memory leak in smsc75xx

memory leak in smsc75xx_bind
Status: upstream: reported syz repro on 2021/05/24 09:12
Reported-by: syzbot+b558506ba8165425fee2@syzkaller.appspotmail.com
Fix commit: 46a8b29c6306 net: usb: fix memory leak in smsc75xx_bind
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32]
First crash: 61d, last: 60d

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2021/05/24 19:44	14m	paskripkin@gmail.com	patch	upstream	OK

Sample crash report:

BUG: memory leak
unreferenced object 0xffff88810e115900 (size 192):
  comm "kworker/1:1", pid 8575, jiffies 4295045923 (age 18.440s)
  hex dump (first 32 bytes):
    40 39 51 0b 81 88 ff ff 00 00 00 00 00 00 00 00  @9Q.............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff84245b84>] kmalloc include/linux/slab.h:556 [inline]
    [<ffffffff84245b84>] kzalloc include/linux/slab.h:686 [inline]
    [<ffffffff84245b84>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460
    [<ffffffff82b5b346>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728
    [<ffffffff82be6647>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<ffffffff82624159>] really_probe+0x159/0x500 drivers/base/dd.c:576
    [<ffffffff8262458b>] driver_probe_device+0x8b/0x100 drivers/base/dd.c:763
    [<ffffffff82624cb6>] __device_attach_driver+0xf6/0x120 drivers/base/dd.c:870
    [<ffffffff82621047>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<ffffffff82624832>] __device_attach+0x122/0x260 drivers/base/dd.c:938
    [<ffffffff82622ce6>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<ffffffff8261f105>] device_add+0x5d5/0xd70 drivers/base/core.c:3320
    [<ffffffff82be3be9>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<ffffffff82bf3f6c>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<ffffffff82be5dac>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<ffffffff82624159>] really_probe+0x159/0x500 drivers/base/dd.c:576
    [<ffffffff8262458b>] driver_probe_device+0x8b/0x100 drivers/base/dd.c:763
    [<ffffffff82624cb6>] __device_attach_driver+0xf6/0x120 drivers/base/dd.c:870

BUG: memory leak
unreferenced object 0xffff888119630480 (size 192):
  comm "kworker/1:2", pid 3198, jiffies 4295046708 (age 10.590s)
  hex dump (first 32 bytes):
    40 c9 14 11 81 88 ff ff 00 00 00 00 00 00 00 00  @...............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff84245b84>] kmalloc include/linux/slab.h:556 [inline]
    [<ffffffff84245b84>] kzalloc include/linux/slab.h:686 [inline]
    [<ffffffff84245b84>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460
    [<ffffffff82b5b346>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728
    [<ffffffff82be6647>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<ffffffff82624159>] really_probe+0x159/0x500 drivers/base/dd.c:576
    [<ffffffff8262458b>] driver_probe_device+0x8b/0x100 drivers/base/dd.c:763
    [<ffffffff82624cb6>] __device_attach_driver+0xf6/0x120 drivers/base/dd.c:870
    [<ffffffff82621047>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<ffffffff82624832>] __device_attach+0x122/0x260 drivers/base/dd.c:938
    [<ffffffff82622ce6>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<ffffffff8261f105>] device_add+0x5d5/0xd70 drivers/base/core.c:3320
    [<ffffffff82be3be9>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<ffffffff82bf3f6c>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<ffffffff82be5dac>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<ffffffff82624159>] really_probe+0x159/0x500 drivers/base/dd.c:576
    [<ffffffff8262458b>] driver_probe_device+0x8b/0x100 drivers/base/dd.c:763
    [<ffffffff82624cb6>] __device_attach_driver+0xf6/0x120 drivers/base/dd.c:870

BUG: memory leak
unreferenced object 0xffff8881196eb840 (size 192):
  comm "kworker/0:2", pid 8407, jiffies 4295046957 (age 8.100s)
  hex dump (first 32 bytes):
    40 c9 14 11 81 88 ff ff 00 00 00 00 00 00 00 00  @...............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffffff84245b84>] kmalloc include/linux/slab.h:556 [inline]
    [<ffffffff84245b84>] kzalloc include/linux/slab.h:686 [inline]
    [<ffffffff84245b84>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460
    [<ffffffff82b5b346>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728
    [<ffffffff82be6647>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<ffffffff82624159>] really_probe+0x159/0x500 drivers/base/dd.c:576
    [<ffffffff8262458b>] driver_probe_device+0x8b/0x100 drivers/base/dd.c:763
    [<ffffffff82624cb6>] __device_attach_driver+0xf6/0x120 drivers/base/dd.c:870
    [<ffffffff82621047>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<ffffffff82624832>] __device_attach+0x122/0x260 drivers/base/dd.c:938
    [<ffffffff82622ce6>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<ffffffff8261f105>] device_add+0x5d5/0xd70 drivers/base/core.c:3320
    [<ffffffff82be3be9>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<ffffffff82bf3f6c>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<ffffffff82be5dac>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<ffffffff82624159>] really_probe+0x159/0x500 drivers/base/dd.c:576
    [<ffffffff8262458b>] driver_probe_device+0x8b/0x100 drivers/base/dd.c:763
    [<ffffffff82624cb6>] __device_attach_driver+0xf6/0x120 drivers/base/dd.c:870

Crashes (2):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-gce-leak	2021/05/25 07:28	upstream	1434a3127887	3c7fef33	.config	log	report	syz			memory leak in smsc75xx_bind
ci-upstream-gce-leak	2021/05/24 05:44	upstream	6ebb6814a1ef	3c7fef33	.config	log	report	syz			memory leak in smsc75xx_bind