870]  tls_sk_proto_close+0x86/0x2a0
> > [  429.661711][ T9870]  ? locks_remove_posix+0x114/0x1c0
> > [  429.662359][ T9870]  inet_release+0x44/0x80
> > [  429.662899][ T9870]  inet6_release+0x36/0x50
> > [  429.663453][ T9870]  __sock_release+0x4b/0x100
> > [  429.664024][ T9870]  ? __sock_release+0x100/0x100
> > [  429.664625][ T9870]  sock_close+0x19/0x20
> > [  429.665141][ T9870]  __fput+0xe7/0x2f0
> > [  429.665624][ T9870]  ____fput+0x15/0x20
> > [  429.666120][ T9870]  task_work_run+0xa4/0xd0
> > [  429.666671][ T9870]  exit_to_usermode_loop+0x16f/0x180
> > [  429.667329][ T9870]  do_syscall_64+0x187/0x1b0
> > [  429.667920][ T9870]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
> > [  429.668654][ T9870] RIP: 0033:0x412451
> > [  429.669141][ T9870] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff
> > ff 0f 83 94 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03
> > 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4
> > 08 48 3d 01
> > [  429.671586][ T9870] RSP: 002b:00007ffde18b5470 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
> > [  429.672636][ T9870] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000412451
> > [  429.673628][ T9870] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 0000000000000004
> > [  429.674643][ T9870] RBP: 0000000000000000 R08: 0000000000721170 R09: 0000000000000000
> > [  429.675641][ T9870] R10: 00007ffde18b5580 R11: 0000000000000293 R12: 0000000000000000
> > [  429.676636][ T9870] R13: 000000000071bf00 R14: 00000000006e3140 R15: ffffffffffffffff
> > [  429.677630][ T9870] Modules linked in:
> > [  429.678119][ T9870] ---[ end trace a429c7ce256ca7bb ]---
> > [  429.678798][ T9870] RIP: 0010:tcp_bpf_unhash+0xc/0x80
> > [  429.679447][ T9870] Code: 28 4c 89 ee 48 89 df ff 10 e8 30 56 66 fe
> > 5b 41 5c 41 5d 41 5e 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 55 41
> > 54 53 48 89 fb <e8> 0f 56 66 fe e8 6a bb 5f fe 4c 8b a3 80 02 00 00 4d
> > 85 e4 74 2f
> > [  429.681882][ T9870] RSP: 0018:ffffc90003690000 EFLAGS: 00010293
> > [  429.682637][ T9870] RAX: ffff888066a72000 RBX: ffff88806695b640 RCX: ffffffff82c82f80
> > [  429.683630][ T9870] RDX: 0000000000000000 RSI: 0000000000000007 RDI: ffff88806695b640
> > [  429.684622][ T9870] RBP: ffffc90003690018 R08: 0000000000000000 R09: 0000000000000000
> > [  429.685611][ T9870] R10: ffffc90003693e70 R11: 0000000000000000 R12: ffffffff82c82f10
> > [  429.686601][ T9870] R13: 0000000000000007 R14: ffff88806695b710 R15: ffff88806695b710
> > [  429.687592][ T9870] FS:  00005555569fc940(0000) GS:ffff88807db80000(0000) knlGS:0000000000000000
> > [  429.688701][ T9870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > [  429.689519][ T9870] CR2: ffffc9000368fff8 CR3: 00000000762bc002 CR4: 00000000007606e0
> > [  429.690511][ T9870] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> > [  429.691507][ T9870] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> > [  429.692502][ T9870] PKRU: 55555554
> > [  429.692941][ T9870] Kernel panic - not syncing: Fatal exception
> > [  429.694377][ T9870] Kernel Offset: disabled
> > [  429.694913][ T9870] Rebooting in 86400 seconds..
> >
> >
> In case of short circuit, bail out after warning on the unusual event to advoid
> spiraling down the stack without brakes.

Thanks for tracking this down, I was able to reproduce with sys-execprog
so will try and come up with some fix.

We really shouldn't ever get here, somehow we dropped the psock but left
the sk_prot hooked up. At this point just returning is going to leave
lots of psock/tls/sock state floating around.

I guess we need to find the case where sk_prot is not reset.

.John

> 
> Thanks
> Hillf
> ---
>  net/ipv4/tcp_bpf.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/net/ipv4/tcp_bpf.c b/net/ipv4/tcp_bpf.c
> index 3d1e154..5022cd3 100644
> --- a/net/ipv4/tcp_bpf.c
> +++ b/net/ipv4/tcp_bpf.c
> @@ -546,6 +546,8 @@ static void tcp_bpf_unhash(struct sock *sk)
>  	psock = sk_psock(sk);
>  	if (unlikely(!psock)) {
>  		rcu_read_unlock();
> +		if (WARN_ON(sk->sk_prot->unhash == tcp_bpf_unhash))
> +			return;
>  		if (sk->sk_prot->unhash)
>  			sk->sk_prot->unhash(sk);
>  		return;
> @@ -568,6 +570,8 @@ static void tcp_bpf_close(struct sock *sk, long timeout)
>  	if (unlikely(!psock)) {
>  		rcu_read_unlock();
>  		release_sock(sk);
> +		if (WARN_ON(sk->sk_prot->close == tcp_bpf_close))
> +			return;
>  		return sk->sk_prot->close(sk, timeout);
>  	}
> 
> --
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: memory leak in create_ctx
  2019-06-08 19:13 syzbot
@ 2019-06-08 23:47 ` Jakub Kicinski
  2019-07-01  5:28 ` John Fastabend
  1 sibling, 0 replies; 7+ messages in thread
From: Jakub Kicinski @ 2019-06-08 23:47 UTC (permalink / raw)
  To: syzbot
  Cc: aviadye, borisp, daniel, davejwatson, davem, john.fastabend,
	linux-kernel, netdev, syzkaller-bugs

On Sat, 08 Jun 2019 12:13:06 -0700, syzbot wrote:
> Hello,
> 
> syzbot found the following crash on:
> 
> HEAD commit:    79c3ba32 Merge tag 'drm-fixes-2019-06-07-1' of git://anong..
> git tree:       upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=170e0bfea00000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=d5c73825cbdc7326
> dashboard link: https://syzkaller.appspot.com/bug?extid=06537213db7ba2745c4a
> compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10aa806aa00000
> 
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+06537213db7ba2745c4a@syzkaller.appspotmail.com

This one creates a TCPv6 socket, puts it in repair mode, connects and
then adds a tls ULP.  Apparently that leaks the entire TLS context but 
I can't repro..

> IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
> 2019/06/08 14:55:51 executed programs: 15
> 2019/06/08 14:55:56 executed programs: 31
> 2019/06/08 14:56:02 executed programs: 51
> BUG: memory leak
> unreferenced object 0xffff888117ceae00 (size 512):
>    comm "syz-executor.3", pid 7233, jiffies 4294949016 (age 13.640s)
>    hex dump (first 32 bytes):
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>    backtrace:
>      [<00000000e6550967>] kmemleak_alloc_recursive  
> include/linux/kmemleak.h:55 [inline]
>      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
>      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
>      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
>      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
>      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
>      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
>      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
>      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
>      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
>      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
>      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
> net/ipv4/tcp.c:2784
>      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
>      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
> net/core/sock.c:3124
>      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
>      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
>      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
>      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
>      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
> arch/x86/entry/common.c:301
>      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> 
> BUG: memory leak
> unreferenced object 0xffff88810965dc00 (size 512):
>    comm "syz-executor.2", pid 7235, jiffies 4294949016 (age 13.640s)
>    hex dump (first 32 bytes):
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>    backtrace:
>      [<00000000e6550967>] kmemleak_alloc_recursive  
> include/linux/kmemleak.h:55 [inline]
>      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
>      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
>      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
>      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
>      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
>      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
>      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
>      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
>      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
>      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
>      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
> net/ipv4/tcp.c:2784
>      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
>      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
> net/core/sock.c:3124
>      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
>      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
>      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
>      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
>      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
> arch/x86/entry/common.c:301
>      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> 
> BUG: memory leak
> unreferenced object 0xffff8881207d7600 (size 512):
>    comm "syz-executor.5", pid 7244, jiffies 4294949019 (age 13.610s)
>    hex dump (first 32 bytes):
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>    backtrace:
>      [<00000000e6550967>] kmemleak_alloc_recursive  
> include/linux/kmemleak.h:55 [inline]
>      [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
>      [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
>      [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
>      [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
>      [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
>      [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
>      [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
>      [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
>      [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
>      [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
>      [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
> net/ipv4/tcp.c:2784
>      [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
>      [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
> net/core/sock.c:3124
>      [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
>      [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
>      [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
>      [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
>      [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
> arch/x86/entry/common.c:301
>      [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> 
> 
> 
> ---
> This bug is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzkaller@googlegroups.com.
> 
> syzbot will keep track of this bug report. See:
> https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
> syzbot can test patches for this bug, for details see:
> https://goo.gl/tpsmEJ#testing-patches


^ permalink raw reply	[flat|nested] 7+ messages in thread

* memory leak in create_ctx
@ 2019-06-08 19:13 syzbot
  2019-06-08 23:47 ` Jakub Kicinski
  2019-07-01  5:28 ` John Fastabend
  0 siblings, 2 replies; 7+ messages in thread
From: syzbot @ 2019-06-08 19:13 UTC (permalink / raw)
  To: aviadye, borisp, daniel, davejwatson, davem, john.fastabend,
	linux-kernel, netdev, syzkaller-bugs

Hello,

syzbot found the following crash on:

HEAD commit:    79c3ba32 Merge tag 'drm-fixes-2019-06-07-1' of git://anong..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=170e0bfea00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=d5c73825cbdc7326
dashboard link: https://syzkaller.appspot.com/bug?extid=06537213db7ba2745c4a
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10aa806aa00000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+06537213db7ba2745c4a@syzkaller.appspotmail.com

IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
2019/06/08 14:55:51 executed programs: 15
2019/06/08 14:55:56 executed programs: 31
2019/06/08 14:56:02 executed programs: 51
BUG: memory leak
unreferenced object 0xffff888117ceae00 (size 512):
   comm "syz-executor.3", pid 7233, jiffies 4294949016 (age 13.640s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<00000000e6550967>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
     [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
     [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
     [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
     [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
     [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
     [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
     [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
     [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
     [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
net/ipv4/tcp.c:2784
     [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
     [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
net/core/sock.c:3124
     [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
     [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
     [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
     [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
     [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
arch/x86/entry/common.c:301
     [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88810965dc00 (size 512):
   comm "syz-executor.2", pid 7235, jiffies 4294949016 (age 13.640s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<00000000e6550967>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
     [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
     [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
     [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
     [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
     [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
     [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
     [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
     [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
     [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
net/ipv4/tcp.c:2784
     [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
     [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
net/core/sock.c:3124
     [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
     [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
     [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
     [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
     [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
arch/x86/entry/common.c:301
     [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff8881207d7600 (size 512):
   comm "syz-executor.5", pid 7244, jiffies 4294949019 (age 13.610s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
   backtrace:
     [<00000000e6550967>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<00000000e6550967>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<00000000e6550967>] slab_alloc mm/slab.c:3326 [inline]
     [<00000000e6550967>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
     [<0000000014132182>] kmalloc include/linux/slab.h:547 [inline]
     [<0000000014132182>] kzalloc include/linux/slab.h:742 [inline]
     [<0000000014132182>] create_ctx+0x25/0x70 net/tls/tls_main.c:601
     [<00000000e08e1a44>] tls_init net/tls/tls_main.c:787 [inline]
     [<00000000e08e1a44>] tls_init+0x97/0x1e0 net/tls/tls_main.c:769
     [<0000000037b0c43c>] __tcp_set_ulp net/ipv4/tcp_ulp.c:126 [inline]
     [<0000000037b0c43c>] tcp_set_ulp+0xe2/0x190 net/ipv4/tcp_ulp.c:147
     [<000000007a284277>] do_tcp_setsockopt.isra.0+0x19a/0xd60  
net/ipv4/tcp.c:2784
     [<00000000f35f3415>] tcp_setsockopt+0x71/0x80 net/ipv4/tcp.c:3098
     [<00000000c840962c>] sock_common_setsockopt+0x38/0x50  
net/core/sock.c:3124
     [<0000000006b0801f>] __sys_setsockopt+0x98/0x120 net/socket.c:2072
     [<00000000a6309f52>] __do_sys_setsockopt net/socket.c:2083 [inline]
     [<00000000a6309f52>] __se_sys_setsockopt net/socket.c:2080 [inline]
     [<00000000a6309f52>] __x64_sys_setsockopt+0x26/0x30 net/socket.c:2080
     [<00000000fa555bbc>] do_syscall_64+0x76/0x1a0  
arch/x86/entry/common.c:301
     [<00000000a06d7d1a>] entry_SYSCALL_64_after_hwframe+0x44/0xa9



---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2019-07-01  5:40 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <20190609025641.11448-1-hdanton@sina.com>
2019-06-11 11:45 ` memory leak in create_ctx Dmitry Vyukov
2019-06-11 17:16   ` Jakub Kicinski
     [not found] <20190612045828.10212-1-hdanton@sina.com>
2019-06-14  4:21 ` John Fastabend
2019-06-08 19:13 syzbot
2019-06-08 23:47 ` Jakub Kicinski
2019-07-01  5:28 ` John Fastabend
2019-07-01  5:40   ` syzbot

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.