Bug #6276
libidmap leaks due to a missed goto
Start date:
2015-09-30
Due date:
% Done:
100%
Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
Description
I have a zone doing an nfs mount to a smartos nfs server. Over a short amount of time nfsmapid will begin to grow quickly and cause paging due to going over the cap. Using umem_debug we can see the following:
> ::umausers 134715296 bytes for 4209853 allocations with data size 32: libumem.so.1`umem_cache_alloc_debug+0x1fe libumem.so.1`umem_cache_alloc+0x18f libumem.so.1`umem_alloc+0x50 libumem.so.1`umem_malloc+0x36 libc.so.1`strdup+0x2e libidmap.so.1`idmap_strdupnull+0x3a libidmap.so.1`idmap_get_w2u_mapping+0xbb libidmap.so.1`idmap_getgidbywinname+0x84 nfsmapid_str_gid+0xea nfsmapid_func+0x6a 67357648 bytes for 4209853 allocations with data size 16: libumem.so.1`umem_cache_alloc_debug+0x1fe libumem.so.1`umem_cache_alloc+0x18f libumem.so.1`umem_alloc+0x50 libumem.so.1`umem_malloc+0x36 libc.so.1`strdup+0x2e libidmap.so.1`idmap_strdupnull+0x3a libidmap.so.1`idmap_get_w2u_mapping+0x9f libidmap.so.1`idmap_getgidbywinname+0x84 nfsmapid_str_gid+0xea nfsmapid_func+0x6a 1218560 bytes for 38080 allocations with data size 32: libumem.so.1`umem_cache_alloc_debug+0x1fe libumem.so.1`umem_cache_alloc+0x18f libumem.so.1`umem_alloc+0x50 libumem.so.1`umem_malloc+0x36 libc.so.1`strdup+0x2e libidmap.so.1`idmap_strdupnull+0x3a libidmap.so.1`idmap_get_w2u_mapping+0xbb libidmap.so.1`idmap_getuidbywinname+0x84 nfsmapid_str_uid+0xea nfsmapid_func+0x4c 609280 bytes for 38080 allocations with data size 16: libumem.so.1`umem_cache_alloc_debug+0x1fe libumem.so.1`umem_cache_alloc+0x18f libumem.so.1`umem_alloc+0x50 libumem.so.1`umem_malloc+0x36 libc.so.1`strdup+0x2e libidmap.so.1`idmap_strdupnull+0x3a libidmap.so.1`idmap_get_w2u_mapping+0x9f libidmap.so.1`idmap_getuidbywinname+0x84 nfsmapid_str_uid+0xea nfsmapid_func+0x4c 12288 bytes for 1 allocations with data size 12288: libumem.so.1`umem_cache_alloc_debug+0x1fe libumem.so.1`umem_cache_alloc+0x18f libumem.so.1`umem_alloc+0x50 libumem.so.1`umem_malloc+0x36 libc.so.1`ltzset_u+0xa2 libc.so.1`localtime_r+0x35 libc.so.1`ctime_r+0x2c libc.so.1`vsyslog+0x1e4 libc.so.1`syslog+0x2b update_diag_file+0x9c cb_update_domain+0x18 libmapid.so.1`domain_sync+0xce libmapid.so.1`mapid_reeval_domain+0x60 check_domain+0x22 daemon_init+0x3a
It looks like we miss a goto out on this line
https://github.com/illumos/illumos-gate/blob/8cee14c65a4afa9dabe23f414431ab808186b48e/usr/src/lib/libidmap/common/idmap_api.c#L1655-L1656
If the idmap_strdupnull above was a success we return without ever freeing the dup'd string.
Updated by Robert Mustacchi over 5 years ago
- Subject changed from nfsmapid leaks due to a missed goto to libidmap leaks due to a missed goto
Updated by Electric Monk over 5 years ago
- Status changed from New to Closed
git commit 29d55245572a5e53ba8b3d529926453d493fd1e3
commit 29d55245572a5e53ba8b3d529926453d493fd1e3 Author: Jerry Jelinek <jerry.jelinek@joyent.com> Date: 2015-10-06T18:16:49.000Z 6276 libidmap leaks due to a missed goto Reviewed by: Jason King <jason.brian.king@gmail.com> Reviewed by: Alexander Pyhalov <apyhalov@gmail.com> Reviewed by: Toomas Soome <tsoome@me.com> Reviewed by: Marcel Telka <marcel@telka.sk> Approved by: Dan McDonald <danmcd@omniti.com>