On Mon, Feb 10, 2014, Jeffrey Walton wrote: > I'm trying to remediate a couple of memory leaks on shutdown. I'm > having trouble: (1) locating a definitive guide that lists what should > be called during cleanup; and (2) what order they should be called in. > > The closest I've find to answering the questions are (1) OpenSSL > source code; and (2) > http://marc.info/?l=openssl-dev&m=104999183723322&w=2. OpenSSL source > code is a bit confusing because the various programs and demos mostly > do things differently. The openssl-dev posting is good, but I've still > got some leaks. > > I start the application with: > > CRYPTO_malloc_debug_init(); > CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); > > SSL_library_init(); > SSL_load_error_strings(); > FIPS_mode_set(1); > // Install static locks > // Create Client Context > // Create Server Context > // Load DH params > > I shutdown the application with the following (in this order): > > FIPS_mode_set(0); > // Remove static locks > // Destroy Client Context > // Destroy Server Context > // Unload DH params > ENGINE_cleanup(); > CONF_modules_unload(1); > EVP_cleanup(); > CRYPTO_cleanup_all_ex_data(); > ERR_remove_state(0); > ERR_free_strings(); > > Then I dump state: > > CRYPTO_mem_leaks_fp(stderr); > > This results in the following (in addition to a Valgrind complaint): > > Debug: dumping OpenSSL memory state > 4206 file=err.c, line=1019, number=600, address=065CFDC0 > 4120 file=lhash.c, line=119, number=176, address=065BEFA0 > > thread=67351016, file=err.c, line=449, info="int_thread_get (err.c)" > 4207 file=lhash.c, line=193, number=24, address=065D0150 > 4121 file=lhash.c, line=121, number=128, address=065BF180 > > thread=67351016, file=err.c, line=449, info="int_thread_get (err.c)" > 928 bytes leaked in 4 chunks > > What order are these functions supposed to be called in to cleanup the > leak in "err.c"? >
That looks like a per-thread error queue has been allocated and not freed up. Does the application use threads? If so you need to call ERR_remove_state in each thread before it exits. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
