syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1349]
Subsystems
🐞 Fixed [7121]
🐞 Invalid [18826]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

memory leak in tipc_buf_acquire (2)

Status: auto-obsoleted due to no activity on 2026/05/17 17:03
Subsystems: tipc
[Documentation on labels]
First crash: 110d, last: 110d
Similar bugs (1)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in tipc_buf_acquire tipc 3 C 15 2538d 2562d 12/29 fixed on 2019/07/10 21:40
Last patch testing requests (2)
Created Duration User Patch Repo Result
2026/05/04 18:10 27m retest repro upstream OK log
2026/02/22 17:12 12m retest repro upstream report log

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888102443700 (size 704):
  comm "syz.1.18", pid 6181, jiffies 4294944356
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace (crc dfa53f23):
    kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]
    slab_post_alloc_hook mm/slub.c:4958 [inline]
    slab_alloc_node mm/slub.c:5263 [inline]
    kmem_cache_alloc_node_noprof+0x422/0x590 mm/slub.c:5315
    kmalloc_reserve+0xe6/0x180 net/core/skbuff.c:586
    __alloc_skb+0x10f/0x2b0 net/core/skbuff.c:690
    alloc_skb_fclone include/linux/skbuff.h:1433 [inline]
    tipc_buf_acquire+0x26/0x70 net/tipc/msg.c:72
    tipc_disc_create+0x78/0x1d0 net/tipc/discover.c:359
    tipc_enable_bearer+0x645/0x7f0 net/tipc/bearer.c:348
    __tipc_nl_bearer_enable+0x162/0x1b0 net/tipc/bearer.c:1047
    __tipc_nl_compat_doit+0x1b6/0x1e0 net/tipc/netlink_compat.c:371
    tipc_nl_compat_doit+0x74/0x100 net/tipc/netlink_compat.c:393
    tipc_nl_compat_handle net/tipc/netlink_compat.c:1214 [inline]
    tipc_nl_compat_recv+0x6d0/0x740 net/tipc/netlink_compat.c:1321
    genl_family_rcv_msg_doit+0x12e/0x1a0 net/netlink/genetlink.c:1115
    genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
    genl_rcv_msg+0x302/0x440 net/netlink/genetlink.c:1210
    netlink_rcv_skb+0x89/0x1c0 net/netlink/af_netlink.c:2550
    genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
    netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
    netlink_unicast+0x3a1/0x4f0 net/netlink/af_netlink.c:1344
    netlink_sendmsg+0x335/0x690 net/netlink/af_netlink.c:1894

BUG: memory leak
unreferenced object 0xffff88812daf0d00 (size 240):
  comm "softirq", pid 0, jiffies 4294944370
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 40 8e 27 81 88 ff ff 00 00 00 00 00 00 00 00  .@.'............
  backtrace (crc ef18e6c0):
    kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]
    slab_post_alloc_hook mm/slub.c:4958 [inline]
    slab_alloc_node mm/slub.c:5263 [inline]
    kmem_cache_alloc_noprof+0x412/0x580 mm/slub.c:5270
    skb_clone+0xae/0x2b0 net/core/skbuff.c:2088
    netem_enqueue+0xce3/0x16b0 net/sched/sch_netem.c:491
    dev_qdisc_enqueue+0x2b/0x100 net/core/dev.c:4147
    __dev_xmit_skb net/core/dev.c:4262 [inline]
    __dev_queue_xmit+0x10b3/0x1ab0 net/core/dev.c:4798
    dev_queue_xmit include/linux/netdevice.h:3381 [inline]
    tipc_l2_send_msg+0x119/0x160 net/tipc/bearer.c:516
    tipc_bearer_xmit_skb+0xc0/0x140 net/tipc/bearer.c:575
    tipc_disc_timeout+0x258/0x310 net/tipc/discover.c:338
    call_timer_fn+0x33/0x200 kernel/time/timer.c:1748
    expire_timers kernel/time/timer.c:1799 [inline]
    __run_timers+0x35e/0x440 kernel/time/timer.c:2373
    __run_timer_base kernel/time/timer.c:2385 [inline]
    __run_timer_base kernel/time/timer.c:2377 [inline]
    run_timer_base kernel/time/timer.c:2394 [inline]
    run_timer_softirq+0xb8/0x150 kernel/time/timer.c:2404
    handle_softirqs+0xe1/0x2a0 kernel/softirq.c:622
    __do_softirq kernel/softirq.c:656 [inline]
    invoke_softirq kernel/softirq.c:496 [inline]
    __irq_exit_rcu+0x91/0xb0 kernel/softirq.c:723
    instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
    sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1056
    asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697

BUG: memory leak
unreferenced object 0xffff888102442680 (size 704):
  comm "syz.2.19", pid 6184, jiffies 4294944377
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace (crc f2c07444):
    kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]
    slab_post_alloc_hook mm/slub.c:4958 [inline]
    slab_alloc_node mm/slub.c:5263 [inline]
    kmem_cache_alloc_node_noprof+0x422/0x590 mm/slub.c:5315
    kmalloc_reserve+0xe6/0x180 net/core/skbuff.c:586
    __alloc_skb+0x10f/0x2b0 net/core/skbuff.c:690
    alloc_skb_fclone include/linux/skbuff.h:1433 [inline]
    tipc_buf_acquire+0x26/0x70 net/tipc/msg.c:72
    tipc_disc_create+0x78/0x1d0 net/tipc/discover.c:359
    tipc_enable_bearer+0x645/0x7f0 net/tipc/bearer.c:348
    __tipc_nl_bearer_enable+0x162/0x1b0 net/tipc/bearer.c:1047
    __tipc_nl_compat_doit+0x1b6/0x1e0 net/tipc/netlink_compat.c:371
    tipc_nl_compat_doit+0x74/0x100 net/tipc/netlink_compat.c:393
    tipc_nl_compat_handle net/tipc/netlink_compat.c:1214 [inline]
    tipc_nl_compat_recv+0x6d0/0x740 net/tipc/netlink_compat.c:1321
    genl_family_rcv_msg_doit+0x12e/0x1a0 net/netlink/genetlink.c:1115
    genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]
    genl_rcv_msg+0x302/0x440 net/netlink/genetlink.c:1210
    netlink_rcv_skb+0x89/0x1c0 net/netlink/af_netlink.c:2550
    genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219
    netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
    netlink_unicast+0x3a1/0x4f0 net/netlink/af_netlink.c:1344
    netlink_sendmsg+0x335/0x690 net/netlink/af_netlink.c:1894

BUG: memory leak
unreferenced object 0xffff88812db65b00 (size 240):
  comm "softirq", pid 0, jiffies 4294944384
  hex dump (first 32 bytes):
    00 0d af 2d 81 88 ff ff 00 00 00 00 00 00 00 00  ...-............
    00 40 8e 27 81 88 ff ff 00 00 00 00 00 00 00 00  .@.'............
  backtrace (crc cc4e11e0):
    kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]
    slab_post_alloc_hook mm/slub.c:4958 [inline]
    slab_alloc_node mm/slub.c:5263 [inline]
    kmem_cache_alloc_noprof+0x412/0x580 mm/slub.c:5270
    skb_clone+0xae/0x2b0 net/core/skbuff.c:2088
    netem_enqueue+0xce3/0x16b0 net/sched/sch_netem.c:491
    dev_qdisc_enqueue+0x2b/0x100 net/core/dev.c:4147
    __dev_xmit_skb net/core/dev.c:4262 [inline]
    __dev_queue_xmit+0x10b3/0x1ab0 net/core/dev.c:4798
    dev_queue_xmit include/linux/netdevice.h:3381 [inline]
    tipc_l2_send_msg+0x119/0x160 net/tipc/bearer.c:516
    tipc_bearer_xmit_skb+0xc0/0x140 net/tipc/bearer.c:575
    tipc_disc_timeout+0x258/0x310 net/tipc/discover.c:338
    call_timer_fn+0x33/0x200 kernel/time/timer.c:1748
    expire_timers kernel/time/timer.c:1799 [inline]
    __run_timers+0x35e/0x440 kernel/time/timer.c:2373
    __run_timer_base kernel/time/timer.c:2385 [inline]
    __run_timer_base kernel/time/timer.c:2377 [inline]
    run_timer_base kernel/time/timer.c:2394 [inline]
    run_timer_softirq+0xb8/0x150 kernel/time/timer.c:2404
    handle_softirqs+0xe1/0x2a0 kernel/softirq.c:622
    __do_softirq kernel/softirq.c:656 [inline]
    invoke_softirq kernel/softirq.c:496 [inline]
    __irq_exit_rcu+0x91/0xb0 kernel/softirq.c:723
    instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
    sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1056
    asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697

BUG: memory leak
unreferenced object 0xffff88812db65200 (size 240):
  comm "softirq", pid 0, jiffies 4294944391
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 40 8f 27 81 88 ff ff 00 00 00 00 00 00 00 00  .@.'............
  backtrace (crc cc5d915c):
    kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]
    slab_post_alloc_hook mm/slub.c:4958 [inline]
    slab_alloc_node mm/slub.c:5263 [inline]
    kmem_cache_alloc_noprof+0x412/0x580 mm/slub.c:5270
    skb_clone+0xae/0x2b0 net/core/skbuff.c:2088
    netem_enqueue+0xce3/0x16b0 net/sched/sch_netem.c:491
    dev_qdisc_enqueue+0x2b/0x100 net/core/dev.c:4147
    __dev_xmit_skb net/core/dev.c:4262 [inline]
    __dev_queue_xmit+0x10b3/0x1ab0 net/core/dev.c:4798
    dev_queue_xmit include/linux/netdevice.h:3381 [inline]
    tipc_l2_send_msg+0x119/0x160 net/tipc/bearer.c:516
    tipc_bearer_xmit_skb+0xc0/0x140 net/tipc/bearer.c:575
    tipc_disc_timeout+0x258/0x310 net/tipc/discover.c:338
    call_timer_fn+0x33/0x200 kernel/time/timer.c:1748
    expire_timers kernel/time/timer.c:1799 [inline]
    __run_timers+0x35e/0x440 kernel/time/timer.c:2373
    __run_timer_base kernel/time/timer.c:2385 [inline]
    __run_timer_base kernel/time/timer.c:2377 [inline]
    run_timer_base kernel/time/timer.c:2394 [inline]
    run_timer_softirq+0xb8/0x150 kernel/time/timer.c:2404
    handle_softirqs+0xe1/0x2a0 kernel/softirq.c:622
    __do_softirq kernel/softirq.c:656 [inline]
    invoke_softirq kernel/softirq.c:496 [inline]
    __irq_exit_rcu+0x91/0xb0 kernel/softirq.c:723
    instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
    sysvec_apic_timer_interrupt+0x73/0x80 arch/x86/kernel/apic/apic.c:1056
    asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697

connection error: failed to recv *flatrpc.ExecutorMessageRawT: EOF

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/02/08 15:28 upstream e7aa57247700 4c131dc4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-gce-leak memory leak in tipc_buf_acquire
* Struck through repros no longer work on HEAD.