* [Bug libdw/28655] New: There seems to be a memory leak in file_read_elf
@ 2021-12-06 11:52 evvers at ya dot ru
2021-12-08 23:01 ` [Bug libdw/28655] " mark at klomp dot org
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: evvers at ya dot ru @ 2021-12-06 11:52 UTC (permalink / raw)
To: elfutils-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28655
Bug ID: 28655
Summary: There seems to be a memory leak in file_read_elf
Product: elfutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libdw
Assignee: unassigned at sourceware dot org
Reporter: evvers at ya dot ru
CC: elfutils-devel at sourceware dot org
Target Milestone: ---
Created attachment 13823
--> https://sourceware.org/bugzilla/attachment.cgi?id=13823&action=edit
File triggering a memory leak
One of systemd fuzz targets discovered a memory leak in file_read_elf. It can
be reproduced by building the master branch of the elfutils repository and
passing the attachment to `./src/stack` run under Valgrind
```
autoreconf -i -f
./configure --enable-maintainer-mode
make -j$(nproc) V=1
LD_PRELOAD="./libelf/libelf.so ./libdw/libdw.so" valgrind --leak-check=full
./src/stack --core ../oss-fuzz-41568
...
==63344== HEAP SUMMARY:
==63344== in use at exit: 16,722,041 bytes in 108 blocks
==63344== total heap usage: 4,580 allocs, 4,472 frees, 16,980,258 bytes
allocated
==63344==
==63344== 264 bytes in 1 blocks are definitely lost in loss record 9 of 19
==63344== at 0x4845464: calloc (vg_replace_malloc.c:1328)
==63344== by 0x4855711: allocate_elf (common.h:74)
==63344== by 0x4855711: file_read_elf (elf_begin.c:320)
==63344== by 0x485607A: __libelf_read_mmaped_file (elf_begin.c:559)
==63344== by 0x48C52AA: dwfl_segment_report_module
(dwfl_segment_report_module.c:955)
==63344== by 0x48C7C87: dwfl_core_file_report@@ELFUTILS_0.158
(core-file.c:559)
==63344== by 0x402EC6: parse_opt (stack.c:595)
==63344== by 0x4C3AF81: argp_parse (in /usr/lib64/libc-2.33.so)
==63344== by 0x4024EA: main (stack.c:695)
==63344==
```
It was also reported in
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41568
```
==618914==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 264 byte(s) in 1 object(s) allocated from:
#0 0x526002 in __interceptor_calloc
/src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:138:3
#1 0x636d4e in allocate_elf /src/elfutils/libelf/common.h:74:17
#2 0x636d4e in file_read_elf /src/elfutils/libelf/elf_begin.c:320:14
#3 0x6362aa in __libelf_read_mmaped_file
/src/elfutils/libelf/elf_begin.c:559:14
#4 0x64ba42 in elf_memory /src/elfutils/libelf/elf_memory.c:49:10
#5 0x5f9867 in dwfl_segment_report_module
/src/elfutils/libdwfl/dwfl_segment_report_module.c:955:13
#6 0x567135 in dwfl_core_file_report
/src/elfutils/libdwfl/core-file.c:559:17
#7 0x55f280 in LLVMFuzzerTestOneInput /src/fuzz-dwfl-core.c:52:6
#8 0x456ca3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*,
unsigned long) cxa_noexception.cpp:0
#9 0x4425b2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned
long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
#10 0x44807a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char
const*, unsigned long)) cxa_noexception.cpp:0
#11 0x470fa2 in main
/src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#12 0x7fe13555c0b2 in __libc_start_main
/build/glibc-eX1tMB/glibc-2.31/csu/libc-start.c:308:16
```
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug libdw/28655] There seems to be a memory leak in file_read_elf
2021-12-06 11:52 [Bug libdw/28655] New: There seems to be a memory leak in file_read_elf evvers at ya dot ru
@ 2021-12-08 23:01 ` mark at klomp dot org
2021-12-09 0:39 ` evvers at ya dot ru
2021-12-09 19:31 ` mark at klomp dot org
2 siblings, 0 replies; 4+ messages in thread
From: mark at klomp dot org @ 2021-12-08 23:01 UTC (permalink / raw)
To: elfutils-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28655
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mark at klomp dot org
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0 |1
Assignee|unassigned at sourceware dot org |mark at klomp dot org
Last reconfirmed| |2021-12-08
--- Comment #1 from Mark Wielaard <mark at klomp dot org> ---
Proposed patch:
https://sourceware.org/pipermail/elfutils-devel/2021q4/004480.html
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug libdw/28655] There seems to be a memory leak in file_read_elf
2021-12-06 11:52 [Bug libdw/28655] New: There seems to be a memory leak in file_read_elf evvers at ya dot ru
2021-12-08 23:01 ` [Bug libdw/28655] " mark at klomp dot org
@ 2021-12-09 0:39 ` evvers at ya dot ru
2021-12-09 19:31 ` mark at klomp dot org
2 siblings, 0 replies; 4+ messages in thread
From: evvers at ya dot ru @ 2021-12-09 0:39 UTC (permalink / raw)
To: elfutils-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28655
--- Comment #2 from Evgeny Vereshchagin <evvers at ya dot ru> ---
I can't seem to reproduce that memory leak anymore. Thanks!
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug libdw/28655] There seems to be a memory leak in file_read_elf
2021-12-06 11:52 [Bug libdw/28655] New: There seems to be a memory leak in file_read_elf evvers at ya dot ru
2021-12-08 23:01 ` [Bug libdw/28655] " mark at klomp dot org
2021-12-09 0:39 ` evvers at ya dot ru
@ 2021-12-09 19:31 ` mark at klomp dot org
2 siblings, 0 replies; 4+ messages in thread
From: mark at klomp dot org @ 2021-12-09 19:31 UTC (permalink / raw)
To: elfutils-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28655
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #3 from Mark Wielaard <mark at klomp dot org> ---
Thanks for testing, pushed as:
commit 98e7adf70896ac179258d41c2aac38e9e91614bb
Author: Mark Wielaard <mark@klomp.org>
Date: Wed Dec 8 23:44:34 2021 +0100
libdwfl: Don't install an Elf handle in a Dwfl_Module twice
dwfl_segment_report_module can be called with the same module
name, start and end address twice (probably because of a corrupt
core file). In that case don't override the main.elf handle if
it already exists.
https://sourceware.org/bugzilla/show_bug.cgi?id=28655
Signed-off-by: Mark Wielaard <mark@klomp.org>
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-12-09 19:31 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-06 11:52 [Bug libdw/28655] New: There seems to be a memory leak in file_read_elf evvers at ya dot ru
2021-12-08 23:01 ` [Bug libdw/28655] " mark at klomp dot org
2021-12-09 0:39 ` evvers at ya dot ru
2021-12-09 19:31 ` mark at klomp dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).