From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 35CE5386EC2D; Mon, 21 Sep 2020 16:25:49 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 35CE5386EC2D From: "peadar at arista dot com" To: glibc-bugs@sourceware.org Subject: [Bug libc/26641] New: Memory leak in _dl_scope_free Date: Mon, 21 Sep 2020 16:25:48 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: peadar at arista dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: glibc-bugs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-bugs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Sep 2020 16:25:49 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D26641 Bug ID: 26641 Summary: Memory leak in _dl_scope_free Product: glibc Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: libc Assignee: unassigned at sourceware dot org Reporter: peadar at arista dot com CC: drepper.fsp at gmail dot com Target Milestone: --- Created attachment 12852 --> https://sourceware.org/bugzilla/attachment.cgi?id=3D12852&action=3Ded= it Tentative patch to fix/explain issue. You can reproduce this issue running valgrind on a multithreaded program th= at opens a large number of shared libraries, and the attached patch solves it locally. _dl_scope_free is used when releasing a "scope".=20 This either * frees the scope directly (unthreaded case), * creates a new dl_scope_free_list for the scope (threaded case, first ca= ll),=20 * adds the scope to the existing scope_free_list (second and successive call),=20 * eventually free's the content of the scope_free_list (when dl_scope_free_list has filled). The intent, I assume, is to amortize the time spent synchronizing with other threads in THREAD_GSCOPE_WAIT by just doing it once for a bunch of calls to "free". The problem is in the final case, when the space in dl_scope_free_list is exhausted, the appropriate synchronization is performed , all the existing scopes on the free list are free'd, *however*, the passed "old" scope is no= t. There's also a cosmetic issue in dl-libc.c in the __libc_freeres callback - When cleaning up with the _dl_scope_free_list, only the list itself is free= 'd. The entries it points to are not. --=20 You are receiving this mail because: You are on the CC list for the bug.=