Closed yabinc closed 1 year ago
The memory leak is found by fuzzer. It may not be reproducible by real ETM data.
The allocation happens at below callstack:
#1 0x563bba039e70 in EtmV4P0Stack::createAddrElem(_ocsd_etmv4_i_pkt_type, unsigned int, _etmv4_addr_val_t const&) external/OpenCSD/decoder/source/etmv4/trc_etmv4_stack_elem.cpp:111:31 #2 0x563bba013869 in TrcPktDecodeEtmV4I::decodePacket() external/OpenCSD/decoder/source/etmv4/trc_pkt_decode_etmv4i.cpp:369:28 #3 0x563bba01169c in TrcPktDecodeEtmV4I::processPacket() external/OpenCSD/decoder/source/etmv4/trc_pkt_decode_etmv4i.cpp:118:19 #4 0x563bba02a50a in TrcPktDecodeBase<EtmV4ITrcPacket, EtmV4Config>::PacketDataIn(_ocsd_datapath_op_t, unsigned int, EtmV4ITrcPacket const*) external/OpenCSD/decoder/include/common/trc_pkt_decode_base.h:0
The memleak happens at below callstack:
#8 0x55a7558eaa08 in TrcPktDecodeEtmV4I::mispredictAtom() external/OpenCSD/decoder/source/etmv4/trc_pkt_decode_etmv4i.cpp:1087:28 #9 0x55a7558e2dae in TrcPktDecodeEtmV4I::resolveElements() external/OpenCSD/decoder/source/etmv4/trc_pkt_decode_etmv4i.cpp:674:27 #10 0x55a7558df0d1 in TrcPktDecodeEtmV4I::processPacket() external/OpenCSD/decoder/source/etmv4/trc_pkt_decode_etmv4i.cpp:138:20 #11 0x55a7558f81da in TrcPktDecodeBase<EtmV4ITrcPacket, EtmV4Config>::PacketDataIn(_ocsd_datapath_op_t, unsigned int, EtmV4ITrcPacket const*) external/OpenCSD/decoder/include/common/trc_pkt_decode_base.h
The memleak disappears after adding "delete *erase_iter;" in EtmV4P0Stack::erase_curr_from_front().
Thanks for finding this.
Fixed in 1.4 release.
Thanks for the rapid fix!
The memory leak is found by fuzzer. It may not be reproducible by real ETM data.
The allocation happens at below callstack:
0 0x563bb9007ffd in operator new(unsigned long, std::nothrow_t const&) out/stage2/runtimes/runtimes-x86_64-unknown-linux-gnu-bins/out/stage2/runtimes/runtimes-x86_64-unknown-linux-gnu-bins/out/llvm-project/compiler-rt/lib/asan/asan_new_delete.cpp:101:3
The memleak happens at below callstack:
7 0x55a755909146 in EtmV4P0Stack::erase_curr_from_front() external/OpenCSD/decoder/source/etmv4/trc_etmv4_stack_elem.cpp:190:9
The memleak disappears after adding "delete *erase_iter;" in EtmV4P0Stack::erase_curr_from_front().