memory leak in usb_urb_init

From: syzbot
Date: Mon Jan 04 2021 - 21:50:08 EST

Next message: Stephen Rothwell: "linux-next: Tree for Jan 5"
Previous message: dinghao . liu: "Re: Re: [PATCH] iommu/intel: Fix memleak in intel_irq_remapping_alloc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

syzbot found the following issue on:

HEAD commit: f6e1ea19 Merge tag 'ceph-for-5.11-rc2' of git://github.com..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=102e814f500000
kernel config: https://syzkaller.appspot.com/x/.config?x=1dcbf163b62a8256
dashboard link: https://syzkaller.appspot.com/bug?extid=3c2be7424cea3b932b0e
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1509c9c0d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12e15e0b500000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3c2be7424cea3b932b0e@xxxxxxxxxxxxxxxxxxxxxxxxx

BUG: memory leak
unreferenced object 0xffff888114a12180 (size 192):
comm "kworker/1:3", pid 8132, jiffies 4294980969 (age 13.460s)
hex dump (first 32 bytes):
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 98 21 a1 14 81 88 ff ff .........!......
backtrace:
[<00000000270adc89>] kmalloc include/linux/slab.h:557 [inline]
[<00000000270adc89>] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74
[<000000007ddd474e>] usb_bulk_urb_init drivers/media/usb/dvb-usb/usb-urb.c:148 [inline]
[<000000007ddd474e>] usb_urb_init+0x17a/0x3d0 drivers/media/usb/dvb-usb/usb-urb.c:229
[<00000000bdcce353>] dvb_usb_adapter_stream_init+0x5b/0x120 drivers/media/usb/dvb-usb/dvb-usb-urb.c:108
[<00000000adc3ae74>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:82 [inline]
[<00000000adc3ae74>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
[<00000000adc3ae74>] dvb_usb_device_init.cold+0x483/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
[<00000000979fb93a>] m920x_probe+0x1d7/0x470 drivers/media/usb/dvb-usb/m920x.c:834
[<00000000dc58d155>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
[<0000000011b900cd>] really_probe+0x159/0x480 drivers/base/dd.c:561
[<000000003bf38880>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
[<000000003450ad28>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
[<000000005a93a91d>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
[<0000000058084795>] __device_attach+0x122/0x250 drivers/base/dd.c:919
[<00000000e0d09782>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
[<000000004566d8b7>] device_add+0x5be/0xc30 drivers/base/core.c:3091
[<000000000471371f>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
[<00000000d93dc50f>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<00000000a0057c67>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293

BUG: memory leak
unreferenced object 0xffff888114a126c0 (size 192):
comm "kworker/1:3", pid 8132, jiffies 4294980969 (age 13.460s)
hex dump (first 32 bytes):
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 d8 26 a1 14 81 88 ff ff .........&......
backtrace:
[<00000000270adc89>] kmalloc include/linux/slab.h:557 [inline]
[<00000000270adc89>] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74
[<000000007ddd474e>] usb_bulk_urb_init drivers/media/usb/dvb-usb/usb-urb.c:148 [inline]
[<000000007ddd474e>] usb_urb_init+0x17a/0x3d0 drivers/media/usb/dvb-usb/usb-urb.c:229
[<00000000bdcce353>] dvb_usb_adapter_stream_init+0x5b/0x120 drivers/media/usb/dvb-usb/dvb-usb-urb.c:108
[<00000000adc3ae74>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:82 [inline]
[<00000000adc3ae74>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
[<00000000adc3ae74>] dvb_usb_device_init.cold+0x483/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
[<00000000979fb93a>] m920x_probe+0x1d7/0x470 drivers/media/usb/dvb-usb/m920x.c:834
[<00000000dc58d155>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
[<0000000011b900cd>] really_probe+0x159/0x480 drivers/base/dd.c:561
[<000000003bf38880>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
[<000000003450ad28>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
[<000000005a93a91d>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
[<0000000058084795>] __device_attach+0x122/0x250 drivers/base/dd.c:919
[<00000000e0d09782>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
[<000000004566d8b7>] device_add+0x5be/0xc30 drivers/base/core.c:3091
[<000000000471371f>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
[<00000000d93dc50f>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<00000000a0057c67>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293

BUG: memory leak
unreferenced object 0xffff888114bbf900 (size 192):
comm "kworker/1:3", pid 8132, jiffies 4294980969 (age 13.460s)
hex dump (first 32 bytes):
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 18 f9 bb 14 81 88 ff ff ................
backtrace:
[<00000000270adc89>] kmalloc include/linux/slab.h:557 [inline]
[<00000000270adc89>] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74
[<000000007ddd474e>] usb_bulk_urb_init drivers/media/usb/dvb-usb/usb-urb.c:148 [inline]
[<000000007ddd474e>] usb_urb_init+0x17a/0x3d0 drivers/media/usb/dvb-usb/usb-urb.c:229
[<00000000bdcce353>] dvb_usb_adapter_stream_init+0x5b/0x120 drivers/media/usb/dvb-usb/dvb-usb-urb.c:108
[<00000000adc3ae74>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:82 [inline]
[<00000000adc3ae74>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
[<00000000adc3ae74>] dvb_usb_device_init.cold+0x483/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
[<00000000979fb93a>] m920x_probe+0x1d7/0x470 drivers/media/usb/dvb-usb/m920x.c:834
[<00000000dc58d155>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
[<0000000011b900cd>] really_probe+0x159/0x480 drivers/base/dd.c:561
[<000000003bf38880>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
[<000000003450ad28>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
[<000000005a93a91d>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
[<0000000058084795>] __device_attach+0x122/0x250 drivers/base/dd.c:919
[<00000000e0d09782>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
[<000000004566d8b7>] device_add+0x5be/0xc30 drivers/base/core.c:3091
[<000000000471371f>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
[<00000000d93dc50f>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<00000000a0057c67>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@xxxxxxxxxxxxxxxx.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches

Next message: Stephen Rothwell: "linux-next: Tree for Jan 5"
Previous message: dinghao . liu: "Re: Re: [PATCH] iommu/intel: Fix memleak in intel_irq_remapping_alloc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]