[BUG] kmemleak in rtnetlink_rcv() triggered by selftests/drivers/net/team in build cdc9718d5e59

From: Mirsad Goran Todorovac
Date: Sun Apr 09 2023 - 07:49:50 EST

Hi all,

There appears to be a memleak triggered by the selftest drivers/net/team.

# cat /sys/kernel/debug/kmemleak
unreferenced object 0xffff8c18def8ee00 (size 256):
comm "ip", pid 5727, jiffies 4294961159 (age 954.244s)
hex dump (first 32 bytes):
00 20 09 de 18 8c ff ff 00 00 00 00 00 00 00 00 . ..............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffffb60fb25c>] slab_post_alloc_hook+0x8c/0x3e0
[<ffffffffb6102b39>] __kmem_cache_alloc_node+0x1d9/0x2a0
[<ffffffffb607684e>] kmalloc_trace+0x2e/0xc0
[<ffffffffb6dbc00b>] vlan_vid_add+0x11b/0x290
[<ffffffffb6dbcffc>] vlan_device_event+0x19c/0x880
[<ffffffffb5dde4d7>] raw_notifier_call_chain+0x47/0x70
[<ffffffffb6ab6940>] call_netdevice_notifiers_info+0x50/0xa0
[<ffffffffb6ac7574>] dev_open+0x94/0xa0
[<ffffffffc176515e>] 0xffffffffc176515e
[<ffffffffb6ada6b0>] do_set_master+0x90/0xb0
[<ffffffffb6adc5f4>] do_setlink+0x514/0x11f0
[<ffffffffb6ae4507>] __rtnl_newlink+0x4e7/0xa10
[<ffffffffb6ae4a8c>] rtnl_newlink+0x4c/0x70
[<ffffffffb6adf334>] rtnetlink_rcv_msg+0x184/0x5d0
[<ffffffffb6b6ad1e>] netlink_rcv_skb+0x5e/0x110
[<ffffffffb6ada0e9>] rtnetlink_rcv+0x19/0x20
unreferenced object 0xffff8c18250d3700 (size 32):
comm "ip", pid 5727, jiffies 4294961159 (age 954.244s)
hex dump (first 32 bytes):
a0 ee f8 de 18 8c ff ff a0 ee f8 de 18 8c ff ff ................
81 00 00 00 01 00 00 00 cc cc cc cc cc cc cc cc ................
backtrace:
[<ffffffffb60fb25c>] slab_post_alloc_hook+0x8c/0x3e0
[<ffffffffb6102b39>] __kmem_cache_alloc_node+0x1d9/0x2a0
[<ffffffffb607684e>] kmalloc_trace+0x2e/0xc0
[<ffffffffb6dbc064>] vlan_vid_add+0x174/0x290
[<ffffffffb6dbcffc>] vlan_device_event+0x19c/0x880
[<ffffffffb5dde4d7>] raw_notifier_call_chain+0x47/0x70
[<ffffffffb6ab6940>] call_netdevice_notifiers_info+0x50/0xa0
[<ffffffffb6ac7574>] dev_open+0x94/0xa0
[<ffffffffc176515e>] 0xffffffffc176515e
[<ffffffffb6ada6b0>] do_set_master+0x90/0xb0
[<ffffffffb6adc5f4>] do_setlink+0x514/0x11f0
[<ffffffffb6ae4507>] __rtnl_newlink+0x4e7/0xa10
[<ffffffffb6ae4a8c>] rtnl_newlink+0x4c/0x70
[<ffffffffb6adf334>] rtnetlink_rcv_msg+0x184/0x5d0
[<ffffffffb6b6ad1e>] netlink_rcv_skb+0x5e/0x110
[<ffffffffb6ada0e9>] rtnetlink_rcv+0x19/0x20
unreferenced object 0xffff8c1846e16800 (size 256):
comm "ip", pid 7837, jiffies 4295135225 (age 258.160s)
hex dump (first 32 bytes):
00 20 f7 de 18 8c ff ff 00 00 00 00 00 00 00 00 . ..............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffffb60fb25c>] slab_post_alloc_hook+0x8c/0x3e0
[<ffffffffb6102b39>] __kmem_cache_alloc_node+0x1d9/0x2a0
[<ffffffffb607684e>] kmalloc_trace+0x2e/0xc0
[<ffffffffb6dbc00b>] vlan_vid_add+0x11b/0x290
[<ffffffffb6dbcffc>] vlan_device_event+0x19c/0x880
[<ffffffffb5dde4d7>] raw_notifier_call_chain+0x47/0x70
[<ffffffffb6ab6940>] call_netdevice_notifiers_info+0x50/0xa0
[<ffffffffb6ac7574>] dev_open+0x94/0xa0
[<ffffffffc177115e>] bond_enslave+0x34e/0x1840 [bonding]
[<ffffffffb6ada6b0>] do_set_master+0x90/0xb0
[<ffffffffb6adc5f4>] do_setlink+0x514/0x11f0
[<ffffffffb6ae4507>] __rtnl_newlink+0x4e7/0xa10
[<ffffffffb6ae4a8c>] rtnl_newlink+0x4c/0x70
[<ffffffffb6adf334>] rtnetlink_rcv_msg+0x184/0x5d0
[<ffffffffb6b6ad1e>] netlink_rcv_skb+0x5e/0x110
[<ffffffffb6ada0e9>] rtnetlink_rcv+0x19/0x20
unreferenced object 0xffff8c184c5ff2a0 (size 32):
comm "ip", pid 7837, jiffies 4295135225 (age 258.160s)
hex dump (first 32 bytes):
a0 68 e1 46 18 8c ff ff a0 68 e1 46 18 8c ff ff .h.F.....h.F....
81 00 00 00 01 00 00 00 cc cc cc cc cc cc cc cc ................
backtrace:
[<ffffffffb60fb25c>] slab_post_alloc_hook+0x8c/0x3e0
[<ffffffffb6102b39>] __kmem_cache_alloc_node+0x1d9/0x2a0
[<ffffffffb607684e>] kmalloc_trace+0x2e/0xc0
[<ffffffffb6dbc064>] vlan_vid_add+0x174/0x290
[<ffffffffb6dbcffc>] vlan_device_event+0x19c/0x880
[<ffffffffb5dde4d7>] raw_notifier_call_chain+0x47/0x70
[<ffffffffb6ab6940>] call_netdevice_notifiers_info+0x50/0xa0
[<ffffffffb6ac7574>] dev_open+0x94/0xa0
[<ffffffffc177115e>] bond_enslave+0x34e/0x1840 [bonding]
[<ffffffffb6ada6b0>] do_set_master+0x90/0xb0
[<ffffffffb6adc5f4>] do_setlink+0x514/0x11f0
[<ffffffffb6ae4507>] __rtnl_newlink+0x4e7/0xa10
[<ffffffffb6ae4a8c>] rtnl_newlink+0x4c/0x70
[<ffffffffb6adf334>] rtnetlink_rcv_msg+0x184/0x5d0
[<ffffffffb6b6ad1e>] netlink_rcv_skb+0x5e/0x110
[<ffffffffb6ada0e9>] rtnetlink_rcv+0x19/0x20

The platform is Ubuntu 22.10 with the latest Torvalds tree 6.3-rc5+ build commit cdc9718d5e59
on a Lenovo Ideapad 3 15ITL6.

The minimum reproducing tools/testing/selftest/Makefile is provided here:

https://domac.alu.unizg.hr/~mtodorov/linux/bugreports/drivers_net/

leaving only two test suites:

# TARGETS += drivers/s390x/uvdevice
TARGETS += drivers/net/bonding
TARGETS += drivers/net/team
# TARGETS += efivarfs

(Smaller one won't run, missing prerequisites.)

Please find the config, complete kmemleak and lshw output.

I am available for further data required.

(The Cc: list is from scripts/get_maintainers on net/core/rtnetlink.c).

Best regards,
Mirsad

--
Mirsad Goran Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu

System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
The European Union

"I see something approaching fast ... Will it be friends with me?"