From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tdevries@suse.de>
Received: from mx2.suse.de (mx2.suse.de [195.135.220.15])
 by sourceware.org (Postfix) with ESMTPS id 99FEE385BF9E
 for <dwz@sourceware.org>; Tue, 23 Mar 2021 13:19:06 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 99FEE385BF9E
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=suse.de
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=tdevries@suse.de
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.221.27])
 by mx2.suse.de (Postfix) with ESMTP id B61DEAD38;
 Tue, 23 Mar 2021 13:19:05 +0000 (UTC)
Date: Tue, 23 Mar 2021 14:19:03 +0100
From: Tom de Vries <tdevries@suse.de>
To: dwz@sourceware.org, jakub@redhat.com, mark@klomp.org
Subject: [PATCH] Fix low-mem memory leak
Message-ID: <20210323131902.GA17162@delia>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Spam-Status: No, score=-12.2 required=5.0 tests=BAYES_00, GIT_PATCH_0,
 KAM_DMARC_STATUS, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,
 SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: dwz@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Dwz mailing list <dwz.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/dwz>,
 <mailto:dwz-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/dwz/>
List-Help: <mailto:dwz-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/dwz>,
 <mailto:dwz-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 13:19:08 -0000

Hi,

When building dwz with -fsanitize=address, and running dwz in low-mem mode, we
run into a number of memory leaks:
...
$ dwz hello -o hello.z -l0

=================================================================
==22607==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 432 byte(s) in 6 object(s) allocated from:
    #0 0x7f560af846d8 in __interceptor_calloc (/usr/lib64/libasan.so.4+0xdc6d8)
    #1 0x475db1 in htab_try_create hashtab.c:164
    #2 0x406ed6 in read_abbrev dwz.c:1296
    #3 0x42bca9 in read_debug_info dwz.c:6818
    #4 0x4608cb in read_dwarf dwz.c:13706
    #5 0x46ef9a in dwz dwz.c:15383
    #6 0x474a27 in dwz_one_file dwz.c:16279
    #7 0x475951 in main dwz.c:16450
    #8 0x7f560a8f9349 in __libc_start_main (/lib64/libc.so.6+0x24349)

Direct leak of 72 byte(s) in 1 object(s) allocated from:
    #0 0x7f560af846d8 in __interceptor_calloc (/usr/lib64/libasan.so.4+0xdc6d8)
    #1 0x475db1 in htab_try_create hashtab.c:164
    #2 0x42a8fd in read_debug_info dwz.c:6634
    #3 0x4608cb in read_dwarf dwz.c:13706
    #4 0x46ef9a in dwz dwz.c:15383
    #5 0x474a27 in dwz_one_file dwz.c:16279
    #6 0x475951 in main dwz.c:16450
    #7 0x7f560a8f9349 in __libc_start_main (/lib64/libc.so.6+0x24349)

Indirect leak of 4072 byte(s) in 1 object(s) allocated from:
    #0 0x7f560af846d8 in __interceptor_calloc (/usr/lib64/libasan.so.4+0xdc6d8)
    #1 0x475dd7 in htab_try_create hashtab.c:168
    #2 0x42a8fd in read_debug_info dwz.c:6634
    #3 0x4608cb in read_dwarf dwz.c:13706
    #4 0x46ef9a in dwz dwz.c:15383
    #5 0x474a27 in dwz_one_file dwz.c:16279
    #6 0x475951 in main dwz.c:16450
    #7 0x7f560a8f9349 in __libc_start_main (/lib64/libc.so.6+0x24349)

Indirect leak of 2928 byte(s) in 6 object(s) allocated from:
    #0 0x7f560af846d8 in __interceptor_calloc (/usr/lib64/libasan.so.4+0xdc6d8)
    #1 0x475dd7 in htab_try_create hashtab.c:168
    #2 0x406ed6 in read_abbrev dwz.c:1296
    #3 0x42bca9 in read_debug_info dwz.c:6818
    #4 0x4608cb in read_dwarf dwz.c:13706
    #5 0x46ef9a in dwz dwz.c:15383
    #6 0x474a27 in dwz_one_file dwz.c:16279
    #7 0x475951 in main dwz.c:16450
    #8 0x7f560a8f9349 in __libc_start_main (/lib64/libc.so.6+0x24349)

SUMMARY: AddressSanitizer: 7504 byte(s) leaked in 14 allocation(s).
...

The leaks are related to the meta_abbrev_htab, which is allocated in
the initial read_debug_info call for .debug_info, and then allocated once more
in a second call to read_debug_info for .debug_types.

The second allocation overwrites the first one, and consequently the first one
is leaked.

Fix this by only allocating meta_abbrev_htab if not already allocated.

Any comments?

Thanks,
- Tom

Fix low-mem memory leak

2021-03-23  Tom de Vries  <tdevries@suse.de>

	PR dwz/27633
	* dwz.c (read_debug_info): Don't allocate meta_abbrev_htab if already
	allocated.

---
 dwz.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dwz.c b/dwz.c
index 4fc01a3..4707aa9 100644
--- a/dwz.c
+++ b/dwz.c
@@ -6628,7 +6628,8 @@ read_debug_info (DSO *dso, int kind, unsigned int *die_count)
       if (dup_htab == NULL)
 	dwz_oom ();
     }
-  if (unlikely (op_multifile || rd_multifile || fi_multifile || low_mem))
+  if (unlikely (meta_abbrev_htab == NULL
+		&& (op_multifile || rd_multifile || fi_multifile || low_mem)))
     {
       meta_abbrev_htab
 	= htab_try_create (500, meta_abbrev_hash, meta_abbrev_eq,