* memory leak in pty_common_install @ 2019-07-30 15:08 syzbot 2019-08-02 6:23 ` Jiri Slaby 2022-06-30 6:09 ` [syzbot] " syzbot 0 siblings, 2 replies; 5+ messages in thread From: syzbot @ 2019-07-30 15:08 UTC (permalink / raw) To: gregkh, jslaby, linux-kernel, syzkaller-bugs Hello, syzbot found the following crash on: HEAD commit: 6789f873 Merge tag 'pm-5.3-rc2' of git://git.kernel.org/pu.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=1696897c600000 kernel config: https://syzkaller.appspot.com/x/.config?x=339b6a6b3640d115 dashboard link: https://syzkaller.appspot.com/bug?extid=bdebcbf44250d75bdd82 compiler: gcc (GCC) 9.0.0 20181231 (experimental) syz repro: https://syzkaller.appspot.com/x/repro.syz?x=153d7544600000 IMPORTANT: if you fix the bug, please add the following tag to the commit: Reported-by: syzbot+bdebcbf44250d75bdd82@syzkaller.appspotmail.com BUG: memory leak unreferenced object 0xffff88810d84d400 (size 512): comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) hex dump (first 32 bytes): 50 d4 84 0d 81 88 ff ff e0 ff ff ff 0f 00 00 00 P............... 10 d4 84 0d 81 88 ff ff 10 d4 84 0d 81 88 ff ff ................ backtrace: [<000000003d61da44>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 [<00000000a6239e0a>] kmalloc include/linux/slab.h:552 [inline] [<00000000a6239e0a>] pty_common_install+0x4e/0x2b0 drivers/tty/pty.c:391 [<00000000bd8cb19d>] pty_unix98_install+0x20/0x30 drivers/tty/pty.c:740 [<000000001b46b5e1>] tty_driver_install_tty drivers/tty/tty_io.c:1227 [inline] [<000000001b46b5e1>] tty_init_dev drivers/tty/tty_io.c:1340 [inline] [<000000001b46b5e1>] tty_init_dev+0x86/0x210 drivers/tty/tty_io.c:1317 [<00000000845ae712>] ptmx_open drivers/tty/pty.c:845 [inline] [<00000000845ae712>] ptmx_open+0xba/0x1c0 drivers/tty/pty.c:811 [<000000007e87d771>] chrdev_open+0xe3/0x290 fs/char_dev.c:414 [<00000000bd556826>] do_dentry_open+0x199/0x4f0 fs/open.c:797 [<000000001ba9145b>] vfs_open+0x35/0x40 fs/open.c:906 [<00000000c0275eb4>] do_last fs/namei.c:3416 [inline] [<00000000c0275eb4>] path_openat+0x854/0x1cd0 fs/namei.c:3533 [<00000000156ad8b1>] do_filp_open+0xaa/0x130 fs/namei.c:3563 [<00000000074d96c0>] do_sys_open+0x253/0x330 fs/open.c:1089 [<000000009f7fc64a>] __do_sys_openat fs/open.c:1116 [inline] [<000000009f7fc64a>] __se_sys_openat fs/open.c:1110 [inline] [<000000009f7fc64a>] __x64_sys_openat+0x24/0x30 fs/open.c:1110 [<000000005ca4479f>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:296 [<00000000e1f64b0f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff88810e639800 (size 1024): comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) hex dump (first 32 bytes): 01 54 00 00 01 00 00 00 00 00 00 00 00 00 00 00 .T.............. 00 83 fa 19 82 88 ff ff a0 7f 9b 83 ff ff ff ff ................ backtrace: [<000000003d61da44>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 [<000000001cfffc30>] kmalloc include/linux/slab.h:552 [inline] [<000000001cfffc30>] kzalloc include/linux/slab.h:748 [inline] [<000000001cfffc30>] alloc_tty_struct+0x3f/0x290 drivers/tty/tty_io.c:2981 [<000000001946a70c>] pty_common_install+0xac/0x2b0 drivers/tty/pty.c:399 [<00000000bd8cb19d>] pty_unix98_install+0x20/0x30 drivers/tty/pty.c:740 [<000000001b46b5e1>] tty_driver_install_tty drivers/tty/tty_io.c:1227 [inline] [<000000001b46b5e1>] tty_init_dev drivers/tty/tty_io.c:1340 [inline] [<000000001b46b5e1>] tty_init_dev+0x86/0x210 drivers/tty/tty_io.c:1317 [<00000000845ae712>] ptmx_open drivers/tty/pty.c:845 [inline] [<00000000845ae712>] ptmx_open+0xba/0x1c0 drivers/tty/pty.c:811 [<000000007e87d771>] chrdev_open+0xe3/0x290 fs/char_dev.c:414 [<00000000bd556826>] do_dentry_open+0x199/0x4f0 fs/open.c:797 [<000000001ba9145b>] vfs_open+0x35/0x40 fs/open.c:906 [<00000000c0275eb4>] do_last fs/namei.c:3416 [inline] [<00000000c0275eb4>] path_openat+0x854/0x1cd0 fs/namei.c:3533 [<00000000156ad8b1>] do_filp_open+0xaa/0x130 fs/namei.c:3563 [<00000000074d96c0>] do_sys_open+0x253/0x330 fs/open.c:1089 [<000000009f7fc64a>] __do_sys_openat fs/open.c:1116 [inline] [<000000009f7fc64a>] __se_sys_openat fs/open.c:1110 [inline] [<000000009f7fc64a>] __x64_sys_openat+0x24/0x30 fs/open.c:1110 [<000000005ca4479f>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:296 [<00000000e1f64b0f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 --- This bug is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this bug report. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. syzbot can test patches for this bug, for details see: https://goo.gl/tpsmEJ#testing-patches ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: memory leak in pty_common_install 2019-07-30 15:08 memory leak in pty_common_install syzbot @ 2019-08-02 6:23 ` Jiri Slaby 2019-08-03 14:22 ` Jiri Slaby 2022-06-30 6:09 ` [syzbot] " syzbot 1 sibling, 1 reply; 5+ messages in thread From: Jiri Slaby @ 2019-08-02 6:23 UTC (permalink / raw) To: syzbot, syzkaller-bugs, gregkh, linux-kernel On 30. 07. 19, 17:08, syzbot wrote: > Hello, > > syzbot found the following crash on: > > HEAD commit: 6789f873 Merge tag 'pm-5.3-rc2' of > git://git.kernel.org/pu.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=1696897c600000 > kernel config: https://syzkaller.appspot.com/x/.config?x=339b6a6b3640d115 > dashboard link: > https://syzkaller.appspot.com/bug?extid=bdebcbf44250d75bdd82 > compiler: gcc (GCC) 9.0.0 20181231 (experimental) > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=153d7544600000 > > IMPORTANT: if you fix the bug, please add the following tag to the commit: > Reported-by: syzbot+bdebcbf44250d75bdd82@syzkaller.appspotmail.com > > BUG: memory leak > unreferenced object 0xffff88810d84d400 (size 512): > comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) > hex dump (first 32 bytes): > 50 d4 84 0d 81 88 ff ff e0 ff ff ff 0f 00 00 00 P............... > 10 d4 84 0d 81 88 ff ff 10 d4 84 0d 81 88 ff ff ................ > backtrace: > [<000000003d61da44>] kmemleak_alloc_recursive > include/linux/kmemleak.h:43 [inline] > [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] > [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] > [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 > [<00000000a6239e0a>] kmalloc include/linux/slab.h:552 [inline] > [<00000000a6239e0a>] pty_common_install+0x4e/0x2b0 > drivers/tty/pty.c:391 So this is tty_port for o_tty. ... > BUG: memory leak > unreferenced object 0xffff88810e639800 (size 1024): > comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) > hex dump (first 32 bytes): > 01 54 00 00 01 00 00 00 00 00 00 00 00 00 00 00 .T.............. > 00 83 fa 19 82 88 ff ff a0 7f 9b 83 ff ff ff ff ................ > backtrace: > [<000000003d61da44>] kmemleak_alloc_recursive > include/linux/kmemleak.h:43 [inline] > [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] > [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] > [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 > [<000000001cfffc30>] kmalloc include/linux/slab.h:552 [inline] > [<000000001cfffc30>] kzalloc include/linux/slab.h:748 [inline] > [<000000001cfffc30>] alloc_tty_struct+0x3f/0x290 > drivers/tty/tty_io.c:2981 > [<000000001946a70c>] pty_common_install+0xac/0x2b0 > drivers/tty/pty.c:399 And this is o_tty proper. So we leak whole o_tty under some circumstances... Trying to reproduce. BTW the reproducer says: ioctl$TCSETS(r0, 0x40045431, ...) But 0x40045431 is TIOCSPTLCK, not TCSETS. thanks, -- js suse labs ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: memory leak in pty_common_install 2019-08-02 6:23 ` Jiri Slaby @ 2019-08-03 14:22 ` Jiri Slaby 0 siblings, 0 replies; 5+ messages in thread From: Jiri Slaby @ 2019-08-03 14:22 UTC (permalink / raw) To: syzbot, syzkaller-bugs, gregkh, linux-kernel On 02. 08. 19, 8:23, Jiri Slaby wrote: > On 30. 07. 19, 17:08, syzbot wrote: >> Hello, >> >> syzbot found the following crash on: >> >> HEAD commit: 6789f873 Merge tag 'pm-5.3-rc2' of >> git://git.kernel.org/pu.. >> git tree: upstream >> console output: https://syzkaller.appspot.com/x/log.txt?x=1696897c600000 >> kernel config: https://syzkaller.appspot.com/x/.config?x=339b6a6b3640d115 >> dashboard link: >> https://syzkaller.appspot.com/bug?extid=bdebcbf44250d75bdd82 >> compiler: gcc (GCC) 9.0.0 20181231 (experimental) >> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=153d7544600000 >> >> IMPORTANT: if you fix the bug, please add the following tag to the commit: >> Reported-by: syzbot+bdebcbf44250d75bdd82@syzkaller.appspotmail.com >> >> BUG: memory leak >> unreferenced object 0xffff88810d84d400 (size 512): >> comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) >> hex dump (first 32 bytes): >> 50 d4 84 0d 81 88 ff ff e0 ff ff ff 0f 00 00 00 P............... >> 10 d4 84 0d 81 88 ff ff 10 d4 84 0d 81 88 ff ff ................ >> backtrace: >> [<000000003d61da44>] kmemleak_alloc_recursive >> include/linux/kmemleak.h:43 [inline] >> [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] >> [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] >> [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 >> [<00000000a6239e0a>] kmalloc include/linux/slab.h:552 [inline] >> [<00000000a6239e0a>] pty_common_install+0x4e/0x2b0 >> drivers/tty/pty.c:391 > > So this is tty_port for o_tty. > > ... > >> BUG: memory leakx >> unreferenced object 0xffff88810e639800 (size 1024): >> comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) >> hex dump (first 32 bytes): >> 01 54 00 00 01 00 00 00 00 00 00 00 00 00 00 00 .T.............. >> 00 83 fa 19 82 88 ff ff a0 7f 9b 83 ff ff ff ff ................ >> backtrace: >> [<000000003d61da44>] kmemleak_alloc_recursive >> include/linux/kmemleak.h:43 [inline] >> [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] >> [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] >> [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 >> [<000000001cfffc30>] kmalloc include/linux/slab.h:552 [inline] >> [<000000001cfffc30>] kzalloc include/linux/slab.h:748 [inline] >> [<000000001cfffc30>] alloc_tty_struct+0x3f/0x290 >> drivers/tty/tty_io.c:2981 >> [<000000001946a70c>] pty_common_install+0xac/0x2b0 >> drivers/tty/pty.c:399 > > And this is o_tty proper. So we leak whole o_tty under some > circumstances... Trying to reproduce. And I failed. Looking into the code, I also can't find the scenario. One virtually possible could be hangup_work being cancelled while release_one_tty was scheduled on it. But I see this nowhere. A C reproducer would help. > BTW the reproducer says: > ioctl$TCSETS(r0, 0x40045431, ...) > > But 0x40045431 is TIOCSPTLCK, not TCSETS. > > thanks,-- js suse labs ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [syzbot] memory leak in pty_common_install 2019-07-30 15:08 memory leak in pty_common_install syzbot 2019-08-02 6:23 ` Jiri Slaby @ 2022-06-30 6:09 ` syzbot 1 sibling, 0 replies; 5+ messages in thread From: syzbot @ 2022-06-30 6:09 UTC (permalink / raw) To: anant.thazhemadam, gregkh, hdanton, jirislaby, jslaby, jslaby, linux-kernel, phind.uet, syzkaller-bugs syzbot has found a reproducer for the following issue on: HEAD commit: d9b2ba67917c Merge tag 'platform-drivers-x86-v5.19-3' of g.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=1795f0f0080000 kernel config: https://syzkaller.appspot.com/x/.config?x=b6c1840347c4c391 dashboard link: https://syzkaller.appspot.com/bug?extid=bdebcbf44250d75bdd82 compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13d01f90080000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=126f34f0080000 IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+bdebcbf44250d75bdd82@syzkaller.appspotmail.com Warning: Permanently added '10.128.1.122' (ECDSA) to the list of known hosts. executing program executing program executing program BUG: memory leak unreferenced object 0xffff88810222e600 (size 512): comm "syz-executor149", pid 3615, jiffies 4294954919 (age 12.620s) hex dump (first 32 bytes): 50 e6 22 02 81 88 ff ff e0 ff ff ff 0f 00 00 00 P."............. 10 e6 22 02 81 88 ff ff 10 e6 22 02 81 88 ff ff .."......."..... backtrace: [<ffffffff8262ce09>] kmalloc include/linux/slab.h:600 [inline] [<ffffffff8262ce09>] pty_common_install+0x59/0x3d0 drivers/tty/pty.c:381 [<ffffffff8261decb>] tty_driver_install_tty drivers/tty/tty_io.c:1307 [inline] [<ffffffff8261decb>] tty_init_dev.part.0+0x5b/0x2f0 drivers/tty/tty_io.c:1419 [<ffffffff8261e1a0>] tty_init_dev+0x40/0x60 drivers/tty/tty_io.c:1409 [<ffffffff8262cc29>] ptmx_open drivers/tty/pty.c:834 [inline] [<ffffffff8262cc29>] ptmx_open+0xd9/0x210 drivers/tty/pty.c:800 [<ffffffff815dd68d>] chrdev_open+0x10d/0x340 fs/char_dev.c:414 [<ffffffff815cbf96>] do_dentry_open+0x1e6/0x660 fs/open.c:848 [<ffffffff815f26c1>] do_open fs/namei.c:3520 [inline] [<ffffffff815f26c1>] path_openat+0x18a1/0x1e70 fs/namei.c:3653 [<ffffffff815f5391>] do_filp_open+0xc1/0x1b0 fs/namei.c:3680 [<ffffffff815cf88d>] do_sys_openat2+0xed/0x260 fs/open.c:1278 [<ffffffff815d02df>] do_sys_open fs/open.c:1294 [inline] [<ffffffff815d02df>] __do_sys_openat fs/open.c:1310 [inline] [<ffffffff815d02df>] __se_sys_openat fs/open.c:1305 [inline] [<ffffffff815d02df>] __x64_sys_openat+0x7f/0xe0 fs/open.c:1305 [<ffffffff845ac915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [<ffffffff845ac915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 [<ffffffff8460006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0 BUG: memory leak unreferenced object 0xffff88810213d400 (size 1024): comm "syz-executor149", pid 3615, jiffies 4294954919 (age 12.620s) hex dump (first 32 bytes): 01 54 00 00 01 00 00 00 00 00 00 00 00 00 00 00 .T.............. 40 be ca 41 81 88 ff ff 60 65 c5 84 ff ff ff ff @..A....`e...... backtrace: [<ffffffff8261dbbc>] kmalloc include/linux/slab.h:600 [inline] [<ffffffff8261dbbc>] kzalloc include/linux/slab.h:733 [inline] [<ffffffff8261dbbc>] alloc_tty_struct+0x3c/0x2f0 drivers/tty/tty_io.c:3091 [<ffffffff8262ce72>] pty_common_install+0xc2/0x3d0 drivers/tty/pty.c:389 [<ffffffff8261decb>] tty_driver_install_tty drivers/tty/tty_io.c:1307 [inline] [<ffffffff8261decb>] tty_init_dev.part.0+0x5b/0x2f0 drivers/tty/tty_io.c:1419 [<ffffffff8261e1a0>] tty_init_dev+0x40/0x60 drivers/tty/tty_io.c:1409 [<ffffffff8262cc29>] ptmx_open drivers/tty/pty.c:834 [inline] [<ffffffff8262cc29>] ptmx_open+0xd9/0x210 drivers/tty/pty.c:800 [<ffffffff815dd68d>] chrdev_open+0x10d/0x340 fs/char_dev.c:414 [<ffffffff815cbf96>] do_dentry_open+0x1e6/0x660 fs/open.c:848 [<ffffffff815f26c1>] do_open fs/namei.c:3520 [inline] [<ffffffff815f26c1>] path_openat+0x18a1/0x1e70 fs/namei.c:3653 [<ffffffff815f5391>] do_filp_open+0xc1/0x1b0 fs/namei.c:3680 [<ffffffff815cf88d>] do_sys_openat2+0xed/0x260 fs/open.c:1278 [<ffffffff815d02df>] do_sys_open fs/open.c:1294 [inline] [<ffffffff815d02df>] __do_sys_openat fs/open.c:1310 [inline] [<ffffffff815d02df>] __se_sys_openat fs/open.c:1305 [inline] [<ffffffff815d02df>] __x64_sys_openat+0x7f/0xe0 fs/open.c:1305 [<ffffffff845ac915>] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [<ffffffff845ac915>] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 [<ffffffff8460006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0 ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <20190804142339.8180-1-hdanton@sina.com>]
* Re: memory leak in pty_common_install [not found] <20190804142339.8180-1-hdanton@sina.com> @ 2019-08-05 9:11 ` Jiri Slaby 0 siblings, 0 replies; 5+ messages in thread From: Jiri Slaby @ 2019-08-05 9:11 UTC (permalink / raw) To: Hillf Danton, syzbot; +Cc: syzkaller-bugs, gregkh, linux-kernel On 04. 08. 19, 16:23, Hillf Danton wrote: > > On Tue, 30 Jul 2019 08:08:05 -0700 >> Hello, >> >> syzbot found the following crash on: >> >> HEAD commit: 6789f873 Merge tag 'pm-5.3-rc2' of git://git.kernel.org/pu.. >> git tree: upstream >> console output: https://syzkaller.appspot.com/x/log.txt?x=1696897c600000 >> kernel config: https://syzkaller.appspot.com/x/.config?x=339b6a6b3640d115 >> dashboard link: https://syzkaller.appspot.com/bug?extid=bdebcbf44250d75bdd82 >> compiler: gcc (GCC) 9.0.0 20181231 (experimental) >> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=153d7544600000 >> >> IMPORTANT: if you fix the bug, please add the following tag to the commit: >> Reported-by: syzbot+bdebcbf44250d75bdd82@syzkaller.appspotmail.com >> >> BUG: memory leak >> unreferenced object 0xffff88810d84d400 (size 512): >> comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) >> hex dump (first 32 bytes): >> 50 d4 84 0d 81 88 ff ff e0 ff ff ff 0f 00 00 00 P............... >> 10 d4 84 0d 81 88 ff ff 10 d4 84 0d 81 88 ff ff ................ >> backtrace: >> [<000000003d61da44>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] >> [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] >> [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] >> [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 >> [<00000000a6239e0a>] kmalloc include/linux/slab.h:552 [inline] >> [<00000000a6239e0a>] pty_common_install+0x4e/0x2b0 drivers/tty/pty.c:391 >> [<00000000bd8cb19d>] pty_unix98_install+0x20/0x30 drivers/tty/pty.c:740 >> [<000000001b46b5e1>] tty_driver_install_tty drivers/tty/tty_io.c:1227 [inline] >> [<000000001b46b5e1>] tty_init_dev drivers/tty/tty_io.c:1340 [inline] >> [<000000001b46b5e1>] tty_init_dev+0x86/0x210 drivers/tty/tty_io.c:1317 >> [<00000000845ae712>] ptmx_open drivers/tty/pty.c:845 [inline] >> [<00000000845ae712>] ptmx_open+0xba/0x1c0 drivers/tty/pty.c:811 >> [<000000007e87d771>] chrdev_open+0xe3/0x290 fs/char_dev.c:414 >> [<00000000bd556826>] do_dentry_open+0x199/0x4f0 fs/open.c:797 >> [<000000001ba9145b>] vfs_open+0x35/0x40 fs/open.c:906 >> [<00000000c0275eb4>] do_last fs/namei.c:3416 [inline] >> [<00000000c0275eb4>] path_openat+0x854/0x1cd0 fs/namei.c:3533 >> [<00000000156ad8b1>] do_filp_open+0xaa/0x130 fs/namei.c:3563 >> [<00000000074d96c0>] do_sys_open+0x253/0x330 fs/open.c:1089 >> [<000000009f7fc64a>] __do_sys_openat fs/open.c:1116 [inline] >> [<000000009f7fc64a>] __se_sys_openat fs/open.c:1110 [inline] >> [<000000009f7fc64a>] __x64_sys_openat+0x24/0x30 fs/open.c:1110 >> [<000000005ca4479f>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:296 >> [<00000000e1f64b0f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 >> >> BUG: memory leak >> unreferenced object 0xffff88810e639800 (size 1024): >> comm "syz-executor.5", pid 7522, jiffies 4294954305 (age 14.260s) >> hex dump (first 32 bytes): >> 01 54 00 00 01 00 00 00 00 00 00 00 00 00 00 00 .T.............. >> 00 83 fa 19 82 88 ff ff a0 7f 9b 83 ff ff ff ff ................ >> backtrace: >> [<000000003d61da44>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] >> [<000000003d61da44>] slab_post_alloc_hook mm/slab.h:522 [inline] >> [<000000003d61da44>] slab_alloc mm/slab.c:3319 [inline] >> [<000000003d61da44>] kmem_cache_alloc_trace+0x145/0x2c0 mm/slab.c:3548 >> [<000000001cfffc30>] kmalloc include/linux/slab.h:552 [inline] >> [<000000001cfffc30>] kzalloc include/linux/slab.h:748 [inline] >> [<000000001cfffc30>] alloc_tty_struct+0x3f/0x290 drivers/tty/tty_io.c:2981 >> [<000000001946a70c>] pty_common_install+0xac/0x2b0 drivers/tty/pty.c:399 >> [<00000000bd8cb19d>] pty_unix98_install+0x20/0x30 drivers/tty/pty.c:740 >> [<000000001b46b5e1>] tty_driver_install_tty drivers/tty/tty_io.c:1227 [inline] >> [<000000001b46b5e1>] tty_init_dev drivers/tty/tty_io.c:1340 [inline] >> [<000000001b46b5e1>] tty_init_dev+0x86/0x210 drivers/tty/tty_io.c:1317 >> [<00000000845ae712>] ptmx_open drivers/tty/pty.c:845 [inline] >> [<00000000845ae712>] ptmx_open+0xba/0x1c0 drivers/tty/pty.c:811 >> [<000000007e87d771>] chrdev_open+0xe3/0x290 fs/char_dev.c:414 >> [<00000000bd556826>] do_dentry_open+0x199/0x4f0 fs/open.c:797 >> [<000000001ba9145b>] vfs_open+0x35/0x40 fs/open.c:906 >> [<00000000c0275eb4>] do_last fs/namei.c:3416 [inline] >> [<00000000c0275eb4>] path_openat+0x854/0x1cd0 fs/namei.c:3533 >> [<00000000156ad8b1>] do_filp_open+0xaa/0x130 fs/namei.c:3563 >> [<00000000074d96c0>] do_sys_open+0x253/0x330 fs/open.c:1089 >> [<000000009f7fc64a>] __do_sys_openat fs/open.c:1116 [inline] >> [<000000009f7fc64a>] __se_sys_openat fs/open.c:1110 [inline] >> [<000000009f7fc64a>] __x64_sys_openat+0x24/0x30 fs/open.c:1110 >> [<000000005ca4479f>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:296 >> [<00000000e1f64b0f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 > > Reset tty for port if none cares the open result. Could you elaborate on how tty_port_open affects ptys? I.e. how does this report relates to the change below? And why do you think it is necessary at all? tty_port_close should take care of it. > --- a/drivers/tty/tty_port.c > +++ b/drivers/tty/tty_port.c > @@ -669,6 +669,8 @@ EXPORT_SYMBOL_GPL(tty_port_install); > int tty_port_open(struct tty_port *port, struct tty_struct *tty, > struct file *filp) > { > + int retval = 0; > + > spin_lock_irq(&port->lock); > ++port->count; > spin_unlock_irq(&port->lock); > @@ -685,16 +687,18 @@ int tty_port_open(struct tty_port *port, > if (!tty_port_initialized(port)) { > clear_bit(TTY_IO_ERROR, &tty->flags); > if (port->ops->activate) { > - int retval = port->ops->activate(port, tty); > - if (retval) { > - mutex_unlock(&port->mutex); > - return retval; > - } > + retval = port->ops->activate(port, tty); > + if (retval) > + goto out; > } > tty_port_set_initialized(port, 1); > } > +out: > mutex_unlock(&port->mutex); > - return tty_port_block_til_ready(port, tty, filp); > + if (!retval) > + retval = tty_port_block_til_ready(port, tty, filp); > + if (retval) > + tty_port_tty_set(port, 0); > + return retval; > } > - > EXPORT_SYMBOL(tty_port_open); > -- > > thanks, -- js suse labs ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-06-30 6:09 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-07-30 15:08 memory leak in pty_common_install syzbot 2019-08-02 6:23 ` Jiri Slaby 2019-08-03 14:22 ` Jiri Slaby 2022-06-30 6:09 ` [syzbot] " syzbot [not found] <20190804142339.8180-1-hdanton@sina.com> 2019-08-05 9:11 ` Jiri Slaby
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).