public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails
@ 2006-03-13 4:43 umbrook0 at cs dot umanitoba dot ca
2006-03-13 4:43 ` [Bug libc/2451] " umbrook0 at cs dot umanitoba dot ca
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: umbrook0 at cs dot umanitoba dot ca @ 2006-03-13 4:43 UTC (permalink / raw)
To: glibc-bugs
Valgrind reports that dlopen() leaks memory if it fails because the file is invalid.
To duplicate:
1. echo "Test" > not-a-lib.so
2. gcc -g test.c -ldl
3. valgrind --leak-check=full ./a.out
Result:
==5903== 15 bytes in 1 blocks are definitely lost in loss record 1 of 1
==5903== at 0x1B909222: malloc (vg_replace_malloc.c:130)
==5903== by 0x1B8EB8C7: expand_dynamic_string_token (in /lib/ld-2.3.5.so)
==5903== by 0x1B8EC410: _dl_map_object (in /lib/ld-2.3.5.so)
==5903== by 0x1B8F5273: dl_open_worker (in /lib/ld-2.3.5.so)
==5903== by 0x1B8F1C6D: _dl_catch_error (in /lib/ld-2.3.5.so)
==5903== by 0x1B8F59C8: _dl_open (in /lib/ld-2.3.5.so)
==5903== by 0x5ABD41: dlopen_doit (in /lib/libdl-2.3.5.so)
==5903== by 0x1B8F1C6D: _dl_catch_error (in /lib/ld-2.3.5.so)
==5903== by 0x5AC3E2: _dlerror_run (in /lib/libdl-2.3.5.so)
==5903== by 0x5ABDD1: dlopen@@GLIBC_2.1 (in /lib/libdl-2.3.5.so)
==5903== by 0x8048422: main (test.c:7)
I found this problem on Fedora Core 4 (glibc 2.3.5).
The problem seems to be that it allocates variable called realname (using
expand_dynamic_string_token) in _dl_map_object, but may call _dl_signal_error
later in the function without freeing the variable. It looks like a variable
called name_copy has the same problem.
If that is the problem, then, looking at the source code for glibc 2.4, it looks
like the problem is still there.
--
Summary: dlopen can leak small amounts of memory if it fails
Product: glibc
Version: 2.3.5
Status: NEW
Severity: minor
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: umbrook0 at cs dot umanitoba dot ca
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libc/2451] dlopen can leak small amounts of memory if it fails
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
@ 2006-03-13 4:43 ` umbrook0 at cs dot umanitoba dot ca
2006-03-14 11:19 ` avuton at gmail dot com
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: umbrook0 at cs dot umanitoba dot ca @ 2006-03-13 4:43 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From umbrook0 at cs dot umanitoba dot ca 2006-03-13 04:43 -------
Created an attachment (id=916)
--> (http://sourceware.org/bugzilla/attachment.cgi?id=916&action=view)
Small test case
--
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libc/2451] dlopen can leak small amounts of memory if it fails
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
2006-03-13 4:43 ` [Bug libc/2451] " umbrook0 at cs dot umanitoba dot ca
@ 2006-03-14 11:19 ` avuton at gmail dot com
2006-03-14 11:21 ` jakub at redhat dot com
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: avuton at gmail dot com @ 2006-03-14 11:19 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From avuton at gmail dot com 2006-03-14 11:18 -------
This does still exist in glibc 2.4
--
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libc/2451] dlopen can leak small amounts of memory if it fails
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
2006-03-13 4:43 ` [Bug libc/2451] " umbrook0 at cs dot umanitoba dot ca
2006-03-14 11:19 ` avuton at gmail dot com
@ 2006-03-14 11:21 ` jakub at redhat dot com
2006-03-14 11:21 ` jakub at redhat dot com
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: jakub at redhat dot com @ 2006-03-14 11:21 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|drepper at redhat dot com |jakub at redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libc/2451] dlopen can leak small amounts of memory if it fails
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
` (2 preceding siblings ...)
2006-03-14 11:21 ` jakub at redhat dot com
@ 2006-03-14 11:21 ` jakub at redhat dot com
2006-04-01 19:05 ` drepper at redhat dot com
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: jakub at redhat dot com @ 2006-03-14 11:21 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From jakub at redhat dot com 2006-03-14 11:21 -------
http://sources.redhat.com/ml/libc-hacker/2006-03/msg00034.html
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libc/2451] dlopen can leak small amounts of memory if it fails
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
` (3 preceding siblings ...)
2006-03-14 11:21 ` jakub at redhat dot com
@ 2006-04-01 19:05 ` drepper at redhat dot com
2007-01-19 19:20 ` wtchang at redhat dot com
2007-01-19 19:20 ` wtchang at redhat dot com
6 siblings, 0 replies; 8+ messages in thread
From: drepper at redhat dot com @ 2006-04-01 19:05 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From drepper at redhat dot com 2006-04-01 19:05 -------
Fixed in CVS.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libc/2451] dlopen can leak small amounts of memory if it fails
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
` (4 preceding siblings ...)
2006-04-01 19:05 ` drepper at redhat dot com
@ 2007-01-19 19:20 ` wtchang at redhat dot com
2007-01-19 19:20 ` wtchang at redhat dot com
6 siblings, 0 replies; 8+ messages in thread
From: wtchang at redhat dot com @ 2007-01-19 19:20 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |wtchang at redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug libc/2451] dlopen can leak small amounts of memory if it fails
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
` (5 preceding siblings ...)
2007-01-19 19:20 ` wtchang at redhat dot com
@ 2007-01-19 19:20 ` wtchang at redhat dot com
6 siblings, 0 replies; 8+ messages in thread
From: wtchang at redhat dot com @ 2007-01-19 19:20 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From wtchang at redhat dot com 2007-01-19 19:20 -------
Valgrind reports a leak in dlopen() that is almost the same as this bug:
==4630== 4 bytes in 1 blocks are still reachable in loss record 1 of 19
==4630== at 0x442972F: malloc (vg_replace_malloc.c:149)
==4630== by 0x41068A2: _dl_map_object_from_fd (in /lib/ld-2.3.2.so)
==4630== by 0x4104D3C: _dl_map_object (in /lib/ld-2.3.2.so)
==4630== by 0x633F2E5: dl_open_worker (in /lib/tls/libc-2.3.2.so)
==4630== by 0x410C895: _dl_catch_error (in /lib/ld-2.3.2.so)
==4630== by 0x633F141: _dl_open (in /lib/tls/libc-2.3.2.so)
==4630== by 0x45DCFFA: dlopen_doit (in /lib/libdl-2.3.2.so)
==4630== by 0x410C895: _dl_catch_error (in /lib/ld-2.3.2.so)
==4630== by 0x45DD4B5: _dlerror_run (in /lib/libdl-2.3.2.so)
==4630== by 0x45DCFA3: dlopen@@GLIBC_2.1 (in /lib/libdl-2.3.2.so)
==4630== by 0x4575126: pr_LoadLibraryByPathname (prlink.c:978)
==4630== by 0x4574FE4: PR_LoadLibraryWithFlags (prlink.c:580)
==4630== by 0x63A9E5C: bl_LoadFreeblLibInSoftokenDir (loader.c:218)
==4630== by 0x63A9ECE: bl_LoadLibrary (loader.c:244)
==4630== by 0x63A9FA7: freebl_LoadDSO (loader.c:296)
==4630== by 0x457D078: PR_CallOnce (prinit.c:815)
==4630== by 0x63AA0B6: freebl_RunLoaderOnce (loader.c:330)
==4630== by 0x63AB6F9: RNG_RNGInit (loader.c:920)
==4630== by 0x6390C01: nsc_CommonInitialize (pkcs11.c:3063)
==4630== by 0x6390E58: NSC_Initialize (pkcs11.c:3156)
==4630== by 0x44DC396: secmod_ModuleInit (pk11load.c:150)
==4630== by 0x44DC805: SECMOD_LoadPKCS11Module (pk11load.c:327)
==4630== by 0x44E73A2: SECMOD_LoadModule (pk11pars.c:323)
==4630== by 0x44E741A: SECMOD_LoadModule (pk11pars.c:338)
==4630== by 0x44B573C: nss_Init (nssinit.c:481)
==4630== by 0x44B59B1: NSS_Initialize (nssinit.c:583)
==4630== by 0x804E67A: main (strsclnt.c:1441)
==4630== 219 bytes in 1 blocks are still reachable in loss record 10 of 19
The two stacks only differ in the function called by _dl_map_object:
expand_dynamic_string_token vs. _dl_map_object_from_fd.
Are these the same leak?
--
http://sourceware.org/bugzilla/show_bug.cgi?id=2451
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2007-01-19 19:20 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-03-13 4:43 [Bug libc/2451] New: dlopen can leak small amounts of memory if it fails umbrook0 at cs dot umanitoba dot ca
2006-03-13 4:43 ` [Bug libc/2451] " umbrook0 at cs dot umanitoba dot ca
2006-03-14 11:19 ` avuton at gmail dot com
2006-03-14 11:21 ` jakub at redhat dot com
2006-03-14 11:21 ` jakub at redhat dot com
2006-04-01 19:05 ` drepper at redhat dot com
2007-01-19 19:20 ` wtchang at redhat dot com
2007-01-19 19:20 ` wtchang at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).