memory leak in dvb_create_media

memory leak in dvb_create_media_graph
Status: upstream: reported C repro on 2020/11/11 13:55
Reported-by: syzbot+7f09440acc069a0d38ac@syzkaller.appspotmail.com
Fix commit: bf9a40ae8d72 media: dvbdev: Fix memory leak in dvb_media_device_free()
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32]
First crash: 266d, last: 106d

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2020/12/10 17:29	14m	yepeilin.cs@gmail.com	patch	upstream	report log

Sample crash report:

BUG: memory leak
unreferenced object 0xffff88810bc31f80 (size 128):
  comm "kworker/0:2", pid 3062, jiffies 4294943019 (age 13.320s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 06 05 00 00 00 00 00 00  ................
    00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de  ........".......
  backtrace:
    [<ffffffff82ece371>] kmalloc include/linux/slab.h:554 [inline]
    [<ffffffff82ece371>] kzalloc include/linux/slab.h:684 [inline]
    [<ffffffff82ece371>] dvb_create_media_graph+0x301/0x7d0 drivers/media/dvb-core/dvbdev.c:665
    [<ffffffff82f26400>] dvb_usb_adapter_frontend_init+0x180/0x1b0 drivers/media/usb/dvb-usb/dvb-usb-dvb.c:327
    [<ffffffff84231d10>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:84 [inline]
    [<ffffffff84231d10>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
    [<ffffffff84231d10>] dvb_usb_device_init.cold+0x4d0/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
    [<ffffffff82f291aa>] gp8psk_usb_probe+0x2a/0x50 drivers/media/usb/dvb-usb/gp8psk.c:304
    [<ffffffff82ba9637>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<ffffffff825f6b79>] really_probe+0x159/0x4a0 drivers/base/dd.c:559
    [<ffffffff825f6f44>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
    [<ffffffff825f765e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
    [<ffffffff825f3ac7>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<ffffffff825f71f2>] __device_attach+0x122/0x250 drivers/base/dd.c:919
    [<ffffffff825f5766>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<ffffffff825f1cb5>] device_add+0x5d5/0xc40 drivers/base/core.c:3242
    [<ffffffff82ba6bd9>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<ffffffff82bb703c>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<ffffffff82ba8d9c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<ffffffff825f6b79>] really_probe+0x159/0x4a0 drivers/base/dd.c:559

BUG: memory leak
unreferenced object 0xffff88810da2fc00 (size 128):
  comm "kworker/0:2", pid 3062, jiffies 4294943631 (age 7.200s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 06 05 00 00 00 00 00 00  ................
    00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de  ........".......
  backtrace:
    [<ffffffff82ece371>] kmalloc include/linux/slab.h:554 [inline]
    [<ffffffff82ece371>] kzalloc include/linux/slab.h:684 [inline]
    [<ffffffff82ece371>] dvb_create_media_graph+0x301/0x7d0 drivers/media/dvb-core/dvbdev.c:665
    [<ffffffff82f26400>] dvb_usb_adapter_frontend_init+0x180/0x1b0 drivers/media/usb/dvb-usb/dvb-usb-dvb.c:327
    [<ffffffff84231d10>] dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:84 [inline]
    [<ffffffff84231d10>] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:173 [inline]
    [<ffffffff84231d10>] dvb_usb_device_init.cold+0x4d0/0x6ae drivers/media/usb/dvb-usb/dvb-usb-init.c:287
    [<ffffffff82f291aa>] gp8psk_usb_probe+0x2a/0x50 drivers/media/usb/dvb-usb/gp8psk.c:304
    [<ffffffff82ba9637>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<ffffffff825f6b79>] really_probe+0x159/0x4a0 drivers/base/dd.c:559
    [<ffffffff825f6f44>] driver_probe_device+0x84/0x100 drivers/base/dd.c:745
    [<ffffffff825f765e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:851
    [<ffffffff825f3ac7>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<ffffffff825f71f2>] __device_attach+0x122/0x250 drivers/base/dd.c:919
    [<ffffffff825f5766>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<ffffffff825f1cb5>] device_add+0x5d5/0xc40 drivers/base/core.c:3242
    [<ffffffff82ba6bd9>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<ffffffff82bb703c>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<ffffffff82ba8d9c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<ffffffff825f6b79>] really_probe+0x159/0x4a0 drivers/base/dd.c:559

Crashes (26):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Title
ci-upstream-gce-leak	2021/04/18 07:35	upstream	194cf4825638	7e2b734b	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/03/17 04:26	upstream	1df27313f50a	fdb2bb2c	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/02/18 09:22	upstream	f40ddce88593	14052202	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/02/17 14:12	upstream	f40ddce88593	052f8d9f	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/02/15 08:29	upstream	f40ddce88593	98682e5e	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/02/14 22:10	upstream	358feceebbf6	98682e5e	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/02/13 11:32	upstream	c6d8570e4d64	98682e5e	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/02/13 00:51	upstream	dcc0b49040c7	98682e5e	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/02/11 14:27	upstream	291009f656e8	a52ee10a	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/01/29 05:24	upstream	e5ff2cb9cf67	7df34f59	.config	log	report	syz	C	memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/01/11 11:32	upstream	0653161f0fac	2c1f2513	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/07 13:36	upstream	71c061d24438	c104d4a3	.config	log	report	syz	C
ci-upstream-gce-leak	2021/01/05 20:32	upstream	36bbbd0e234d	a0234d98	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/21 19:14	upstream	e37b12e4bb21	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/20 18:22	upstream	467f8165a2b0	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/19 18:56	upstream	3644e2d2dda7	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/12/19 18:34	upstream	3644e2d2dda7	04201c06	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/27 00:58	upstream	4df910620beb	1d2b823e	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/25 01:40	upstream	80145ac2f739	e34b696c	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/15 23:17	upstream	0062442ecfef	1bf9a662	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/10 11:55	upstream	407ab579637c	cca87986	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/09 14:23	upstream	f8394f232b1e	64069d48	.config	log	report	syz	C
ci-upstream-gce-leak	2020/11/09 14:01	upstream	f8394f232b1e	64069d48	.config	log	report	syz	C
ci-upstream-gce-leak	2021/04/13 09:24	upstream	89698becf06d	bfeda1b1	.config	log	report	syz		memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/04/01 23:36	upstream	ffd9fb546d49	6a81331a	.config	log	report	syz		memory leak in dvb_create_media_graph
ci-upstream-gce-leak	2021/04/01 22:29	upstream	ffd9fb546d49	6a81331a	.config	log	report	syz		memory leak in dvb_create_media_graph