Closed Bug 393174 Opened 17 years ago Closed 17 years ago

Memory leaks in ocspclnt/PKIX.

Categories

(NSS :: Libraries, defect, P1)

Product:
NSS
Component:
Libraries
Platform:
Sun
Solaris
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: slavomir.katuscak+mozilla, Assigned: alvolkov.bgs)

Details

(Keywords: memory-leak)

Attachments

(2 files)

Free socket if error occured.
1.22 KB, patch
nelson
: review+
Details | Diff | Splinter Review
Patch to the ignored stacks file.
8.96 KB, patch
nelson
: review+
Details | Diff | Splinter Review 
I wrapped current OCSP tests with dbx and checked them for memory leaks. Here are some leak stacks related to OCSP/PKIX:

Possible memory leak -- address in block (aib):
Found leaked block of size 96 bytes at address 0x610f88
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
    [3] PKIX_PL_Object_Alloc() at line 531 in "pkix_pl_object.c"
    [4] pkix_pl_Socket_CreateByHostAndPort() at line 1647 in "pkix_pl_socket.c"
    [5] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [6] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [7] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [8] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [9] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [10] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [11] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [12] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [13] get_cert_status() at line 444 in "ocspclnt.c"
    [14] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 88 bytes at address 0x611000
At time of allocation, the call stack was:
    [1] calloc() at 0xe0954ab4
    [2] PR_Calloc() at line 475 in "prmem.c"
    [3] PR_NewLock() at line 174 in "ptsynch.c"
    [4] PKIX_PL_Object_Alloc() at line 554 in "pkix_pl_object.c"
    [5] pkix_pl_Socket_CreateByHostAndPort() at line 1647 in "pkix_pl_socket.c"
    [6] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [14] get_cert_status() at line 444 in "ocspclnt.c"
    [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 24 bytes at address 0x60d6d0
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] _PR_Getfd() at line 141 in "prfdcach.c"
    [3] pt_SetMethods() at line 3281 in "ptio.c"
    [4] PR_Socket() at line 3465 in "ptio.c"
    [5] PR_NewTCPSocket() at line 4329 in "ptio.c"
    [6] pkix_pl_Socket_CreateClient() at line 370 in "pkix_pl_socket.c"
    [7] pkix_pl_Socket_CreateByHostAndPort() at line 1674 in "pkix_pl_socket.c"
    [8] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [9] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [10] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [11] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [12] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [13] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [14] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [15] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [16] get_cert_status() at line 444 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 24 bytes at address 0x60d9e8
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] _PR_Getfd() at line 144 in "prfdcach.c"
    [3] pt_SetMethods() at line 3281 in "ptio.c"
    [4] PR_Socket() at line 3465 in "ptio.c"
    [5] PR_NewTCPSocket() at line 4329 in "ptio.c"
    [6] pkix_pl_Socket_CreateClient() at line 370 in "pkix_pl_socket.c"
    [7] pkix_pl_Socket_CreateByHostAndPort() at line 1674 in "pkix_pl_socket.c"
    [8] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [9] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [10] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [11] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [12] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [13] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [14] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [15] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [16] get_cert_status() at line 444 in "ocspclnt.c"
Maybe fix for bug 391774 will fix also these leaks (don't have fix yet).
Assignee: nobody → alexei.volkov.bugs
Priority: -- → P1
Target Milestone: --- → 3.12
Some more stacks related to this bug:

Possible memory leak -- address in block (aib):
Found leaked block of size 88 bytes at address 0x8532b28
At time of allocation, the call stack was:
        [1] calloc() at 0xb79308a0 
        [2] PR_Calloc() at line 475 in "prmem.c"
        [3] PR_NewLock() at line 174 in "ptsynch.c"
        [4] PKIX_PL_Object_Alloc() at line 555 in "pkix_pl_object.c"
        [5] PKIX_PL_String_Create() at line 312 in "pkix_pl_string.c"
        [6] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [7] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [9] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [10] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [12] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [13] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [14] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [15] get_cert_status() at line 444 in "ocspclnt.c"
        [16] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 60 bytes at address 0x852d830
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] pkix_EscASCII_to_UTF16() at line 844 in "pkix_pl_common.c"
        [4] PKIX_PL_String_Create() at line 344 in "pkix_pl_string.c"
        [5] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [6] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [14] get_cert_status() at line 444 in "ocspclnt.c"
        [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 44 bytes at address 0x853ad48
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] PKIX_PL_Object_Alloc() at line 532 in "pkix_pl_object.c"
        [4] PKIX_PL_String_Create() at line 312 in "pkix_pl_string.c"
        [5] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [6] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [14] get_cert_status() at line 444 in "ocspclnt.c"
        [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 16 bytes at address 0x85319f0
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] pkix_pl_PrimHashTable_Add() at line 248 in "pkix_pl_primhash.c"
        [4] PKIX_PL_HashTable_Add() at line 227 in "pkix_pl_hashtable.c"
        [5] pkix_HttpCertStore_FindSocketConnection() at line 1650 in "pkix_pl_httpcertstore.c"
        [6] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [8] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [9] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [11] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [12] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [13] get_cert_status() at line 444 in "ocspclnt.c"
        [14] main() at line 1257 in "ocspclnt.c"
All of these leaks should be resolved by PKIX_Shutdown. I've committed the patch that removes ifdef from PKIX_Shutdown. Slavo, please verify that these leaks are no longer reported. 

        Attachment #283728 -
        Flags: review?(nelson)

    
    

    
  
Comment on attachment 283728 [details] [diff] [review]
Free socket if error occured.

r=nelson

        Attachment #283728 -
        Flags: review?(nelson) → review+

    
    

    
  
I'm confused by comment 3.  It seems to be saying that no problem remains
that needs to be patched, yet the patch for this bug was still awaiting 
review.  So, is this patch needed, or not?

    
    

    
  
Yes, it is still needed. The main reason for the most of the leaks reported in the bug is unknown error condition that happened during connection opening.

PKIX_Shutdown takes care of cases when connection were successfully opened and were registered with httpClientCache.

The problem that the patch fixes was found during code inspections.

This bug will be closed ones the patch is integrated, since fix for leaks during error conditions will be attached to bug 397832.

    
    

    
  
attachment 283728 [details] [diff] [review] is integrated to the trunk. 
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED

    
    

    
  
Reopening - after adding OCSP tests to branch bug found also there.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Target Milestone: 3.12 → 3.11.9

    
    

    
  
Are you saying that we leak some memory while doing OCSP revocation check on the branch?

Well, since branch does not use libpkix code, the bug that you've found should not be related to this one.

Please update this bug(or better open a new bug and update it) with a stack found on the branch. Thx.

    
    

    
  
This bug is about PKIX code, which exists only on the trunk.
It is fixed.  If there is a leak in OCSP on the branch, 
it is a different bug, not this one.
Status: REOPENED → RESOLVED
Closed: 17 years ago17 years ago
Resolution: --- → FIXED
Target Milestone: 3.11.9 → 3.12

    
    

    
  
Sorry, my fault, used wrong pattern to match.

    
    

    
  


  
Clean up ignored stacks file.

        Attachment #290762 -
        Flags: review?(nelson)

    
    

    
  
Comment on attachment 290762 [details] [diff] [review]
Patch to the ignored stacks file.

r=nelson

        Attachment #290762 -
        Flags: review?(nelson) → review+

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: