derekbruening commented 9 years ago

From timurrrr@google.com on June 24, 2011 11:08:52

$ tools\valgrind\chrome_tests.bat -t net --tool drmemory --gtest_filter="_CertVer.Cancel_Q*"

http://build.chromium.org/p/chromium.fyi/builders/Windows%20Tests%20%28DrMemory%29/builds/4341/steps/memory%20test%3A%20net_1/logs/stdio with PDB symbols it looks like this: LEAK 132 direct bytes 0x00233210-0x00233294 + 1296 indirect bytes
1 AllocWrapper RPCRT4.dll+0x81f9

2 operator new RPCRT4.dll+0x81d0

3 ThreadSelfHelper RPCRT4.dll+0xd232

4 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df

5 RpcpBindRpc NETAPI32.dll+0x7b23

6 DsRolepServerBind NETAPI32.dll+0xb840

7 DsRoleGetPrimaryDomainInformation NETAPI32.dll+0xb932

8 GetMachineRole USERENV.dll+0x8113

9 GetUserDNSDomainName USERENV.dll+0x70c2

10 CreateEnvironmentBlock USERENV.dll+0x6bcc

11 ExpandEnvironmentStringsForUserW USERENV.dll+0x7752

12 GetUserAppDataPathW USERENV.dll+0x1cbb

13 FastGetUserAppDataPath CRYPT32.dll+0x23a3b

14 ILS_GetRoamingStoreDirectory CRYPT32.dll+0x23d1a

15 I_CertDllOpenSystemRegistryStoreProvW CRYPT32.dll+0x23c91

16 CertOpenStore CRYPT32.dll+0x126cf

17 OpenPhysicalStoreCallback CRYPT32.dll+0xfd4f

18 EnumPhysicalStore CRYPT32.dll+0xf59e

19 I_CertDllOpenSystemStoreProvW CRYPT32.dll+0xf122

20 CertOpenStore CRYPT32.dll+0x126cf

21 ChainCreateWorldStore CRYPT32.dll+0x22e4f

22 CCertChainEngine::CCertChainEngine CRYPT32.dll+0x2270c

23 InternalCertCreateCertificateChainEngine CRYPT32.dll+0x2253e

24 CertCreateCertificateChainEngine CRYPT32.dll+0x224e1

25 CDefaultChainEngineMgr::GetDefaultCurrentUserEngine CRYPT32.dll+0x22497

26 CDefaultChainEngineMgr::GetDefaultEngine CRYPT32.dll+0x13003

27 CertGetCertificateChain CRYPT32.dll+0x12fa8

28 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751

29 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157

30 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void)> c:\chromium\src\base\tuple.h:541

31 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void),Tuple0>::Run c:\chromium\src\base\task.h:338

32 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16

33 RtlpWorkerCallout ntdll.dll+0x2796d

34 RtlpExecuteWorkerRequest ntdll.dll+0x279ab

35 RtlpApcCallout ntdll.dll+0x27a6d

36 RtlpWorkerThread ntdll.dll+0x27a44

37 BaseThreadStart KERNEL32.dll+0xb729

w/o symbols: LEAK 132 direct bytes 0x00235128-0x002351ac + 1296 indirect bytes

1 I_RpcBCacheFree RPCRT4.dll+0x81f9

2 I_RpcBCacheFree RPCRT4.dll+0x81d0

3 NdrConformantArrayFree RPCRT4.dll+0xd232

4 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df

5 NetApiBufferFree NETAPI32.dll+0x7b23

6 DsRoleFreeMemory NETAPI32.dll+0xb840

7 DsRoleGetPrimaryDomainInformation NETAPI32.dll+0xb932

8 DestroyEnvironmentBlock USERENV.dll+0x8113

9 CreateEnvironmentBlock USERENV.dll+0x70c2

10 CreateEnvironmentBlock USERENV.dll+0x6bcc

11 ExpandEnvironmentStringsForUserW USERENV.dll+0x7752

12 Ordinal149 USERENV.dll+0x1cbb

13 RegSetValueExU CRYPT32.dll+0x23a3b

14 I_CryptGetFileVersion CRYPT32.dll+0x23d1a

15 I_CryptGetFileVersion CRYPT32.dll+0x23c91

16 CertOpenStore CRYPT32.dll+0x126cf

17 CertAddStoreToCollection CRYPT32.dll+0xfd4f

18 I_CryptGetTls CRYPT32.dll+0xf59e

19 I_CryptGetTls CRYPT32.dll+0xf122

20 CertOpenStore CRYPT32.dll+0x126cf

21 CryptMemAlloc CRYPT32.dll+0x22e4f

22 CertCreateCertificateChainEngine CRYPT32.dll+0x2270c

23 CertCreateCertificateChainEngine CRYPT32.dll+0x2253e

24 CertCreateCertificateChainEngine CRYPT32.dll+0x224e1

25 CertEnumCertificatesInStore CRYPT32.dll+0x22497

26 CertGetCertificateChain CRYPT32.dll+0x13003

27 CertGetCertificateChain CRYPT32.dll+0x12fa8

28 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751

29 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157

30 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void)> c:\chromium\src\base\tuple.h:541

31 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void),Tuple0>::Run c:\chromium\src\base\task.h:338

32 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16

33 RtlGUIDFromString ntdll.dll+0x2796d

34 RtlGUIDFromString ntdll.dll+0x279ab

35 RtlGUIDFromString ntdll.dll+0x27a6d

36 RtlGUIDFromString ntdll.dll+0x27a44

37 GetModuleFileNameA KERNEL32.dll+0xb729

Original issue: http://code.google.com/p/drmemory/issues/detail?id=476

derekbruening commented 9 years ago

From timurrrr@google.com on June 24, 2011 08:28:55

One more:

$ tools\valgrind\chrome_tests.bat -t net --tool drmemory --gtest_filter="_CertVer.Cancel_:-Quit"

http://build.chromium.org/p/chromium.fyi/builders/Windows%20Tests%20%28DrMemory%29/builds/4341/steps/memory%20test%3A%20net_3/logs/stdio with PDB symbols: LEAK 160 direct bytes 0x065903f8-0x06590498 + 0 indirect bytes
1 LocalAlloc KERNEL32.dll+0x9a7f

2 PkiDefaultCryptAlloc CRYPT32.dll+0x44e8

3 PkiAsn1AllocStructInfoEx CRYPT32.dll+0xfe4e

4 PkiAsn1DecodeAndAllocInfoEx CRYPT32.dll+0x12a58

5 CryptDecodeObject CRYPT32.dll+0x12a0f

6 Asn1X509SignedContentDecodeEx CRYPT32.dll+0x172f4

7 CryptDecodeObjectEx CRYPT32.dll+0x12015

8 AllocAndDecodeObject CRYPT32.dll+0x11fb0

9 GetProperty CRYPT32.dll+0x29926

10 CertGetCRLContextProperty CRYPT32.dll+0x12900

11 CChainPathObject::UpdateChainContextFromPathObject CRYPT32.dll+0x1aa39

12 CChainPathObject::CreateChainContextFromPath CRYPT32.dll+0x1ae4e

13 CCertChainEngine::CreateChainContextFromPathGraph CRYPT32.dll+0x1bc6b

14 CCertChainEngine::GetChainContext CRYPT32.dll+0x1831a

15 CertGetCertificateChain CRYPT32.dll+0x12fc8

16 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751

17 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157

18 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void)> c:\chromium\src\base\tuple.h:541

19 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void),Tuple0>::Run c:\chromium\src\base\task.h:338

20 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16

21 RtlpWorkerCallout ntdll.dll+0x2796d

22 RtlpExecuteWorkerRequest ntdll.dll+0x279ab

23 RtlpApcCallout ntdll.dll+0x27a6d

24 RtlpWorkerThread ntdll.dll+0x27a44

25 BaseThreadStart KERNEL32.dll+0xb729

w/o PDB symbols: LEAK 160 direct bytes 0x001a31a0-0x001a3240 + 0 indirect bytes

1 LocalAlloc KERNEL32.dll+0x9a7f

2 I_CryptInstallAsn1Module CRYPT32.dll+0x44e8

3 CertAddStoreToCollection CRYPT32.dll+0xfe4e

4 CertGetCRLContextProperty CRYPT32.dll+0x12a58

5 CertGetCRLContextProperty CRYPT32.dll+0x12a0f

6 I_CryptReleaseLruEntry CRYPT32.dll+0x172f4

7 CryptDecodeObjectEx CRYPT32.dll+0x12015

8 CertFreeCTLContext CRYPT32.dll+0x11fb0

9 CertAddEncodedCRLToStore CRYPT32.dll+0x29926

10 CertGetCRLContextProperty CRYPT32.dll+0x12900

11 CryptMsgClose CRYPT32.dll+0x1aa39

12 CryptMsgClose CRYPT32.dll+0x1ae4e

13 CryptHashToBeSigned CRYPT32.dll+0x1bc6b

14 I_CryptGetLruEntryData CRYPT32.dll+0x1831a

15 CertGetCertificateChain CRYPT32.dll+0x12fc8

16 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751

17 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157

18 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void)> c:\chromium\src\base\tuple.h:541

19 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void),Tuple0>::Run c:\chromium\src\base\task.h:338

20 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16

21 RtlGUIDFromString ntdll.dll+0x2796d

22 RtlGUIDFromString ntdll.dll+0x279ab

23 RtlGUIDFromString ntdll.dll+0x27a6d

24 RtlGUIDFromString ntdll.dll+0x27a44

25 GetModuleFileNameA KERNEL32.dll+0xb729

derekbruening commented 9 years ago

From timurrrr@google.com on June 24, 2011 08:53:16

Will try to extract a repro ...

Status: Started
Owner: timurrrr@google.com

derekbruening commented 9 years ago

From timurrrr@google.com on June 29, 2011 06:03:25

looks very much related: http://build.chromium.org/p/chromium.fyi/builders/Windows%20Tests%20%28DrMemory%29/builds/4409/steps/memory%20test%3A%20net/logs/stdio (w/o PDB symbols) LEAK 132 direct bytes 0x001edb20-0x001edba4 + 264 indirect bytes

1 I_RpcBCacheFree RPCRT4.dll+0x81f9

2 I_RpcBCacheFree RPCRT4.dll+0x81d0

3 NdrConformantArrayFree RPCRT4.dll+0xd232

4 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df

5 ? DHCPCSVC.DLL+0x2a99

6 RpcStringBindingComposeW RPCRT4.dll+0xec3a

7 RpcStringBindingComposeW RPCRT4.dll+0xec67

8 NdrClientCall2 RPCRT4.dll+0x8558d

9 DhcpRequestOptions DHCPCSVC.DLL+0x460c

10 DhcpRequestParams DHCPCSVC.DLL+0x116f0

11 net::DhcpProxyScriptAdapterFetcher::GetPacURLFromDhcp net\proxy\dhcp_proxy_script_adapter_fetcher_win.cc:277

12 net::DhcpProxyScriptAdapterFetcher::WorkerThread::ImplGetPacURLFromDhcp net\proxy\dhcp_proxy_script_adapter_fetcher_win.cc:156

13 net::DhcpProxyScriptAdapterFetcher::WorkerThread::ThreadFunc net\proxy\dhcp_proxy_script_adapter_fetcher_win.cc:135

14 DispatchToMethod<...>

derekbruening commented 9 years ago

From rnk@google.com on February 02, 2012 08:14:15

With symbols, it looks a lot like issue #751 , which is the leak of a THREAD object. Here's what I get running net_unittests.exe without any chromium supps:

$ ../drmemory/build/bin/drmemory.exe -verbose 2 -debug -dr_debug -dr C:/src/dynamorio/exports -batch ./build/Debug/net_unittests.exe --gtest_filter="_CertVer.Cancel_Q*" .... ~~Dr.M~~ Error #1: LEAK 44 direct bytes 0x00586b68-0x00586b94 + 257 indirect bytes ~~Dr.M~~ # 0 ntdll.dll!LdrpGetNewTlsVector ~~Dr.M~~ # 1 ntdll.dll!LdrpInitializeThread ~~Dr.M~~ # 2 ntdll.dll!_LdrpInitialize ~~Dr.M~~ # 3 ntdll.dll!LdrInitializeThunk ~~Dr.M~~ ~~Dr.M~~ ERRORS FOUND: ~~Dr.M~~ 0 unique, 0 total unaddressable access(es) ~~Dr.M~~ 0 unique, 0 total uninitialized access(es) ~~Dr.M~~ 0 unique, 0 total invalid heap argument(s) ~~Dr.M~~ 0 unique, 0 total warning(s) ~~Dr.M~~ 1 unique, 3 total, 903 byte(s) of leak(s) ~~Dr.M~~ 0 unique, 0 total, 0 byte(s) of possible leak(s) ~~Dr.M~~ ERRORS IGNORED: ~~Dr.M~~ 2895 still-reachable allocation(s) ~~Dr.M~~ (re-run with "-show_reachable" for details) ~~Dr.M~~ Details: C:\src\drmemory\build/logs/DrMemory-net_unittests.exe.2724.000/results.txt

From results.txt: SUPPRESSIONS USED: 1x: default issue #494 (custom data not all initialized) 36x: default issue #337 (real bug in RtlpLowFragHeapAllocFromContext) 1x (leaked 72 bytes): default issue #286 (activation context leak) 1x (leaked 1 bytes): default issue #257 (real leak in VS2008 STL std::numpunct<{char,wchar_t}>::_Init) 1x (leaked 80 bytes): default issue #733 (nosyms) 3x (leaked 96 bytes): default issue #306 (critical section 8-byte-in pointer)

None of these supps match this report. It's possible that on my run this object was still reachable, and therefore was not reported.

If it is only mid-chunk reachable, then the 751 suppression would have matched.

Another possibility is that this TLS vector holds a pointer to this THREAD object. That seems most likely.

Labels: Bug-FalsePositive

DynamoRIO / drmemory

Memory leak below CertGetCertificateChain on Chromium net_unittests #476

1 AllocWrapper RPCRT4.dll+0x81f9

2 operator new RPCRT4.dll+0x81d0

3 ThreadSelfHelper RPCRT4.dll+0xd232

4 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df

5 RpcpBindRpc NETAPI32.dll+0x7b23

6 DsRolepServerBind NETAPI32.dll+0xb840

7 DsRoleGetPrimaryDomainInformation NETAPI32.dll+0xb932

8 GetMachineRole USERENV.dll+0x8113

9 GetUserDNSDomainName USERENV.dll+0x70c2

10 CreateEnvironmentBlock USERENV.dll+0x6bcc

11 ExpandEnvironmentStringsForUserW USERENV.dll+0x7752

12 GetUserAppDataPathW USERENV.dll+0x1cbb

13 FastGetUserAppDataPath CRYPT32.dll+0x23a3b

14 ILS_GetRoamingStoreDirectory CRYPT32.dll+0x23d1a

15 I_CertDllOpenSystemRegistryStoreProvW CRYPT32.dll+0x23c91

16 CertOpenStore CRYPT32.dll+0x126cf

17 OpenPhysicalStoreCallback CRYPT32.dll+0xfd4f

18 EnumPhysicalStore CRYPT32.dll+0xf59e

19 I_CertDllOpenSystemStoreProvW CRYPT32.dll+0xf122

20 CertOpenStore CRYPT32.dll+0x126cf

21 ChainCreateWorldStore CRYPT32.dll+0x22e4f

22 CCertChainEngine::CCertChainEngine CRYPT32.dll+0x2270c

23 InternalCertCreateCertificateChainEngine CRYPT32.dll+0x2253e

24 CertCreateCertificateChainEngine CRYPT32.dll+0x224e1

25 CDefaultChainEngineMgr::GetDefaultCurrentUserEngine CRYPT32.dll+0x22497

26 CDefaultChainEngineMgr::GetDefaultEngine CRYPT32.dll+0x13003

27 CertGetCertificateChain CRYPT32.dll+0x12fa8

28 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751

29 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157

30 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void)> c:\chromium\src\base\tuple.h:541

31 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void),Tuple0>::Run c:\chromium\src\base\task.h:338

32 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16

33 RtlpWorkerCallout ntdll.dll+0x2796d

34 RtlpExecuteWorkerRequest ntdll.dll+0x279ab

35 RtlpApcCallout ntdll.dll+0x27a6d

36 RtlpWorkerThread ntdll.dll+0x27a44

37 BaseThreadStart KERNEL32.dll+0xb729

1 I_RpcBCacheFree RPCRT4.dll+0x81f9

2 I_RpcBCacheFree RPCRT4.dll+0x81d0

3 NdrConformantArrayFree RPCRT4.dll+0xd232

4 RpcBindingFromStringBindingW RPCRT4.dll+0xe8df

5 NetApiBufferFree NETAPI32.dll+0x7b23

6 DsRoleFreeMemory NETAPI32.dll+0xb840

7 DsRoleGetPrimaryDomainInformation NETAPI32.dll+0xb932

8 DestroyEnvironmentBlock USERENV.dll+0x8113

9 CreateEnvironmentBlock USERENV.dll+0x70c2

10 CreateEnvironmentBlock USERENV.dll+0x6bcc

11 ExpandEnvironmentStringsForUserW USERENV.dll+0x7752

12 Ordinal149 USERENV.dll+0x1cbb

13 RegSetValueExU CRYPT32.dll+0x23a3b

14 I_CryptGetFileVersion CRYPT32.dll+0x23d1a

15 I_CryptGetFileVersion CRYPT32.dll+0x23c91

16 CertOpenStore CRYPT32.dll+0x126cf

17 CertAddStoreToCollection CRYPT32.dll+0xfd4f

18 I_CryptGetTls CRYPT32.dll+0xf59e

19 I_CryptGetTls CRYPT32.dll+0xf122

20 CertOpenStore CRYPT32.dll+0x126cf

21 CryptMemAlloc CRYPT32.dll+0x22e4f

22 CertCreateCertificateChainEngine CRYPT32.dll+0x2270c

23 CertCreateCertificateChainEngine CRYPT32.dll+0x2253e

24 CertCreateCertificateChainEngine CRYPT32.dll+0x224e1

25 CertEnumCertificatesInStore CRYPT32.dll+0x22497

26 CertGetCertificateChain CRYPT32.dll+0x13003

27 CertGetCertificateChain CRYPT32.dll+0x12fa8

28 net::X509Certificate::Verify c:\chromium\src\net\base\x509_certificate_win.cc:751

29 net::CertVerifierWorker::Run c:\chromium\src\net\base\cert_verifier.cc:157

30 DispatchToMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void)> c:\chromium\src\base\tuple.h:541

31 RunnableMethod<net::CertVerifierWorker,void (__thiscall net::CertVerifierWorker::*)(void),Tuple0>::Run c:\chromium\src\base\task.h:338

32 base::`anonymous namespace'::WorkItemCallback c:\chromium\src\base\threading\worker_pool_win.cc:16

33 RtlGUIDFromString ntdll.dll+0x2796d

34 RtlGUIDFromString ntdll.dll+0x279ab

35 RtlGUIDFromString ntdll.dll+0x27a6d

36 RtlGUIDFromString ntdll.dll+0x27a44

37 GetModuleFileNameA KERNEL32.dll+0xb729

1 LocalAlloc KERNEL32.dll+0x9a7f

2 PkiDefaultCryptAlloc CRYPT32.dll+0x44e8

3 PkiAsn1AllocStructInfoEx CRYPT32.dll+0xfe4e

4 PkiAsn1DecodeAndAllocInfoEx CRYPT32.dll+0x12a58