memory leak in __usbhid_submit

memory leak in __usbhid_submit_report
Status: upstream: reported C repro on 2020/11/11 13:55
Reported-by: syzbot+47b26cd837ececfc666d@syzkaller.appspotmail.com
First crash: 117d, last: 17d

Sample crash report:

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 29.560s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 29.620s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 29.680s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 29.740s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 29.810s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 29.870s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 29.930s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

BUG: memory leak
unreferenced object 0xffff888114bb0080 (size 32):
  comm "kworker/0:1", pid 8641, jiffies 4294971950 (age 30.000s)
  hex dump (first 32 bytes):
    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074fe2e5e>] __usbhid_submit_report+0x116/0x490 drivers/hid/usbhid/hid-core.c:590
    [<00000000cf1c99d9>] usbhid_submit_report drivers/hid/usbhid/hid-core.c:640 [inline]
    [<00000000cf1c99d9>] usbhid_request+0x59/0xa0 drivers/hid/usbhid/hid-core.c:1274
    [<000000000b592dd6>] hidinput_led_worker+0x59/0x160 drivers/hid/hid-input.c:1516
    [<0000000073c9bb0f>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
    [<00000000d3feaabb>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
    [<000000006b4e3bc1>] kthread+0x178/0x1b0 kernel/kthread.c:292
    [<00000000ee380feb>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory
write to /proc/sys/kernel/hung_task_check_interval_secs failed: No such file or directory
write to /proc/sys/kernel/softlockup_all_cpu_backtrace failed: No such file or directory

Crashes (51):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Title
ci-upstream-gce-leak	2021/02/18 11:53	upstream	f40ddce8	14052202	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/02/17 09:44	upstream	f40ddce8	052f8d9f	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/02/16 03:03	upstream	f40ddce8	98682e5e	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/02/14 08:05	upstream	ac30d8ce	98682e5e	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/02/13 22:17	upstream	c6d8570e	98682e5e	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/02/06 17:29	upstream	1e0d27fc	0655e081	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/02/05 20:08	upstream	dd86e7fa	23a562df	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/01/27 20:14	upstream	2ab38c17	a0ebf917	.config	log	report	syz	C	memory leak in __usbhid_submit_report
ci-upstream-gce-leak	2021/01/10 18:53	upstream	2ff90100	2c1f2513	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/09 03:58	upstream	6279d812	c104d4a3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/07 23:59	upstream	71c061d2	c104d4a3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/06 04:37	upstream	6207214a	b1c228e1	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/05 14:51	upstream	36bbbd0e	a0234d98	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/05 14:13	upstream	36bbbd0e	a0234d98	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/04 14:27	upstream	e71ba945	79264ae3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/04 04:27	upstream	e71ba945	79264ae3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/03 21:26	upstream	3516bd72	79264ae3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/02 21:31	upstream	eda809ae	79264ae3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/02 03:39	upstream	eda809ae	79264ae3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/01 06:39	upstream	f6e1ea19	79264ae3	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/31 04:26	upstream	f6e1ea19	5cc121d6	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/30 15:46	upstream	139711f0	ecb8c012	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/29 19:38	upstream	dea8dcf2	80910769	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/29 11:22	upstream	dea8dcf2	8259d56c	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/27 17:15	upstream	f838f8d2	2242f77f	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/27 01:53	upstream	40f78232	821e0b09	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/25 16:35	upstream	71c5f031	b982b3ea	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/23 21:09	upstream	614cb589	c2c1d1dd	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/22 13:47	upstream	8653b778	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/21 09:32	upstream	6a447b0e	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/20 16:45	upstream	467f8165	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/17 17:26	upstream	accefff5	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/17 07:26	upstream	5e60366d	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/15 22:33	upstream	148842c9	97183ed7	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/14 09:20	upstream	6bff9bb8	b22a7ec3	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/13 04:33	upstream	7b1b868e	bca53db9	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/09 06:36	upstream	7d8761ba	40cc414d	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/05 22:54	upstream	b3298500	50503117	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/05 08:30	upstream	e87297fa	20366b87	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/04 23:26	upstream	e87297fa	20366b87	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/02 07:19	upstream	509a1542	c42a35e9	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/02 02:27	upstream	b6505459	07bfe8a5	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/26 11:42	upstream	fa02fcd9	2f1cec62	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/25 01:27	upstream	80145ac2	e34b696c	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/20 16:16	upstream	4d02da97	740ff461	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/20 08:11	upstream	3494d588	0767f13f	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/17 03:15	upstream	9c87c9f4	1bf9a662	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/14 20:25	upstream	f01c30de	1bf9a662	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/12 13:15	upstream	3d5e28bf	77a55c8e	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/11 23:03	upstream	eccc8767	cca87986	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/09 22:38	upstream	f8394f23	64069d48	.config	log	report	syz	C