Opened 4 weeks ago

Closed 3 weeks ago

#33103 closed defect (fixed)

LeakSanitizer is kicking in with tor being on 39c5e1b84994c2f226a8530b930f215cc5ffb877 when closing Tor Browser

Reported by: gk Owned by: nickm
Priority: High Milestone: Tor: 0.4.3.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: regression leak 043-must BugSmashFund
Cc: Actual Points: .1
Parent ID: Points:
Reviewer: teor Sponsor:

Description

I just updated my hardened Tor Browser setup and I got LeakSanitizer issues when closing Tor Browser. That's with tor being on 39c5e1b84994c2f226a8530b930f215cc5ffb877:

==10555==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 6762 byte(s) in 4 object(s) allocated from:
    #0 0x7f0d81c53628 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x107628)
    #1 0x55863eead50a in tor_malloc_ ../src/lib/malloc/malloc.c:45
    #2 0x55863ee86121 in smartlist_join_strings2 ../src/lib/container/smartlist.c:309
    #3 0x55863ec2bb08 in getinfo_helper_events ../src/feature/control/control_getinfo.c:1169
    #4 0x55863ec31d53 in handle_getinfo_helper ../src/feature/control/control_getinfo.c:1696
    #5 0x55863ec31d53 in handle_control_getinfo ../src/feature/control/control_getinfo.c:1721
    #6 0x55863ec1e092 in handle_single_control_command ../src/feature/control/control_cmd.c:2374
    #7 0x55863ec1e092 in handle_control_command ../src/feature/control/control_cmd.c:2405
    #8 0x55863ec0fa91 in connection_control_process_inbuf ../src/feature/control/control.c:508
    #9 0x55863eb19c21 in connection_handle_read_impl ../src/core/mainloop/connection.c:3737
    #10 0x55863eb19c21 in connection_handle_read ../src/core/mainloop/connection.c:3777
    #11 0x55863eb25ce0 in conn_read_callback ../src/core/mainloop/mainloop.c:892
    #12 0x7f0d819b4b0e  (/usr/lib/x86_64-linux-gnu/libevent-2.1.so.7+0x23b0e)

Direct leak of 2244 byte(s) in 12 object(s) allocated from:
    #0 0x7f0d81c53628 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x107628)
    #1 0x55863eead50a in tor_malloc_ ../src/lib/malloc/malloc.c:45
    #2 0x55863ee86121 in smartlist_join_strings2 ../src/lib/container/smartlist.c:309
    #3 0x55863ed0e522 in routerstatus_format_entry ../src/feature/nodelist/fmt_routerstatus.c:197
    #4 0x55863ece1718 in networkstatus_getinfo_helper_single ../src/feature/nodelist/networkstatus.c:2353
    #5 0x55863ece1718 in getinfo_helper_networkstatus ../src/feature/nodelist/networkstatus.c:2694
    #6 0x55863ec31d53 in handle_getinfo_helper ../src/feature/control/control_getinfo.c:1696
    #7 0x55863ec31d53 in handle_control_getinfo ../src/feature/control/control_getinfo.c:1721
    #8 0x55863ec1e092 in handle_single_control_command ../src/feature/control/control_cmd.c:2374
    #9 0x55863ec1e092 in handle_control_command ../src/feature/control/control_cmd.c:2405
    #10 0x55863ec0fa91 in connection_control_process_inbuf ../src/feature/control/control.c:508
    #11 0x55863eb19c21 in connection_handle_read_impl ../src/core/mainloop/connection.c:3737
    #12 0x55863eb19c21 in connection_handle_read ../src/core/mainloop/connection.c:3777
    #13 0x55863eb25ce0 in conn_read_callback ../src/core/mainloop/mainloop.c:892
    #14 0x7f0d819b4b0e  (/usr/lib/x86_64-linux-gnu/libevent-2.1.so.7+0x23b0e)

Direct leak of 147 byte(s) in 2 object(s) allocated from:
    #0 0x7f0d81bde0b5 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x920b5)
    #1 0x55863eead7a0 in tor_strdup_ ../src/lib/malloc/malloc.c:165
    #2 0x55863ec2bdb7 in getinfo_helper_events ../src/feature/control/control_getinfo.c:1289
    #3 0x55863ec31d53 in handle_getinfo_helper ../src/feature/control/control_getinfo.c:1696
    #4 0x55863ec31d53 in handle_control_getinfo ../src/feature/control/control_getinfo.c:1721
    #5 0x55863ec1e092 in handle_single_control_command ../src/feature/control/control_cmd.c:2374
    #6 0x55863ec1e092 in handle_control_command ../src/feature/control/control_cmd.c:2405
    #7 0x55863ec0fa91 in connection_control_process_inbuf ../src/feature/control/control.c:508
    #8 0x55863eb19c21 in connection_handle_read_impl ../src/core/mainloop/connection.c:3737
    #9 0x55863eb19c21 in connection_handle_read ../src/core/mainloop/connection.c:3777
    #10 0x55863eb25ce0 in conn_read_callback ../src/core/mainloop/mainloop.c:892
    #11 0x7f0d819b4b0e  (/usr/lib/x86_64-linux-gnu/libevent-2.1.so.7+0x23b0e)

Direct leak of 36 byte(s) in 12 object(s) allocated from:
    #0 0x7f0d81bde0b5 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x920b5)
    #1 0x55863eead7a0 in tor_strdup_ ../src/lib/malloc/malloc.c:165
    #2 0x55863ec34aba in getinfo_helper_geoip ../src/feature/control/getinfo_geoip.c:51
    #3 0x55863ec31d53 in handle_getinfo_helper ../src/feature/control/control_getinfo.c:1696
    #4 0x55863ec31d53 in handle_control_getinfo ../src/feature/control/control_getinfo.c:1721
    #5 0x55863ec1e092 in handle_single_control_command ../src/feature/control/control_cmd.c:2374
    #6 0x55863ec1e092 in handle_control_command ../src/feature/control/control_cmd.c:2405
    #7 0x55863ec0fa91 in connection_control_process_inbuf ../src/feature/control/control.c:508
    #8 0x55863eb19c21 in connection_handle_read_impl ../src/core/mainloop/connection.c:3737
    #9 0x55863eb19c21 in connection_handle_read ../src/core/mainloop/connection.c:3777
    #10 0x55863eb25ce0 in conn_read_callback ../src/core/mainloop/mainloop.c:892
    #11 0x7f0d819b4b0e  (/usr/lib/x86_64-linux-gnu/libevent-2.1.so.7+0x23b0e)

Direct leak of 17 byte(s) in 1 object(s) allocated from:
    #0 0x7f0d81c53628 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x107628)
    #1 0x55863eead50a in tor_malloc_ ../src/lib/malloc/malloc.c:45
    #2 0x55863ee86121 in smartlist_join_strings2 ../src/lib/container/smartlist.c:309
    #3 0x55863ec2ceca in getinfo_helper_listeners ../src/feature/control/control_getinfo.c:298
    #4 0x55863ec31d53 in handle_getinfo_helper ../src/feature/control/control_getinfo.c:1696
    #5 0x55863ec31d53 in handle_control_getinfo ../src/feature/control/control_getinfo.c:1721
    #6 0x55863ec1e092 in handle_single_control_command ../src/feature/control/control_cmd.c:2374
    #7 0x55863ec1e092 in handle_control_command ../src/feature/control/control_cmd.c:2405
    #8 0x55863ec0fa91 in connection_control_process_inbuf ../src/feature/control/control.c:508
    #9 0x55863eb19c21 in connection_handle_read_impl ../src/core/mainloop/connection.c:3737
    #10 0x55863eb19c21 in connection_handle_read ../src/core/mainloop/connection.c:3777
    #11 0x55863eb25ce0 in conn_read_callback ../src/core/mainloop/mainloop.c:892
    #12 0x7f0d819b4b0e  (/usr/lib/x86_64-linux-gnu/libevent-2.1.so.7+0x23b0e)

SUMMARY: AddressSanitizer: 9206 byte(s) leaked in 31 allocation(s).

Child Tickets

Change History (6)

comment:1 Changed 4 weeks ago by nickm

Keywords: regression leak 043-must added
Milestone: Tor: 0.4.3.x-final

comment:2 Changed 3 weeks ago by nickm

Owner: set to nickm
Status: newaccepted

comment:3 Changed 3 weeks ago by nickm

Priority: MediumHigh

Mark 043-must tickets as high priority

comment:4 Changed 3 weeks ago by nickm

Actual Points: .1
Status: acceptedneeds_review

One-line fix in branch ticket33103; PR at https://github.com/torproject/tor/pull/1708

comment:5 Changed 3 weeks ago by teor

Keywords: BugSmashFund added
Reviewer: teor
Status: needs_reviewmerge_ready

Looks good to me!

comment:6 Changed 3 weeks ago by nickm

Resolution: fixed
Status: merge_readyclosed

Merged to master.

Note: See TracTickets for help on using tickets.