Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp351203rwd; Fri, 19 May 2023 22:05:00 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4gCIQvg6/ywMbXVJBwZpnsaGF9ZF0Rd0+BpCg9EJZ0HO5ePGrAok/E4/Xg9HINsFOeBvHj X-Received: by 2002:a05:6a20:2d2b:b0:f1:8f7:eeb6 with SMTP id g43-20020a056a202d2b00b000f108f7eeb6mr4335495pzl.59.1684559100046; Fri, 19 May 2023 22:05:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684559100; cv=none; d=google.com; s=arc-20160816; b=zT0kLrMl124Ap4mgh+fN+tSdeueBY72bhAthC0ehh6JDz0qZOWUWLBtyIVQt6lasbL a2JTtnx76cpvEx6GLpWSFPjqLxD7HrtK7JIwqq9TY0XXMRb+kEXs3PnGKAps6k3BMntf 3AbLOuNaBvJaMPWKAX7ldgQc6QsIx2DKcnqdDjipHXBBbmEhOvSDRIVI4/Sf0NGSehXH +Cs0TfyhiVGEmo2zgGPAZYfijKFXjgKwRPdKRSgl7dXPogzDL9KadL4D9qOPMof4a2DX dfjE1I22EjDjzrEfGl7Wm0hiC83eHTEJL2ploCVLs2+G3DonIuF7Vi63pLgY/VtNlD1g IbzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version; bh=0HcHizDZIcGf5RbH60k54/uFjCzj4N7znlniY3FBcgI=; b=dpuoSbNDBOnyVCqGWZl2TJY94GWoJFAnRFKEFUi38v+GRa48Bt32K2n+rdSGGBbLk1 6stL4QoiJ4WkOs+ws3AhmsaRpVCWzHRh7Nnfn7X3ndr1BAjRGz4UT1qNDSWFM08RBTI6 dJBBfOKKm+wOkeirVhoy9m5RgodTBFKDGtsGuOocHMKkEdMWk0l2nlYLGZ3TILFWGi3B prvqYtaeckgiucEb5TBwvF4hq1YPMABLagtcGq0Ub8o7uFOE1ebd7cvblI0qQ/llZeu8 MmisvdltslWJNMDj2E8nIZ2cbN4Hv4zCyBDhL3DAXkVMP1DMXNkguc5fKwO/+2ZwM0OV cUJw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u12-20020a63600c000000b0053466223cebsi810996pgb.838.2023.05.19.22.04.45; Fri, 19 May 2023 22:05:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229731AbjETEng convert rfc822-to-8bit (ORCPT + 99 others); Sat, 20 May 2023 00:43:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55948 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229379AbjETEnf (ORCPT ); Sat, 20 May 2023 00:43:35 -0400 Received: from cstnet.cn (smtp25.cstnet.cn [159.226.251.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B0466E40; Fri, 19 May 2023 21:43:33 -0700 (PDT) Received: from smtpclient.apple (unknown [124.16.139.61]) by APP-05 (Coremail) with SMTP id zQCowAAHDYnlT2hkQpDeAQ--.35351S2; Sat, 20 May 2023 12:43:17 +0800 (CST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.500.231\)) Subject: Re: memory leak in ipv6_sock_ac_join From: =?utf-8?B?6IyD5L+K5p2w?= In-Reply-To: <7f189d22226841168eb46b7be8939e2d06fa476c.camel@redhat.com> Date: Sat, 20 May 2023 12:43:07 +0800 Cc: davem@davemloft.net, dsahern@kernel.org, edumazet@google.com, kuba@kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com Content-Transfer-Encoding: 8BIT Message-Id: References: <13e257b8.6869.18833286427.Coremail.junjie2020@iscas.ac.cn> <7f189d22226841168eb46b7be8939e2d06fa476c.camel@redhat.com> To: Paolo Abeni X-Mailer: Apple Mail (2.3731.500.231) X-CM-TRANSID: zQCowAAHDYnlT2hkQpDeAQ--.35351S2 X-Coremail-Antispam: 1UD129KBjvJXoWxXF1kAF1rCFWDKrWfCF4rKrg_yoW5XFykpa 15G3Wjgr4ktry093WftFy8XFWFyw4rCFy5Grsaqrn5CF1xKFy5Kry2kr47Jan8Zrs8GrW5 Zryj9r1qv348JaUanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUvab7Iv0xC_tr1lb4IE77IF4wAFF20E14v26r4j6ryUM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_JFI_Gr1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Gr0_Cr1l84ACjcxK6I8E87Iv67AKxVWxJVW8Jr1l84ACjcxK6I 8E87Iv6xkF7I0E14v26r4UJVWxJr1lnxkEFVAIw20F6cxK64vIFxWle2I262IYc4CY6c8I j28IcVAaY2xG8wAqx4xG64xvF2IEw4CE5I8CrVC2j2WlYx0E2Ix0cI8IcVAFwI0_JrI_Jr ylYx0Ex4A2jsIE14v26r1j6r4UMcvjeVCFs4IE7xkEbVWUJVW8JwACjcxG0xvY0x0EwIxG rwCY02Avz4vE14v_Gryl42xK82IYc2Ij64vIr41l4I8I3I0E4IkC6x0Yz7v_Jr0_Gr1lx2 IqxVAqx4xG67AKxVWUJVWUGwC20s026x8GjcxK67AKxVWUGVWUWwC2zVAF1VAY17CE14v2 6r1q6r43MIIYrxkI7VAKI48JMIIF0xvE2Ix0cI8IcVAFwI0_Jr0_JF4lIxAIcVC0I7IYx2 IY6xkF7I0E14v26r4j6F4UMIIF0xvE42xK8VAvwI8IcIk0rVWUJVWUCwCI42IY6I8E87Iv 67AKxVWUJVW8JwCI42IY6I8E87Iv6xkF7I0E14v26r4j6r4UJbIYCTnIWIevJa73UjIFyT uYvjxUc75rUUUUU X-Originating-IP: [124.16.139.61] X-CM-SenderInfo: xmxqyxbhsqji46lvutnvoduhdfq/ X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW, SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Thank you for your response. This is my first time submitting crashes to kernel developers, so forgive me if there are any shortcomings. In my opinion, some of the code crashes in the old version may also be present in the new version. That’s why I want to report these crash to you. I will take note of the issues you mentioned and make a meaningful contribution by submitting valid kernel errors next time.! Sincerely! > 2023年5月19日 22:46,Paolo Abeni 写道: > > hi, > > Please use plain-text when sending messages to a kernel devel mailing > list. > > On Fri, 2023-05-19 at 16:37 +0800, 范俊杰 wrote: >> Our modified tool found a new bug BUG: unable to handle kernel NULL >> pointer dereference in scsi_queue_rq > > What you mention above is different from what you actually reports > below. > >> in Kernel commit v5.14. > > That is not exactly new. > >> The report is as below and this bug don't have a repro C program >> until now. Please inform me if you confirm this is a reproducible >> bug. > > I think the above expectation is quite beyond what you could get. When > you reports a bug _you_ are supposed to try to reproduce it. > >> --- >> BUG: memory leak >> unreferenced object 0xffff8ad4e16c5760 (size 32): >> comm "syz-executor.2", pid 17137, jiffies 4295510146 (age 7.862s) >> hex dump (first 32 bytes): >> fe 80 00 00 00 00 00 00 00 00 00 00 00 00 00 bb ................ >> 01 00 00 00 d4 8a ff ff 00 00 00 00 00 00 00 00 ................ >> backtrace: >> [<00000000033cd1b4>] kmalloc include/linux/slab.h:605 [inline] >> [<00000000033cd1b4>] sock_kmalloc+0x48/0x80 net/core/sock.c:2563 >> [<00000000724962dc>] ipv6_sock_ac_join+0xf0/0x2d0 >> net/ipv6/anycast.c:86 >> [<0000000027291f90>] do_ipv6_setsockopt.isra.14+0x1e23/0x21a0 >> net/ipv6/ipv6_sockglue.c:868 >> [<00000000bb6b5160>] ipv6_setsockopt+0xa9/0xf0 >> net/ipv6/ipv6_sockglue.c:1021 >> [<0000000057fe6cc3>] udpv6_setsockopt+0x53/0xa0 >> net/ipv6/udp.c:1652 >> [<0000000023dcd6bb>] __sys_setsockopt+0xb6/0x160 >> net/socket.c:2259 >> [<0000000081a16a2e>] __do_sys_setsockopt net/socket.c:2270 >> [inline] >> [<0000000081a16a2e>] __se_sys_setsockopt net/socket.c:2267 >> [inline] >> [<0000000081a16a2e>] __x64_sys_setsockopt+0x22/0x30 >> net/socket.c:2267 >> [<0000000075aec224>] do_syscall_x64 arch/x86/entry/common.c:50 >> [inline] >> [<0000000075aec224>] do_syscall_64+0x37/0x80 >> arch/x86/entry/common.c:80 >> [<000000006cd4d12f>] entry_SYSCALL_64_after_hwframe+0x46/0xb0 >> >> BUG: leak checking failed > > This was probably addressed by: > > 8c0de6e96c97 ("ipv6: fix memory leaks on IPV6_ADDRFORM path") > > > Cheers, > > Paolo