EldoS | Feel safer!

Software components for data protection, secure storage and transfer

So Many Memory Leaks!

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#30526
Posted: 08/28/2014 15:49:43
by wpjackjack.wordpress.com (Basic support level)
Joined: 06/06/2014
Posts: 9
I'm trying out CryptoBlackbox for signature verification of a file with Delphi XE.
Your sample from
\Eldos CryptoBlackbox\Samples\Delphi\CryptoBlackbox\Primitives\VerifyDetached\
works absolutely fine.

However, after including FastMM4 (you probably know it) to the otherwise unchanged project it shows that your components are leaking a lot of memory.

After running the project, selecting the files (input, public key, signature), choosing RAS+Binary+Generic+NoPassword and verifying the signature (which succeeds) there are these memory leaks:
Quote
13 - 20 bytes: TElBuiltInCryptoProviderOptions x 1, TList x 16, Unknown x 3
21 - 36 bytes: TElWin32ProviderInfo x 9, Unknown x 99
37 - 52 bytes: TElWin32CryptoProviderOptions x 1, TElWin32AlgorithmInfo x 118, Unknown x 26
53 - 68 bytes: TElSharedResource x 4
69 - 84 bytes: TElBuiltInCryptoProviderManager x 1
85 - 100 bytes: UnicodeString x 3
101 - 116 bytes: UnicodeString x 3, Unknown x 5
117 - 132 bytes: TElWin32CryptoProvider x 1, TElBuiltInExtendedCryptoProvider x 1, UnicodeString x 1
133 - 148 bytes: UnicodeString x 2
245 - 276 bytes: TElRandom x 1


That's really a lot and I can't think of a reason why they haven't been noticed so far. Could you please tell something about that? Is something horribly wrong with the sample code? Or is this really a core problem?

I've attached the complete log so you can have a more detailed look at it. But you can also simply include FastMM4 yourself in your project and see it for yourself. If you don't know how to do it, here's a brief description:
http://delphibistro.com/?p=186
Download:
http://sourceforge.net/projects/fastmm/
#30527
Posted: 08/28/2014 15:51:48
by Eugene Mayevski (EldoS Corp.)

Please use search for "memory leak" on the site and read the first article.


Sincerely yours
Eugene Mayevski
#30528
Posted: 08/28/2014 16:19:40
by wpjackjack.wordpress.com (Basic support level)
Joined: 06/06/2014
Posts: 9
Thanks for your rapid reply!

I was probably blind but I honestly tried to find some search in your forums but didn't find any link in your menu, above or below the forum section. Assuming you don't have a forum search I even went through a lot of pages in the SecureBlackbox forum section and browser-searched for "memory".
Now that you've mentioned to use the search I realized there's a global search box in the upper left page corner. Well, I feel a little bit ashamed that I didn't notice it before. Sorry for that.

I read through the article that you've mentioned and a couple of the threads related to that issue. It's now more clear, but to be honest hard to believe that there's no alternative to that design. For example if I run a verification of a signature I'd like the required objects to be created exactly at that point of time and destroyed afterwards. That's how object usage is usually done.

I noticed that one of your colleagues pointed out "All these objects are created on the very start of the application and do exist until the application is closed" - That's actually not true (at least not for the latest version), because after running the sample project without doing any verification and closing it again it'll show "only" one memory leak of unknown kind. So no objects have been created so far. They are created during the verification and not freed after their use. If they're created at the point of usage, why not free them after their purpose?

What relieves me a little bit is that even after performing the verification several times the amount of memory leaks does not increase in size.
#30529
Posted: 08/28/2014 16:41:27
by Eugene Mayevski (EldoS Corp.)

Global objects are created not at the point of usage, but when they are needed for the first time. It would be stupid in most scenarios to dispose them after use and re-create them on the next use. Moreover, in multithreaded cases (which are quite common) that would require excessive synchronization.

Any other disposal scenarios would also complicate the code to the absolutely unnecessary level. All in all, if you *you* know the architecture of your problem, you can call ReleaseGlobalObjects method (or how it is called - I don't have the code at hand) and it will remove those "leaks".

Regarding search - I will ask our web designer to think about this problem and introduce some changes for easier accessibility.


Sincerely yours
Eugene Mayevski
#30532
Posted: 08/28/2014 19:14:08
by wpjackjack.wordpress.com (Basic support level)
Joined: 06/06/2014
Posts: 9
You probably mean SBUtils.CleanupRegisteredGlobalObjects(), right?

Well I'll think about using it in the main code, but for now at least I'll do this:
Code
finalization
  {$IFDEF DEBUG}
  SBUtils.CleanupRegisteredGlobalObjects();
  {$ENDIF}

This allows to focus on the "real" memory leaks, because it'll remove the ones from SecureBlackbox right before terminating completely - and only in debug mode.
#30535
Posted: 08/29/2014 02:10:56
by Eugene Mayevski (EldoS Corp.)

Yes. Your code is safe as long as you don't use SecureBlackbox from multiple threads. If you do, you need to ensure that all secondary threads are stopped before a call to Cleanup...() method.


Sincerely yours
Eugene Mayevski
#37324
Posted: 07/28/2016 00:14:18
by it it (Standard support level)
Joined: 08/28/2014
Posts: 13

Quote
Eugene Mayevski wrote:
Yes. Your code is safe as long as you don't use SecureBlackbox from multiple threads. If you do, you need to ensure that all secondary threads are stopped before a call to Cleanup...() method.


Hi Eugene. Is there a sample piece of multithreaded code that outlines how to do this? This thread might explain some issues I'm having with a piece of code that was working fine with Indy but has leaks and unpredictable hangs with TEiSBHTTPSClient.

Regards,

Jack
#37326
Posted: 07/28/2016 07:27:07
by Eugene Mayevski (EldoS Corp.)

You are not supposed to call CleanupRegisteredGlobalObjects() in a multithreaded application. This is *useless*. The whole this method makes sense only in case of plugins, implemented as DLLs or BPLs, which are loaded and unloaded several times during the process lifetime. In all other cases the method doesn't do anything useful. As said many times, the global objects, which this method clears, will be gone when the application terminates.

As for "unpredictable hangs" - if you have them when calling CleanupRegisteredGlobalObjects() from a multithreaded application, then the solution is trivial -- don't call that method. If your application hangs without that method, then it's a completely different story and should be dealt with separately, not in this topic.


Sincerely yours
Eugene Mayevski
#37330
Posted: 07/28/2016 11:53:40
by it it (Standard support level)
Joined: 08/28/2014
Posts: 13

Quote
Eugene Mayevski wrote:
You are not supposed to call CleanupRegisteredGlobalObjects() in a multithreaded application. This is *useless*. The whole this method makes sense only in case of plugins, implemented as DLLs or BPLs, which are loaded and unloaded several times during the process lifetime. In all other cases the method doesn't do anything useful. As said many times, the global objects, which this method clears, will be gone when the application terminates.

As for "unpredictable hangs" - if you have them when calling CleanupRegisteredGlobalObjects() from a multithreaded application, then the solution is trivial -- don't call that method. If your application hangs without that method, then it's a completely different story and should be dealt with separately, not in this topic.


Apologies if my question caused any upset. I was only looking to learn.

Best regards,

Jack
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 1446 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!