Project

General

Profile

Bug #2236

ofono: Fix valgrind issues

Added by pespin 9 months ago. Updated 3 months ago.

Status:
New
Priority:
Low
Assignee:
Target version:
-
Start date:
05/05/2017
Due date:
% Done:

0%

Spec Reference:

Description

Runninf ofonod 1.20 with the following cmd line provided some issues. Looking at these may provide hints to fix ofono crashes we are seeing.

valgrind --tool=memcheck --leak-check=yes --track-origins=yes /usr/local/sbin/ofonod -d -n

A:

ofonod[2870]: drivers/qmimodem/sim.c:query_pin_retries_cb()
==2870== Conditional jump or move depends on uninitialised value(s)
==2870==    at 0x4C2ED31: __memcmp_sse4_1 (vg_replace_strmem.c:972)
==2870==    by 0x4F451A: sim_pin_retries_query_cb (sim.c:462)
==2870==    by 0x459BDD: query_pin_retries_cb (sim.c:544)
==2870==    by 0x45544A: service_send_callback (qmi.c:2143)
==2870==    by 0x452D00: handle_packet (qmi.c:815)
==2870==    by 0x452E85: received_data (qmi.c:863)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Uninitialised value was created by a stack allocation
==2870==    at 0x459B1A: query_pin_retries_cb (sim.c:531)
==2870==
==2870== Conditional jump or move depends on uninitialised value(s)
==2870==    at 0x4F451D: sim_pin_retries_query_cb (sim.c:462)
==2870==    by 0x459BDD: query_pin_retries_cb (sim.c:544)
==2870==    by 0x45544A: service_send_callback (qmi.c:2143)
==2870==    by 0x452D00: handle_packet (qmi.c:815)
==2870==    by 0x452E85: received_data (qmi.c:863)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Uninitialised value was created by a stack allocation
==2870==    at 0x459B1A: query_pin_retries_cb (sim.c:531)
==2870==
==2870== Conditional jump or move depends on uninitialised value(s)
==2870==    at 0x4F3DFB: get_pin_retries (sim.c:278)
==2870==    by 0x4F4553: sim_pin_retries_query_cb (sim.c:467)
==2870==    by 0x459BDD: query_pin_retries_cb (sim.c:544)
==2870==    by 0x45544A: service_send_callback (qmi.c:2143)
==2870==    by 0x452D00: handle_packet (qmi.c:815)
==2870==    by 0x452E85: received_data (qmi.c:863)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Uninitialised value was created by a stack allocation
==2870==    at 0x459B1A: query_pin_retries_cb (sim.c:531)
==2870==
==2870== Conditional jump or move depends on uninitialised value(s)
==2870==    at 0x4F3E65: get_pin_retries (sim.c:288)
==2870==    by 0x4F4553: sim_pin_retries_query_cb (sim.c:467)
==2870==    by 0x459BDD: query_pin_retries_cb (sim.c:544)
==2870==    by 0x45544A: service_send_callback (qmi.c:2143)
==2870==    by 0x452D00: handle_packet (qmi.c:815)
==2870==    by 0x452E85: received_data (qmi.c:863)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Uninitialised value was created by a stack allocation
==2870==    at 0x459B1A: query_pin_retries_cb (sim.c:531)
==2870==
==2870== Syscall param sendmsg(msg.msg_iov[1]) points to uninitialised byte(s)
==2870==    at 0x5888690: __sendmsg_nocancel (syscall-template.S:81)
==2870==    by 0x537F309: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5378CF5: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5378F60: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5377CA7: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5361073: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5361162: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5362437: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x53B3AC: g_dbus_send_message (object.c:1503)
==2870==    by 0x4CCED9: ofono_dbus_signal_dict_property_changed (dbus.c:275)
==2870==    by 0x4F457A: sim_pin_retries_query_cb (sim.c:468)
==2870==    by 0x459BDD: query_pin_retries_cb (sim.c:544)
==2870==  Address 0x69ff052 is 50 bytes inside a block of size 320 alloc'd
==2870==    at 0x4C2AF2E: realloc (vg_replace_malloc.c:692)
==2870==    by 0x537CFBC: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x537D5DF: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5368D03: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5368E33: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x536D867: dbus_message_iter_open_container (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x4CC954: append_array_variant (dbus.c:104)
==2870==    by 0x4CCA34: ofono_dbus_dict_append_array (dbus.c:126)
==2870==    by 0x4C8B96: __ofono_modem_append_properties (modem.c:840)
==2870==    by 0x4C8CA3: modem_get_properties (modem.c:869)
==2870==    by 0x538C59: process_message (object.c:259)
==2870==    by 0x53A737: generic_message (object.c:1070)
==2870==  Uninitialised value was created by a stack allocation
==2870==    at 0x459B1A: query_pin_retries_cb (sim.c:531)
==2870==

B:

ofonod[2870]: plugins/gobi.c:shutdown_cb()
ofonod[2870]: src/modem.c:modem_change_state() old state: 0, new state: 0
==2870== Invalid read of size 8
==2870==    at 0x453ADE: shutdown_destroy (qmi.c:1254)
==2870==    by 0x508A717: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DB8B: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Address 0x6a07518 is 152 bytes inside a block of size 168 free'd
==2870==    at 0x4C29E90: free (vg_replace_malloc.c:473)
==2870==    by 0x4532FF: qmi_device_unref (qmi.c:1003)
==2870==    by 0x45E09B: shutdown_cb (gobi.c:120)
==2870==    by 0x453B68: shutdown_callback (qmi.c:1268)
==2870==    by 0x508E612: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==
==2870== Invalid write of size 4
==2870==    at 0x453B09: shutdown_destroy (qmi.c:1257)
==2870==    by 0x508A717: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DB8B: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Address 0x6a07520 is 160 bytes inside a block of size 168 free'd
==2870==    at 0x4C29E90: free (vg_replace_malloc.c:473)
==2870==    by 0x4532FF: qmi_device_unref (qmi.c:1003)
==2870==    by 0x45E09B: shutdown_cb (gobi.c:120)
==2870==    by 0x453B68: shutdown_callback (qmi.c:1268)
==2870==    by 0x508E612: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==

C:
ofonod2870: drivers/qmimodem/network-registration.c:qmi_register_manual()
2870 Syscall param write(buf) points to uninitialised byte(s)
2870 at 0x587AC00: __write_nocancel (syscall-template.S:81)
2870 by 0x4527E1: can_write_data (qmi.c:642)
2870 by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
2870 by 0x508DF47: ? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
2870 by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
2870 by 0x4C680B: main (main.c:256)
2870 Address 0x63a7fa8 is 24 bytes inside a block of size 25 alloc'd
2870 at 0x4C28C20: malloc (vg_replace_malloc.c:296)
2870 by 0x451B97: __request_alloc (qmi.c:176)
2870 by 0x45559D: qmi_service_send (qmi.c:2178)
2870 by 0x4574D2: qmi_register_manual (network-registration.c:364)
2870 by 0x4D047B: network_operator_register (network.c:610)
2870 by 0x538C59: process_message (object.c:259)
2870 by 0x53A737: generic_message (object.c:1070)
2870 by 0x537160E: ?
(in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
2870 by 0x5363193: dbus_connection_dispatch (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
2870 by 0x536647: message_dispatch (mainloop.c:72)
2870 by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
2870 by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
2870 Uninitialised value was created by a stack allocation
2870 at 0x452D18: received_data (qmi.c:822)
2870

D:

ofonod[2870]: drivers/qmimodem/sim.c:get_file_attributes_cb()
==2870== Conditional jump or move depends on uninitialised value(s)
==2870==    at 0x4F3DFB: get_pin_retries (sim.c:278)
==2870==    by 0x4F4447: sim_get_properties (sim.c:435)
==2870==    by 0x538C59: process_message (object.c:259)
==2870==    by 0x53A737: generic_message (object.c:1070)
==2870==    by 0x537160E: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5363193: dbus_connection_dispatch (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x536647: message_dispatch (mainloop.c:72)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Uninitialised value was created by a stack allocation
==2870==    at 0x459B1A: query_pin_retries_cb (sim.c:531)
==2870==
==2870== Conditional jump or move depends on uninitialised value(s)
==2870==    at 0x4F3E65: get_pin_retries (sim.c:288)
==2870==    by 0x4F4447: sim_get_properties (sim.c:435)
==2870==    by 0x538C59: process_message (object.c:259)
==2870==    by 0x53A737: generic_message (object.c:1070)
==2870==    by 0x537160E: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x5363193: dbus_connection_dispatch (in /lib/x86_64-linux-gnu/libdbus-1.so.3.8.13)
==2870==    by 0x536647: message_dispatch (mainloop.c:72)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==  Uninitialised value was created by a stack allocation
==2870==    at 0x459B1A: query_pin_retries_cb (sim.c:531)
==2870==

E:

ofonod[2870]: Exit
==2870==
==2870== HEAP SUMMARY:
==2870==     in use at exit: 66,564 bytes in 315 blocks
==2870==   total heap usage: 61,281 allocs, 60,966 frees, 29,562,024 bytes allocated
==2870==
==2870== 8 bytes in 4 blocks are definitely lost in loss record 19 of 173
==2870==    at 0x4C28C20: malloc (vg_replace_malloc.c:296)
==2870==    by 0x58209D9: strndup (strndup.c:45)
==2870==    by 0x454740: qmi_result_get_string (qmi.c:1672)
==2870==    by 0x455F6A: get_ids_cb (devinfo.c:129)
==2870==    by 0x45544A: service_send_callback (qmi.c:2143)
==2870==    by 0x452D00: handle_packet (qmi.c:815)
==2870==    by 0x452E85: received_data (qmi.c:863)
==2870==    by 0x508DB6C: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508DF47: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x508E271: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4200.1)
==2870==    by 0x4C680B: main (main.c:256)
==2870==
==2870== LEAK SUMMARY:
==2870==    definitely lost: 8 bytes in 4 blocks
==2870==    indirectly lost: 0 bytes in 0 blocks
==2870==      possibly lost: 0 bytes in 0 blocks
==2870==    still reachable: 66,556 bytes in 311 blocks
==2870==         suppressed: 0 bytes in 0 blocks
==2870== Reachable blocks (those to which a pointer was found) are not shown.
==2870== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==2870==
==2870== For counts of detected and suppressed errors, rerun with: -v
==2870== ERROR SUMMARY: 161 errors from 12 contexts (suppressed: 0 from 0)

History

#1 Updated by pespin 9 months ago

At startup:

F:

==3428== Syscall param socketcall.bind(my_addr.rc_channel) points to uninitialised byte(s)
==3428==    at 0x5888317: bind (syscall-template.S:81)
==3428==    by 0x532C38: sco_init (handsfree-audio.c:230)
==3428==    by 0x5340C9: __ofono_handsfree_audio_manager_init (handsfree-audio.c:922)
==3428==    by 0x533FF9: ofono_handsfree_audio_ref (handsfree-audio.c:886)
==3428==    by 0x4AF7CC: hfp_ag_init (hfp_ag_bluez5.c:495)
==3428==    by 0x4C778A: __ofono_plugin_init (plugin.c:175)
==3428==    by 0x4C67DE: main (main.c:251)
==3428==  Address 0xfff0008c8 is on thread 1's stack
==3428==  in frame #1, created by sco_init (handsfree-audio.c:213)
==3428==  Uninitialised value was created by a stack allocation
==3428==    at 0x532BA4: sco_init (handsfree-audio.c:213)
==3428==

#2 Updated by pespin 9 months ago

  • Status changed from New to In Progress

#3 Updated by pespin 9 months ago

  • Assignee set to Osmocom Developers

Crashes in ofono seem to have gone down quite a lot or completely since using the patch for B. I sent it for review upstream.

#4 Updated by pespin 8 months ago

I received a counter-patch to fix the issue in B, as it seems my patch was not semantically correct.

I saw a new non-related valgrind isse:
G:

ofonod[28223]: Interface org.ofono.AllowedAccessPoints not found on the interface_list
ofonod[28223]: drivers/qmimodem/devinfo.c:string_cb()
ofonod[28223]: drivers/qmimodem/devinfo.c:qmi_query_serial()
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_attributes() file id 0x6fb7 path len 0
ofonod[28223]: drivers/qmimodem/devinfo.c:get_ids_cb()
ofonod[28223]: drivers/qmimodem/sim.c:get_file_attributes_cb()
ofonod[28223]: Requested file structure differs from SIM: 6fb7
ofonod[28223]: src/voicecall.c:ecc_g2_read_cb() 0
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_attributes() file id 0x6fb7 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:get_file_attributes_cb()
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_record() file id 0x6fb7 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/voicecall.c:ecc_g3_read_cb() 1
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_record() file id 0x6fb7 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/voicecall.c:ecc_g3_read_cb() 1
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_record() file id 0x6fb7 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/voicecall.c:ecc_g3_read_cb() 1
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_record() file id 0x6fb7 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/voicecall.c:ecc_g3_read_cb() 1
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_record() file id 0x6fb7 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/voicecall.c:ecc_g3_read_cb() 1
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_attributes() file id 0x2fe2 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:get_file_attributes_cb()
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_transparent() file id 0x2fe2 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/simfs.c:sim_fs_op_read_block_cb() bufoff: 0, dataoff: 0, tocopy: 10
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_attributes() file id 0x6f05 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:get_file_attributes_cb()
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_transparent() file id 0x6f05 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/simfs.c:sim_fs_op_read_block_cb() bufoff: 0, dataoff: 0, tocopy: 10
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_attributes() file id 0x2f05 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:get_file_attributes_cb()
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_transparent() file id 0x2f05 path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()
ofonod[28223]: src/simfs.c:sim_fs_op_read_block_cb() bufoff: 0, dataoff: 0, tocopy: 10
ofonod[28223]: drivers/qmimodem/sim.c:qmi_query_passwd_state()
ofonod[28223]: drivers/qmimodem/sim.c:query_passwd_state_cb() passwd state 0
ofonod[28223]: src/sim.c:sim_pin_query_cb() sim->pin_type: 0, pin_type: 0
ofonod[28223]: drivers/qmimodem/sim.c:qmi_query_pin_retries()
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_attributes() file id 0x6fae path len 0
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_attributes() file id 0x6fad path len 0
ofonod[28223]: drivers/qmimodem/sim.c:query_pin_retries_cb()
==28223== Conditional jump or move depends on uninitialised value(s)
==28223==    at 0x4C3106D: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28223==    by 0x4F58E9: sim_pin_retries_query_cb (sim.c:462)
==28223==    by 0x45A249: query_pin_retries_cb (sim.c:544)
==28223==    by 0x455A6B: service_send_callback (qmi.c:2155)
==28223==    by 0x453268: handle_packet (qmi.c:817)
==28223==    by 0x4533F3: received_data (qmi.c:865)
==28223==    by 0x4E81669: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81A1F: ??? (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81D41: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4C78D3: main (main.c:256)
==28223==  Uninitialised value was created by a stack allocation
==28223==    at 0x45A186: query_pin_retries_cb (sim.c:531)
==28223==
==28223== Conditional jump or move depends on uninitialised value(s)
==28223==    at 0x4F58EC: sim_pin_retries_query_cb (sim.c:462)
==28223==    by 0x45A249: query_pin_retries_cb (sim.c:544)
==28223==    by 0x455A6B: service_send_callback (qmi.c:2155)
==28223==    by 0x453268: handle_packet (qmi.c:817)
==28223==    by 0x4533F3: received_data (qmi.c:865)
==28223==    by 0x4E81669: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81A1F: ??? (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81D41: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4C78D3: main (main.c:256)
==28223==  Uninitialised value was created by a stack allocation
==28223==    at 0x45A186: query_pin_retries_cb (sim.c:531)
==28223==
==28223== Conditional jump or move depends on uninitialised value(s)
==28223==    at 0x4F51C3: get_pin_retries (sim.c:278)
==28223==    by 0x4F5920: sim_pin_retries_query_cb (sim.c:467)
==28223==    by 0x45A249: query_pin_retries_cb (sim.c:544)
==28223==    by 0x455A6B: service_send_callback (qmi.c:2155)
==28223==    by 0x453268: handle_packet (qmi.c:817)
==28223==    by 0x4533F3: received_data (qmi.c:865)
==28223==    by 0x4E81669: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81A1F: ??? (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81D41: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4C78D3: main (main.c:256)
==28223==  Uninitialised value was created by a stack allocation
==28223==    at 0x45A186: query_pin_retries_cb (sim.c:531)
==28223==
==28223== Conditional jump or move depends on uninitialised value(s)
==28223==    at 0x4F522E: get_pin_retries (sim.c:288)
==28223==    by 0x4F5920: sim_pin_retries_query_cb (sim.c:467)
==28223==    by 0x45A249: query_pin_retries_cb (sim.c:544)
==28223==    by 0x455A6B: service_send_callback (qmi.c:2155)
==28223==    by 0x453268: handle_packet (qmi.c:817)
==28223==    by 0x4533F3: received_data (qmi.c:865)
==28223==    by 0x4E81669: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81A1F: ??? (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4E81D41: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.5200.1)
==28223==    by 0x4C78D3: main (main.c:256)
==28223==  Uninitialised value was created by a stack allocation
==28223==    at 0x45A186: query_pin_retries_cb (sim.c:531)
==28223==
==28223== Syscall param sendmsg(msg.msg_iov[1]) points to uninitialised byte(s)
==28223==    at 0x568C567: sendmsg (in /usr/lib/libc-2.25.so)
==28223==    by 0x517ED89: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x517836D: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x51785A5: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x517710D: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x515FE53: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x515FF42: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x5161217: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x53CB3E: g_dbus_send_message (object.c:1503)
==28223==    by 0x4CE043: ofono_dbus_signal_dict_property_changed (dbus.c:275)
==28223==    by 0x4F5947: sim_pin_retries_query_cb (sim.c:468)
==28223==    by 0x45A249: query_pin_retries_cb (sim.c:544)
==28223==  Address 0x7f91612 is 50 bytes inside a block of size 2,350 alloc'd
==28223==    at 0x4C2D13F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==28223==    by 0x517C92C: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x517CA02: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x517CB32: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x517B612: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x517BBE7: ??? (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x51680B0: _dbus_type_writer_write_basic (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x516C515: dbus_message_iter_append_basic (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x516D0E1: dbus_message_append_args_valist (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x516D1C8: dbus_message_append_args (in /usr/lib/libdbus-1.so.3.14.11)
==28223==    by 0x53A384: introspect (object.c:247)
==28223==    by 0x53A3BB: process_message (object.c:259)
==28223==  Uninitialised value was created by a stack allocation
==28223==    at 0x45A186: query_pin_retries_cb (sim.c:531)
==28223==
ofonod[28223]: drivers/qmimodem/sim.c:get_file_attributes_cb()
ofonod[28223]: drivers/qmimodem/sim.c:qmi_read_transparent() file id 0x6fad path len 0
ofonod[28223]: drivers/qmimodem/sim.c:read_generic_cb()

#5 Updated by laforge 8 months ago

  • Assignee deleted (Osmocom Developers)

#6 Updated by laforge 8 months ago

  • Assignee set to osmo-gsm-tester

#7 Updated by neels 8 months ago

pespin wrote:

I saw a new non-related valgrind isse:

if it's not related, maybe it should rather be a separate issue. A subject like "fix valgrind issues" is quite general, there could be subtasks with more specific descriptions? (maybe keep that in mind for next time, unless you'd like to still split up now)

#8 Updated by neels 8 months ago

  • Assignee changed from osmo-gsm-tester to pespin

update this issue?

#9 Updated by pespin 8 months ago

  • Status changed from In Progress to New
  • Assignee changed from pespin to osmo-gsm-tester
  • Priority changed from Normal to Low

Issue B which was the most problematic one (crashing ofono quite often) is fixed in https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=2d6c4f9d02152a3a3907ddb93e2a5d2791a15710 and since we are using it in our local ofono build I didn't see it anymore.

Moving the task to low priority as the other issues doesn't seem to be affecting us a lot for now.

#10 Updated by pespin 3 months ago

  • Assignee changed from osmo-gsm-tester to lynxis

#11 Updated by lynxis 3 months ago

Based on

commit 828eec5e97185dfd9c02b932d7dea4bcdea330c9
Author: Alexander Couzens <lynxis@fe80.eu>
Date:   Tue Oct 17 10:11:19 2017 +0200

    call-list: fix a race condition in ofono_call_list_dial_callback

    If ofono_call_list_dial_callback is called later than
    ofono_call_list_notify, the new call is added, removed, added

==8418== 
==8418== HEAP SUMMARY:
==8418==     in use at exit: 845,360 bytes in 17,175 blocks
==8418==   total heap usage: 595,447 allocs, 578,272 frees, 230,891,163 bytes allocated
==8418== 
==8418== 8 bytes in 4 blocks are definitely lost in loss record 24 of 401
==8418==    at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==8418==    by 0x59E03D9: strndup (strndup.c:43)
==8418==    by 0x17E2E0: qmi_result_get_string (qmi.c:1756)
==8418==    by 0x17FD6F: get_ids_cb (devinfo.c:129)
==8418==    by 0x17F09D: service_send_callback (qmi.c:2248)
==8418==    by 0x17C5D0: handle_packet (qmi.c:831)
==8418==    by 0x17C771: received_data (qmi.c:880)
==8418==    by 0x4E826A9: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82A5F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x1F419F: main (main.c:256)
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 128 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990430: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x69742AB: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 129 of 401
==8418==    at 0x4C2BADF: malloc (vg_replace_malloc.c:298)
==8418==    by 0x4C2DE5F: realloc (vg_replace_malloc.c:785)
==8418==    by 0x4E87EC7: g_realloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990300: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x69742AB: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 130 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990430: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6974311: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 131 of 401
==8418==    at 0x4C2BADF: malloc (vg_replace_malloc.c:298)
==8418==    by 0x4C2DE5F: realloc (vg_replace_malloc.c:785)
==8418==    by 0x4E87EC7: g_realloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990300: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6974311: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 132 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990430: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x697D9D4: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E151: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 133 of 401
==8418==    at 0x4C2BADF: malloc (vg_replace_malloc.c:298)
==8418==    by 0x4C2DE5F: realloc (vg_replace_malloc.c:785)
==8418==    by 0x4E87EC7: g_realloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990300: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x697D9D4: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E151: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 134 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990430: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6978B0B: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E156: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 16 bytes in 1 blocks are possibly lost in loss record 135 of 401
==8418==    at 0x4C2BADF: malloc (vg_replace_malloc.c:298)
==8418==    by 0x4C2DE5F: realloc (vg_replace_malloc.c:785)
==8418==    by 0x4E87EC7: g_realloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990300: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F80: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6978B0B: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E156: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 96 bytes in 1 blocks are possibly lost in loss record 332 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x698F939: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x698FA23: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E07A: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418==    by 0xFFF000D18: ???
==8418== 
==8418== 96 bytes in 1 blocks are possibly lost in loss record 333 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x698F939: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x698FA23: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F72: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x69742AB: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 96 bytes in 1 blocks are possibly lost in loss record 334 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x698F939: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x698FA23: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F72: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6974311: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 96 bytes in 1 blocks are possibly lost in loss record 335 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x698F939: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x698FA23: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F72: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x697D9D4: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E151: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 96 bytes in 1 blocks are possibly lost in loss record 336 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x698F939: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x698FA23: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994F72: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6978B0B: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E156: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 132 bytes in 1 blocks are possibly lost in loss record 345 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990D5F: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994FD0: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x69742AB: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 132 bytes in 1 blocks are possibly lost in loss record 346 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990D5F: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994FD0: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6974311: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E147: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 148 bytes in 1 blocks are possibly lost in loss record 347 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990B22: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994FD0: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x697D9D4: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E151: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 148 bytes in 1 blocks are possibly lost in loss record 348 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x4E87E60: g_malloc0 (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x6990B22: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6994FD0: g_type_register_fundamental (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6978B0B: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E156: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418==    by 0xFFF000D15: ???
==8418== 
==8418== 160 bytes in 4 blocks are definitely lost in loss record 351 of 401
==8418==    at 0x4C2DBC5: calloc (vg_replace_malloc.c:711)
==8418==    by 0x17E6EF: service_create_callback (qmi.c:1932)
==8418==    by 0x17C5D0: handle_packet (qmi.c:831)
==8418==    by 0x17C771: received_data (qmi.c:880)
==8418==    by 0x4E826A9: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82A5F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x1F419F: main (main.c:256)
==8418== 
==8418== 184 bytes in 1 blocks are possibly lost in loss record 358 of 401
==8418==    at 0x4C2DDCF: realloc (vg_replace_malloc.c:785)
==8418==    by 0x4E87EC7: g_realloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x698F8B7: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x69952BC: g_type_register_static (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x697F659: g_param_type_register_static (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x6981983: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x696E15B: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.5000.3)
==8418==    by 0x400F8A9: call_init.part.0 (dl-init.c:72)
==8418==    by 0x400F9BA: call_init (dl-init.c:30)
==8418==    by 0x400F9BA: _dl_init (dl-init.c:120)
==8418==    by 0x4000C59: ??? (in /lib/x86_64-linux-gnu/ld-2.24.so)
==8418==    by 0x2: ???
==8418==    by 0xFFF000CFE: ???
==8418== 
==8418== 280 (72 direct, 208 indirect) bytes in 3 blocks are definitely lost in loss record 365 of 401
==8418==    at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==8418==    by 0x4E87E08: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4EA0342: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E7E943: g_list_append (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E938C1: g_queue_push_tail (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x17C15A: can_write_data (qmi.c:673)
==8418==    by 0x4E826A9: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82A5F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x1F419F: main (main.c:256)
==8418== 
==8418== 81,480 (51,560 direct, 29,920 indirect) bytes in 1,289 blocks are definitely lost in loss record 396 of 401
==8418==    at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==8418==    by 0x4E87E08: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4EA0342: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E5599C: g_array_sized_new (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x18A31C: ask_qmi (qmibridge.c:19)
==8418==    by 0x18A429: qmibridge_decode_req (qmibridge.c:39)
==8418==    by 0x17C112: can_write_data (qmi.c:666)
==8418==    by 0x4E826A9: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82A5F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x1F419F: main (main.c:256)
==8418== 
==8418== 81,480 (51,560 direct, 29,920 indirect) bytes in 1,289 blocks are definitely lost in loss record 397 of 401
==8418==    at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==8418==    by 0x4E87E08: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4EA0342: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E5599C: g_array_sized_new (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x55F6171: qmi_message_new_from_raw (in /usr/lib/x86_64-linux-gnu/libqmi-glib.so.5.1.0)
==8418==    by 0x18A34C: ask_qmi (qmibridge.c:22)
==8418==    by 0x18A429: qmibridge_decode_req (qmibridge.c:39)
==8418==    by 0x17C112: can_write_data (qmi.c:666)
==8418==    by 0x4E826A9: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82A5F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x1F419F: main (main.c:256)
==8418== 
==8418== 291,064 (115,000 direct, 176,064 indirect) bytes in 2,875 blocks are definitely lost in loss record 400 of 401
==8418==    at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==8418==    by 0x4E87E08: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4EA0342: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E5599C: g_array_sized_new (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x18A31C: ask_qmi (qmibridge.c:19)
==8418==    by 0x18A3FF: qmibridge_decode_read (qmibridge.c:34)
==8418==    by 0x17C6A0: received_data (qmi.c:855)
==8418==    by 0x4E826A9: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82A5F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x1F419F: main (main.c:256)
==8418== 
==8418== 291,064 (115,000 direct, 176,064 indirect) bytes in 2,875 blocks are definitely lost in loss record 401 of 401
==8418==    at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==8418==    by 0x4E87E08: g_malloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4EA0342: g_slice_alloc (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E5599C: g_array_sized_new (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x55F6171: qmi_message_new_from_raw (in /usr/lib/x86_64-linux-gnu/libqmi-glib.so.5.1.0)
==8418==    by 0x18A34C: ask_qmi (qmibridge.c:22)
==8418==    by 0x18A3FF: qmibridge_decode_read (qmibridge.c:34)
==8418==    by 0x17C6A0: received_data (qmi.c:855)
==8418==    by 0x4E826A9: g_main_context_dispatch (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82A5F: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x4E82D81: g_main_loop_run (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.5000.3)
==8418==    by 0x1F419F: main (main.c:256)
==8418== 
==8418== LEAK SUMMARY:
==8418==    definitely lost: 333,360 bytes in 8,339 blocks
==8418==    indirectly lost: 412,176 bytes in 8,332 blocks
==8418==      possibly lost: 1,352 bytes in 18 blocks
==8418==    still reachable: 98,472 bytes in 486 blocks
==8418==                       of which reachable via heuristic:
==8418==                         newarray           : 1,536 bytes in 16 blocks
==8418==         suppressed: 0 bytes in 0 blocks
==8418== Reachable blocks (those to which a pointer was found) are not shown.
==8418== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==8418== 
==8418== For counts of detected and suppressed errors, rerun with: -v
==8418== ERROR SUMMARY: 125 errors from 30 contexts (suppressed: 0 from 0)

#12 Updated by lynxis 3 months ago

I've fixed the obvious ones in qmibridge.c.
It seems there are smaller memleaks from services registration. Meaning services aren't de-registered on exit.
The first hit (qmi_result) seems to a leftover from the last qmi_result callback.

Also available in: Atom PDF