2016-10-22 19:57:29

by Jérémie Galarneau

[permalink] [raw]
Subject: [PATCH] Fix: perf data convert: leak of bt_ctf_field_type

The ctf_writer structure contains an union of a structure containing
7 pointer members and an array of 6 struct bt_ctf_field_type*, which
are used to release the references to these objects in
ctf_writer__cleanup_data().

26812d46 introduced the u32_hex member and should have increased the
array's size. The disparity results in the last member of the "data"
structure being leaked as its reference is never released/put.

Philippe Proulx proposed a patch back in February which hasn't received
any feedback and would eliminate the need to manually update this
array.
http://lkml.iu.edu/hypermail/linux/kernel/1602.1/03800.html

CC-ing the people who were CC-ed on the original patch.

Signed-off-by: Jérémie Galarneau <[email protected]>
Cc: Wang Nan <[email protected]>
Cc: Philippe Proulx <[email protected]>
Cc: David S. Miller <[email protected]>
Cc: Alexei Starovoitov <[email protected]>
Cc: Brendan Gregg <[email protected]>
Cc: David S. Miller <[email protected]>
Cc: Jiri Olsa <[email protected]>
Cc: Masami Hiramatsu <[email protected]>
Cc: Namhyung Kim <[email protected]>
Cc: Zefan Li <[email protected]>
Cc: [email protected]
---
tools/perf/util/data-convert-bt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/perf/util/data-convert-bt.c b/tools/perf/util/data-convert-bt.c
index 7123f4d..16364f0 100644
--- a/tools/perf/util/data-convert-bt.c
+++ b/tools/perf/util/data-convert-bt.c
@@ -67,7 +67,7 @@ struct ctf_writer {
struct bt_ctf_field_type *u32_hex;
struct bt_ctf_field_type *u64_hex;
};
- struct bt_ctf_field_type *array[6];
+ struct bt_ctf_field_type *array[7];
} data;
struct bt_ctf_event_class *comm_class;
struct bt_ctf_event_class *exit_class;
--
2.10.1


2016-10-23 11:43:27

by Jiri Olsa

[permalink] [raw]
Subject: Re: [PATCH] Fix: perf data convert: leak of bt_ctf_field_type

On Sat, Oct 22, 2016 at 03:57:27PM -0400, J?r?mie Galarneau wrote:
> The ctf_writer structure contains an union of a structure containing
> 7 pointer members and an array of 6 struct bt_ctf_field_type*, which
> are used to release the references to these objects in
> ctf_writer__cleanup_data().
>
> 26812d46 introduced the u32_hex member and should have increased the
> array's size. The disparity results in the last member of the "data"
> structure being leaked as its reference is never released/put.

this actualy looks like good solution, sry we missed that first time

Could one of you guys please resend that?

thanks,
jirka

>
> Philippe Proulx proposed a patch back in February which hasn't received
> any feedback and would eliminate the need to manually update this
> array.
> http://lkml.iu.edu/hypermail/linux/kernel/1602.1/03800.html
>
> CC-ing the people who were CC-ed on the original patch.
>
> Signed-off-by: J?r?mie Galarneau <[email protected]>
> Cc: Wang Nan <[email protected]>
> Cc: Philippe Proulx <[email protected]>
> Cc: David S. Miller <[email protected]>
> Cc: Alexei Starovoitov <[email protected]>
> Cc: Brendan Gregg <[email protected]>
> Cc: David S. Miller <[email protected]>
> Cc: Jiri Olsa <[email protected]>
> Cc: Masami Hiramatsu <[email protected]>
> Cc: Namhyung Kim <[email protected]>
> Cc: Zefan Li <[email protected]>
> Cc: [email protected]
> ---
> tools/perf/util/data-convert-bt.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/data-convert-bt.c b/tools/perf/util/data-convert-bt.c
> index 7123f4d..16364f0 100644
> --- a/tools/perf/util/data-convert-bt.c
> +++ b/tools/perf/util/data-convert-bt.c
> @@ -67,7 +67,7 @@ struct ctf_writer {
> struct bt_ctf_field_type *u32_hex;
> struct bt_ctf_field_type *u64_hex;
> };
> - struct bt_ctf_field_type *array[6];
> + struct bt_ctf_field_type *array[7];
> } data;
> struct bt_ctf_event_class *comm_class;
> struct bt_ctf_event_class *exit_class;
> --
> 2.10.1
>