memory leak in __usbhid_submit

memory leak in __usbhid_submit_report
Status: upstream: reported C repro on 2020/11/11 13:55
Reported-by: syzbot+47b26cd837ececfc666d@syzkaller.appspotmail.com
Fix commit: f7744fa16b96 HID: usbhid: free raw_report buffers in usbhid_stop
Patched on: [ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-riscv64 ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386]
First crash: 312d, last: 17d

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2021/06/22 15:08	16m	mail@anirudhrb.com	patch	upstream	report log
2021/06/22 11:50	8m	mail@anirudhrb.com	patch	upstream	report log
2021/06/21 17:55	9m	mail@anirudhrb.com		upstream	report log
2021/06/21 17:04	15m	mail@anirudhrb.com		linux-next	error

Sample crash report:

BUG: memory leak
unreferenced object 0xffff8881151d33a0 (size 32):
  comm "kworker/1:2", pid 1931, jiffies 4294942667 (age 15.490s)
  hex dump (first 32 bytes):
    02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8346e856>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<ffffffff8346ec29>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<ffffffff8346ec29>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<ffffffff833f2299>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1528
    [<ffffffff8125f739>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<ffffffff81260029>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<ffffffff81267958>] kthread+0x178/0x1b0 kernel/kthread.c:313
    [<ffffffff810022ef>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

BUG: memory leak
unreferenced object 0xffff8881151d33c0 (size 32):
  comm "kworker/1:2", pid 1931, jiffies 4294943419 (age 7.970s)
  hex dump (first 32 bytes):
    02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff8346e856>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<ffffffff8346ec29>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<ffffffff8346ec29>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<ffffffff833f2299>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1528
    [<ffffffff8125f739>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<ffffffff81260029>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<ffffffff81267958>] kthread+0x178/0x1b0 kernel/kthread.c:313
    [<ffffffff810022ef>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Crashes (129):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Title
ci-upstream-gce-leak	2021/05/18 13:23	upstream	8ac91e6c6033	a343ba6b	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/01/10 18:53	upstream	2ff90100ace8	2c1f2513	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/09 22:38	upstream	f8394f232b1e	64069d48	.config	log	report	syz	C
ci-upstream-gce-leak	2021/09/01 00:06	upstream	9c849ce86e0f	7eb7e152	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/22 07:10	upstream	9ff50bf2f2ff	b599f2fc	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/22 02:26	upstream	9ff50bf2f2ff	b599f2fc	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/21 11:51	upstream	fa54d366a6e4	b599f2fc	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/21 04:12	upstream	d992fe5318d8	b599f2fc	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/20 13:13	upstream	f87d64319e6f	b599f2fc	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/20 10:55	upstream	f87d64319e6f	b599f2fc	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/19 23:20	upstream	d6d09a694205	b599f2fc	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/18 22:23	upstream	614cb2751d31	a2fe1cb5	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/17 05:20	upstream	a2824f19e606	33c26cb7	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/16 09:11	upstream	7c60610d4767	2489ab88	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/15 15:53	upstream	0aa78d17099b	2489ab88	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/10 12:42	upstream	9a73fa375d58	6972b106	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/10 01:49	upstream	36a21d51725a	6972b106	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/09 09:10	upstream	66745863ecde	6972b106	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/09 03:48	upstream	66745863ecde	6972b106	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/08 17:25	upstream	85a90500f9a1	6972b106	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/06 16:53	upstream	902e7f373fff	f9e341e3	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/06 08:40	upstream	902e7f373fff	d2d6e680	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/04 11:58	upstream	d5ad8ec3cfb5	6c236867	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/08/01 09:17	upstream	f3438b4c4e69	6c236867	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/30 05:41	upstream	7e96bf476270	c585c7b0	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/15 00:48	upstream	8096acd7442e	94e0b707	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/13 07:52	upstream	7fef2edf7cc7	f415556d	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/11 05:15	upstream	3dbdb38e2869	8f5a7b8c	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/10 04:42	upstream	3dbdb38e2869	8f5a7b8c	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/09 03:11	upstream	3dbdb38e2869	1b20171a	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/08 12:46	upstream	3dbdb38e2869	95793bce	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/07 22:20	upstream	3dbdb38e2869	4846d5c1	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/04 07:54	upstream	3dbdb38e2869	55aa55c2	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/03 23:40	upstream	3dbdb38e2869	55aa55c2	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/03 20:47	upstream	3dbdb38e2869	55aa55c2	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/02 10:09	upstream	e058a84bfddc	658ebc66	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/01 20:43	upstream	dbe69e433722	658ebc66	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/07/01 06:22	upstream	df04fbe8680b	38a885d1	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/29 10:23	upstream	233a806b00e3	9d2ab5df	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/26 11:29	upstream	b7050b242430	9d2ab5df	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/24 07:00	upstream	7266f2030eb0	fe4ab389	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/21 08:54	upstream	cba5e97280f5	aba2b2fb	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/19 01:35	upstream	fd0aa1a4567d	aba2b2fb	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/17 08:00	upstream	6b00bc639f1f	aba2b2fb	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/16 04:09	upstream	94f0b2d4a1d0	990d3cbe	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/11 02:33	upstream	f09eacca59d2	1ba81399	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/09 21:45	upstream	368094df48e6	84fe5d96	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/07 21:27	upstream	614124bea77e	e59537be	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/07 15:47	upstream	614124bea77e	e59537be	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/07 05:03	upstream	decad3e1d1ed	500c2339	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/04 11:48	upstream	f88cd3fb9df2	0740de69	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/02 23:44	upstream	231bc5390667	0740de69	.config	log	report	syz		memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/06/02 09:32	upstream	231bc5390667	032639db	.config	log	report	syz		memory leak in __usbhid_submit_report