Memory leak below CertGetCertificateChain on Chromium net_unittests #476
Comments
|
From timurrrr@google.com on June 24, 2011 08:28:55 One more: $ tools\valgrind\chrome_tests.bat -t net --tool drmemory --gtest_filter="Cert_Ver.Cancel_:-Quit"
w/o PDB symbols: 1 LocalAlloc KERNEL32.dll+0x9a7f2 I_CryptInstallAsn1Module CRYPT32.dll+0x44e83 CertAddStoreToCollection CRYPT32.dll+0xfe4e4 CertGetCRLContextProperty CRYPT32.dll+0x12a585 CertGetCRLContextProperty CRYPT32.dll+0x12a0f6 I_CryptReleaseLruEntry CRYPT32.dll+0x172f47 CryptDecodeObjectEx CRYPT32.dll+0x120158 CertFreeCTLContext CRYPT32.dll+0x11fb09 CertAddEncodedCRLToStore CRYPT32.dll+0x29926#10 CertGetCRLContextProperty CRYPT32.dll+0x12900 |
|
From timurrrr@google.com on June 24, 2011 08:53:16 Will try to extract a repro ... Status: Started |
|
From timurrrr@google.com on June 29, 2011 06:03:25 looks very much related: http://build.chromium.org/p/chromium.fyi/builders/Windows%20Tests%20%28DrMemory%29/builds/4409/steps/memory%20test%3A%20net/logs/stdio (w/o PDB symbols) 1 I_RpcBCacheFree RPCRT4.dll+0x81f92 I_RpcBCacheFree RPCRT4.dll+0x81d03 NdrConformantArrayFree RPCRT4.dll+0xd2324 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df5 ? DHCPCSVC.DLL+0x2a996 RpcStringBindingComposeW RPCRT4.dll+0xec3a7 RpcStringBindingComposeW RPCRT4.dll+0xec678 NdrClientCall2 RPCRT4.dll+0x8558d9 DhcpRequestOptions DHCPCSVC.DLL+0x460c#10 DhcpRequestParams DHCPCSVC.DLL+0x116f0 |
|
From rnk@google.com on February 02, 2012 08:14:15 With symbols, it looks a lot like issue #751 , which is the leak of a THREAD object. Here's what I get running net_unittests.exe without any chromium supps: $ ../drmemory/build/bin/drmemory.exe -verbose 2 -debug -dr_debug -dr C:/src/dynamorio/exports -batch ./build/Debug/net_unittests.exe --gtest_filter="Cert_Ver.Cancel_Q*" From results.txt: None of these supps match this report. It's possible that on my run this object was still reachable, and therefore was not reported. If it is only mid-chunk reachable, then the 751 suppression would have matched. Another possibility is that this TLS vector holds a pointer to this THREAD object. That seems most likely. Labels: Bug-FalsePositive |
From timurrrr@google.com on June 24, 2011 11:08:52
$ tools\valgrind\chrome_tests.bat -t net --tool drmemory --gtest_filter="Cert_Ver.Cancel_Q*"
LEAK 132 direct bytes 0x00233210-0x00233294 + 1296 indirect bytes
timurrrr/2010/i309-fix-suppression-assertions.diff #1 AllocWrapper RPCRT4.dll+0x81f9
timurrrr/2010/i309-fix-suppression-assertions.diff #2 operator new RPCRT4.dll+0x81d0
timurrrr/2010/i309-fix-suppression-assertions.diff #3 ThreadSelfHelper RPCRT4.dll+0xd232
timurrrr/2010/i309-fix-suppression-assertions.diff #4 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df
leak false positive from initial thread Fls alloc #5 RpcpBindRpc NETAPI32.dll+0x7b23
Building Dr. Memory from sources on Ubuntu x86_64 #6 DsRolepServerBind NETAPI32.dll+0xb840
Assert and error messages should be included in the results file #7 DsRoleGetPrimaryDomainInformation NETAPI32.dll+0xb932
suppressed leaks show up in leak count for -no_check_leaks #8 GetMachineRole USERENV.dll+0x8113
DO NOT REUSE THIS ISSUE: OPEN A NEW ONE [was: Dr. Memory fails to start with "WARNING: unable to locate results file since can't open .../resfile.PID: 2"] #9 GetUserDNSDomainName USERENV.dll+0x70c2
False reports on SystemParametersInfo #10 CreateEnvironmentBlock USERENV.dll+0x6bcc
False reports on _chkstk #11 ExpandEnvironmentStringsForUserW USERENV.dll+0x7752
False reports when using SHFileOperation #12 GetUserAppDataPathW USERENV.dll+0x1cbb
NtCreateThread false reports #13 FastGetUserAppDataPath CRYPT32.dll+0x23a3b
False reports due to CreateProcessAsUser & friends #14 ILS_GetRoamingStoreDirectory CRYPT32.dll+0x23d1a
False reports from rand_s #15 I_CertDllOpenSystemRegistryStoreProvW CRYPT32.dll+0x23c91
Leak suppressions are not matched when running without -check_leaks #16 CertOpenStore CRYPT32.dll+0x126cf
False reports on CreateWindow #17 OpenPhysicalStoreCallback CRYPT32.dll+0xfd4f
False leak reports from CoInitialize #18 EnumPhysicalStore CRYPT32.dll+0xf59e
Assert: leak.c:295: unreach_child->parent != NULL && unreach_child->parent != unreach_parent (node should be already claimed) #19 I_CertDllOpenSystemStoreProvW CRYPT32.dll+0xf122
Assert: drmemory\report.c:1084: err->id != 0 (duplicate should have id) #20 CertOpenStore CRYPT32.dll+0x126cf
IWbemLocator::ConnectServer crashes Dr.Memory if run with -delay_frees 0 #21 ChainCreateWorldStore CRYPT32.dll+0x22e4f
250+ unaddressable accesses on a small ThreadSanitizer unittest under printf #22 CCertChainEngine::CCertChainEngine CRYPT32.dll+0x2270c
ASSERT: common\alloc.c:1197: is_entirely_in_heap_region(start, end) (heap data struct inconsistency) #23 InternalCertCreateCertificateChainEngine CRYPT32.dll+0x2253e
Dr. Memory should have a strict suppression parser #24 CertCreateCertificateChainEngine CRYPT32.dll+0x224e1
ASSERT: drmemory\alloc_drmem.c:1928: !dr_memory_is_dr_internal(addr) && !dr_memory_is_in_client(addr) (app is using tool's memory: please report this!) #25 CDefaultChainEngineMgr::GetDefaultCurrentUserEngine CRYPT32.dll+0x22497
APP ASSERT _BLOCK_TYPE_IS_VALID(pHead->nBlockUse) on operator delete with /MTd #26 CDefaultChainEngineMgr::GetDefaultEngine CRYPT32.dll+0x13003
False positive uninits when using RTTI #27 CertGetCertificateChain CRYPT32.dll+0x12fa8
Unaddressable access under _putenv #28 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751
write_suppress_pattern can write too-long msg for dr_fprintf #29 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157
DEADLOCK base_unittests: msvcrt heap lock used when unnecessary #30 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::)(void)> c:\chromium\src\base\tuple.h:541
APP ASSERT (base_unittests) missing dbgcrt heap allocs from _impl routines #31 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::)(void),Tuple0>::Run c:\chromium\src\base\task.h:338
ASSERT common\alloc.c:2331: real_size != -1 (error getting real size) #32 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16
Dr. Memory doesn't search in PATH on LINUX #33 RtlpWorkerCallout ntdll.dll+0x2796d
ld.so: object 'libdynamorio.so' from LD_PRELOAD cannot be preloaded (on Ubuntu Lucid x86_64) #34 RtlpExecuteWorkerRequest ntdll.dll+0x279ab
ASSERT (base_unitttests.exe xpsp3) drmemory/readwrite.c:2564: addr + sz > addr (address overflow) #35 RtlpApcCallout ntdll.dll+0x27a6d
False positives under DebuggerKnownHandle #36 RtlpWorkerThread ntdll.dll+0x27a44
ASSERT common/alloc.c:2185: !pt->expect_lib_to_fail || pt->alloc_base == NULL (free() success unexpected) #37 BaseThreadStart KERNEL32.dll+0xb729
w/o symbols:
LEAK 132 direct bytes 0x00235128-0x002351ac + 1296 indirect bytes
#1 I_RpcBCacheFree RPCRT4.dll+0x81f9
#2 I_RpcBCacheFree RPCRT4.dll+0x81d0
#3 NdrConformantArrayFree RPCRT4.dll+0xd232
#4 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df
#5 NetApiBufferFree NETAPI32.dll+0x7b23
#6 DsRoleFreeMemory NETAPI32.dll+0xb840
#7 DsRoleGetPrimaryDomainInformation NETAPI32.dll+0xb932
#8 DestroyEnvironmentBlock USERENV.dll+0x8113
#9 CreateEnvironmentBlock USERENV.dll+0x70c2
#10 CreateEnvironmentBlock USERENV.dll+0x6bcc
#11 ExpandEnvironmentStringsForUserW USERENV.dll+0x7752
#12 Ordinal149 USERENV.dll+0x1cbb
#13 RegSetValueExU CRYPT32.dll+0x23a3b
#14 I_CryptGetFileVersion CRYPT32.dll+0x23d1a
#15 I_CryptGetFileVersion CRYPT32.dll+0x23c91
#16 CertOpenStore CRYPT32.dll+0x126cf
#17 CertAddStoreToCollection CRYPT32.dll+0xfd4f
#18 I_CryptGetTls CRYPT32.dll+0xf59e
#19 I_CryptGetTls CRYPT32.dll+0xf122
#20 CertOpenStore CRYPT32.dll+0x126cf
#21 CryptMemAlloc CRYPT32.dll+0x22e4f
#22 CertCreateCertificateChainEngine CRYPT32.dll+0x2270c
#23 CertCreateCertificateChainEngine CRYPT32.dll+0x2253e
#24 CertCreateCertificateChainEngine CRYPT32.dll+0x224e1
#25 CertEnumCertificatesInStore CRYPT32.dll+0x22497
#26 CertGetCertificateChain CRYPT32.dll+0x13003
#27 CertGetCertificateChain CRYPT32.dll+0x12fa8
#28 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751
#29 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157
#30 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::)(void)> c:\chromium\src\base\tuple.h:541
#31 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::)(void),Tuple0>::Run c:\chromium\src\base\task.h:338
#32 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16
#33 RtlGUIDFromString ntdll.dll+0x2796d
#34 RtlGUIDFromString ntdll.dll+0x279ab
#35 RtlGUIDFromString ntdll.dll+0x27a6d
#36 RtlGUIDFromString ntdll.dll+0x27a44
#37 GetModuleFileNameA KERNEL32.dll+0xb729
Original issue: http://code.google.com/p/drmemory/issues/detail?id=476
The text was updated successfully, but these errors were encountered: