Re: tty: memory leak in tty_register_driver

[Paul Bolle]

Dmitry,

On ma, 2016-02-15 at 11:42 +0100, Dmitry Vyukov wrote:
> When I am running the following program in a parallel loop, kmemleak
> starts reporting memory leaks of objects allocated in
> tty_register_driver during boot.

Because these tty drivers are built in?

>  These leaks start popping up
> chaotically and as you can see they originate in different drivers
> (synclinkmp_init, isdn_init, chr_dev_init, sysfs_init).
> 
> On commit 388f7b1d6e8ca06762e2454d28d6c3c55ad0fe95 (4.5-rc3).
> 
> // autogenerated by syzkaller (http://github.com/google/syzkaller)
> #include <sys/types.h>
> #include <sys/stat.h>
> #include <fcntl.h>
> #include <sys/ioctl.h>

If you (or syzkaller) add
	#include <linux/tty.h>

here...

> int main()
> {
>   int fd, val;
> 
>   fd = open("/dev/ptmx", O_RDWR);
>   val = 21;

you can use
	val = N_GSM0710;

here. That is probably much clearer for the readers of this report. (No
one bothers to remember these values. No one sane, at least.)

>   ioctl(fd, TIOCSETD, &val);
>   return 0;
> }

Fascinating issue. Makes zero sense to me. sysfs_init? Anyhow, since the
people actually familiar with this code have stayed silent until now, I
have some obvious questions:
- does this only trigger with line discipline N_GSM0710?
- is this a new issue or do older trees also trigger it (in other
  words: have you tried bisecting this)?

Thanks,


Paul Bolle