From: syzbot <syzbot+44e64397bd81d5e84cba@syzkaller.appspotmail.com>
To: linux-usb@vger.kernel.org, stern@rowland.harvard.edu,
syzkaller-bugs@googlegroups.com
Subject: Re: memory leak in hub_event
Date: Mon, 23 Nov 2020 11:42:11 -0800 [thread overview]
Message-ID: <000000000000e9843a05b4cb6330@google.com> (raw)
In-Reply-To: <20201123193230.GA718753@rowland.harvard.edu>
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
memory leak in usb_set_configuration
BUG: memory leak
unreferenced object 0xffff888125a13400 (size 1024):
comm "kworker/0:3", pid 8164, jiffies 4294944436 (age 13.610s)
hex dump (first 32 bytes):
08 c7 84 25 81 88 ff ff 08 c7 84 25 81 88 ff ff ...%.......%....
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<0000000042c26fbc>] kmalloc include/linux/slab.h:552 [inline]
[<0000000042c26fbc>] kzalloc include/linux/slab.h:664 [inline]
[<0000000042c26fbc>] usb_set_configuration+0x18c/0xb90 drivers/usb/core/message.c:1987
[<00000000df7c22fc>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<00000000dbc03c2e>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
[<0000000061119d56>] really_probe+0x159/0x480 drivers/base/dd.c:554
[<000000009f962ea9>] driver_probe_device+0x84/0x100 drivers/base/dd.c:738
[<000000001459c72b>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:844
[<000000000532b098>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
[<00000000910da3ce>] __device_attach+0x122/0x250 drivers/base/dd.c:912
[<0000000072e90711>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
[<000000005cbbd88c>] device_add+0x5ac/0xc30 drivers/base/core.c:2936
[<00000000e7bc8059>] usb_new_device.cold+0x166/0x578 drivers/usb/core/hub.c:2554
[<00000000d9415aa4>] hub_port_connect drivers/usb/core/hub.c:5222 [inline]
[<00000000d9415aa4>] hub_port_connect_change drivers/usb/core/hub.c:5362 [inline]
[<00000000d9415aa4>] port_event drivers/usb/core/hub.c:5508 [inline]
[<00000000d9415aa4>] hub_event+0x144a/0x20d0 drivers/usb/core/hub.c:5590
[<000000004f0d05ee>] process_one_work+0x27d/0x590 kernel/workqueue.c:2272
[<00000000a8771f1e>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2418
[<00000000b8ee2caf>] kthread+0x178/0x1b0 kernel/kthread.c:292
[<00000000e31b0818>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
BUG: memory leak
unreferenced object 0xffff88812592c340 (size 32):
comm "kworker/0:3", pid 8164, jiffies 4294944436 (age 13.610s)
hex dump (first 32 bytes):
33 2d 31 3a 30 2e 30 00 00 00 00 00 00 00 00 00 3-1:0.0.........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<0000000045f13983>] kvasprintf+0x6c/0xf0 lib/kasprintf.c:25
[<0000000044941061>] kvasprintf_const+0x58/0x110 lib/kasprintf.c:49
[<00000000c19829d3>] kobject_set_name_vargs+0x3b/0xe0 lib/kobject.c:289
[<00000000b2f7d014>] dev_set_name+0x63/0x90 drivers/base/core.c:2722
[<0000000071eb3ed0>] usb_set_configuration+0x6be/0xb90 drivers/usb/core/message.c:2094
[<00000000df7c22fc>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<00000000dbc03c2e>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
[<0000000061119d56>] really_probe+0x159/0x480 drivers/base/dd.c:554
[<000000009f962ea9>] driver_probe_device+0x84/0x100 drivers/base/dd.c:738
[<000000001459c72b>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:844
[<000000000532b098>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
[<00000000910da3ce>] __device_attach+0x122/0x250 drivers/base/dd.c:912
[<0000000072e90711>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
[<000000005cbbd88c>] device_add+0x5ac/0xc30 drivers/base/core.c:2936
[<00000000e7bc8059>] usb_new_device.cold+0x166/0x578 drivers/usb/core/hub.c:2554
[<00000000d9415aa4>] hub_port_connect drivers/usb/core/hub.c:5222 [inline]
[<00000000d9415aa4>] hub_port_connect_change drivers/usb/core/hub.c:5362 [inline]
[<00000000d9415aa4>] port_event drivers/usb/core/hub.c:5508 [inline]
[<00000000d9415aa4>] hub_event+0x144a/0x20d0 drivers/usb/core/hub.c:5590
BUG: memory leak
unreferenced object 0xffff888125a0b300 (size 256):
comm "kworker/0:3", pid 8164, jiffies 4294944441 (age 13.560s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 08 b3 a0 25 81 88 ff ff ...........%....
08 b3 a0 25 81 88 ff ff f0 8b 58 82 ff ff ff ff ...%......X.....
backtrace:
[<000000009575797b>] kmalloc include/linux/slab.h:552 [inline]
[<000000009575797b>] kzalloc include/linux/slab.h:664 [inline]
[<000000009575797b>] device_private_init drivers/base/core.c:2778 [inline]
[<000000009575797b>] device_add+0x7e8/0xc30 drivers/base/core.c:2828
[<000000009e05d7ea>] usb_set_configuration+0x9de/0xb90 drivers/usb/core/message.c:2159
[<00000000df7c22fc>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<00000000dbc03c2e>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
[<0000000061119d56>] really_probe+0x159/0x480 drivers/base/dd.c:554
[<000000009f962ea9>] driver_probe_device+0x84/0x100 drivers/base/dd.c:738
[<000000001459c72b>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:844
[<000000000532b098>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
[<00000000910da3ce>] __device_attach+0x122/0x250 drivers/base/dd.c:912
[<0000000072e90711>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
[<000000005cbbd88c>] device_add+0x5ac/0xc30 drivers/base/core.c:2936
[<00000000e7bc8059>] usb_new_device.cold+0x166/0x578 drivers/usb/core/hub.c:2554
[<00000000d9415aa4>] hub_port_connect drivers/usb/core/hub.c:5222 [inline]
[<00000000d9415aa4>] hub_port_connect_change drivers/usb/core/hub.c:5362 [inline]
[<00000000d9415aa4>] port_event drivers/usb/core/hub.c:5508 [inline]
[<00000000d9415aa4>] hub_event+0x144a/0x20d0 drivers/usb/core/hub.c:5590
[<000000004f0d05ee>] process_one_work+0x27d/0x590 kernel/workqueue.c:2272
[<00000000a8771f1e>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2418
[<00000000b8ee2caf>] kthread+0x178/0x1b0 kernel/kthread.c:292
BUG: memory leak
unreferenced object 0xffff888125b55800 (size 2048):
comm "kworker/0:1", pid 7, jiffies 4294944569 (age 12.280s)
hex dump (first 32 bytes):
ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1...........
00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................
backtrace:
[<00000000dad779b6>] kmalloc include/linux/slab.h:552 [inline]
[<00000000dad779b6>] kzalloc include/linux/slab.h:664 [inline]
[<00000000dad779b6>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582
[<000000006a07019b>] hub_port_connect drivers/usb/core/hub.c:5128 [inline]
[<000000006a07019b>] hub_port_connect_change drivers/usb/core/hub.c:5362 [inline]
[<000000006a07019b>] port_event drivers/usb/core/hub.c:5508 [inline]
[<000000006a07019b>] hub_event+0x118d/0x20d0 drivers/usb/core/hub.c:5590
[<000000004f0d05ee>] process_one_work+0x27d/0x590 kernel/workqueue.c:2272
[<00000000a8771f1e>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2418
[<00000000b8ee2caf>] kthread+0x178/0x1b0 kernel/kthread.c:292
[<00000000e31b0818>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Tested on:
commit: 4d02da97 Merge tag 'net-5.10-rc5' of git://git.kernel.org/..
git tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
console output: https://syzkaller.appspot.com/x/log.txt?x=12436fde500000
kernel config: https://syzkaller.appspot.com/x/.config?x=b29e92cdfa2687df
dashboard link: https://syzkaller.appspot.com/bug?extid=44e64397bd81d5e84cba
compiler: gcc (GCC) 10.1.0-syz 20200507
patch: https://syzkaller.appspot.com/x/patch.diff?x=1197fc2d500000
next prev parent reply other threads:[~2020-11-23 19:42 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-20 15:15 memory leak in hub_event syzbot
2020-11-20 16:56 ` Alan Stern
2020-11-20 16:56 ` syzbot
2020-11-20 17:00 ` Alan Stern
2020-11-23 18:29 ` Andrey Konovalov
2020-11-23 18:44 ` syzbot
2020-11-23 19:32 ` Alan Stern
2020-11-23 19:42 ` syzbot [this message]
2020-11-23 19:53 ` Alan Stern
2020-11-23 20:01 ` syzbot
2020-11-23 20:38 ` Alan Stern
2020-11-23 20:48 ` syzbot
2020-11-23 21:53 ` Alan Stern
2020-11-23 22:09 ` syzbot
2020-11-23 22:24 ` Alan Stern
2020-11-24 11:38 ` Hans Verkuil
2020-11-24 16:00 ` [PATCH] media: gspca: Fix memory leak in probe Alan Stern
2020-12-02 8:58 ` Hans Verkuil
2020-12-02 17:20 ` [PATCH v2] " Alan Stern
2020-12-02 16:22 ` memory leak in hub_event Alan Stern
2020-12-02 16:37 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=000000000000e9843a05b4cb6330@google.com \
--to=syzbot+44e64397bd81d5e84cba@syzkaller.appspotmail.com \
--cc=linux-usb@vger.kernel.org \
--cc=stern@rowland.harvard.edu \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.