Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp7378930ybl; Wed, 15 Jan 2020 21:47:50 -0800 (PST) X-Google-Smtp-Source: APXvYqyl3YfxkRc9cMNo0NUI43Ui6vaoGFkTjDmM/Poj12t5JcBZwQdjXxc/59tfq/CL2UGJ5Xac X-Received: by 2002:a9d:6a47:: with SMTP id h7mr501106otn.244.1579153669990; Wed, 15 Jan 2020 21:47:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1579153669; cv=none; d=google.com; s=arc-20160816; b=0j1U0x/DE+aG33Ess0G7D39NGOUJ/SLzF1ha/BoOSbLryHTpu+SQF9+tibWkjIYUvJ 2HH+OPWRDf9kZlFYmgh/UMcpA5EyECJrMg4c42t52Y9UXZPgx61Ss+hzQwY5L7lyd6lP /j3dAROGlNSwro9JLeQ/NyMcUieS72qjQHfzAef0XfeRdtRpMOHsRGqITCtGeibpca/J fXEwJahNPwLYtpCGVw+uzGuYOIAA2dAUZtj1k0rr2DpIZEUXj8lv4CDye9r1VrTR3Snz OUqowXsMJhVAArqEcs96CAeIc9IqAC7FaxU2I2hnzI991RbWttHoG8tFvWvwicNi4ye4 40VA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:from:subject:message-id:date :mime-version; bh=nUWpGQHDm6wJiD+qGbWs1eyfWOotGc7QheWrkXQpqSQ=; b=ze/iRy/yFgkqm3kw1d6vf9Xoi8IdSyMxmcFFz6WoBe1qOdrzL8cMWZVdyHUTYPYjAv 8LidaygeEWMIvFMg5grcdAhmHY1S3Ek1Ec7rzCUzyeSQyGBntO4dskBgMUzatyQPT3cu g7oI0/oe1PMHzd/8Fe4Rs5FJVWflAD1tPSsoxB9CiY1lUUtNr+LNgHBevagg4zugaWCx UX5svzgmYR+K2I3xQ6hRdF2uZISqhE1FphZIHHYPeuGPjdRUv5jyHh+FQ2goIYKlVIVz U0hhMszHRANN8ia9uoSpZsBTPcIYz7chjA/K0Hza4tw8CScBEPfV18KZecMP6m4slxo1 bDFA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 194si10766312oii.2.2020.01.15.21.47.37; Wed, 15 Jan 2020 21:47:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726883AbgAPFpK (ORCPT + 99 others); Thu, 16 Jan 2020 00:45:10 -0500 Received: from mail-io1-f71.google.com ([209.85.166.71]:52333 "EHLO mail-io1-f71.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726315AbgAPFpK (ORCPT ); Thu, 16 Jan 2020 00:45:10 -0500 Received: by mail-io1-f71.google.com with SMTP id d10so12035099iod.19 for ; Wed, 15 Jan 2020 21:45:10 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:date:message-id:subject:from:to; bh=nUWpGQHDm6wJiD+qGbWs1eyfWOotGc7QheWrkXQpqSQ=; b=ffSc6DcGcoP3gT86Jzk1M7ZpgveMdYHAW5e/yqu9ebWu0SJEWegRpB9dTTRLSoW/qD iNJ3M1scu1lAb5YMENp9RKOsf92fmZbSVrCDGp9E6k/mX7rGKOSau4dQs0wUE8DevSJ0 wnqBvDx74vZFzEkMAngmXVF7hwZEyIKnp3+sbVUGXWcGoWzWO2iq1+gpwQq0aDf0Sl6s Be7r3ijwRuvGC7VIO6z89RGo8In3kmUOhOS7ECmVPDHe5wDJWFMlehR5XFYSyA3ts+Cy 2vkdClGborOg0pBWqKzJMfZKGX4FzCMibgD5YoZ/qK89L1SCWCHqEG7g8KSQBlQH5cua VAwg== X-Gm-Message-State: APjAAAW1GDjPifA34guvb0L7Kun++hqUZ8b90s025j0IW0re2lFKKJIx 5iNJc+sKQbPsWV3BsPP7DSbyCr1a1egz259Vx/deZGViBKsB MIME-Version: 1.0 X-Received: by 2002:a5e:8516:: with SMTP id i22mr25910766ioj.130.1579153509823; Wed, 15 Jan 2020 21:45:09 -0800 (PST) Date: Wed, 15 Jan 2020 21:45:09 -0800 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <000000000000ffbba3059c3b5352@google.com> Subject: memory leak in nf_tables_parse_netdev_hooks From: syzbot To: coreteam@netfilter.org, davem@davemloft.net, fw@strlen.de, kadlec@netfilter.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, pablo@netfilter.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, syzbot found the following crash on: HEAD commit: 51d69817 Merge tag 'platform-drivers-x86-v5.5-3' of git://.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=10e32659e00000 kernel config: https://syzkaller.appspot.com/x/.config?x=a0eee3ce463efd dashboard link: https://syzkaller.appspot.com/bug?extid=f9d4095107fc8749c69c compiler: gcc (GCC) 9.0.0 20181231 (experimental) syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16fae421e00000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10e41c76e00000 IMPORTANT: if you fix the bug, please add the following tag to the commit: Reported-by: syzbot+f9d4095107fc8749c69c@syzkaller.appspotmail.com executing program BUG: memory leak unreferenced object 0xffff8881292d4580 (size 96): comm "syz-executor052", pid 7129, jiffies 4294942632 (age 13.530s) hex dump (first 32 bytes): 40 d2 15 1c 81 88 ff ff 40 d2 15 1c 81 88 ff ff @.......@....... 60 53 c3 82 ff ff ff ff 00 a0 2c 2a 81 88 ff ff `S........,*.... backtrace: [<0000000059912bf5>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000059912bf5>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000059912bf5>] slab_alloc mm/slab.c:3320 [inline] [<0000000059912bf5>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3549 [<00000000ab9f7d85>] kmalloc include/linux/slab.h:556 [inline] [<00000000ab9f7d85>] nft_netdev_hook_alloc+0x3f/0xd0 net/netfilter/nf_tables_api.c:1624 [<0000000074e6bb65>] nf_tables_parse_netdev_hooks+0xac/0x230 net/netfilter/nf_tables_api.c:1673 [<00000000cd387efd>] nf_tables_flowtable_parse_hook net/netfilter/nf_tables_api.c:5936 [inline] [<00000000cd387efd>] nf_tables_newflowtable+0x41e/0x930 net/netfilter/nf_tables_api.c:6137 [<00000000526e3994>] nfnetlink_rcv_batch+0x662/0x8c0 net/netfilter/nfnetlink.c:433 [<000000006c5402bf>] nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:543 [inline] [<000000006c5402bf>] nfnetlink_rcv+0x189/0x1c0 net/netfilter/nfnetlink.c:561 [<00000000b752f9f7>] netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline] [<00000000b752f9f7>] netlink_unicast+0x223/0x310 net/netlink/af_netlink.c:1328 [<00000000a0e23793>] netlink_sendmsg+0x2c0/0x570 net/netlink/af_netlink.c:1917 [<000000006e0aea94>] sock_sendmsg_nosec net/socket.c:639 [inline] [<000000006e0aea94>] sock_sendmsg+0x54/0x70 net/socket.c:659 [<00000000a60c26dd>] ____sys_sendmsg+0x2d0/0x300 net/socket.c:2330 [<00000000d412f616>] ___sys_sendmsg+0x8a/0xd0 net/socket.c:2384 [<000000001179a6b0>] __sys_sendmsg+0x80/0xf0 net/socket.c:2417 [<000000004a6699d1>] __do_sys_sendmsg net/socket.c:2426 [inline] [<000000004a6699d1>] __se_sys_sendmsg net/socket.c:2424 [inline] [<000000004a6699d1>] __x64_sys_sendmsg+0x23/0x30 net/socket.c:2424 [<00000000a05aa7d1>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000bad17b52>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 --- This bug is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this bug report. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. syzbot can test patches for this bug, for details see: https://goo.gl/tpsmEJ#testing-patches