Re: [PATCH] slcan: Fix memory leak in error path

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

jouni.hogander@xxxxxxxxxx (Jouni Högander) writes:

> jouni.hogander@xxxxxxxxxx writes:
>
>> From: Jouni Hogander <jouni.hogander@xxxxxxxxxx>
>>
>> This patch is fixing memory leak reported by Syzkaller:
>>
>> BUG: memory leak unreferenced object 0xffff888067f65500 (size 4096):
>>   comm "syz-executor043", pid 454, jiffies 4294759719 (age 11.930s)
>>   hex dump (first 32 bytes):
>>     73 6c 63 61 6e 30 00 00 00 00 00 00 00 00 00 00 slcan0..........
>>     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
>>   backtrace:
>>     [<00000000a06eec0d>] __kmalloc+0x18b/0x2c0
>>     [<0000000083306e66>] kvmalloc_node+0x3a/0xc0
>>     [<000000006ac27f87>] alloc_netdev_mqs+0x17a/0x1080
>>     [<0000000061a996c9>] slcan_open+0x3ae/0x9a0
>>     [<000000001226f0f9>] tty_ldisc_open.isra.1+0x76/0xc0
>>     [<0000000019289631>] tty_set_ldisc+0x28c/0x5f0
>>     [<000000004de5a617>] tty_ioctl+0x48d/0x1590
>>     [<00000000daef496f>] do_vfs_ioctl+0x1c7/0x1510
>>     [<0000000059068dbc>] ksys_ioctl+0x99/0xb0
>>     [<000000009a6eb334>] __x64_sys_ioctl+0x78/0xb0
>>     [<0000000053d0332e>] do_syscall_64+0x16f/0x580
>>     [<0000000021b83b99>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
>>     [<000000008ea75434>] 0xffffffffffffffff
>>
>> Cc: Wolfgang Grandegger <wg@xxxxxxxxxxxxxx>
>> Cc: Marc Kleine-Budde <mkl@xxxxxxxxxxxxxx>
>> Cc: Lukas Bulwahn <lukas.bulwahn@xxxxxxxxx>
>> Signed-off-by: Jouni Hogander <jouni.hogander@xxxxxxxxxx>
>> ---
>>  drivers/net/can/slcan.c | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/drivers/net/can/slcan.c b/drivers/net/can/slcan.c
>> index bb6032211043..0a9f42e5fedf 100644
>> --- a/drivers/net/can/slcan.c
>> +++ b/drivers/net/can/slcan.c
>> @@ -617,6 +617,7 @@ static int slcan_open(struct tty_struct *tty)
>>  	sl->tty = NULL;
>>  	tty->disc_data = NULL;
>>  	clear_bit(SLF_INUSE, &sl->flags);
>> +	free_netdev(sl->dev);
>>  
>>  err_exit:
>>  	rtnl_unlock();
>
> Observed panic in another error path in my overnight Syzkaller run with
> this patch. Better not to apply it. Sorry for inconvenience.

The panic was caused by another error path fix I had in my Syzkaller
setup. I.e. this patch is ok.

BR,

Jouni Högander
[Index of Archives]     [Automotive Discussions]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]     [CAN Bus]

  Powered by Linux