Re: [PATCH] perf ksymbol: fix memory leak: decrease refcount of map and dso

From: Ian Rogers
Date: Fri Jun 04 2021 - 00:27:07 EST


On Wed, Jun 2, 2021 at 4:15 PM Riccardo Mancini <rickyman7@xxxxxxxxx> wrote:
>
> ASan reported a memory leak of BPF-related ksymbols map and dso.
> The leak is caused by refcount never reaching 0, due to missing
> __put calls in the function machine__process_ksymbol_register.
> Once the dso is inserted in map, dso__put should be called,
> since map__new2 has increased its refcount to 2.
> The same thing applies for the map when it's inserted into the
> rb-tree in maps (maps__insert increases the refcount to 2).
>
> $ sudo ./perf record -- sleep 5
> [ perf record: Woken up 1 times to write data ]
> [ perf record: Captured and wrote 0.025 MB perf.data (8 samples) ]
>
> =================================================================
> ==297735==ERROR: LeakSanitizer: detected memory leaks
>
> Direct leak of 6992 byte(s) in 19 object(s) allocated from:
> #0 0x4f43c7 in calloc (/home/user/linux/tools/perf/perf+0x4f43c7)
> #1 0x8e4e53 in map__new2 /home/user/linux/tools/perf/util/map.c:216:20
> #2 0x8cf68c in machine__process_ksymbol_register /home/user/linux/tools/perf/util/machine.c:778:10
> [...]
>
> Indirect leak of 8702 byte(s) in 19 object(s) allocated from:
> #0 0x4f43c7 in calloc (/home/user/linux/tools/perf/perf+0x4f43c7)
> #1 0x8728d7 in dso__new_id /home/user/linux/tools/perf/util/dso.c:1256:20
> #2 0x872015 in dso__new /home/user/linux/tools/perf/util/dso.c:1295:9
> #3 0x8cf623 in machine__process_ksymbol_register /home/user/linux/tools/perf/util/machine.c:774:21
> [...]
>
> Indirect leak of 1520 byte(s) in 19 object(s) allocated from:
> #0 0x4f43c7 in calloc (/home/user/linux/tools/perf/perf+0x4f43c7)
> #1 0x87b3da in symbol__new /home/user/linux/tools/perf/util/symbol.c:269:23
> #2 0x888954 in map__process_kallsym_symbol /home/user/linux/tools/perf/util/symbol.c:710:8
> [...]
>
> Indirect leak of 1406 byte(s) in 19 object(s) allocated from:
> #0 0x4f43c7 in calloc (/home/user/linux/tools/perf/perf+0x4f43c7)
> #1 0x87b3da in symbol__new /home/user/linux/tools/perf/util/symbol.c:269:23
> #2 0x8cfbd8 in machine__process_ksymbol_register /home/user/linux/tools/perf/util/machine.c:803:8
> [...]
>
> Signed-off-by: Riccardo Mancini <rickyman7@xxxxxxxxx>
> ---
> tools/perf/util/machine.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/tools/perf/util/machine.c b/tools/perf/util/machine.c
> index 3ff4936a15a42..d5937778875e1 100644
> --- a/tools/perf/util/machine.c
> +++ b/tools/perf/util/machine.c
> @@ -776,6 +776,7 @@ static int machine__process_ksymbol_register(struct machine *machine,
> if (dso) {
> dso->kernel = DSO_SPACE__KERNEL;
> map = map__new2(0, dso);
> + dso__put(dso);

Will this cause 2 puts if the map allocation fails? Perhaps this
should be "if (map) dso__put(dso);".

Thanks,
Ian

> }
>
> if (!dso || !map) {
> @@ -792,6 +793,7 @@ static int machine__process_ksymbol_register(struct machine *machine,
> map->start = event->ksymbol.addr;
> map->end = map->start + event->ksymbol.len;
> maps__insert(&machine->kmaps, map);
> + map__put(map);
> dso__set_loaded(dso);
>
> if (is_bpf_image(event->ksymbol.name)) {
> --
> 2.31.1
>