From: Xin Long
Date: Wed, 13 Mar 2019 17:00:48 +0800
> sk_setup_caps() is called to set sk->sk_dst_cache in pptp_connect,
> so we have to dst_release(sk->sk_dst_cache) in pptp_sock_destruct,
> otherwise, the dst refcnt will leak.
>
> It can be reproduced by this syz log:
>
> r1 = socket$pptp(
sk_setup_caps() is called to set sk->sk_dst_cache in pptp_connect,
so we have to dst_release(sk->sk_dst_cache) in pptp_sock_destruct,
otherwise, the dst refcnt will leak.
It can be reproduced by this syz log:
r1 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r1, &(0x7f000100)={0x18, 0x2, {0x0, @
