Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp809697pxp; Fri, 11 Mar 2022 15:45:33 -0800 (PST) X-Google-Smtp-Source: ABdhPJzN9jAXygnmd+gPTsmrQt4jERGl8ynjcsjo6fPlP4Kg0N+fyafWHUEFfT7yltKd3Hha1+wZ X-Received: by 2002:a62:be1a:0:b0:4f4:c50:4209 with SMTP id l26-20020a62be1a000000b004f40c504209mr12421572pff.64.1647042333623; Fri, 11 Mar 2022 15:45:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1647042333; cv=none; d=google.com; s=arc-20160816; b=G09E/F7U9ja6cH6Ici/hCgQabzZcnfLUokR9zZ8JtzENCRiKltqQHojOddURKHn65y zQ3vt+ZLFPzC+l3nDZcof2EPw2uwTd7cihAbMUlLw236RGXJxwj1+UMCeqLPdK1XAkfj MTDCkOoBkS8av5AG44Z1uKHFHcVRHJGGpBLl1C33k/OqMItXEOCPJ/Y/ewlDV9mG1+El hpvI1gfCY3MfPMW6DNJFTHWkIUgjRCK4tCHeTFwllb84wmgXr8oSvLoWqT10g4bpIIcj rF4L1RjF97AaVvErpqzmzsRNbdRbuNzrJPEDktiQAGz+pZnC+GYONn8KDvb5c3FjR71T U2xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:from:subject:message-id:in-reply-to:date :mime-version; bh=2Q57z1F8XAilR8GwXp2jj5N7XCSKupWDFaXmEOuADRs=; b=nty0nf3Pd6uVQgsqXnKW2T79anNr/Iaw1k9/7HqQWaXRXw+f5xvVAvcV7BRdMSPhji eEsAxKRkW8QO0g52kIQFHPOHww9kQ0z+fHAA6+Knfls55IH+NFAHLehUUSZF6wxcoqoB z0YU5rCj1DfVnNV9n3mNL/V92mDiLrMRiUTZE95pPeJuhpWsk6ZxpMkulJmQvEgkDbRP 3jEEL1nFo7Z0xP1a8vzYusKxb3O1gHOpnuZLWs4n9C93/iQVgaoYDin7Eqj2rx6cEQOn PJfWaoJdsRVErQCr3m78GwW6RyZIZLbN09B/T6E6UwdnjIPZecFCwL3w8etklY67uZV5 Uefw== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id j190-20020a6380c7000000b00380fd0f07b7si4394605pgd.340.2022.03.11.15.45.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 11 Mar 2022 15:45:33 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id ED5504ECD7; Fri, 11 Mar 2022 15:02:29 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229924AbiCKXD0 (ORCPT + 99 others); Fri, 11 Mar 2022 18:03:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59936 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230107AbiCKXDR (ORCPT ); Fri, 11 Mar 2022 18:03:17 -0500 Received: from mail-il1-f200.google.com (mail-il1-f200.google.com [209.85.166.200]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C8831647D for ; Fri, 11 Mar 2022 14:58:22 -0800 (PST) Received: by mail-il1-f200.google.com with SMTP id x6-20020a923006000000b002bea39c3974so6443346ile.12 for ; Fri, 11 Mar 2022 14:58:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:date:in-reply-to:message-id:subject :from:to; bh=2Q57z1F8XAilR8GwXp2jj5N7XCSKupWDFaXmEOuADRs=; b=YcPKmhVmogr4u5WqPKgjiKkDhN3WlHQS6nwheJbL1WJnBuPh7VWuPKIntRVYeTG5iK d/ZwxAzMZm4n8Cffe5aLPzaPtMl6Ybcj05GUPSonsSf3mnpIh8BB+qvWhsXcGfvCVXqP 7UjvOIlk4tA9GPGLxIXFLL0kquQxMQlTvSdai7Igrgh0W4twoKti1DL2avJyVd8Yghb6 3MDyfKA9IN0aq/m+VX9RxQ4zulMXlxruVG7Qa9I5dKBgCatv6iL66aNy76Hxr5Clv+zW 1Kr5eFOsaFfxjyiliOZOR3i6VN4mz6A1it5du+9eCi/BFCYmUUYGZ7BuQ9M1brkAnCo7 jMKg== X-Gm-Message-State: AOAM533GvXs4Y5+6jOxRytrUaEwt0fA6oZwHuVkgB8Dy1kR6rtVvdC35 lmJ9/pYTEOv5cE1EZ+SmeMuGpKksT/CcIBNDLcKX8TxukAVP MIME-Version: 1.0 X-Received: by 2002:a05:6e02:1447:b0:2c6:7e8b:6ff8 with SMTP id p7-20020a056e02144700b002c67e8b6ff8mr8132718ilo.178.1647033009715; Fri, 11 Mar 2022 13:10:09 -0800 (PST) Date: Fri, 11 Mar 2022 13:10:09 -0800 In-Reply-To: X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <0000000000007a3fb305d9f7c1bd@google.com> Subject: Re: [syzbot] memory leak in usb_get_configuration From: syzbot To: gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org, pavel.hofman@ivitera.com, rob@robgreener.com, stern@rowland.harvard.edu, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_00,FROM_LOCAL_HEX, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SORTED_RECIPS,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, syzbot has tested the proposed patch but the reproducer is still triggering an issue: memory leak in usb_get_configuration BUG: memory leak unreferenced object 0xffff8881128c0320 (size 32): comm "kworker/1:1", pid 25, jiffies 4294943657 (age 15.110s) hex dump (first 32 bytes): 09 02 12 00 01 00 00 00 00 09 04 00 00 00 d0 bb ................ 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 :............... backtrace: [] kmalloc include/linux/slab.h:586 [inline] [] usb_get_configuration+0x1c7/0x1cd0 drivers/usb/core/config.c:919 [] usb_enumerate_device drivers/usb/core/hub.c:2398 [inline] [] usb_new_device+0x1a9/0x2e0 drivers/usb/core/hub.c:2536 [] hub_port_connect drivers/usb/core/hub.c:5358 [inline] [] hub_port_connect_change drivers/usb/core/hub.c:5502 [inline] [] port_event drivers/usb/core/hub.c:5660 [inline] [] hub_event+0x1364/0x21a0 drivers/usb/core/hub.c:5742 [] process_one_work+0x2bf/0x600 kernel/workqueue.c:2307 [] worker_thread+0x59/0x5b0 kernel/workqueue.c:2454 [] kthread+0x125/0x160 kernel/kthread.c:377 [] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 BUG: memory leak unreferenced object 0xffff888108eeb640 (size 64): comm "kworker/1:1", pid 25, jiffies 4294943661 (age 15.080s) hex dump (first 32 bytes): 01 00 00 00 01 00 00 00 09 04 00 00 00 d0 bb 3a ...............: 00 00 00 00 00 00 00 00 32 03 8c 12 81 88 ff ff ........2....... backtrace: [] kmalloc include/linux/slab.h:586 [inline] [] kzalloc include/linux/slab.h:714 [inline] [] usb_parse_configuration drivers/usb/core/config.c:772 [inline] [] usb_get_configuration+0x7bd/0x1cd0 drivers/usb/core/config.c:944 [] usb_enumerate_device drivers/usb/core/hub.c:2398 [inline] [] usb_new_device+0x1a9/0x2e0 drivers/usb/core/hub.c:2536 [] hub_port_connect drivers/usb/core/hub.c:5358 [inline] [] hub_port_connect_change drivers/usb/core/hub.c:5502 [inline] [] port_event drivers/usb/core/hub.c:5660 [inline] [] hub_event+0x1364/0x21a0 drivers/usb/core/hub.c:5742 [] process_one_work+0x2bf/0x600 kernel/workqueue.c:2307 [] worker_thread+0x59/0x5b0 kernel/workqueue.c:2454 [] kthread+0x125/0x160 kernel/kthread.c:377 [] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 BUG: memory leak unreferenced object 0xffff888112a7bf00 (size 64): comm "kworker/1:2", pid 1569, jiffies 4294944314 (age 8.550s) hex dump (first 32 bytes): 01 00 00 00 01 00 00 00 09 04 00 00 00 d0 bb 3a ...............: 00 00 00 00 00 00 00 00 52 66 72 12 81 88 ff ff ........Rfr..... backtrace: [] kmalloc include/linux/slab.h:586 [inline] [] kzalloc include/linux/slab.h:714 [inline] [] usb_parse_configuration drivers/usb/core/config.c:772 [inline] [] usb_get_configuration+0x7bd/0x1cd0 drivers/usb/core/config.c:944 [] usb_enumerate_device drivers/usb/core/hub.c:2398 [inline] [] usb_new_device+0x1a9/0x2e0 drivers/usb/core/hub.c:2536 [] hub_port_connect drivers/usb/core/hub.c:5358 [inline] [] hub_port_connect_change drivers/usb/core/hub.c:5502 [inline] [] port_event drivers/usb/core/hub.c:5660 [inline] [] hub_event+0x1364/0x21a0 drivers/usb/core/hub.c:5742 [] process_one_work+0x2bf/0x600 kernel/workqueue.c:2307 [] worker_thread+0x59/0x5b0 kernel/workqueue.c:2454 [] kthread+0x125/0x160 kernel/kthread.c:377 [] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 Tested on: commit: 0014404f Merge branch 'akpm' (patches from Andrew) git tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ console output: https://syzkaller.appspot.com/x/log.txt?x=155954d9700000 kernel config: https://syzkaller.appspot.com/x/.config?x=3f0a704147ec8e32 dashboard link: https://syzkaller.appspot.com/bug?extid=f0fae482604e6d9a87c9 compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 patch: https://syzkaller.appspot.com/x/patch.diff?x=1005e709700000