Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp2895957pxy; Mon, 3 May 2021 10:22:38 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxwgKskkikWd2b22hAhqpR40BXNbaGjJNCK+fpsY8b0pXDqbvIWIJf2o5zqBSHZhxYyuNiJ X-Received: by 2002:a17:906:494d:: with SMTP id f13mr17894741ejt.490.1620062558081; Mon, 03 May 2021 10:22:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620062558; cv=none; d=google.com; s=arc-20160816; b=oY5lawuLii1wq5FKewiSexV0cyvF2yzlLZz3RqAGijAwWBm9f9PbX0LcORFzUqRAA6 WoL6GSY7nbtNAezyj+hr62oxDIt/63HaGLchlLkEKgjZ7Pd5/6Kf2HirN9hYVrHRt+xM iY+sZTNR52ezy5etnJ71n/2zkdinz22Usns3LFFMxbTFs3ViaiwFk9QKbmfGp+d+dWjE 8yQguUDuo1elDnhgxWL9Xym+ne+YBW+vTjdCn6q3KCUT+D26Wxn1NBcQP8vIVkK0Ngm3 Q4FXMz36tRt81akDLhmk5xQoqR4b3g+qxpK3uWbgfQSGNcGGeq/tt0aasC4wWJOX9nYM juHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:from:subject:message-id:date:mime-version; bh=IaLwSAlCAkwIV8aH0MiazbmbvKJrXYiGrbTABtoSizM=; b=EUwZSi/5Er/bfNFeM2Zpl2q2vqa8TH2Dgjep/XxyE2W6a/KO+afVuMhWeK9XI0Kv/X 8kp/F11qNvUtfx3tqnScncBt/ONq6oKkcofNQbYTDjn//xQo7Z9fVSOELmHagyypuh5Y 7Y2CfEKMNXDVpMzuKTeV1ATcA1qwk64Tjx7op4WcWWAzYRyyBHKWK128J+kQIGdM4tHJ C1jBdE7vJHedugwl84XsfYxTcRRJ88RlRGbbIHk6pApQlZDZCMm+NV83xeyPl6Vm2KDb 44TUpLp44UuQLZSYDLHnsI99norIIljlXJJpsYWqllHkHgXi7yUMRchJipEZcfcvDYPu lHng== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a20si338137ejf.345.2021.05.03.10.22.13; Mon, 03 May 2021 10:22:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232397AbhECRVZ (ORCPT + 99 others); Mon, 3 May 2021 13:21:25 -0400 Received: from mail-il1-f197.google.com ([209.85.166.197]:48681 "EHLO mail-il1-f197.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231735AbhECRVO (ORCPT ); Mon, 3 May 2021 13:21:14 -0400 Received: by mail-il1-f197.google.com with SMTP id h4-20020a926c040000b0290192f4fa4c3bso5038175ilc.15 for ; Mon, 03 May 2021 10:20:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:date:message-id:subject:from:to; bh=IaLwSAlCAkwIV8aH0MiazbmbvKJrXYiGrbTABtoSizM=; b=fLLBAs4vyEJ0EnYXsW63VeA7YPRq6wbKKusvqXLwVjiPPoA1pe8AWfgakePA/5skro 2K3W8b4J/Lubf2S/yxa29DqIrE5Gwd4pv1aoncXu6wt+0/14PgQ0vEW6GWeWP7rGPKrk aYfIR1n8mjgBb7eYluxMeuDAEFQvGDDjNZVR5CgKm88CoiIHH55gk595YCyUjfKXb70j VQ7glA0xA5xtxnOcOE5Bkj9Q7dodGV+MJSuNBho2hrOCM1Is4OQa0+5LCUuNo5Pr+o3C sg5qx7smicZ890uRYJebWTU7PMhRluT5GWQSgtKZmnmbZ/ajbMHBodbcfowdTV4dqFTX VAOw== X-Gm-Message-State: AOAM531+rMZCLSq8bfqlbwFtNoHwvT6iYWK3s15piPVMKkc6m524HgSn B+6+EXtlBDRkdUTyfGvukhH+TC4Q4XmoAZ4RUzk/x28GTrui MIME-Version: 1.0 X-Received: by 2002:a92:c005:: with SMTP id q5mr16225105ild.202.1620062420942; Mon, 03 May 2021 10:20:20 -0700 (PDT) Date: Mon, 03 May 2021 10:20:20 -0700 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <0000000000001d488205c1702d78@google.com> Subject: [syzbot] memory leak in nf_hook_entries_grow (2) From: syzbot To: coreteam@netfilter.org, davem@davemloft.net, fw@strlen.de, kadlec@netfilter.org, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, pablo@netfilter.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, syzbot found the following issue on: HEAD commit: 9ccce092 Merge tag 'for-linus-5.13-ofs-1' of git://git.ker.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=141aec93d00000 kernel config: https://syzkaller.appspot.com/x/.config?x=5ab124e5617a0cfa dashboard link: https://syzkaller.appspot.com/bug?extid=050de9f900eb45b94ef9 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14bd921ed00000 IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+050de9f900eb45b94ef9@syzkaller.appspotmail.com BUG: memory leak unreferenced object 0xffff888128e8efc0 (size 64): comm "syz-executor.1", pid 8445, jiffies 4294969756 (age 19.530s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 10 8a a5 83 ff ff ff ff ................ 00 f6 f4 27 81 88 ff ff 00 40 5a 28 81 88 ff ff ...'.....@Z(.... backtrace: [] kmalloc_node include/linux/slab.h:579 [inline] [] kvmalloc_node+0x61/0xf0 mm/util.c:587 [] kvmalloc include/linux/mm.h:797 [inline] [] kvzalloc include/linux/mm.h:805 [inline] [] allocate_hook_entries_size net/netfilter/core.c:61 [inline] [] nf_hook_entries_grow+0x31b/0x370 net/netfilter/core.c:128 [] __nf_register_net_hook+0x8d/0x290 net/netfilter/core.c:407 [] nf_register_net_hook+0xbf/0x100 net/netfilter/core.c:541 [] nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:557 [] arpt_register_table+0x152/0x1e0 net/ipv4/netfilter/arp_tables.c:1548 [] arptable_filter_table_init+0x3d/0x60 net/ipv4/netfilter/arptable_filter.c:50 [] xt_find_table_lock+0x189/0x290 net/netfilter/x_tables.c:1244 [] xt_request_find_table_lock+0x27/0xb0 net/netfilter/x_tables.c:1275 [] get_info+0xd2/0x430 net/ipv4/netfilter/arp_tables.c:807 [] do_arpt_get_ctl+0x224/0x520 net/ipv4/netfilter/arp_tables.c:1443 [] nf_getsockopt+0x57/0x80 net/netfilter/nf_sockopt.c:116 [] ip_getsockopt net/ipv4/ip_sockglue.c:1777 [inline] [] ip_getsockopt+0xfa/0x140 net/ipv4/ip_sockglue.c:1756 [] tcp_getsockopt+0x4b/0x80 net/ipv4/tcp.c:4251 [] __sys_getsockopt+0x133/0x2f0 net/socket.c:2161 [] __do_sys_getsockopt net/socket.c:2176 [inline] [] __se_sys_getsockopt net/socket.c:2173 [inline] [] __x64_sys_getsockopt+0x22/0x30 net/socket.c:2173 BUG: memory leak unreferenced object 0xffff888128f2fb80 (size 64): comm "syz-executor.1", pid 8445, jiffies 4294969756 (age 19.530s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 10 8a a5 83 ff ff ff ff ................ 00 f6 f4 27 81 88 ff ff 50 40 5a 28 81 88 ff ff ...'....P@Z(.... backtrace: [] kmalloc_node include/linux/slab.h:579 [inline] [] kvmalloc_node+0x61/0xf0 mm/util.c:587 [] kvmalloc include/linux/mm.h:797 [inline] [] kvzalloc include/linux/mm.h:805 [inline] [] allocate_hook_entries_size net/netfilter/core.c:61 [inline] [] nf_hook_entries_grow+0x31b/0x370 net/netfilter/core.c:128 [] __nf_register_net_hook+0x8d/0x290 net/netfilter/core.c:407 [] nf_register_net_hook+0xbf/0x100 net/netfilter/core.c:541 [] nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:557 [] arpt_register_table+0x152/0x1e0 net/ipv4/netfilter/arp_tables.c:1548 [] arptable_filter_table_init+0x3d/0x60 net/ipv4/netfilter/arptable_filter.c:50 [] xt_find_table_lock+0x189/0x290 net/netfilter/x_tables.c:1244 [] xt_request_find_table_lock+0x27/0xb0 net/netfilter/x_tables.c:1275 [] get_info+0xd2/0x430 net/ipv4/netfilter/arp_tables.c:807 [] do_arpt_get_ctl+0x224/0x520 net/ipv4/netfilter/arp_tables.c:1443 [] nf_getsockopt+0x57/0x80 net/netfilter/nf_sockopt.c:116 [] ip_getsockopt net/ipv4/ip_sockglue.c:1777 [inline] [] ip_getsockopt+0xfa/0x140 net/ipv4/ip_sockglue.c:1756 [] tcp_getsockopt+0x4b/0x80 net/ipv4/tcp.c:4251 [] __sys_getsockopt+0x133/0x2f0 net/socket.c:2161 [] __do_sys_getsockopt net/socket.c:2176 [inline] [] __se_sys_getsockopt net/socket.c:2173 [inline] [] __x64_sys_getsockopt+0x22/0x30 net/socket.c:2173 BUG: memory leak unreferenced object 0xffff88812249b100 (size 64): comm "kworker/u4:1", pid 24, jiffies 4294970575 (age 11.350s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 10 8a a5 83 ff ff ff ff ................ 00 f6 f4 27 81 88 ff ff 28 40 5a 28 81 88 ff ff ...'....(@Z(.... backtrace: [] kmalloc_node include/linux/slab.h:579 [inline] [] kvmalloc_node+0x61/0xf0 mm/util.c:587 [] kvmalloc include/linux/mm.h:797 [inline] [] kvzalloc include/linux/mm.h:805 [inline] [] allocate_hook_entries_size net/netfilter/core.c:61 [inline] [] __nf_hook_entries_try_shrink+0xfd/0x210 net/netfilter/core.c:248 [] __nf_unregister_net_hook+0x17b/0x280 net/netfilter/core.c:483 [] nf_unregister_net_hook+0x82/0xb0 net/netfilter/core.c:502 [] ops_exit_list+0x41/0x80 net/core/net_namespace.c:175 [] cleanup_net+0x2c1/0x4d0 net/core/net_namespace.c:595 [] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275 [] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421 [] kthread+0x178/0x1b0 kernel/kthread.c:313 [] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. syzbot can test patches for this issue, for details see: https://goo.gl/tpsmEJ#testing-patches