From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
 id 0E6E53858C27; Tue, 12 Apr 2022 17:39:14 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0E6E53858C27
From: "redi at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug libbacktrace/105240] backtrace_pcinfo leaks memory
Date: Tue, 12 Apr 2022 17:39:14 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: libbacktrace
X-Bugzilla-Version: 12.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: redi at gcc dot gnu.org
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-105240-4-HZVrYLTL87@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-105240-4@http.gcc.gnu.org/bugzilla/>
References: <bug-105240-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: gcc-bugs@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-bugs mailing list <gcc-bugs.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-bugs>,
 <mailto:gcc-bugs-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-bugs>,
 <mailto:gcc-bugs-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2022 17:39:15 -0000

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D105240

--- Comment #4 from Jonathan Wakely <redi at gcc dot gnu.org> ---
The report in comment 0 is from libstdc++ which uses a local static variabl=
e to
hold the state.

Modifying the comment 1 example to use a global:

#include <backtrace.h>

int cb_pcinfo(void*, uintptr_t, const char*, int, const char* function)
{ return function !=3D nullptr; }

int cb(void* p, uintptr_t pc) { *static_cast<uintptr_t*>(p) =3D pc; return =
1; }

backtrace_state* state;

int main()
{
  state =3D backtrace_create_state(nullptr, 1, nullptr, nullptr);
  uintptr_t pc;
  backtrace_simple(state, 0, cb, nullptr, &pc);
  backtrace_pcinfo(state, pc, cb_pcinfo, nullptr, nullptr);
}

I get:

=3D=3D494586=3D=3D Memcheck, a memory error detector
=3D=3D494586=3D=3D Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward=
 et al.
=3D=3D494586=3D=3D Using Valgrind-3.18.1 and LibVEX; rerun with -h for copy=
right info
=3D=3D494586=3D=3D Command: ./a.out
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D HEAP SUMMARY:
=3D=3D494586=3D=3D     in use at exit: 112,638,181 bytes in 729,676 blocks
=3D=3D494586=3D=3D   total heap usage: 729,861 allocs, 185 frees, 115,412,6=
94 bytes
allocated
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D 84 bytes in 3 blocks are definitely lost in loss record =
6 of 35
=3D=3D494586=3D=3D    at 0x484086F: malloc (vg_replace_malloc.c:381)
=3D=3D494586=3D=3D    by 0x406FF1: backtrace_alloc (alloc.c:57)
=3D=3D494586=3D=3D    by 0x409283: read_lnct (dwarf.c:2543)
=3D=3D494586=3D=3D    by 0x409283: read_line_header_format_entries (dwarf.c=
:2618)
=3D=3D494586=3D=3D    by 0x40B08A: read_line_header (dwarf.c:2712)
=3D=3D494586=3D=3D    by 0x40B08A: read_line_info (dwarf.c:2965)
=3D=3D494586=3D=3D    by 0x40B08A: dwarf_lookup_pc (dwarf.c:3747)
=3D=3D494586=3D=3D    by 0x40C1BE: dwarf_fileline (dwarf.c:3935)
=3D=3D494586=3D=3D    by 0x401357: main (bt.cc:15)
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D 2,839 bytes in 1 blocks are possibly lost in loss record=
 19 of 35
=3D=3D494586=3D=3D    at 0x484086F: malloc (vg_replace_malloc.c:381)
=3D=3D494586=3D=3D    by 0x406FF1: backtrace_alloc (alloc.c:57)
=3D=3D494586=3D=3D    by 0x406ED6: backtrace_get_view (read.c:68)
=3D=3D494586=3D=3D    by 0x40667B: elf_add (elf.c:4381)
=3D=3D494586=3D=3D    by 0x406D83: backtrace_initialize (elf.c:4877)
=3D=3D494586=3D=3D    by 0x4014B1: fileline_initialize (fileline.c:261)
=3D=3D494586=3D=3D    by 0x401581: backtrace_pcinfo (fileline.c:295)
=3D=3D494586=3D=3D    by 0x401357: main (bt.cc:15)
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D 13,920 bytes in 1 blocks are definitely lost in loss rec=
ord 23 of 35
=3D=3D494586=3D=3D    at 0x484086F: malloc (vg_replace_malloc.c:381)
=3D=3D494586=3D=3D    by 0x406FF1: backtrace_alloc (alloc.c:57)
=3D=3D494586=3D=3D    by 0x406ED6: backtrace_get_view (read.c:68)
=3D=3D494586=3D=3D    by 0x40568A: elf_get_view (elf.c:426)
=3D=3D494586=3D=3D    by 0x40568A: elf_add (elf.c:4329)
=3D=3D494586=3D=3D    by 0x406BC8: phdr_callback (elf.c:4848)
=3D=3D494586=3D=3D    by 0x4D2A314: dl_iterate_phdr (dl-iteratephdr.c:75)
=3D=3D494586=3D=3D    by 0x406DDD: backtrace_initialize (elf.c:4892)
=3D=3D494586=3D=3D    by 0x4014B1: fileline_initialize (fileline.c:261)
=3D=3D494586=3D=3D    by 0x401581: backtrace_pcinfo (fileline.c:295)
=3D=3D494586=3D=3D    by 0x401357: main (bt.cc:15)
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D 69,736 bytes in 2 blocks are possibly lost in loss recor=
d 26 of 35
=3D=3D494586=3D=3D    at 0x484086F: malloc (vg_replace_malloc.c:381)
=3D=3D494586=3D=3D    by 0x406FF1: backtrace_alloc (alloc.c:57)
=3D=3D494586=3D=3D    by 0x406ED6: backtrace_get_view (read.c:68)
=3D=3D494586=3D=3D    by 0x40568A: elf_get_view (elf.c:426)
=3D=3D494586=3D=3D    by 0x40568A: elf_add (elf.c:4329)
=3D=3D494586=3D=3D    by 0x406BC8: phdr_callback (elf.c:4848)
=3D=3D494586=3D=3D    by 0x4D2A314: dl_iterate_phdr (dl-iteratephdr.c:75)
=3D=3D494586=3D=3D    by 0x406DDD: backtrace_initialize (elf.c:4892)
=3D=3D494586=3D=3D    by 0x4014B1: fileline_initialize (fileline.c:261)
=3D=3D494586=3D=3D    by 0x401581: backtrace_pcinfo (fileline.c:295)
=3D=3D494586=3D=3D    by 0x401357: main (bt.cc:15)
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D 451,020 bytes in 7 blocks are possibly lost in loss reco=
rd 31 of 35
=3D=3D494586=3D=3D    at 0x484086F: malloc (vg_replace_malloc.c:381)
=3D=3D494586=3D=3D    by 0x406FF1: backtrace_alloc (alloc.c:57)
=3D=3D494586=3D=3D    by 0x406ED6: backtrace_get_view (read.c:68)
=3D=3D494586=3D=3D    by 0x40667B: elf_add (elf.c:4381)
=3D=3D494586=3D=3D    by 0x406BC8: phdr_callback (elf.c:4848)
=3D=3D494586=3D=3D    by 0x4D2A314: dl_iterate_phdr (dl-iteratephdr.c:75)
=3D=3D494586=3D=3D    by 0x406DDD: backtrace_initialize (elf.c:4892)
=3D=3D494586=3D=3D    by 0x4014B1: fileline_initialize (fileline.c:261)
=3D=3D494586=3D=3D    by 0x401581: backtrace_pcinfo (fileline.c:295)
=3D=3D494586=3D=3D    by 0x401357: main (bt.cc:15)
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D LEAK SUMMARY:
=3D=3D494586=3D=3D    definitely lost: 14,004 bytes in 4 blocks
=3D=3D494586=3D=3D    indirectly lost: 0 bytes in 0 blocks
=3D=3D494586=3D=3D      possibly lost: 523,595 bytes in 10 blocks
=3D=3D494586=3D=3D    still reachable: 112,100,582 bytes in 729,662 blocks
=3D=3D494586=3D=3D         suppressed: 0 bytes in 0 blocks
=3D=3D494586=3D=3D Reachable blocks (those to which a pointer was found) ar=
e not shown.
=3D=3D494586=3D=3D To see them, rerun with: --leak-check=3Dfull --show-leak=
-kinds=3Dall
=3D=3D494586=3D=3D=20
=3D=3D494586=3D=3D For lists of detected and suppressed errors, rerun with:=
 -s
=3D=3D494586=3D=3D ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 f=
rom 0)

So that's still 14kB definitely lost, 500kB possibly lost.=