From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E8E4C46CD4 for ; Thu, 21 Dec 2023 08:36:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 00CB16B007D; Thu, 21 Dec 2023 03:36:47 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id F00456B007E; Thu, 21 Dec 2023 03:36:46 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DEDA66B0080; Thu, 21 Dec 2023 03:36:46 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id CFB7E6B007D for ; Thu, 21 Dec 2023 03:36:46 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id A70CB1A0C78 for ; Thu, 21 Dec 2023 08:36:46 +0000 (UTC) X-FDA: 81590169612.09.73794B6 Received: from dvalin.narfation.org (dvalin.narfation.org [213.160.73.56]) by imf21.hostedemail.com (Postfix) with ESMTP id D97671C0016 for ; Thu, 21 Dec 2023 08:36:43 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=narfation.org header.s=20121 header.b=WuZ9+WMP; dmarc=pass (policy=none) header.from=narfation.org; spf=pass (imf21.hostedemail.com: domain of sven@narfation.org designates 213.160.73.56 as permitted sender) smtp.mailfrom=sven@narfation.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703147804; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qwBeQpyRyJ5/M8fXdCU0FeKDVWyTbs52D0JEP2x1r60=; b=W+07+PYASek4xFd+OWqQZ8kdFfgMsq2q77fdY0SnQQv5cIqnmltaQletknRu3e3GBqxQmT Wgdwgc+rV3ZLl83pHohmmXksHIywaCXA7T+nMo4Y33SZdtmfC2Smxpn0uMIy7rafISA78T r9Exg2jmxwoibmRayrs8Y07ZnAVDawc= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=narfation.org header.s=20121 header.b=WuZ9+WMP; dmarc=pass (policy=none) header.from=narfation.org; spf=pass (imf21.hostedemail.com: domain of sven@narfation.org designates 213.160.73.56 as permitted sender) smtp.mailfrom=sven@narfation.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1703147804; a=rsa-sha256; cv=none; b=EFUA1ITEg52vWYOnzWmCUQN2oVXtMzyEyTO5zs4yHyN354y2JcjZfUH4NfHyrMTR74nZSA gyEw0qCo9v2RUQMrG18ICASy/+gSJHAe1YPXaJ3GGU+WpKrdWqENc2j82Z7Ws/dOMQ5ALm 7OtLCmGyrCIF3et+5yaU5nmTYaUpjGE= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=narfation.org; s=20121; t=1703147801; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=qwBeQpyRyJ5/M8fXdCU0FeKDVWyTbs52D0JEP2x1r60=; b=WuZ9+WMPFdpsFu52dmee2AnYWGiC7LQGsnGcv+H6O7QjW6d2yB0fF7bNeibEm7nrpdpp7c Vgpojn7FT/TRi6xtldUwEYSLPDo02PYuOef1SGXhOjgAIuw3F+fZYy12jcPQCatfgCnBtl BmVKMPJdjx65GGVfkKuMNOpGJWESc7A= From: Sven Eckelmann To: b.a.t.m.a.n@lists.open-mesh.org, Catalin Marinas Cc: Jinho Ju , netdev@vger.kernel.org, linux-mm@kvack.org Subject: Re: Fwd: Fwd: memory leak in batadv_iv_ogm_aggregate_new Date: Thu, 21 Dec 2023 09:36:38 +0100 Message-ID: <3458658.QJadu78ljV@ripper> In-Reply-To: References: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1877647.CQOukoFCf9"; micalg="pgp-sha512"; protocol="application/pgp-signature" X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: D97671C0016 X-Stat-Signature: bsnbjibzhytpi1ij8io5onff4ht69z41 X-HE-Tag: 1703147803-920163 X-HE-Meta: U2FsdGVkX1/qvud0Gx0lxp+T1lJtF613O6dxfYlQ1kmnztHBxcZrGfH8DkCkd5jK50sTS+t4A/o8+bb8oqKthkj2eeQThtuso5e9nHr6yEZeK6RbdFlfcd7LdSgzWndw3jxU6+nlsl2I4y3Psjle/rUvf0hi2ODCbA0G1o8G8It5RUJp/LiDKJrqH3uVck7rJLZ9CxwpL56ltE3eC2NlT9oVZjdV20ibEZinArUp0oJJhfQycfPfoUI917p6Qn5SDivSE1W1gk+OA9bnO0IjiLwR8f+fBNoPvfXmKPh68Xd5Y+I2nU6eaNlbinV7duJh2CAHMEDJ3ws/Xp0UaN5p+UKPgjFEO85cQ5RjFlp49i9w+iTrIAJqMO06YnViZI1vNtKwbmk2l73S8IFPUEg6y8BTZTk0pK9k/WlEZFEosAI4GTyLW18TK4tkRC9fk7ZP+hMtbDOf9V2mDMfCpytjAbktSzBz/JDAGf6EaC8z2etW6Ru/u3PIFyGbL4TOx9zNtVPLsYP3tDayhdZTMBC7n2WghOYp64LfOMzHnk9faQ+Cl3+3kk6aPnEBjZ9RHq868lcsUQzD8JZkQPrZMZyGT1DqspkR4Z6WZXu3PzCFM4Upurx7FjGSRHSFcMu6XIgYp/+7z1JwBX8TPVunXbcU/H2L1YFLeV+4+qFMkI8Xp9CA9vzYM/IRml2Ro2k2gyr5pF19nlgB8ZHznDfGtvduRs9ykmZQpcvgkNmZvgp9EikM7EcwlYI+65x7vUvYu4Pv1+yrAJObk+KdGivEV+O09zktNl4bm2T7MYTu923Be3622p+A1JFY+f7ODP5uNa12kKv+8BksuREATy0CqFd8a8a70Py6i+7hZ3p7cWvzlVzCiHGGx31oDlx08pAbwjOvryg0Byyuf7kOjYF0SOrCOW/YVpV7CepaQbHv5sVpqAnazzpfgQPzhp0BtFU16vNWyAZk+7KfuSV68Sif6I5 qXjAAsed uPBWZ+E0hXi6bR8A3uQANR14y58B2vTMHzSYTsGrM0hPu1MhtmM1n+jC2ZEBcIwkebB82aJtDs0+L6vjTTPQk4oeSgpV6PSA88euyrO3nZowNx6mWmQa71+OxHWe6moMgCPNFlKPQgaEk+BIUCNx7/ahAtrjL0WqYgWwJarPTZKfOIxqp9AUYDchzSX+luqkFjZKgHRz2EVoHU6lU29aWrR/R/yVljVt9U2xI0LtvFJaihKtIyzuFZlhqSmr0crXZUEDmufsM3rf8B0k= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: --nextPart1877647.CQOukoFCf9 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii"; protected-headers="v1" From: Sven Eckelmann Subject: Re: Fwd: Fwd: memory leak in batadv_iv_ogm_aggregate_new Date: Thu, 21 Dec 2023 09:36:38 +0100 Message-ID: <3458658.QJadu78ljV@ripper> MIME-Version: 1.0 On Thursday, 21 December 2023 06:52:01 CET Jinho Ju wrote: > Resending to everyone on the mailing list as per previous mail, adding some > things that were missing. > > Regarding the cause of the L2-related crash being detected by syzkaller, What crash? I can't see it in your mail [1] > I > can't say for sure - what I can say for sure at this point is that a > memleak occurring in L2 was detected by my personal syzkaller. Nothing tells you that the actual leak happened in layer 2. You only know that packets were generated in batman-adv and mac80211_hwsim. But nothing tells you what actually lost track of the skbuff (if that even happens). > Moving away from syzkaller for a moment and shifting the focus to memleak, > we have to assume that the conditions for this to occur are that they > reference the same network stack and are found in modules in L2, What do you mean with "reference the same network stack"? And no, nothing tells you that the culprit is actually something related to network layer 2. > but it > seems that when batman-adv is freed and returned while accessing and > processing a skb in veth (L3), veth is layer 2. > memleak occurs because it is trying to > reference the same skb, the veth freed skb. This doesn't make a lot of sense. batman-adv is not referencing the skb anymore after it was submitted to the underlying device. And if it would reference anything then it would not be a memleak. There are a lot of possibilities: * kmemleak cannot not handling transient queue state correctly while the namespace is destroyed (because it doesn't have a consistent memory state while it scans) * removing of the network namespace (used by the reproducers) might leak skbs which are currently passed around between the queues * there is an actual memory leak somewhere while the queued packets are processed * ... The first two option seem plausible to me because you can see "memory leaks" in for other things which regularly (and often) transmit packets in this namespace. In you log, this would hwsim which transmits beacons regularly (and often). I would guess that you see something similar when you use pktgen. It would now be interesting if you still see the memory leak if you mark all unfreed objects as grey and redo the scan: echo clear > /sys/kernel/debug/kmemleak echo scan > /sys/kernel/debug/kmemleak If you would still see it then we could rule out the first option. If not, then it is a false positive. Kind regards, Sven [1] https://lists.open-mesh.org/mailman3/hyperkitty/list/b.a.t.m.a.n@lists.open-mesh.org/thread/GLS6TCIPHIMWF2G6PVDEEK6UDVFB6UD2/ --nextPart1877647.CQOukoFCf9 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEF10rh2Elc9zjMuACXYcKB8Eme0YFAmWD+RcACgkQXYcKB8Em e0aoVxAAuhHv87k2P9ZTaWNGYewiXth1hgk2kl7s6+40pdIAKlszI11W8/KhIW3t LI1OqwOlgCRkpTrOKLTkeBNQIA+bYI88aXE51YpK63CAQ5okf4WJj+/VAXonUI8Z pgj5LcgCkEf9x7qtef+U6wtDHSD0ebe24C3Qrx2VIiA1Kf68jashgPkP89rwWFCd E7BDOm0idc2w8RTHzrYdCNnGMl2zhQa/0WmIb7HFJlbOWq6hh0nZZ7eHF2vIlJQQ B/HSHa8mSkSOvv4Rs2AEP9wyJi0dK07w+o3pNCuyfNd5gaEQMB9pTSHtYlBV/a5Y xOhmyymOpNzn6UkK2hvsCYib4uP8p/7FXxNLffBAkhsJ7/zQAz5QARRCEp1xUOc0 3mt1c/3GaC7magQPelNJUrYQK50PrYeyoibthNjcy6WFJ8alhbIvxgb0WBI9UD16 7uRZVbbx0NDPrF8W5RnBTH9UPYYEqr1rHZ13q+E857RQmmZXq59U2jsdMUje6GRu uyVDD3WPOR/3TozyvVbqAyEwjCzehaFn/vb/NOKOUIW+bqAVEzIPATsUr4Fy813z +0XaV+Yb4n0PBGv1gWyG7ZK6P/tesGEs+kFN7X6vfMDNzi9ZX4pmAYt9sbQmozE/ DtmwGd+wjxSMAKx/53edluuMjRYaqvEgi1qZ0bbuijOPQrnXYVw= =MRIv -----END PGP SIGNATURE----- --nextPart1877647.CQOukoFCf9--