Last Comment Bug 393174 - Memory leaks in ocspclnt/PKIX.
: Memory leaks in ocspclnt/PKIX.
Status: RESOLVED FIXED
: mlk
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: trunk
: Sun Solaris
: P1 normal (vote)
: 3.12
Assigned To: Alexei Volkov
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-08-22 05:03 PDT by Slavomir Katuscak
Modified: 2007-11-29 23:46 PST (History)
1 user (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Free socket if error occured. (1.22 KB, patch)
2007-10-05 11:02 PDT, Alexei Volkov
nelson: review+
Details | Diff | Review
Patch to the ignored stacks file. (8.96 KB, patch)
2007-11-29 14:50 PST, Alexei Volkov
nelson: review+
Details | Diff | Review

Description Slavomir Katuscak 2007-08-22 05:03:30 PDT
I wrapped current OCSP tests with dbx and checked them for memory leaks. Here are some leak stacks related to OCSP/PKIX:

Possible memory leak -- address in block (aib):
Found leaked block of size 96 bytes at address 0x610f88
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
    [3] PKIX_PL_Object_Alloc() at line 531 in "pkix_pl_object.c"
    [4] pkix_pl_Socket_CreateByHostAndPort() at line 1647 in "pkix_pl_socket.c"
    [5] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [6] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [7] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [8] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [9] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [10] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [11] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [12] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [13] get_cert_status() at line 444 in "ocspclnt.c"
    [14] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 88 bytes at address 0x611000
At time of allocation, the call stack was:
    [1] calloc() at 0xe0954ab4
    [2] PR_Calloc() at line 475 in "prmem.c"
    [3] PR_NewLock() at line 174 in "ptsynch.c"
    [4] PKIX_PL_Object_Alloc() at line 554 in "pkix_pl_object.c"
    [5] pkix_pl_Socket_CreateByHostAndPort() at line 1647 in "pkix_pl_socket.c"
    [6] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [14] get_cert_status() at line 444 in "ocspclnt.c"
    [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 24 bytes at address 0x60d6d0
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] _PR_Getfd() at line 141 in "prfdcach.c"
    [3] pt_SetMethods() at line 3281 in "ptio.c"
    [4] PR_Socket() at line 3465 in "ptio.c"
    [5] PR_NewTCPSocket() at line 4329 in "ptio.c"
    [6] pkix_pl_Socket_CreateClient() at line 370 in "pkix_pl_socket.c"
    [7] pkix_pl_Socket_CreateByHostAndPort() at line 1674 in "pkix_pl_socket.c"
    [8] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [9] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [10] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [11] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [12] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [13] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [14] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [15] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [16] get_cert_status() at line 444 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 24 bytes at address 0x60d9e8
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] _PR_Getfd() at line 144 in "prfdcach.c"
    [3] pt_SetMethods() at line 3281 in "ptio.c"
    [4] PR_Socket() at line 3465 in "ptio.c"
    [5] PR_NewTCPSocket() at line 4329 in "ptio.c"
    [6] pkix_pl_Socket_CreateClient() at line 370 in "pkix_pl_socket.c"
    [7] pkix_pl_Socket_CreateByHostAndPort() at line 1674 in "pkix_pl_socket.c"
    [8] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [9] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [10] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [11] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [12] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [13] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [14] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [15] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [16] get_cert_status() at line 444 in "ocspclnt.c"
Comment 1 Slavomir Katuscak 2007-08-22 05:18:58 PDT
Maybe fix for bug 391774 will fix also these leaks (don't have fix yet).
Comment 2 Slavomir Katuscak 2007-10-02 07:10:47 PDT
Some more stacks related to this bug:

Possible memory leak -- address in block (aib):
Found leaked block of size 88 bytes at address 0x8532b28
At time of allocation, the call stack was:
        [1] calloc() at 0xb79308a0 
        [2] PR_Calloc() at line 475 in "prmem.c"
        [3] PR_NewLock() at line 174 in "ptsynch.c"
        [4] PKIX_PL_Object_Alloc() at line 555 in "pkix_pl_object.c"
        [5] PKIX_PL_String_Create() at line 312 in "pkix_pl_string.c"
        [6] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [7] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [9] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [10] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [12] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [13] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [14] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [15] get_cert_status() at line 444 in "ocspclnt.c"
        [16] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 60 bytes at address 0x852d830
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] pkix_EscASCII_to_UTF16() at line 844 in "pkix_pl_common.c"
        [4] PKIX_PL_String_Create() at line 344 in "pkix_pl_string.c"
        [5] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [6] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [14] get_cert_status() at line 444 in "ocspclnt.c"
        [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 44 bytes at address 0x853ad48
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] PKIX_PL_Object_Alloc() at line 532 in "pkix_pl_object.c"
        [4] PKIX_PL_String_Create() at line 312 in "pkix_pl_string.c"
        [5] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [6] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [14] get_cert_status() at line 444 in "ocspclnt.c"
        [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 16 bytes at address 0x85319f0
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] pkix_pl_PrimHashTable_Add() at line 248 in "pkix_pl_primhash.c"
        [4] PKIX_PL_HashTable_Add() at line 227 in "pkix_pl_hashtable.c"
        [5] pkix_HttpCertStore_FindSocketConnection() at line 1650 in "pkix_pl_httpcertstore.c"
        [6] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [8] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [9] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [11] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [12] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [13] get_cert_status() at line 444 in "ocspclnt.c"
        [14] main() at line 1257 in "ocspclnt.c"
Comment 3 Alexei Volkov 2007-10-04 13:05:48 PDT
All of these leaks should be resolved by PKIX_Shutdown. I've committed the patch that removes ifdef from PKIX_Shutdown. Slavo, please verify that these leaks are no longer reported. 
Comment 4 Alexei Volkov 2007-10-05 11:02:58 PDT
Created attachment 283728 [details] [diff] [review]
Free socket if error occured.
Comment 5 Nelson Bolyard (seldom reads bugmail) 2007-10-09 21:22:12 PDT
Comment on attachment 283728 [details] [diff] [review]
Free socket if error occured.

r=nelson
Comment 6 Nelson Bolyard (seldom reads bugmail) 2007-10-09 21:23:37 PDT
I'm confused by comment 3.  It seems to be saying that no problem remains
that needs to be patched, yet the patch for this bug was still awaiting 
review.  So, is this patch needed, or not?
Comment 7 Alexei Volkov 2007-10-10 11:15:47 PDT
Yes, it is still needed. The main reason for the most of the leaks reported in the bug is unknown error condition that happened during connection opening.

PKIX_Shutdown takes care of cases when connection were successfully opened and were registered with httpClientCache.

The problem that the patch fixes was found during code inspections.

This bug will be closed ones the patch is integrated, since fix for leaks during error conditions will be attached to bug 397832.
Comment 8 Alexei Volkov 2007-10-10 11:19:04 PDT
attachment 283728 [details] [diff] [review] is integrated to the trunk. 
Comment 9 Slavomir Katuscak 2007-11-15 07:19:17 PST
Reopening - after adding OCSP tests to branch bug found also there.
Comment 10 Alexei Volkov 2007-11-15 11:35:07 PST
Are you saying that we leak some memory while doing OCSP revocation check on the branch?

Well, since branch does not use libpkix code, the bug that you've found should not be related to this one.

Please update this bug(or better open a new bug and update it) with a stack found on the branch. Thx.
Comment 11 Nelson Bolyard (seldom reads bugmail) 2007-11-15 14:23:27 PST
This bug is about PKIX code, which exists only on the trunk.
It is fixed.  If there is a leak in OCSP on the branch, 
it is a different bug, not this one.
Comment 12 Slavomir Katuscak 2007-11-16 01:03:34 PST
Sorry, my fault, used wrong pattern to match.
Comment 13 Alexei Volkov 2007-11-29 14:50:57 PST
Created attachment 290762 [details] [diff] [review]
Patch to the ignored stacks file.

Clean up ignored stacks file.
Comment 14 Nelson Bolyard (seldom reads bugmail) 2007-11-29 23:46:21 PST
Comment on attachment 290762 [details] [diff] [review]
Patch to the ignored stacks file.

r=nelson

Note You need to log in before you can comment on or make changes to this bug.