syzbot


memory leak in pcan_usb_fd_init

Status: fixed on 2021/11/10 00:50
Reported-by: syzbot+91adee8d9ebb9193d22d@syzkaller.appspotmail.com
Fix commit: a0b96b4a6274 drivers: net: fix memory leak in peak_usb_create_dev
First crash: 789d, last: 716d
Last patch testing requests:
Created Duration User Patch Repo Result
2021/04/01 10:47 17m paskripkin@gmail.com https://linux.googlesource.com/linux/kernel/git/torvalds/linux refs/changes/16/9816/1 OK

Sample crash report:
BUG: memory leak
unreferenced object 0xffff888109ef2580 (size 128):
  comm "kworker/0:1", pid 7, jiffies 4294942860 (age 14.330s)
  hex dump (first 32 bytes):
    00 09 32 0d 81 88 ff ff 00 00 00 00 00 00 00 00  ..2.............
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000079d6542a>] kmalloc include/linux/slab.h:552 [inline]
    [<0000000079d6542a>] kzalloc include/linux/slab.h:682 [inline]
    [<0000000079d6542a>] pcan_usb_fd_init+0x156/0x210 drivers/net/can/usb/peak_usb/pcan_usb_fd.c:868
    [<00000000c09f9057>] peak_usb_create_dev drivers/net/can/usb/peak_usb/pcan_usb_core.c:851 [inline]
    [<00000000c09f9057>] peak_usb_probe+0x389/0x490 drivers/net/can/usb/peak_usb/pcan_usb_core.c:949
    [<000000002c5b1e31>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<000000003762f30d>] really_probe+0x159/0x4a0 drivers/base/dd.c:554
    [<00000000cd308187>] driver_probe_device+0x84/0x100 drivers/base/dd.c:740
    [<000000002075ae7e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846
    [<00000000e8c708fc>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<000000009a376d62>] __device_attach+0x122/0x250 drivers/base/dd.c:914
    [<00000000675b6700>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<0000000002adde3e>] device_add+0x5be/0xc30 drivers/base/core.c:3109
    [<00000000d5d611b3>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<00000000435c7cc3>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<00000000dfd492ab>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<000000003762f30d>] really_probe+0x159/0x4a0 drivers/base/dd.c:554
    [<00000000cd308187>] driver_probe_device+0x84/0x100 drivers/base/dd.c:740
    [<000000002075ae7e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846

BUG: memory leak
unreferenced object 0xffff888110385200 (size 512):
  comm "kworker/0:1", pid 7, jiffies 4294942860 (age 14.330s)
  hex dump (first 32 bytes):
    01 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000744845ca>] kmalloc include/linux/slab.h:552 [inline]
    [<00000000744845ca>] kzalloc include/linux/slab.h:682 [inline]
    [<00000000744845ca>] pcan_usb_fd_init+0x181/0x210 drivers/net/can/usb/peak_usb/pcan_usb_fd.c:873
    [<00000000c09f9057>] peak_usb_create_dev drivers/net/can/usb/peak_usb/pcan_usb_core.c:851 [inline]
    [<00000000c09f9057>] peak_usb_probe+0x389/0x490 drivers/net/can/usb/peak_usb/pcan_usb_core.c:949
    [<000000002c5b1e31>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<000000003762f30d>] really_probe+0x159/0x4a0 drivers/base/dd.c:554
    [<00000000cd308187>] driver_probe_device+0x84/0x100 drivers/base/dd.c:740
    [<000000002075ae7e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846
    [<00000000e8c708fc>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<000000009a376d62>] __device_attach+0x122/0x250 drivers/base/dd.c:914
    [<00000000675b6700>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<0000000002adde3e>] device_add+0x5be/0xc30 drivers/base/core.c:3109
    [<00000000d5d611b3>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<00000000435c7cc3>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<00000000dfd492ab>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<000000003762f30d>] really_probe+0x159/0x4a0 drivers/base/dd.c:554
    [<00000000cd308187>] driver_probe_device+0x84/0x100 drivers/base/dd.c:740
    [<000000002075ae7e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846

BUG: memory leak
unreferenced object 0xffff888109ef2700 (size 128):
  comm "kworker/1:2", pid 3629, jiffies 4294943509 (age 7.840s)
  hex dump (first 32 bytes):
    00 09 2e 0d 81 88 ff ff 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000079d6542a>] kmalloc include/linux/slab.h:552 [inline]
    [<0000000079d6542a>] kzalloc include/linux/slab.h:682 [inline]
    [<0000000079d6542a>] pcan_usb_fd_init+0x156/0x210 drivers/net/can/usb/peak_usb/pcan_usb_fd.c:868
    [<00000000c09f9057>] peak_usb_create_dev drivers/net/can/usb/peak_usb/pcan_usb_core.c:851 [inline]
    [<00000000c09f9057>] peak_usb_probe+0x389/0x490 drivers/net/can/usb/peak_usb/pcan_usb_core.c:949
    [<000000002c5b1e31>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
    [<000000003762f30d>] really_probe+0x159/0x4a0 drivers/base/dd.c:554
    [<00000000cd308187>] driver_probe_device+0x84/0x100 drivers/base/dd.c:740
    [<000000002075ae7e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846
    [<00000000e8c708fc>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431
    [<000000009a376d62>] __device_attach+0x122/0x250 drivers/base/dd.c:914
    [<00000000675b6700>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491
    [<0000000002adde3e>] device_add+0x5be/0xc30 drivers/base/core.c:3109
    [<00000000d5d611b3>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164
    [<00000000435c7cc3>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
    [<00000000dfd492ab>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
    [<000000003762f30d>] really_probe+0x159/0x4a0 drivers/base/dd.c:554
    [<00000000cd308187>] driver_probe_device+0x84/0x100 drivers/base/dd.c:740
    [<000000002075ae7e>] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846


Crashes (19):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-gce-leak 2021/02/19 02:41 upstream f40ddce88593 14052202 .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/15 00:17 upstream 358feceebbf6 98682e5e .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/12 02:08 upstream 291009f656e8 a5f86b15 .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/10 02:07 upstream e0756cfc7d7c 2bd9619f .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/07 10:52 upstream 825b5991a46e 2ce644fc .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/05 22:34 upstream dd86e7fa07a3 23a562df .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/05 06:00 upstream 5c279c4cf206 23a562df .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/03 03:25 upstream 3aaf0a27ffc2 624dad51 .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/02/02 06:27 upstream 88bb507a74ea e6b95f32 .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/01/30 13:12 upstream 0e9bcda5d286 fc9fd31e .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/01/29 03:56 upstream e5ff2cb9cf67 7df34f59 .config console log report syz C memory leak in pcan_usb_fd_init
ci-upstream-gce-leak 2021/01/08 16:03 upstream f5e6c330254a c104d4a3 .config console log report syz C
ci-upstream-gce-leak 2021/01/04 15:56 upstream e71ba9452f0b 79264ae3 .config console log report syz C
ci-upstream-gce-leak 2021/01/02 22:25 upstream eda809aef534 79264ae3 .config console log report syz C
ci-upstream-gce-leak 2020/12/28 01:24 upstream f838f8d2b694 2242f77f .config console log report syz C
ci-upstream-gce-leak 2020/12/19 16:42 upstream 3644e2d2dda7 04201c06 .config console log report syz C
ci-upstream-gce-leak 2020/12/17 01:38 upstream 5e60366d56c6 04201c06 .config console log report syz C
ci-upstream-gce-leak 2020/12/16 08:57 upstream d635a69dd498 f213e07e .config console log report syz C
ci-upstream-gce-leak 2020/12/07 17:46 upstream 0477e9288185 1190297f .config console log report syz C
* Struck through repros no longer work on HEAD.