[OE-core] [PATCH] busybox: fix a ash memory leak

ChenQi Qi.Chen at windriver.com
Fri Sep 25 05:27:19 UTC 2015 

This patch has been rejected by upstream as follows.

Regards,
Chen Qi


=========================  Original Email Start =====================================================

On Wed, Dec 24, 2014 at 6:53 AM, Rich Felker<dalias at libc.org>  wrote:

> On Wed, Dec 24, 2014 at 10:32:19AM +0800, yhu2 wrote:
>> The script which triggers the leak:
>>
>> while true
>>    do
>>      while true
>>        do
>>          break;
>>      done</dev/null
>> done
>>
>> someone had fixed this bug, the commit is:
>> http://git.busybox.net/busybox/commit/shell/ash.c?id=4ba6c5d3ba3d2c7922aff6b5c2e73b8325f1cf17
>>
>> but this commit results in crash running some shell scripts, so it was reverted.
>>
>> I am trying to resolve this defect,any commnent would be appreciated!
> There is no easy fix. The patch you sent is incorrect. The problem is
> that the "stack model" used for allocation in ash is semantically
> wrong, and needs to be replaced with a dependency-tree model or
> something else that can handle freeing one object without freeing all
> subsequently-allocated objects.
>
> As a workaround, it might be possible to code a hack to reuse the
> existing copy of the string on the allocation stack rather than
> allocating a new copy whenever an existing copy already exists. This
> would not solve the general case (e.g. when the redirection uses a
> different file on each iteration) but it would solve the case above, I
> think. It might be worth pursuing this approach if nobody is available
> to work on the proper fix in the near future.

You can try using hush instead of ash. It has no such problem,
because it does not try to be clever, and just uses malloc.
_______________________________________________
busybox mailing list
busybox at busybox.net
http://lists.busybox.net/mailman/listinfo/busybox



========================= Original Email End ==============================================



On 09/25/2015 01:05 PM, rongqing.li at windriver.com wrote:
> From: Roy Li <rongqing.li at windriver.com>
>
> Signed-off-by: Roy Li <rongqing.li at windriver.com>
> ---
>   .../busybox/0001-ash-fix-memory-leak-in-ash.patch  | 54 ++++++++++++++++++++++
>   meta/recipes-core/busybox/busybox_1.23.2.bb        |  1 +
>   meta/recipes-core/busybox/busybox_git.bb           |  1 +
>   3 files changed, 56 insertions(+)
>   create mode 100644 meta/recipes-core/busybox/busybox/0001-ash-fix-memory-leak-in-ash.patch
>
> diff --git a/meta/recipes-core/busybox/busybox/0001-ash-fix-memory-leak-in-ash.patch b/meta/recipes-core/busybox/busybox/0001-ash-fix-memory-leak-in-ash.patch
> new file mode 100644
> index 0000000..87c7ffa
> --- /dev/null
> +++ b/meta/recipes-core/busybox/busybox/0001-ash-fix-memory-leak-in-ash.patch
> @@ -0,0 +1,54 @@
> +From 8dc9fef3ba088604527b067310c6da64221b3570 Mon Sep 17 00:00:00 2001
> +From: Signed-off-by: Hu <yadi.hu at windriver.com>
> +Date: Fri, 25 Sep 2015 12:36:07 +0800
> +Subject: [PATCH] ash: fix memory leak in ash
> +
> +Upstream-Status: Submitted: https://bugs.busybox.net/show_bug.cgi?id=7748
> +
> +The script triggers the memory leak:
> +   while true
> +   do
> +       while true
> +       do
> +           break;
> +       done</dev/null
> +   done
> +
> +adding stackmark resolve this issue.
> +
> +Signed-off-by: Hu <yadi.hu at windriver.com>
> +---
> + shell/ash.c | 3 +++
> + 1 file changed, 3 insertions(+)
> +
> +diff --git a/shell/ash.c b/shell/ash.c
> +index 42c9125..f5e7153 100644
> +--- a/shell/ash.c
> ++++ b/shell/ash.c
> +@@ -8336,6 +8336,7 @@ evaltree(union node *n, int flags)
> + 	void (*evalfn)(union node *, int);
> + 	int status;
> + 	int int_level;
> ++	struct stackmark smark;
> +
> + 	SAVE_INT(int_level);
> +
> +@@ -8375,6 +8376,7 @@ evaltree(union node *n, int flags)
> + 		status = !exitstatus;
> + 		goto setstatus;
> + 	case NREDIR:
> ++		setstackmark(&smark);
> + 		expredir(n->nredir.redirect);
> + 		status = redirectsafe(n->nredir.redirect, REDIR_PUSH);
> + 		if (!status) {
> +@@ -8382,6 +8384,7 @@ evaltree(union node *n, int flags)
> + 			status = exitstatus;
> + 		}
> + 		popredir(/*drop:*/ 0, /*restore:*/ 0 /* not sure */);
> ++		popstackmark(&smark);
> + 		goto setstatus;
> + 	case NCMD:
> + 		evalfn = evalcommand;
> +--
> +1.9.1
> +
> diff --git a/meta/recipes-core/busybox/busybox_1.23.2.bb b/meta/recipes-core/busybox/busybox_1.23.2.bb
> index e4d9f97..54f3314 100644
> --- a/meta/recipes-core/busybox/busybox_1.23.2.bb
> +++ b/meta/recipes-core/busybox/busybox_1.23.2.bb
> @@ -36,6 +36,7 @@ SRC_URI = "http://www.busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
>              file://sha1sum.cfg \
>              file://sha256sum.cfg \
>              file://getopts.cfg \
> +           file://0001-ash-fix-memory-leak-in-ash.patch \
>   "
>   
>   SRC_URI[tarball.md5sum] = "7925683d7dd105aabe9b6b618d48cc73"
> diff --git a/meta/recipes-core/busybox/busybox_git.bb b/meta/recipes-core/busybox/busybox_git.bb
> index ade72f4..71b725f 100644
> --- a/meta/recipes-core/busybox/busybox_git.bb
> +++ b/meta/recipes-core/busybox/busybox_git.bb
> @@ -41,6 +41,7 @@ SRC_URI = "git://busybox.net/busybox.git \
>              file://mount-via-label.cfg \
>              file://sha1sum.cfg \
>              file://sha256sum.cfg \
> +           file://0001-ash-fix-memory-leak-in-ash.patch \
>   "
>   
>   EXTRA_OEMAKE += "V=1 ARCH=${TARGET_ARCH} CROSS_COMPILE=${TARGET_PREFIX} SKIP_STRIP=y"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20150925/310be30a/attachment-0002.html>

More information about the Openembedded-core mailing list