| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YaOi6pYqoc3boYX/@krava>
Date: Sun, 28 Nov 2021 16:40:26 +0100
From: Jiri Olsa <jolsa@...hat.com>
To: Ian Rogers <irogers@...gle.com>
Cc: Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Namhyung Kim <namhyung@...nel.org>,
linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org,
Stephane Eranian <eranian@...gle.com>
Subject: Re: [PATCH] perf map: Fix namespace memory leak
On Thu, Nov 18, 2021 at 11:37:14AM -0800, Ian Rogers wrote:
> This leak was happening reliably with test "Lookup mmap thread" with
> stack traces like:
>
> Direct leak of 5504 byte(s) in 172 object(s) allocated from:
> #0 0x7f4685e47987 in __interceptor_calloc
> #1 0x56063b974c2a in nsinfo__new util/namespaces.c:142
> #2 0x56063b9781ff in thread__new util/thread.c:70
> #3 0x56063b944953 in ____machine__findnew_thread util/machine.c:543
> #4 0x56063b944ac6 in __machine__findnew_thread util/machine.c:574
> #5 0x56063b944b36 in machine__findnew_thread util/machine.c:584
> #6 0x56063b94c892 in machine__process_fork_event util/machine.c:1954
> #7 0x56063b94cc1f in machine__process_event util/machine.c:2019
> #8 0x56063b894f18 in perf_event__process util/event.c:567
> #9 0x56063ba17951 in perf_tool__process_synth_event util/synthetic-events.c:65
> #10 0x56063ba19086 in perf_event__synthesize_fork util/synthetic-events.c:287
> #11 0x56063ba1c39d in __event__synthesize_thread util/synthetic-events.c:775
> #12 0x56063ba1cf6f in __perf_event__synthesize_threads util/synthetic-events.c:929
> #13 0x56063ba1d4ab in perf_event__synthesize_threads util/synthetic-events.c:1000
> #14 0x56063b821a3d in synth_all tests/mmap-thread-lookup.c:136
> #15 0x56063b821c86 in mmap_events tests/mmap-thread-lookup.c:174
> #16 0x56063b8221b7 in test__mmap_thread_lookup tests/mmap-thread-lookup.c:230
>
> The dso->nsinfo is overwritten, but without a nsinfo__put this can leak
> the overwritten nsinfo.
>
> Signed-off-by: Ian Rogers <irogers@...gle.com>
nice catch!
Acked-by: Jiri Olsa <jolsa@...hat.com>
thanks,
jirka
> ---
> tools/perf/util/map.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/tools/perf/util/map.c b/tools/perf/util/map.c
> index 8af693d9678c..ceed8f407bc0 100644
> --- a/tools/perf/util/map.c
> +++ b/tools/perf/util/map.c
> @@ -192,6 +192,7 @@ struct map *map__new(struct machine *machine, u64 start, u64 len,
> if (!(prot & PROT_EXEC))
> dso__set_loaded(dso);
> }
> + nsinfo__put(dso->nsinfo);
> dso->nsinfo = nsi;
>
> if (build_id__is_defined(bid))
> --
> 2.34.0.rc2.393.gf8c9666880-goog
>
Powered by blists - more mailing lists