memory leak from within libp11-kit-1 (maybe a module not getting properly unloaded?)

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Feb 15 21:52:44 PST 2013


I wrote the following simple program using p11-kit 0.14-1 on debian
unstable (libc6 2.13:

---------
#include <p11-kit/p11-kit.h>

int main() {
  p11_kit_initialize_registered();
  p11_kit_finalize_registered();
}
---------

Only one module is configured on this system, from gnome-keyring 3.6.1-1:

0 dkg at alice:~$ head -v -n 20 /etc/pkcs11/modules/*
==> /etc/pkcs11/modules/gnome-keyring.module <==

# The file is installed/loaded from the default module p11-kit directory
module: gnome-keyring-pkcs11.so

# And where to store and lookup trust objects
x-trust-store: pkcs11:library-manufacturer=GNOME%20Keyring;serial=1:XDG:DEFAULT
x-trust-lookup: pkcs11:library-manufacturer=GNOME%20Keyring
0 dkg at alice:~$ dpkg -l gnome-keyring
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version      Architecture Description
+++-==============-============-============-=================================
ii  gnome-keyring  3.6.1-1      amd64        GNOME keyring services (daemon an
0 dkg at alice:~$ 


When i run the above program under valgrind, i get the following:

0 dkg at alice:~$ valgrind  --leak-check=full  --show-reachable=yes -- ./p11kittest
==30409== Memcheck, a memory error detector
==30409== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==30409== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==30409== Command: ./p11kittest
==30409== 
==30409== 
==30409== HEAP SUMMARY:
==30409==     in use at exit: 32 bytes in 1 blocks
==30409==   total heap usage: 44 allocs, 43 frees, 38,180 bytes allocated
==30409== 
==30409== 32 bytes in 1 blocks are still reachable in loss record 1 of 1
==30409==    at 0x4C272B8: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==30409==    by 0x53CE35F: _dlerror_run (dlerror.c:142)
==30409==    by 0x53CDEE0: dlopen@@GLIBC_2.2.5 (dlopen.c:88)
==30409==    by 0x4E3468A: dlopen_and_get_function_list (in /usr/lib/x86_64-linux-gnu/libp11-kit.so.0.0.0)
==30409==    by 0x4E3543F: _p11_kit_initialize_registered_unlocked_reentrant (in /usr/lib/x86_64-linux-gnu/libp11-kit.so.0.0.0)
==30409==    by 0x4E3583B: p11_kit_initialize_registered (in /usr/lib/x86_64-linux-gnu/libp11-kit.so.0.0.0)
==30409==    by 0x400644: main (p11kittest.c:4)
==30409== 
==30409== LEAK SUMMARY:
==30409==    definitely lost: 0 bytes in 0 blocks
==30409==    indirectly lost: 0 bytes in 0 blocks
==30409==      possibly lost: 0 bytes in 0 blocks
==30409==    still reachable: 32 bytes in 1 blocks
==30409==         suppressed: 0 bytes in 0 blocks
==30409== 
==30409== For counts of detected and suppressed errors, rerun with: -v
==30409== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 7 from 7)


Is it possible that the module in question is not being properly
dlclose()'ed?

Sorry that i haven't had the chance yet to test this against a more
recent version or to debug it in more depth.

Regards,

       --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 965 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/p11-glue/attachments/20130216/062c2393/attachment.pgp>


More information about the p11-glue mailing list