| Message ID | 20210514110317.2041580-1-mudongliangabcd@gmail.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | misc/uss720: fix memory leak in uss720_probe | expand |
On Fri, May 14, 2021 at 07:48:57PM +0800, 慕冬亮 wrote: > On Fri, May 14, 2021 at 7:14 PM Greg KH <gregkh@linuxfoundation.org> wrote: > > > > On Fri, May 14, 2021 at 07:03:17PM +0800, Dongliang Mu wrote: > > > uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. > > > Fix this by decreasing the refcount of usbdev by usb_put_dev. > > > > > > BUG: memory leak > > > unreferenced object 0xffff888101113800 (size 2048): > > > comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s) > > > hex dump (first 32 bytes): > > > ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1........... > > > 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................ > > > backtrace: > > > [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline] > > > [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline] > > > [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582 > > > [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline] > > > [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline] > > > [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline] > > > [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 > > > [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275 > > > [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421 > > > [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292 > > > [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 > > > > > > Reported-by: syzbot+636c58f40a86b4a879e7@syzkaller.appspotmail.com > > > Signed-off-by: Dongliang Mu <mudongliangabcd@gmail.com> > > > --- > > > drivers/usb/misc/uss720.c | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/drivers/usb/misc/uss720.c b/drivers/usb/misc/uss720.c > > > index b5d661644263..748139d26263 100644 > > > --- a/drivers/usb/misc/uss720.c > > > +++ b/drivers/usb/misc/uss720.c > > > @@ -736,6 +736,7 @@ static int uss720_probe(struct usb_interface *intf, > > > parport_announce_port(pp); > > > > > > usb_set_intfdata(intf, pp); > > > + usb_put_dev(usbdev); > > > return 0; > > > > > > probe_abort: > > > -- > > > 2.25.1 > > > > > > > Nice catch! > > Thanks. > > This should be a bug fix. From the document, "Fixes" tag is needed for > bug fixes. It would be good, yes, please resend with that added. > How do I quickly get this bug-inducing commit? Any > suggestion here? look at the log for this one file to find where the offending change happend. Try `git log -p drivers/usb/misc/uss720.c` thanks, greg k-h
diff --git a/drivers/usb/misc/uss720.c b/drivers/usb/misc/uss720.c index b5d661644263..748139d26263 100644 --- a/drivers/usb/misc/uss720.c +++ b/drivers/usb/misc/uss720.c @@ -736,6 +736,7 @@ static int uss720_probe(struct usb_interface *intf, parport_announce_port(pp); usb_set_intfdata(intf, pp); + usb_put_dev(usbdev); return 0; probe_abort:
uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced object 0xffff888101113800 (size 2048): comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s) hex dump (first 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1........... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................ backtrace: [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline] [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline] [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582 [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline] [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline] [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline] [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275 [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421 [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292 [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Reported-by: syzbot+636c58f40a86b4a879e7@syzkaller.appspotmail.com Signed-off-by: Dongliang Mu <mudongliangabcd@gmail.com> --- drivers/usb/misc/uss720.c | 1 + 1 file changed, 1 insertion(+)