memory leak in usb_urb

memory leak in usb_urb_init
Status: upstream: reported C repro on 2021/01/05 02:49
Reported-by: syzbot+3c2be7424cea3b932b0e@syzkaller.appspotmail.com
Fix commit: b7cd0da982e3 media: dvb-usb: fix memory leak in dvb_usb_adapter_init
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32]
First crash: 208d, last: 208d

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2021/03/28 16:57	15m	paskripkin@gmail.com		https://linux.googlesource.com/linux/kernel/git/torvalds/linux refs/changes/38/9538/1	OK
2021/03/25 21:12	8m	igormtorrente@gmail.com		https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master	report log

Sample crash report:

BUG: memory leak
unreferenced object 0xffff888114a12180 (size 192):
  comm "kworker/1:3", pid 8132, jiffies 4294980969 (age 13.460s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 98 21 a1 14 81 88 ff ff  .........!......
  backtrace:
    [<00000000270adc89>] kmalloc include/linux/slab.h:557 [inline]
    [<00000000270adc89>] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74
    [<000000007ddd474e>] usb_bulk_urb_init drivers/media/usb/dvb-usb/usb-urb.c:148 [inline]
    [<000000007ddd474e>] usb_urb_init+0x17a/0x3d0 drivers/media/usb/dvb-usb/usb-urb.c:229
    [<00000000bdcce353>] dvb_usb_adapter_stream_init+0x5b/0x120 drivers/media/usb/dvb-usb/dvb-usb-urb.c:108
    [<00000000adc3ae74>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:82 [inline]
    [<00000000adc3ae74>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
    [<00000000adc3ae74>] dvb_usb_device_init.cold+0x483/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
    [<00000000979fb93a>] m920x_probe+0x1d7/0x470 drivers/media/usb/dvb-usb/m920x.c:834
    [<00000000dc58d155>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<0000000011b900cd>] really_probe+0x159/0x480 drivers/base/dd.c:561
    [<000000003bf38880>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
    [<000000003450ad28>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
    [<000000005a93a91d>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<0000000058084795>] __device_attach+0x122/0x250 drivers/base/dd.c:919
    [<00000000e0d09782>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<000000004566d8b7>] device_add+0x5be/0xc30 drivers/base/core.c:3091
    [<000000000471371f>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<00000000d93dc50f>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<00000000a0057c67>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293

BUG: memory leak
unreferenced object 0xffff888114a126c0 (size 192):
  comm "kworker/1:3", pid 8132, jiffies 4294980969 (age 13.460s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 d8 26 a1 14 81 88 ff ff  .........&......
  backtrace:
    [<00000000270adc89>] kmalloc include/linux/slab.h:557 [inline]
    [<00000000270adc89>] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74
    [<000000007ddd474e>] usb_bulk_urb_init drivers/media/usb/dvb-usb/usb-urb.c:148 [inline]
    [<000000007ddd474e>] usb_urb_init+0x17a/0x3d0 drivers/media/usb/dvb-usb/usb-urb.c:229
    [<00000000bdcce353>] dvb_usb_adapter_stream_init+0x5b/0x120 drivers/media/usb/dvb-usb/dvb-usb-urb.c:108
    [<00000000adc3ae74>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:82 [inline]
    [<00000000adc3ae74>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
    [<00000000adc3ae74>] dvb_usb_device_init.cold+0x483/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
    [<00000000979fb93a>] m920x_probe+0x1d7/0x470 drivers/media/usb/dvb-usb/m920x.c:834
    [<00000000dc58d155>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<0000000011b900cd>] really_probe+0x159/0x480 drivers/base/dd.c:561
    [<000000003bf38880>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
    [<000000003450ad28>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
    [<000000005a93a91d>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<0000000058084795>] __device_attach+0x122/0x250 drivers/base/dd.c:919
    [<00000000e0d09782>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<000000004566d8b7>] device_add+0x5be/0xc30 drivers/base/core.c:3091
    [<000000000471371f>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<00000000d93dc50f>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<00000000a0057c67>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293

BUG: memory leak
unreferenced object 0xffff888114bbf900 (size 192):
  comm "kworker/1:3", pid 8132, jiffies 4294980969 (age 13.460s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 18 f9 bb 14 81 88 ff ff  ................
  backtrace:
    [<00000000270adc89>] kmalloc include/linux/slab.h:557 [inline]
    [<00000000270adc89>] usb_alloc_urb+0x66/0xe0 drivers/usb/core/urb.c:74
    [<000000007ddd474e>] usb_bulk_urb_init drivers/media/usb/dvb-usb/usb-urb.c:148 [inline]
    [<000000007ddd474e>] usb_urb_init+0x17a/0x3d0 drivers/media/usb/dvb-usb/usb-urb.c:229
    [<00000000bdcce353>] dvb_usb_adapter_stream_init+0x5b/0x120 drivers/media/usb/dvb-usb/dvb-usb-urb.c:108
    [<00000000adc3ae74>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:82 [inline]
    [<00000000adc3ae74>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
    [<00000000adc3ae74>] dvb_usb_device_init.cold+0x483/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
    [<00000000979fb93a>] m920x_probe+0x1d7/0x470 drivers/media/usb/dvb-usb/m920x.c:834
    [<00000000dc58d155>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<0000000011b900cd>] really_probe+0x159/0x480 drivers/base/dd.c:561
    [<000000003bf38880>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
    [<000000003450ad28>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
    [<000000005a93a91d>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<0000000058084795>] __device_attach+0x122/0x250 drivers/base/dd.c:919
    [<00000000e0d09782>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<000000004566d8b7>] device_add+0x5be/0xc30 drivers/base/core.c:3091
    [<000000000471371f>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<00000000d93dc50f>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<00000000a0057c67>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293

Crashes (1):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-gce-leak	2021/01/01 02:42	upstream	f6e1ea196492	79264ae3	.config	log	report	syz	C