lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Sat, 25 May 2019 10:38:05 -0700
From:   syzbot <>
Subject: memory leak in pfkey_xfrm_policy2msg_prep


syzbot found the following crash on:

HEAD commit:    4dde821e Merge tag 'xfs-5.2-fixes-1' of git://git.kernel.o..
git tree:       upstream
console output:
kernel config:
dashboard link:
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
syz repro:
C reproducer:

IMPORTANT: if you fix the bug, please add the following tag to the commit:

ed '' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888126306200 (size 224):
   comm "softirq", pid 0, jiffies 4294944009 (age 13.770s)
   hex dump (first 32 bytes):
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
     [<00000000dbfa6a53>] kmemleak_alloc_recursive  
include/linux/kmemleak.h:55 [inline]
     [<00000000dbfa6a53>] slab_post_alloc_hook mm/slab.h:439 [inline]
     [<00000000dbfa6a53>] slab_alloc_node mm/slab.c:3269 [inline]
     [<00000000dbfa6a53>] kmem_cache_alloc_node+0x153/0x2a0 mm/slab.c:3579
     [<00000000963741ad>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:198
     [<000000006fea5c94>] alloc_skb include/linux/skbuff.h:1058 [inline]
     [<000000006fea5c94>] pfkey_xfrm_policy2msg_prep+0x2a/0x50  
     [<0000000069777b1f>] dump_sp net/key/af_key.c:2692 [inline]
     [<0000000069777b1f>] dump_sp+0x64/0x110 net/key/af_key.c:2682
     [<000000006ac00402>] xfrm_policy_walk+0xd4/0x230  
     [<00000000f7271518>] pfkey_dump_sp+0x2a/0x30 net/key/af_key.c:2719
     [<00000000652376b8>] pfkey_do_dump+0x3b/0xe0 net/key/af_key.c:289
     [<000000006ac94254>] pfkey_spddump+0x81/0xb0 net/key/af_key.c:2746
     [<000000006bacb6ca>] pfkey_process+0x28a/0x2d0 net/key/af_key.c:2836
     [<0000000037320f8e>] pfkey_sendmsg+0x188/0x2e0 net/key/af_key.c:3675
     [<0000000026dba653>] sock_sendmsg_nosec net/socket.c:652 [inline]
     [<0000000026dba653>] sock_sendmsg+0x54/0x70 net/socket.c:671
     [<000000004931d76f>] ___sys_sendmsg+0x393/0x3c0 net/socket.c:2292
     [<00000000ca71443f>] __sys_sendmsg+0x80/0xf0 net/socket.c:2330
     [<000000005d43081c>] __do_sys_sendmsg net/socket.c:2339 [inline]
     [<000000005d43081c>] __se_sys_sendmsg net/socket.c:2337 [inline]
     [<000000005d43081c>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2337
     [<000000005fdf8054>] do_syscall_64+0x76/0x1a0  
     [<000000000c8dd476>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

This bug is generated by a bot. It may contain errors.
See for more information about syzbot.
syzbot engineers can be reached at

syzbot will keep track of this bug report. See: for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:

Powered by blists - more mailing lists