[syzbot] memory leak in gs_usb_probe
7 views
Skip to first unread message
syzbot
Mar 29, 2022, 11:22:21āÆAM3/29/22
to da...@davemloft.net, ku...@kernel.org, linu...@vger.kernel.org, linux-...@vger.kernel.org, m...@pengutronix.de, net...@vger.kernel.org, pab...@redhat.com, pf...@christ-es.de, syzkall...@googlegroups.com, w...@grandegger.com
Hello,
syzbot found the following issue on:
HEAD commit: 52deda9551a0 Merge branch 'akpm' (patches from Andrew)
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12b472dd700000
kernel config: https://syzkaller.appspot.com/x/.config?x=9ca2a67ddb20027f
dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12e96e1d700000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f8b513700000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+4d0ae9...@syzkaller.appspotmail.com
BUG: memory leak
unreferenced object 0xffff88810e4fc300 (size 96):
comm "kworker/1:1", pid 25, jiffies 4294948102 (age 15.080s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff843fcc08>] kmalloc include/linux/slab.h:581 [inline]
[<ffffffff843fcc08>] gs_make_candev drivers/net/can/usb/gs_usb.c:1065 [inline]
[<ffffffff843fcc08>] gs_usb_probe.cold+0x69e/0x8b8 drivers/net/can/usb/gs_usb.c:1191
[<ffffffff82d0a687>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
[<ffffffff82713a96>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:902
[<ffffffff8270fcf7>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427
[<ffffffff82713612>] __device_attach+0x122/0x260 drivers/base/dd.c:973
[<ffffffff82711966>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487
[<ffffffff8270dd4b>] device_add+0x5fb/0xdf0 drivers/base/core.c:3405
[<ffffffff82d07ac2>] usb_set_configuration+0x8f2/0xb80 drivers/usb/core/message.c:2170
[<ffffffff82d181ac>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<ffffffff82d09d5c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
BUG: memory leak
unreferenced object 0xffff88810e4fc280 (size 96):
comm "kworker/1:1", pid 25, jiffies 4294948819 (age 7.910s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff843fcc08>] kmalloc include/linux/slab.h:581 [inline]
[<ffffffff843fcc08>] gs_make_candev drivers/net/can/usb/gs_usb.c:1065 [inline]
[<ffffffff843fcc08>] gs_usb_probe.cold+0x69e/0x8b8 drivers/net/can/usb/gs_usb.c:1191
[<ffffffff82d0a687>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
[<ffffffff82713a96>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:902
[<ffffffff8270fcf7>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427
[<ffffffff82713612>] __device_attach+0x122/0x260 drivers/base/dd.c:973
[<ffffffff82711966>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487
[<ffffffff8270dd4b>] device_add+0x5fb/0xdf0 drivers/base/core.c:3405
[<ffffffff82d07ac2>] usb_set_configuration+0x8f2/0xb80 drivers/usb/core/message.c:2170
[<ffffffff82d181ac>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<ffffffff82d09d5c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 52deda9551a0 Merge branch 'akpm' (patches from Andrew)
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12b472dd700000
kernel config: https://syzkaller.appspot.com/x/.config?x=9ca2a67ddb20027f
dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12e96e1d700000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f8b513700000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+4d0ae9...@syzkaller.appspotmail.com
BUG: memory leak
unreferenced object 0xffff88810e4fc300 (size 96):
comm "kworker/1:1", pid 25, jiffies 4294948102 (age 15.080s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff843fcc08>] kmalloc include/linux/slab.h:581 [inline]
[<ffffffff843fcc08>] gs_make_candev drivers/net/can/usb/gs_usb.c:1065 [inline]
[<ffffffff843fcc08>] gs_usb_probe.cold+0x69e/0x8b8 drivers/net/can/usb/gs_usb.c:1191
[<ffffffff82d0a687>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
[<ffffffff82713a96>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:902
[<ffffffff8270fcf7>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427
[<ffffffff82713612>] __device_attach+0x122/0x260 drivers/base/dd.c:973
[<ffffffff82711966>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487
[<ffffffff8270dd4b>] device_add+0x5fb/0xdf0 drivers/base/core.c:3405
[<ffffffff82d07ac2>] usb_set_configuration+0x8f2/0xb80 drivers/usb/core/message.c:2170
[<ffffffff82d181ac>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<ffffffff82d09d5c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
BUG: memory leak
unreferenced object 0xffff88810e4fc280 (size 96):
comm "kworker/1:1", pid 25, jiffies 4294948819 (age 7.910s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff843fcc08>] kmalloc include/linux/slab.h:581 [inline]
[<ffffffff843fcc08>] gs_make_candev drivers/net/can/usb/gs_usb.c:1065 [inline]
[<ffffffff843fcc08>] gs_usb_probe.cold+0x69e/0x8b8 drivers/net/can/usb/gs_usb.c:1191
[<ffffffff82d0a687>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
[<ffffffff82713a96>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:902
[<ffffffff8270fcf7>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427
[<ffffffff82713612>] __device_attach+0x122/0x260 drivers/base/dd.c:973
[<ffffffff82711966>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487
[<ffffffff8270dd4b>] device_add+0x5fb/0xdf0 drivers/base/core.c:3405
[<ffffffff82d07ac2>] usb_set_configuration+0x8f2/0xb80 drivers/usb/core/message.c:2170
[<ffffffff82d181ac>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238
[<ffffffff82d09d5c>] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293
[<ffffffff82712d87>] call_driver_probe drivers/base/dd.c:517 [inline]
[<ffffffff82712d87>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596
[<ffffffff8271312c>] really_probe drivers/base/dd.c:558 [inline]
[<ffffffff8271312c>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:755
[<ffffffff8271322a>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:785
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Marc Kleine-Budde
Mar 29, 2022, 3:36:43āÆPM3/29/22
to syzbot, da...@davemloft.net, ku...@kernel.org, linu...@vger.kernel.org, linux-...@vger.kernel.org, net...@vger.kernel.org, pab...@redhat.com, pf...@christ-es.de, syzkall...@googlegroups.com, w...@grandegger.com
On 29.03.2022 08:22:20, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 52deda9551a0 Merge branch 'akpm' (patches from Andrew)
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=12b472dd700000
> kernel config: https://syzkaller.appspot.com/x/.config?x=9ca2a67ddb20027f
> dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12e96e1d700000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f8b513700000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+4d0ae9...@syzkaller.appspotmail.com
Good Bot!
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 52deda9551a0 Merge branch 'akpm' (patches from Andrew)
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=12b472dd700000
> kernel config: https://syzkaller.appspot.com/x/.config?x=9ca2a67ddb20027f
> dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12e96e1d700000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f8b513700000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+4d0ae9...@syzkaller.appspotmail.com
Fixed:
https://lore.kernel.org/all/2022032919345...@pengutronix.de
regards,
Marc
--
Pengutronix e.K. | Marc Kleine-Budde |
Embedded Linux | https://www.pengutronix.de |
Vertretung West/Dortmund | Phone: +49-231-2826-924 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Zhang, Qiang1
Mar 29, 2022, 9:57:15āÆPM3/29/22
to syzbot, da...@davemloft.net, ku...@kernel.org, linu...@vger.kernel.org, linux-...@vger.kernel.org, m...@pengutronix.de, net...@vger.kernel.org, pab...@redhat.com, pf...@christ-es.de, syzkall...@googlegroups.com, w...@grandegger.com
diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c
index 67408e316062..5234cfff84b8 100644
--- a/drivers/net/can/usb/gs_usb.c
+++ b/drivers/net/can/usb/gs_usb.c
@@ -1092,6 +1092,7 @@ static struct gs_can *gs_make_candev(unsigned int channel,
dev->data_bt_const.brp_inc = le32_to_cpu(bt_const_extended->dbrp_inc);
dev->can.data_bittiming_const = &dev->data_bt_const;
+ kfree(bt_const_extended);
}
SET_NETDEV_DEV(netdev, &intf->dev);
Thanks,
Zqiang
syzbot
Mar 29, 2022, 9:58:19āÆPM3/29/22
to da...@davemloft.net, ku...@kernel.org, linu...@vger.kernel.org, linux-...@vger.kernel.org, m...@pengutronix.de, net...@vger.kernel.org, pab...@redhat.com, pf...@christ-es.de, qiang1...@intel.com, syzkall...@googlegroups.com, w...@grandegger.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
Tested on:
commit: c2528a0c Add linux-next specific files for 20220329
git tree: linux-next
patch: https://syzkaller.appspot.com/x/patch.diff?x=163e219b700000
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
Tested on:
commit: c2528a0c Add linux-next specific files for 20220329
git tree: linux-next
patch: https://syzkaller.appspot.com/x/patch.diff?x=163e219b700000
Zhang, Qiang1
Mar 29, 2022, 10:37:42āÆPM3/29/22
to syzbot, da...@davemloft.net, ku...@kernel.org, linu...@vger.kernel.org, linux-...@vger.kernel.org, m...@pengutronix.de, net...@vger.kernel.org, pab...@redhat.com, pf...@christ-es.de, syzkall...@googlegroups.com, w...@grandegger.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
#syz test: git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c index 67408e316062..5234cfff84b8 100644
--- a/drivers/net/can/usb/gs_usb.c
+++ b/drivers/net/can/usb/gs_usb.c
@@ -1092,6 +1092,7 @@ static struct gs_can *gs_make_candev(unsigned int channel,
dev->data_bt_const.brp_inc = le32_to_cpu(bt_const_extended->dbrp_inc);
dev->can.data_bittiming_const = &dev->data_bt_const;
+ kfree(bt_const_extended);
}
SET_NETDEV_DEV(netdev, &intf->dev);
diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c index 67408e316062..5234cfff84b8 100644
--- a/drivers/net/can/usb/gs_usb.c
+++ b/drivers/net/can/usb/gs_usb.c
@@ -1092,6 +1092,7 @@ static struct gs_can *gs_make_candev(unsigned int channel,
dev->data_bt_const.brp_inc = le32_to_cpu(bt_const_extended->dbrp_inc);
dev->can.data_bittiming_const = &dev->data_bt_const;
+ kfree(bt_const_extended);
}
SET_NETDEV_DEV(netdev, &intf->dev);
syzbot
Mar 29, 2022, 10:39:10āÆPM3/29/22
to da...@davemloft.net, ku...@kernel.org, linu...@vger.kernel.org, linux-...@vger.kernel.org, m...@pengutronix.de, net...@vger.kernel.org, pab...@redhat.com, pf...@christ-es.de, qiang1...@intel.com, syzkall...@googlegroups.com, w...@grandegger.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
Tested on:
commit: c2528a0c Add linux-next specific files for 20220329
git tree: linux-next
dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
compiler:
patch: https://syzkaller.appspot.com/x/patch.diff?x=166a33ab700000
commit: c2528a0c Add linux-next specific files for 20220329
git tree: linux-next
dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
compiler:
Zhang, Qiang1
Mar 29, 2022, 10:46:28āÆPM3/29/22
to syzbot, linu...@vger.kernel.org, syzkall...@googlegroups.com
syzbot
Mar 29, 2022, 10:47:12āÆPM3/29/22
to linu...@vger.kernel.org, qiang1...@intel.com, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
Tested on:
commit: c2528a0c Add linux-next specific files for 20220329
git tree: linux-next
dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
compiler:
patch: https://syzkaller.appspot.com/x/patch.diff?x=15dc8777700000
syzbot tried to test the proposed patch but the build/boot failed:
failed to apply patch:
checking file drivers/net/can/usb/gs_usb.c
patch: **** unexpected end of file in patch
Tested on:
commit: c2528a0c Add linux-next specific files for 20220329
git tree: linux-next
dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
compiler:
Dmitry Vyukov
Mar 30, 2022, 2:03:53āÆAM3/30/22
to syzbot, linu...@vger.kernel.org, qiang1...@intel.com, syzkall...@googlegroups.com
On Wed, 30 Mar 2022 at 04:47, syzbot
<syzbot+4d0ae9...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot tried to test the proposed patch but the build/boot failed:
>
> failed to apply patch:
> checking file drivers/net/can/usb/gs_usb.c
> patch: **** unexpected end of file in patch
Hi Zhang,
<syzbot+4d0ae9...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot tried to test the proposed patch but the build/boot failed:
>
> failed to apply patch:
> checking file drivers/net/can/usb/gs_usb.c
> patch: **** unexpected end of file in patch
It seems that your mail client messes up whitespaces and breaks patches,
you may attach the patch as an attachment then, it's more reliable.
Marc Kleine-Budde
Mar 30, 2022, 3:37:41āÆAM3/30/22
to Zhang, Qiang1, syzbot, da...@davemloft.net, ku...@kernel.org, linu...@vger.kernel.org, linux-...@vger.kernel.org, net...@vger.kernel.org, pab...@redhat.com, pf...@christ-es.de, syzkall...@googlegroups.com, w...@grandegger.com
On 30.03.2022 01:57:08, Zhang, Qiang1 wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 52deda9551a0 Merge branch 'akpm' (patches from Andrew)
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=12b472dd700000
> kernel config: https://syzkaller.appspot.com/x/.config?x=9ca2a67ddb20027f
> dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12e96e1d700000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f8b513700000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+4d0ae9...@syzkaller.appspotmail.com
[...]
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 52deda9551a0 Merge branch 'akpm' (patches from Andrew)
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=12b472dd700000
> kernel config: https://syzkaller.appspot.com/x/.config?x=9ca2a67ddb20027f
> dashboard link: https://syzkaller.appspot.com/bug?extid=4d0ae90a195b269f102d
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12e96e1d700000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f8b513700000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+4d0ae9...@syzkaller.appspotmail.com
> diff --git a/drivers/net/can/usb/gs_usb.c b/drivers/net/can/usb/gs_usb.c
> index 67408e316062..5234cfff84b8 100644
> --- a/drivers/net/can/usb/gs_usb.c
> +++ b/drivers/net/can/usb/gs_usb.c
> @@ -1092,6 +1092,7 @@ static struct gs_can *gs_make_candev(unsigned int channel,
> dev->data_bt_const.brp_inc = le32_to_cpu(bt_const_extended->dbrp_inc);
>
> dev->can.data_bittiming_const = &dev->data_bt_const;
> + kfree(bt_const_extended);
> }
>
> SET_NETDEV_DEV(netdev, &intf->dev);
Reply all
Reply to author
Forward
0 new messages