memory leak in policydb_read
16 views
Skip to first unread message
syzbot
Jul 23, 2019, 5:18:07āÆAM7/23/19
to ak...@linux-foundation.org, catalin...@arm.com, dvy...@google.com, linux-...@vger.kernel.org, syzkall...@googlegroups.com, torv...@linux-foundation.org
Hello,
syzbot found the following crash on:
HEAD commit: c6dd78fc Merge branch 'x86-urgent-for-linus' of git://git...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1613751fa00000
kernel config: https://syzkaller.appspot.com/x/.config?x=8de7d700ea5ac607
dashboard link: https://syzkaller.appspot.com/bug?extid=fee3a14d4cdf92646287
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15a7951fa00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16206444600000
The bug was bisected to:
commit d9570ee3bd1d4f20ce63485f5ef05663866fe6c0
Author: Dmitry Vyukov <dvy...@google.com>
Date: Sat Jan 13 00:53:10 2018 +0000
kmemleak: allow to coexist with fault injection
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1633cb00600000
final crash: https://syzkaller.appspot.com/x/report.txt?x=1533cb00600000
console output: https://syzkaller.appspot.com/x/log.txt?x=1133cb00600000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+fee3a1...@syzkaller.appspotmail.com
Fixes: d9570ee3bd1d ("kmemleak: allow to coexist with fault injection")
BUG: memory leak
unreferenced object 0xffff888123547c80 (size 64):
comm "syz-executor647", pid 6976, jiffies 4294940919 (age 7.920s)
hex dump (first 32 bytes):
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<0000000019b1b22a>] kmemleak_alloc_recursive
/./include/linux/kmemleak.h:43 [inline]
[<0000000019b1b22a>] slab_post_alloc_hook /mm/slab.h:522 [inline]
[<0000000019b1b22a>] slab_alloc /mm/slab.c:3319 [inline]
[<0000000019b1b22a>] kmem_cache_alloc_trace+0x145/0x280 /mm/slab.c:3548
[<00000000d64c33c7>] kmalloc /./include/linux/slab.h:552 [inline]
[<00000000d64c33c7>] kzalloc /./include/linux/slab.h:748 [inline]
[<00000000d64c33c7>] roles_init /security/selinux/ss/policydb.c:188
[inline]
[<00000000d64c33c7>] policydb_init /security/selinux/ss/policydb.c:294
[inline]
[<00000000d64c33c7>] policydb_read+0x141/0x1b80
/security/selinux/ss/policydb.c:2259
[<000000004dd18ef6>] security_load_policy+0x182/0x740
/security/selinux/ss/services.c:2141
[<000000004f5bb277>] sel_write_load+0x101/0x1f0
/security/selinux/selinuxfs.c:564
[<00000000ee05c840>] __vfs_write+0x43/0xa0 /fs/read_write.c:494
[<000000008ca23315>] vfs_write /fs/read_write.c:558 [inline]
[<000000008ca23315>] vfs_write+0xee/0x210 /fs/read_write.c:542
[<00000000d97bcbc9>] ksys_write+0x7c/0x130 /fs/read_write.c:611
[<000000007a3f006b>] __do_sys_write /fs/read_write.c:623 [inline]
[<000000007a3f006b>] __se_sys_write /fs/read_write.c:620 [inline]
[<000000007a3f006b>] __x64_sys_write+0x1e/0x30 /fs/read_write.c:620
[<000000001c16ef20>] do_syscall_64+0x76/0x1a0
/arch/x86/entry/common.c:296
[<000000007784189d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: c6dd78fc Merge branch 'x86-urgent-for-linus' of git://git...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1613751fa00000
kernel config: https://syzkaller.appspot.com/x/.config?x=8de7d700ea5ac607
dashboard link: https://syzkaller.appspot.com/bug?extid=fee3a14d4cdf92646287
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15a7951fa00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16206444600000
The bug was bisected to:
commit d9570ee3bd1d4f20ce63485f5ef05663866fe6c0
Author: Dmitry Vyukov <dvy...@google.com>
Date: Sat Jan 13 00:53:10 2018 +0000
kmemleak: allow to coexist with fault injection
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=1633cb00600000
final crash: https://syzkaller.appspot.com/x/report.txt?x=1533cb00600000
console output: https://syzkaller.appspot.com/x/log.txt?x=1133cb00600000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+fee3a1...@syzkaller.appspotmail.com
Fixes: d9570ee3bd1d ("kmemleak: allow to coexist with fault injection")
BUG: memory leak
unreferenced object 0xffff888123547c80 (size 64):
comm "syz-executor647", pid 6976, jiffies 4294940919 (age 7.920s)
hex dump (first 32 bytes):
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<0000000019b1b22a>] kmemleak_alloc_recursive
/./include/linux/kmemleak.h:43 [inline]
[<0000000019b1b22a>] slab_post_alloc_hook /mm/slab.h:522 [inline]
[<0000000019b1b22a>] slab_alloc /mm/slab.c:3319 [inline]
[<0000000019b1b22a>] kmem_cache_alloc_trace+0x145/0x280 /mm/slab.c:3548
[<00000000d64c33c7>] kmalloc /./include/linux/slab.h:552 [inline]
[<00000000d64c33c7>] kzalloc /./include/linux/slab.h:748 [inline]
[<00000000d64c33c7>] roles_init /security/selinux/ss/policydb.c:188
[inline]
[<00000000d64c33c7>] policydb_init /security/selinux/ss/policydb.c:294
[inline]
[<00000000d64c33c7>] policydb_read+0x141/0x1b80
/security/selinux/ss/policydb.c:2259
[<000000004dd18ef6>] security_load_policy+0x182/0x740
/security/selinux/ss/services.c:2141
[<000000004f5bb277>] sel_write_load+0x101/0x1f0
/security/selinux/selinuxfs.c:564
[<00000000ee05c840>] __vfs_write+0x43/0xa0 /fs/read_write.c:494
[<000000008ca23315>] vfs_write /fs/read_write.c:558 [inline]
[<000000008ca23315>] vfs_write+0xee/0x210 /fs/read_write.c:542
[<00000000d97bcbc9>] ksys_write+0x7c/0x130 /fs/read_write.c:611
[<000000007a3f006b>] __do_sys_write /fs/read_write.c:623 [inline]
[<000000007a3f006b>] __se_sys_write /fs/read_write.c:620 [inline]
[<000000007a3f006b>] __x64_sys_write+0x1e/0x30 /fs/read_write.c:620
[<000000001c16ef20>] do_syscall_64+0x76/0x1a0
/arch/x86/entry/common.c:296
[<000000007784189d>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
Dmitry Vyukov
Jul 23, 2019, 5:41:48āÆAM7/23/19
to Paul Moore, Stephen Smalley, Eric Paris, omos...@redhat.com, sel...@vger.kernel.org, Andrew Morton, Catalin Marinas, LKML, syzkaller-bugs, Linus Torvalds, syzbot
On Tue, Jul 23, 2019 at 11:18 AM syzbot
<syzbot+fee3a1...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: c6dd78fc Merge branch 'x86-urgent-for-linus' of git://git...
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=1613751fa00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=8de7d700ea5ac607
> dashboard link: https://syzkaller.appspot.com/bug?extid=fee3a14d4cdf92646287
> compiler: gcc (GCC) 9.0.0 20181231 (experimental)
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15a7951fa00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16206444600000
>
> The bug was bisected to:
>
> commit d9570ee3bd1d4f20ce63485f5ef05663866fe6c0
> Author: Dmitry Vyukov <dvy...@google.com>
> Date: Sat Jan 13 00:53:10 2018 +0000
>
> kmemleak: allow to coexist with fault injection
I suspect this is a bug in SELinux which become detectable after this
<syzbot+fee3a1...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: c6dd78fc Merge branch 'x86-urgent-for-linus' of git://git...
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=1613751fa00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=8de7d700ea5ac607
> dashboard link: https://syzkaller.appspot.com/bug?extid=fee3a14d4cdf92646287
> compiler: gcc (GCC) 9.0.0 20181231 (experimental)
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15a7951fa00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=16206444600000
>
> The bug was bisected to:
>
> commit d9570ee3bd1d4f20ce63485f5ef05663866fe6c0
> Author: Dmitry Vyukov <dvy...@google.com>
> Date: Sat Jan 13 00:53:10 2018 +0000
>
> kmemleak: allow to coexist with fault injection
commit (introduced before). +selinux maintianters
Since fault injection is involved, most likely a typical missed kfree
on an error path.
syzbot
Jul 25, 2019, 5:29:01āÆAM7/25/19
to omos...@redhat.com, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer still triggered
crash:
memory leak in batadv_tvlv_handler_register
BUG: memory leak
unreferenced object 0xffff888111d92700 (size 64):
comm "softirq", pid 0, jiffies 4294943085 (age 432.250s)
00 00 00 00 00 00 00 00 30 0c 15 83 ff ff ff ff ........0.......
backtrace:
[<00000000d3f0230f>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000d3f0230f>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000d3f0230f>] slab_alloc mm/slab.c:3326 [inline]
[<00000000d3f0230f>] kmem_cache_alloc_trace+0x13d/0x240 mm/slab.c:3553
[<00000000747d5656>] kmalloc include/linux/slab.h:547 [inline]
[<00000000747d5656>] kzalloc include/linux/slab.h:742 [inline]
[<00000000747d5656>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<0000000088e5cf3a>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009209d3c1>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<00000000633aabeb>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<000000000a876c86>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000edac1533>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3199
[<00000000e77f2386>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3245
[<00000000be93558d>] rtnetlink_rcv_msg+0x2b7/0x420
net/core/rtnetlink.c:5214
[<00000000cb42d67d>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<00000000b60991d4>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5232
[<000000007a05529d>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<000000007a05529d>] netlink_unicast+0x1ec/0x2f0
net/netlink/af_netlink.c:1337
[<000000002166760b>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<00000000b9b7ebd3>] sock_sendmsg_nosec net/socket.c:660 [inline]
[<00000000b9b7ebd3>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000aaaa766c>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<000000002e85dca5>] __do_sys_sendto net/socket.c:1976 [inline]
[<000000002e85dca5>] __se_sys_sendto net/socket.c:1972 [inline]
[<000000002e85dca5>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff88812126e740 (size 64):
comm "softirq", pid 0, jiffies 4294943086 (age 432.240s)
00 00 00 00 00 00 00 00 30 0c 15 83 ff ff ff ff ........0.......
backtrace:
[<00000000d3f0230f>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000d3f0230f>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000d3f0230f>] slab_alloc mm/slab.c:3326 [inline]
[<00000000d3f0230f>] kmem_cache_alloc_trace+0x13d/0x240 mm/slab.c:3553
[<00000000747d5656>] kmalloc include/linux/slab.h:547 [inline]
[<00000000747d5656>] kzalloc include/linux/slab.h:742 [inline]
[<00000000747d5656>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<0000000088e5cf3a>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009209d3c1>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<00000000633aabeb>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<000000000a876c86>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000edac1533>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3199
[<00000000e77f2386>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3245
[<00000000be93558d>] rtnetlink_rcv_msg+0x2b7/0x420
net/core/rtnetlink.c:5214
[<00000000cb42d67d>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<00000000b60991d4>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5232
[<000000007a05529d>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<000000007a05529d>] netlink_unicast+0x1ec/0x2f0
net/netlink/af_netlink.c:1337
[<000000002166760b>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<00000000b9b7ebd3>] sock_sendmsg_nosec net/socket.c:660 [inline]
[<00000000b9b7ebd3>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000aaaa766c>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<000000002e85dca5>] __do_sys_sendto net/socket.c:1976 [inline]
[<000000002e85dca5>] __se_sys_sendto net/socket.c:1972 [inline]
[<000000002e85dca5>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff8881131318c0 (size 64):
comm "softirq", pid 0, jiffies 4294943090 (age 432.200s)
00 00 00 00 00 00 00 00 30 0c 15 83 ff ff ff ff ........0.......
backtrace:
[<00000000d3f0230f>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000d3f0230f>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000d3f0230f>] slab_alloc mm/slab.c:3326 [inline]
[<00000000d3f0230f>] kmem_cache_alloc_trace+0x13d/0x240 mm/slab.c:3553
[<00000000747d5656>] kmalloc include/linux/slab.h:547 [inline]
[<00000000747d5656>] kzalloc include/linux/slab.h:742 [inline]
[<00000000747d5656>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<0000000088e5cf3a>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009209d3c1>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<00000000633aabeb>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<000000000a876c86>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000edac1533>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3199
[<00000000e77f2386>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3245
[<00000000be93558d>] rtnetlink_rcv_msg+0x2b7/0x420
net/core/rtnetlink.c:5214
[<00000000cb42d67d>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<00000000b60991d4>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5232
[<000000007a05529d>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<000000007a05529d>] netlink_unicast+0x1ec/0x2f0
net/netlink/af_netlink.c:1337
[<000000002166760b>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<00000000b9b7ebd3>] sock_sendmsg_nosec net/socket.c:660 [inline]
[<00000000b9b7ebd3>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000aaaa766c>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<000000002e85dca5>] __do_sys_sendto net/socket.c:1976 [inline]
[<000000002e85dca5>] __se_sys_sendto net/socket.c:1972 [inline]
[<000000002e85dca5>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
Tested on:
commit: 35ef6249 selinux: fix memeory leak in policydb_init()
git tree: https://gitlab.com/omos/linux-public.git
selinux-fix-memleak-roles
console output: https://syzkaller.appspot.com/x/log.txt?x=17a3adf4600000
kernel config: https://syzkaller.appspot.com/x/.config?x=a7177d0eb46e0e76
syzbot has tested the proposed patch but the reproducer still triggered
crash:
memory leak in batadv_tvlv_handler_register
BUG: memory leak
unreferenced object 0xffff888111d92700 (size 64):
comm "softirq", pid 0, jiffies 4294943085 (age 432.250s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 0c 53 18 81 88 ff ff ..........S.....
00 00 00 00 00 00 00 00 30 0c 15 83 ff ff ff ff ........0.......
backtrace:
[<00000000d3f0230f>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000d3f0230f>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000d3f0230f>] slab_alloc mm/slab.c:3326 [inline]
[<00000000d3f0230f>] kmem_cache_alloc_trace+0x13d/0x240 mm/slab.c:3553
[<00000000747d5656>] kmalloc include/linux/slab.h:547 [inline]
[<00000000747d5656>] kzalloc include/linux/slab.h:742 [inline]
[<00000000747d5656>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<0000000088e5cf3a>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009209d3c1>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<00000000633aabeb>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<000000000a876c86>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000edac1533>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3199
[<00000000e77f2386>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3245
[<00000000be93558d>] rtnetlink_rcv_msg+0x2b7/0x420
net/core/rtnetlink.c:5214
[<00000000cb42d67d>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<00000000b60991d4>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5232
[<000000007a05529d>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<000000007a05529d>] netlink_unicast+0x1ec/0x2f0
net/netlink/af_netlink.c:1337
[<000000002166760b>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<00000000b9b7ebd3>] sock_sendmsg_nosec net/socket.c:660 [inline]
[<00000000b9b7ebd3>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000aaaa766c>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<000000002e85dca5>] __do_sys_sendto net/socket.c:1976 [inline]
[<000000002e85dca5>] __se_sys_sendto net/socket.c:1972 [inline]
[<000000002e85dca5>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff88812126e740 (size 64):
comm "softirq", pid 0, jiffies 4294943086 (age 432.240s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 dc 7e 11 81 88 ff ff ..........~.....
00 00 00 00 00 00 00 00 30 0c 15 83 ff ff ff ff ........0.......
backtrace:
[<00000000d3f0230f>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000d3f0230f>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000d3f0230f>] slab_alloc mm/slab.c:3326 [inline]
[<00000000d3f0230f>] kmem_cache_alloc_trace+0x13d/0x240 mm/slab.c:3553
[<00000000747d5656>] kmalloc include/linux/slab.h:547 [inline]
[<00000000747d5656>] kzalloc include/linux/slab.h:742 [inline]
[<00000000747d5656>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<0000000088e5cf3a>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009209d3c1>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<00000000633aabeb>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<000000000a876c86>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000edac1533>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3199
[<00000000e77f2386>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3245
[<00000000be93558d>] rtnetlink_rcv_msg+0x2b7/0x420
net/core/rtnetlink.c:5214
[<00000000cb42d67d>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<00000000b60991d4>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5232
[<000000007a05529d>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<000000007a05529d>] netlink_unicast+0x1ec/0x2f0
net/netlink/af_netlink.c:1337
[<000000002166760b>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<00000000b9b7ebd3>] sock_sendmsg_nosec net/socket.c:660 [inline]
[<00000000b9b7ebd3>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000aaaa766c>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<000000002e85dca5>] __do_sys_sendto net/socket.c:1976 [inline]
[<000000002e85dca5>] __se_sys_sendto net/socket.c:1972 [inline]
[<000000002e85dca5>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
BUG: memory leak
unreferenced object 0xffff8881131318c0 (size 64):
comm "softirq", pid 0, jiffies 4294943090 (age 432.200s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 e0 6c f7 20 81 88 ff ff .........l. ....
00 00 00 00 00 00 00 00 30 0c 15 83 ff ff ff ff ........0.......
backtrace:
[<00000000d3f0230f>] kmemleak_alloc_recursive
include/linux/kmemleak.h:55 [inline]
[<00000000d3f0230f>] slab_post_alloc_hook mm/slab.h:439 [inline]
[<00000000d3f0230f>] slab_alloc mm/slab.c:3326 [inline]
[<00000000d3f0230f>] kmem_cache_alloc_trace+0x13d/0x240 mm/slab.c:3553
[<00000000747d5656>] kmalloc include/linux/slab.h:547 [inline]
[<00000000747d5656>] kzalloc include/linux/slab.h:742 [inline]
[<00000000747d5656>] batadv_tvlv_handler_register+0xae/0x140
net/batman-adv/tvlv.c:529
[<0000000088e5cf3a>] batadv_tt_init+0x78/0x180
net/batman-adv/translation-table.c:4411
[<000000009209d3c1>] batadv_mesh_init+0x196/0x230
net/batman-adv/main.c:208
[<00000000633aabeb>] batadv_softif_init_late+0x1ca/0x220
net/batman-adv/soft-interface.c:861
[<000000000a876c86>] register_netdevice+0xbf/0x600 net/core/dev.c:8673
[<00000000edac1533>] __rtnl_newlink+0xaca/0xb30
net/core/rtnetlink.c:3199
[<00000000e77f2386>] rtnl_newlink+0x4e/0x80 net/core/rtnetlink.c:3245
[<00000000be93558d>] rtnetlink_rcv_msg+0x2b7/0x420
net/core/rtnetlink.c:5214
[<00000000cb42d67d>] netlink_rcv_skb+0x61/0x170
net/netlink/af_netlink.c:2486
[<00000000b60991d4>] rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5232
[<000000007a05529d>] netlink_unicast_kernel
net/netlink/af_netlink.c:1311 [inline]
[<000000007a05529d>] netlink_unicast+0x1ec/0x2f0
net/netlink/af_netlink.c:1337
[<000000002166760b>] netlink_sendmsg+0x26a/0x480
net/netlink/af_netlink.c:1926
[<00000000b9b7ebd3>] sock_sendmsg_nosec net/socket.c:660 [inline]
[<00000000b9b7ebd3>] sock_sendmsg+0x54/0x70 net/socket.c:671
[<00000000aaaa766c>] __sys_sendto+0x148/0x1f0 net/socket.c:1964
[<000000002e85dca5>] __do_sys_sendto net/socket.c:1976 [inline]
[<000000002e85dca5>] __se_sys_sendto net/socket.c:1972 [inline]
[<000000002e85dca5>] __x64_sys_sendto+0x2a/0x30 net/socket.c:1972
Tested on:
commit: 35ef6249 selinux: fix memeory leak in policydb_init()
git tree: https://gitlab.com/omos/linux-public.git
selinux-fix-memleak-roles
console output: https://syzkaller.appspot.com/x/log.txt?x=17a3adf4600000
kernel config: https://syzkaller.appspot.com/x/.config?x=a7177d0eb46e0e76
Reply all
Reply to author
Forward
0 new messages