| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 02 Aug 2020 08:19:21 -0700
From: syzbot <syzbot+59ef240dd8f0ed7598a8@...kaller.appspotmail.com>
To: andriin@...com, ast@...nel.org, bpf@...r.kernel.org,
daniel@...earbox.net, davem@...emloft.net, hawk@...nel.org,
john.fastabend@...il.com, kafai@...com, kpsingh@...omium.org,
kuba@...nel.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, songliubraving@...com,
syzkaller-bugs@...glegroups.com, yhs@...com
Subject: Re: memory leak in veth_dev_init
syzbot has found a reproducer for the following issue on:
HEAD commit: ac3a0c84 Merge git://git.kernel.org/pub/scm/linux/kernel/g..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=156db214900000
kernel config: https://syzkaller.appspot.com/x/.config?x=a1b8ff4a33e73cad
dashboard link: https://syzkaller.appspot.com/bug?extid=59ef240dd8f0ed7598a8
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=100102a4900000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=172fcacc900000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+59ef240dd8f0ed7598a8@...kaller.appspotmail.com
executing program
executing program
executing program
BUG: memory leak
unreferenced object 0xffff888128d25800 (size 1024):
comm "syz-executor493", pid 6464, jiffies 4294944570 (age 14.450s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000ee9fd51f>] kmalloc_array include/linux/slab.h:597 [inline]
[<00000000ee9fd51f>] kcalloc include/linux/slab.h:608 [inline]
[<00000000ee9fd51f>] veth_alloc_queues drivers/net/veth.c:1018 [inline]
[<00000000ee9fd51f>] veth_dev_init+0x7b/0x120 drivers/net/veth.c:1045
[<00000000ea2b9ca8>] register_netdevice+0x143/0x760 net/core/dev.c:9444
[<0000000054f736e0>] veth_newlink+0x282/0x460 drivers/net/veth.c:1393
[<0000000048b625cf>] __rtnl_newlink+0x8f0/0xbc0 net/core/rtnetlink.c:3339
[<00000000c7111fa7>] rtnl_newlink+0x49/0x70 net/core/rtnetlink.c:3398
[<000000003c581d51>] rtnetlink_rcv_msg+0x17e/0x460 net/core/rtnetlink.c:5461
[<0000000044c6a9c9>] netlink_rcv_skb+0x5b/0x180 net/netlink/af_netlink.c:2469
[<00000000c5e8a749>] netlink_unicast_kernel net/netlink/af_netlink.c:1303 [inline]
[<00000000c5e8a749>] netlink_unicast+0x2b6/0x3c0 net/netlink/af_netlink.c:1329
[<000000000417c80d>] netlink_sendmsg+0x2ba/0x570 net/netlink/af_netlink.c:1918
[<000000000bc3c36b>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<000000000bc3c36b>] sock_sendmsg+0x4c/0x60 net/socket.c:672
[<0000000041ecdda4>] ____sys_sendmsg+0x2c4/0x2f0 net/socket.c:2352
[<0000000013875e8e>] ___sys_sendmsg+0x81/0xc0 net/socket.c:2406
[<00000000ab05eaa1>] __sys_sendmsg+0x77/0xe0 net/socket.c:2439
[<00000000475b439b>] do_syscall_64+0x4c/0xe0 arch/x86/entry/common.c:384
[<00000000dbda4b6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
BUG: memory leak
unreferenced object 0xffff888119669c00 (size 1024):
comm "syz-executor493", pid 6496, jiffies 4294945171 (age 8.440s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000ee9fd51f>] kmalloc_array include/linux/slab.h:597 [inline]
[<00000000ee9fd51f>] kcalloc include/linux/slab.h:608 [inline]
[<00000000ee9fd51f>] veth_alloc_queues drivers/net/veth.c:1018 [inline]
[<00000000ee9fd51f>] veth_dev_init+0x7b/0x120 drivers/net/veth.c:1045
[<00000000ea2b9ca8>] register_netdevice+0x143/0x760 net/core/dev.c:9444
[<0000000054f736e0>] veth_newlink+0x282/0x460 drivers/net/veth.c:1393
[<0000000048b625cf>] __rtnl_newlink+0x8f0/0xbc0 net/core/rtnetlink.c:3339
[<00000000c7111fa7>] rtnl_newlink+0x49/0x70 net/core/rtnetlink.c:3398
[<000000003c581d51>] rtnetlink_rcv_msg+0x17e/0x460 net/core/rtnetlink.c:5461
[<0000000044c6a9c9>] netlink_rcv_skb+0x5b/0x180 net/netlink/af_netlink.c:2469
[<00000000c5e8a749>] netlink_unicast_kernel net/netlink/af_netlink.c:1303 [inline]
[<00000000c5e8a749>] netlink_unicast+0x2b6/0x3c0 net/netlink/af_netlink.c:1329
[<000000000417c80d>] netlink_sendmsg+0x2ba/0x570 net/netlink/af_netlink.c:1918
[<000000000bc3c36b>] sock_sendmsg_nosec net/socket.c:652 [inline]
[<000000000bc3c36b>] sock_sendmsg+0x4c/0x60 net/socket.c:672
[<0000000041ecdda4>] ____sys_sendmsg+0x2c4/0x2f0 net/socket.c:2352
[<0000000013875e8e>] ___sys_sendmsg+0x81/0xc0 net/socket.c:2406
[<00000000ab05eaa1>] __sys_sendmsg+0x77/0xe0 net/socket.c:2439
[<00000000475b439b>] do_syscall_64+0x4c/0xe0 arch/x86/entry/common.c:384
[<00000000dbda4b6d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
Powered by blists - more mailing lists