syzbot


memory leak in tty_init_dev

Status: fixed on 2021/11/10 00:50
Subsystems: serial
[Documentation on labels]
Reported-by: syzbot+f303e045423e617d2cad@syzkaller.appspotmail.com
Fix commit: 58af3d3d54e8 net: caif: fix memory leak in ldisc_open
First crash: 1652d, last: 1004d
Discussions (16)
Title Replies (including bot) Last reply
[PATCH 4.4 00/57] 4.4.274-rc1 review 65 (65) 2021/07/10 14:59
[PATCH 5.10 000/101] 5.10.47-rc1 review 116 (116) 2021/07/05 12:00
[PATCH 4.19 000/109] 4.19.196-rc1 review 115 (115) 2021/07/01 10:21
[PATCH 5.12 000/110] 5.12.14-rc1 review 123 (123) 2021/06/30 12:45
[PATCH 4.14 00/88] 4.14.238-rc1 review 92 (92) 2021/06/30 06:19
[PATCH 4.9 00/71] 4.9.274-rc1 review 77 (77) 2021/06/29 23:43
[PATCH 5.4 00/71] 5.4.129-rc1 review 81 (81) 2021/06/29 18:20
[PATCH AUTOSEL 4.4 1/9] cfg80211: call cfg80211_leave_ocb when switching away from OCB 9 (9) 2021/06/21 17:56
[PATCH AUTOSEL 4.9 01/13] mac80211: remove warning in ieee80211_get_sband() 13 (13) 2021/06/21 17:55
[PATCH AUTOSEL 4.14 01/13] mac80211: remove warning in ieee80211_get_sband() 13 (13) 2021/06/21 17:55
[PATCH AUTOSEL 4.19 01/16] mac80211: remove warning in ieee80211_get_sband() 16 (16) 2021/06/21 17:54
[PATCH AUTOSEL 5.4 01/26] dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() 26 (26) 2021/06/21 17:53
[PATCH AUTOSEL 5.10 01/35] dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() 35 (35) 2021/06/21 17:53
[PATCH AUTOSEL 5.12 01/39] dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() 39 (39) 2021/06/21 17:51
[PATCH] net: caif: fix memory leak in ldisc_open 2 (2) 2021/06/14 19:30
memory leak in tty_init_dev 0 (1) 2019/08/29 21:28
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream memory leak in tty_init_dev (2) serial C 1 652d 648d 0/26 auto-obsoleted due to no activity on 2023/04/14 07:29
Last patch testing requests (2)
Created Duration User Patch Repo Result
2021/06/12 12:59 15m paskripkin@gmail.com patch upstream OK
2020/09/23 10:40 3m anant.thazhemadam@gmail.com upstream error OK

Sample crash report:
BUG: memory leak
unreferenced object 0xffff88810b6a1c00 (size 1024):
  comm "syz-executor275", pid 8485, jiffies 4294949277 (age 13.800s)
  hex dump (first 32 bytes):
    01 54 00 00 01 00 00 00 00 cc 9c 42 81 88 ff ff  .T.........B....
    80 24 8c 42 81 88 ff ff a0 1a a3 84 ff ff ff ff  .$.B............
  backtrace:
    [<00000000b792389d>] kmalloc include/linux/slab.h:552 [inline]
    [<00000000b792389d>] kzalloc include/linux/slab.h:682 [inline]
    [<00000000b792389d>] alloc_tty_struct+0x3c/0x2e0 drivers/tty/tty_io.c:2987
    [<000000000483200f>] tty_init_dev.part.0+0x20/0x250 drivers/tty/tty_io.c:1335
    [<00000000c124343d>] tty_init_dev drivers/tty/tty_io.c:1979 [inline]
    [<00000000c124343d>] tty_open_by_driver drivers/tty/tty_io.c:1987 [inline]
    [<00000000c124343d>] tty_open+0x882/0xa20 drivers/tty/tty_io.c:2035
    [<00000000004c360e>] chrdev_open+0x10d/0x340 fs/char_dev.c:414
    [<00000000dcb15ca5>] do_dentry_open+0x1e6/0x620 fs/open.c:817
    [<0000000071c204de>] do_open fs/namei.c:3254 [inline]
    [<0000000071c204de>] path_openat+0x74a/0x1b00 fs/namei.c:3371
    [<0000000003c24a4a>] do_filp_open+0xa0/0x190 fs/namei.c:3398
    [<000000003bc2b77f>] do_sys_openat2+0xed/0x230 fs/open.c:1172
    [<00000000374986fc>] do_sys_open fs/open.c:1188 [inline]
    [<00000000374986fc>] __do_sys_openat fs/open.c:1204 [inline]
    [<00000000374986fc>] __se_sys_openat fs/open.c:1199 [inline]
    [<00000000374986fc>] __x64_sys_openat+0x7f/0xe0 fs/open.c:1199
    [<00000000d3bdaba6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<0000000010c109c7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88810eff5c00 (size 1024):
  comm "syz-executor275", pid 8489, jiffies 4294949855 (age 8.020s)
  hex dump (first 32 bytes):
    01 54 00 00 01 00 00 00 00 cc 9c 42 81 88 ff ff  .T.........B....
    80 24 8c 42 81 88 ff ff a0 1a a3 84 ff ff ff ff  .$.B............
  backtrace:
    [<00000000b792389d>] kmalloc include/linux/slab.h:552 [inline]
    [<00000000b792389d>] kzalloc include/linux/slab.h:682 [inline]
    [<00000000b792389d>] alloc_tty_struct+0x3c/0x2e0 drivers/tty/tty_io.c:2987
    [<000000000483200f>] tty_init_dev.part.0+0x20/0x250 drivers/tty/tty_io.c:1335
    [<00000000c124343d>] tty_init_dev drivers/tty/tty_io.c:1979 [inline]
    [<00000000c124343d>] tty_open_by_driver drivers/tty/tty_io.c:1987 [inline]
    [<00000000c124343d>] tty_open+0x882/0xa20 drivers/tty/tty_io.c:2035
    [<00000000004c360e>] chrdev_open+0x10d/0x340 fs/char_dev.c:414
    [<00000000dcb15ca5>] do_dentry_open+0x1e6/0x620 fs/open.c:817
    [<0000000071c204de>] do_open fs/namei.c:3254 [inline]
    [<0000000071c204de>] path_openat+0x74a/0x1b00 fs/namei.c:3371
    [<0000000003c24a4a>] do_filp_open+0xa0/0x190 fs/namei.c:3398
    [<000000003bc2b77f>] do_sys_openat2+0xed/0x230 fs/open.c:1172
    [<00000000374986fc>] do_sys_open fs/open.c:1188 [inline]
    [<00000000374986fc>] __do_sys_openat fs/open.c:1204 [inline]
    [<00000000374986fc>] __se_sys_openat fs/open.c:1199 [inline]
    [<00000000374986fc>] __x64_sys_openat+0x7f/0xe0 fs/open.c:1199
    [<00000000d3bdaba6>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<0000000010c109c7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9


Crashes (9):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/01/17 17:16 upstream 0da0a8a0a0e1 813be542 .config console log report syz C ci-upstream-gce-leak memory leak in tty_init_dev
2020/12/19 06:43 upstream a409ed156a90 04201c06 .config console log report syz C ci-upstream-gce-leak
2019/10/31 05:58 upstream 320000e72ec0 a41ca8fa .config console log report syz C ci-upstream-gce-leak
2019/08/25 19:38 upstream e67095fd2f72 d21c5d9d .config console log report syz C ci-upstream-gce-leak
2021/06/03 17:34 upstream 324c92e5e0ee 0740de69 .config console log report syz ci-upstream-gce-leak memory leak in tty_init_dev
2021/01/02 11:10 upstream eda809aef534 79264ae3 .config console log report syz ci-upstream-gce-leak
2020/12/14 01:28 upstream 6bff9bb8a292 b22a7ec3 .config console log report syz ci-upstream-gce-leak
2020/12/13 14:39 upstream 7b1b868e1d91 bca53db9 .config console log report syz ci-upstream-gce-leak
2019/11/08 14:05 upstream 847120f859cc 1e35461e .config console log report syz ci-upstream-gce-leak
* Struck through repros no longer work on HEAD.