Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp1975316pxb; Wed, 30 Mar 2022 13:47:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz3TS04gYHYmVPAz6Hp8vnzHO4cswxt5b/nHS7cWWXSeB12x+PWBQHNG+WgrFfFYOfy/iZr X-Received: by 2002:a17:906:cc93:b0:6e0:afec:b005 with SMTP id oq19-20020a170906cc9300b006e0afecb005mr1538173ejb.219.1648673268221; Wed, 30 Mar 2022 13:47:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648673268; cv=none; d=google.com; s=arc-20160816; b=AXHzoxxWS4FecM0axm3Sz0HCg3500zCsvd3otRxQHy9vXIBQ4f45K0t/dpBZYOMEfr PASnTQFZL/xVtvksfWdK5FdhZ6aO4dMBDgvk7N3DooSF4SilvqaNXPLOLHzIvq6SYi5T k3GSP6PynIBxJ0+lRj68Q7O+JXdTF1lfROjjnSWM4ocZGG13/69WJQRqC0kzKnoUXHWq KbzF9txHk7DV9+/zGG9iBox8VnLFDWLZ+V7aM1pPIcZxQdhMxGIGv+rufQKjDh2oRtdx Q3HVQB1i0gIybUy+bSKEvsIq32Q2coqSZLcGlYq6yAMF3RCYUj0m4ESESN4gs5tDmFAo XtSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=2yviEcIR7PgUHc23Ev2DZwe04jzAIrvTMDNvd1qSiuE=; b=JqNdZ61Y0hUSdqQ7GIyAoE+gXymAfwU9evuRqn8s4k0MdhESMhYuv8POEPty4h57UN G6S8eH7USwyK7RxegPwOB1l98rO9rDr3ESqI1budUcY0FmbdsouCoyZgTtRU5WpRk2zw cakz+VBCPitLxuiO8LSH7Fthg6teBvLACWtVD9wDLo3jjpEu9mZ0DGwFNfphDUKtrROF l7G4Gucb/yG/4sqw//nSdUFLsGe90ddZXMv2QXbCGJpQ7XbEMuQ08vpFYngqbVWSY/nY 0R0gXMVuGLEJvJfi94u31HGjeeVsGnRnrRcKLfcVB3sRoySmJUYig5uWCOjONkksRmwH V68w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id pg28-20020a170907205c00b006df76385e2csi3010510ejb.716.2022.03.30.13.47.20; Wed, 30 Mar 2022 13:47:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243523AbiC3Hjo (ORCPT + 99 others); Wed, 30 Mar 2022 03:39:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33438 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235235AbiC3Hjh (ORCPT ); Wed, 30 Mar 2022 03:39:37 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF9D9E01F for ; Wed, 30 Mar 2022 00:37:50 -0700 (PDT) Received: from gallifrey.ext.pengutronix.de ([2001:67c:670:201:5054:ff:fe8d:eefb] helo=bjornoya.blackshift.org) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nZSte-0004cO-Sb; Wed, 30 Mar 2022 09:37:38 +0200 Received: from pengutronix.de (2a03-f580-87bc-d400-5314-bece-822a-622d.ip6.dokom21.de [IPv6:2a03:f580:87bc:d400:5314:bece:822a:622d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: mkl-all@blackshift.org) by smtp.blackshift.org (Postfix) with ESMTPSA id 585F256C47; Wed, 30 Mar 2022 07:37:36 +0000 (UTC) Date: Wed, 30 Mar 2022 09:37:35 +0200 From: Marc Kleine-Budde To: "Zhang, Qiang1" Cc: syzbot , "davem@davemloft.net" , "kuba@kernel.org" , "linux-can@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "netdev@vger.kernel.org" , "pabeni@redhat.com" , "pfink@christ-es.de" , "syzkaller-bugs@googlegroups.com" , "wg@grandegger.com" Subject: Re: [syzbot] memory leak in gs_usb_probe Message-ID: <20220330073735.tqfmyfgzyfbqmkpn@pengutronix.de> References: <000000000000bd6ee505db5cfec6@google.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="u2qbbpeazfhzmyv4" Content-Disposition: inline In-Reply-To: X-SA-Exim-Connect-IP: 2001:67c:670:201:5054:ff:fe8d:eefb X-SA-Exim-Mail-From: mkl@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-kernel@vger.kernel.org X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --u2qbbpeazfhzmyv4 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 30.03.2022 01:57:08, Zhang, Qiang1 wrote: > Hello, >=20 > syzbot found the following issue on: >=20 > HEAD commit: 52deda9551a0 Merge branch 'akpm' (patches from Andrew) > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=3D12b472dd700000 > kernel config: https://syzkaller.appspot.com/x/.config?x=3D9ca2a67ddb200= 27f > dashboard link: https://syzkaller.appspot.com/bug?extid=3D4d0ae90a195b269= f102d > compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binuti= ls for Debian) 2.35.2 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=3D12e96e1d700= 000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=3D12f8b513700000 >=20 > IMPORTANT: if you fix the issue, please add the following tag to the comm= it: > Reported-by: syzbot+4d0ae90a195b269f102d@syzkaller.appspotmail.com [...] > diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c > index 67408e316062..5234cfff84b8 100644 > --- a/drivers/net/can/usb/gs_usb.c > +++ b/drivers/net/can/usb/gs_usb.c > @@ -1092,6 +1092,7 @@ static struct gs_can *gs_make_candev(unsigned int c= hannel, > dev->data_bt_const.brp_inc =3D le32_to_cpu(bt_const_exten= ded->dbrp_inc); >=20 > dev->can.data_bittiming_const =3D &dev->data_bt_const; > + kfree(bt_const_extended); > } >=20 > SET_NETDEV_DEV(netdev, &intf->dev); I have already send a similar fix: | https://lore.kernel.org/all/20220329193450.659726-1-mkl@pengutronix.de regards, Marc --=20 Pengutronix e.K. | Marc Kleine-Budde | Embedded Linux | https://www.pengutronix.de | Vertretung West/Dortmund | Phone: +49-231-2826-924 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | --u2qbbpeazfhzmyv4 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEBsvAIBsPu6mG7thcrX5LkNig010FAmJECL0ACgkQrX5LkNig 010Jigf/UYHDKXYUu5jFycIr7rrBq8r5VIcDaqmDlplnJPSKchZQPkm8fh90b2yu jOzjOuWc7KPzuG6RQczoTAKnFP7kZDaCyTEnsIsoE9sdOmN/mpriPLADvRVt24Xq mdGz3n5YeqEjaX6Sc4qXOK2NuzDljYia+rN29+2hiTAehZ/ozKk+L4FDbOTqdA0+ p7onZyyAK1o9Gd0dj6oJ8uNXLuItZQpo+NiUZgfaHgbbcBNhjySxCiB/XPx1TkCw bh3EVHr76BVZ/81Vi2boNxNOLNSrVpe7PKPLf5VRVR/yED/9GVopYwiWJWT9TW28 yj1X0NbloZxb4RBfmBy2pnMwPe1J3g== =wJB8 -----END PGP SIGNATURE----- --u2qbbpeazfhzmyv4--