ftrace
ftrace copied to clipboard
pipe descriptor leaks
Hi!
I've realized that ftrace might be leaking descriptors when it opens the debugfs events pipe:
ls -l /proc/$(pgrep opensnitchd)/fd/
lr-x------. 1 root root 64 oct 24 12:19 15 -> /sys/kernel/debug/tracing/trace_pipe
lrwx------. 1 root root 64 oct 24 12:19 16 -> socket:[7004576]
lr-x------. 1 root root 64 oct 24 12:19 17 -> /sys/kernel/debug/tracing/trace_pipe
lrwx------. 1 root root 64 oct 24 12:20 18 -> socket:[7004816]
lr-x------. 1 root root 64 oct 24 12:20 19 -> /sys/kernel/debug/tracing/trace_pipe
whenever I switch between proc monitor methods (i.e.: calling ftrace Disable() <-> Enable()), a new file descriptor to /sys/kernel/debug/tracing/trace_pipe is opened.
I did not touch this part of opensnitch significantly, but it seems that the goroutine in asyncFileReader() does never end, so the defer to close the file descriptor is not called: https://github.com/evilsocket/ftrace/blob/master/reader.go#L9