Re: memory leak in gs_start_io

From: Greg KH
Date: Wed Dec 02 2020 - 00:43:05 EST

Next message: Sami Tolvanen: "Re: [PATCH v7 00/17] Add support for Clang LTO"
Previous message: Liu Ying: "[PATCH v2 3/4] clk: imx: clk-imx8qxp: Register DC0 display clocks with imx_clk_scu2()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 01, 2020 at 11:45:20PM -0500, Ertza Warraich wrote:
> We report a memory leak bug (in linux-5.8.13) found by FuzzUSB (a modified
> version of syzkaller).
>
> The bug report is as follows:
> ==================================================================
> BUG: memory leak
> unreferenced object 0xffff888069c12000 (size 128):
> comm "c4_fuzz", pid 2628, jiffies 4294945547 (age 774.450s)
> hex dump (first 32 bytes):
> b8 80 48 65 80 88 ff ff 00 7c f9 5b 80 88 ff ff ..He.....|.[....
> 00 7c af 64 80 88 ff ff 00 02 00 00 00 00 00 00 .|.d............
> backtrace:
> [<000000008f105b01>] kmemleak_alloc_recursive include/linux/kmemleak.h:43
> [inline]
> [<000000008f105b01>] slab_post_alloc_hook mm/slab.h:588 [inline]
> [<000000008f105b01>] slab_alloc_node mm/slub.c:2824 [inline]
> [<000000008f105b01>] slab_alloc mm/slub.c:2832 [inline]
> [<000000008f105b01>] kmem_cache_alloc_trace+0xfe/0x330 mm/slub.c:2849
> [<0000000081072efc>] kmalloc include/linux/slab.h:555 [inline]
> [<0000000081072efc>] kzalloc include/linux/slab.h:669 [inline]
> [<0000000081072efc>] dummy_alloc_request+0xa0/0x190
> drivers/usb/gadget/udc/dummy_hcd.c:663
> [<00000000b14438ed>] usb_ep_alloc_request+0x65/0x2c0
> drivers/usb/gadget/udc/core.c:178
> [<000000006b6ab221>] gs_alloc_req+0x28/0xd0
> drivers/usb/gadget/function/u_serial.c:166
> [<00000000999f9b54>] gs_alloc_requests+0x207/0x2f0
> drivers/usb/gadget/function/u_serial.c:517
> [<00000000eae934b0>] gs_start_io+0x134/0x2a0
> drivers/usb/gadget/function/u_serial.c:555
> [<00000000eec10774>] gs_open+0x323/0x440
> drivers/usb/gadget/function/u_serial.c:640
> [<00000000c27493c6>] tty_open+0x23c/0x870 drivers/tty/tty_io.c:2048
> [<0000000001954030>] chrdev_open+0x1e9/0x5b0 fs/char_dev.c:414
> [<000000002321ec1f>] do_dentry_open+0x434/0xf40 fs/open.c:828
> [<000000000de9bc50>] vfs_open+0x9a/0xc0 fs/open.c:942
> [<00000000b1e25f2d>] do_open fs/namei.c:3243 [inline]
> [<00000000b1e25f2d>] path_openat+0x1658/0x2570 fs/namei.c:3360
> [<00000000b7cea3b5>] do_filp_open+0x15e/0x210 fs/namei.c:3387
> [<00000000793cea2f>] do_sys_openat2+0x2e0/0x570 fs/open.c:1179
> [<0000000067f289f1>] do_sys_open+0x88/0xc0 fs/open.c:1195
> [<00000000937c31df>] ksys_open include/linux/syscalls.h:1388 [inline]
> [<00000000937c31df>] __do_sys_open fs/open.c:1201 [inline]
> [<00000000937c31df>] __se_sys_open fs/open.c:1199 [inline]
> [<00000000937c31df>] __x64_sys_open+0x79/0xb0 fs/open.c:1199
> ==================================================================

Nice, care to make up a fix for this now that you have a reproducer?

thanks,

greg k-h

Next message: Sami Tolvanen: "Re: [PATCH v7 00/17] Add support for Clang LTO"
Previous message: Liu Ying: "[PATCH v2 3/4] clk: imx: clk-imx8qxp: Register DC0 display clocks with imx_clk_scu2()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]