Skip to content

Flutter SSL Memory Leaks #20409

New issue
New issue
Closed
Closed
Flutter SSL Memory Leaks#20409
Assignees
bkonyi
Labels
c: performanceRelates to speed or footprint issues (see "perf:" labels)customer: alibabadependency: dartDart team may need to help usengineflutter/engine repository. See also e: labels.
@nightwolf-chen

Description

@nightwolf-chen
nightwolf-chen
opened on Aug 10, 2018

Steps to Reproduce

  1. Start Flutter app.
  2. Push several pages the Navigator
  3. Pop several pages.
  4. In Xcode use Debug Memory Graph to capture memory graph
  5. In memory filter the leaks.

leaks

ssl_leaks

Doctor summary (to see all details, run flutter doctor -v):
[✓] Flutter (Channel xy_beta_v0.5.6, v0.5.6-pre.112, on Mac OS X 10.13.5 17F77, locale zh-Hans-CN)
[✓] Android toolchain - develop for Android devices (Android SDK 27.0.3)
[✓] iOS toolchain - develop for iOS devices (Xcode 9.4.1)
[✓] Android Studio (version 3.1)
[✓] VS Code (version 1.25.1)
[✓] Connected devices (1 available)

• No issues found!

Activity

zoechi
added
c: performanceRelates to speed or footprint issues (see "perf:" labels)
on Aug 23, 2018
zoechi
added this to the Goals milestone on Aug 23, 2018
xster
added
engineflutter/engine repository. See also e: labels.
customer: alibaba
on Aug 30, 2018
xster

xster commented on Aug 30, 2018

@xster
xster
on Aug 30, 2018
Member

cc @cbracken for routing

cbracken

cbracken commented on Aug 30, 2018

@cbracken
cbracken
on Aug 30, 2018
Member

/cc @bkonyi who worked on our BoringSSL integration and may have thoughts.

/cc @jason-simmons who may also have thoughts on this; I'd be curious if we see the same issue on Android.

bkonyi

bkonyi commented on Aug 30, 2018

@bkonyi
bkonyi
on Aug 30, 2018
Contributor

Is it possible to provide a full backtrace for the allocation? It looks like we're deep into BoringSSL but it's hard to tell at which point we entered the library and where we're leaking memory.

nightwolf-chen

nightwolf-chen commented on Aug 31, 2018

@nightwolf-chen
nightwolf-chen
on Aug 31, 2018
Author

It looks like the memory was leaked when allocating memory for SSL certificate.

xster

xster commented on Sep 1, 2018

@xster
xster
on Sep 1, 2018
Member

@nightwolf-chen, can you copy-paste the whole backtrace stack?

nightwolf-chen

nightwolf-chen commented on Sep 3, 2018

@nightwolf-chen
nightwolf-chen
on Sep 3, 2018 · edited by cbracken
Author
Leak: 0x10be83420  size=32  zone: MallocStackLoggingLiteZone_0x10ac10000
	Call stack: 
| 0x18287fb10 (libsystem_pthread.dylib) thread_start 
| 0x182881110 (libsystem_pthread.dylib) _pthread_body 
| 0x182881220 (libsystem_pthread.dylib) _pthread_body 
| 0x106fbfb58 (Flutter) std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, fml::Thread::Thread(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)::$_0> >(void*, void*) 
| 0x106fbfd78 (Flutter) fml::Thread::Thread(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)::$_0::operator()() const 
| 0x106faf044 (Flutter) fml::MessageLoop::Run() 
| 0x106fb2bbc (Flutter) fml::MessageLoopImpl::DoRun() 
| 0x106fc20f4 (Flutter) fml::MessageLoopDarwin::Run() 
| 0x182b20da8 (CoreFoundation) CFRunLoopRunSpecific 
| 0x182c00b60 (CoreFoundation) __CFRunLoopRun 
| 0x182c03010 (CoreFoundation) __CFRunLoopDoTimers 
| 0x182c0376c (CoreFoundation) __CFRunLoopDoTimer 
| 0x182c03aa8 (CoreFoundation) __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ 
| 0x106fc1c84 (Flutter) fml::MessageLoopDarwin::OnTimerFire(__CFRunLoopTimer*, fml::MessageLoopDarwin*) 
| 0x106fb15c0 (Flutter) fml::MessageLoopImpl::RunExpiredTasksNow() 
| 0x106fb2424 (Flutter) fml::MessageLoopImpl::RunExpiredTasks() 
| 0x106fb3508 (Flutter) std::__1::function<void ()>::operator()() const 
| 0x10702ac00 (Flutter) std::__1::__function::__func<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0, std::__1::allocator<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0>, void ()>::operator()() 
| 0x10702ac54 (Flutter) void std::__1::__invoke_void_return_wrapper<void>::__call<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0&>(blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0&&&) 
| 0x10702ac7c (Flutter) blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0::operator()() const 
| 0x107029d80 (Flutter) blink::UIDartState::FlushMicrotasksNow() 
| 0x1080ce220 (Flutter) tonic::DartMicrotaskQueue::RunMicrotasks() 
| 0x1080df444 (Flutter) tonic::DartInvokeVoid(_Dart_Handle*) 
| 0x10868a85c (Flutter) Dart_InvokeClosure
| 0x10833d858 (Flutter) dart::DartEntry::InvokeFunction(dart::Function const&, dart::Array const&, dart::Array const&, unsigned long) 
| 0x10851e8e0 (Flutter) dart::Simulator::Call(dart::Code const&, dart::Array const&, dart::Array const&, dart::Thread*) 
| 0x108522734 (Flutter) dart::InvokeNative(dart::Thread*, dart::Simulator*, void (*)(_Dart_NativeArguments*, void (*)(_Dart_NativeArguments*)), void (*)(_Dart_NativeArguments*), _Dart_NativeArguments*) 
| 0x1083a0a64 (Flutter) dart::NativeEntry::AutoScopeNativeCallWrapperNoStackCheck(_Dart_NativeArguments*, void (*)(_Dart_NativeArguments*)) 
| 0x1080f8194 (Flutter) dart::bin::Builtin_SecureSocket_Handshake(_Dart_NativeArguments*) 
| 0x1080f81bc (Flutter) dart::bin::SSLFilter::Handshake() 
| 0x10824afd4 (Flutter) SSL_do_handshake 
| 0x10821f018 (Flutter) bssl::ssl_run_handshake(bssl::SSL_HANDSHAKE*, bool*) 
| 0x10821fef0 (Flutter) bssl::ssl_client_handshake(bssl::SSL_HANDSHAKE*) 
| 0x108221a0c (Flutter) bssl::do_read_server_certificate(bssl::SSL_HANDSHAKE*) 
| 0x10825c9dc (Flutter) bssl::ssl_crypto_x509_session_cache_objects(ssl_session_st*) 
| 0x1081ee084 (Flutter) X509_parse_from_buffer 
| 0x1081edebc (Flutter) d2i_X509 
| 0x10811b830 (Flutter) ASN1_item_d2i 
| 0x10811b8c4 (Flutter) ASN1_item_ex_d2i 
| 0x10811c5c8 (Flutter) asn1_item_ex_d2i 
| 0x10811d1b8 (Flutter) asn1_template_ex_d2i 
| 0x10811e12c (Flutter) asn1_template_noexp_d2i 
| 0x10811c5c8 (Flutter) asn1_item_ex_d2i 
| 0x10811d0d4 (Flutter) asn1_template_ex_d2i 
| 0x10811df58 (Flutter) asn1_template_noexp_d2i 
| 0x10811c5c8 (Flutter) asn1_item_ex_d2i 
| 0x10811d1b8 (Flutter) asn1_template_ex_d2i 
| 0x10811e12c (Flutter) asn1_template_noexp_d2i 
| 0x10811bb70 (Flutter) asn1_item_ex_d2i 
| 0x10811d7a8 (Flutter) asn1_d2i_ex_primitive 
| 0x10811ce9c (Flutter) asn1_ex_c2i 
| 0x10811a9e8 (Flutter) ASN1_STRING_set 
| 0x1081b97f4 (Flutter) OPENSSL_malloc 
| 0x18271a0b0 (libsystem_malloc.dylib) malloc 
| 0x1827175dc (libsystem_malloc.dylib) malloc_zone_malloc 
| 0x182724950 (libsystem_malloc.dylib) stack_logging_lite_malloc
nightwolf-chen

nightwolf-chen commented on Sep 3, 2018

@nightwolf-chen
nightwolf-chen
on Sep 3, 2018 · edited by cbracken
Author
Leak: 0x10be10c20  size=48  zone: MallocStackLoggingLiteZone_0x10ac10000
  Call stack: 0x18287fb10 (libsystem_pthread.dylib) thread_start
| 0x182881110 (libsystem_pthread.dylib) _pthread_body
| 0x182881220 (libsystem_pthread.dylib) _pthread_body
| 0x106fbfb58 (Flutter) std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, fml::Thread::Thread(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)::$_0> >(void*, void*)
| 0x106fbfd78 (Flutter) fml::Thread::Thread(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)::$_0::operator()() const
| 0x106faf044 (Flutter) fml::MessageLoop::Run()
| 0x106fb2bbc (Flutter) fml::MessageLoopImpl::DoRun()
| 0x106fc20f4 (Flutter) fml::MessageLoopDarwin::Run()
| 0x182b20da8 (CoreFoundation) CFRunLoopRunSpecific
| 0x182c00b60 (CoreFoundation) __CFRunLoopRun
| 0x182c03010 (CoreFoundation) __CFRunLoopDoTimers
| 0x182c0376c (CoreFoundation) __CFRunLoopDoTimer
| 0x182c03aa8 (CoreFoundation) __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__
| 0x106fc1c84 (Flutter) fml::MessageLoopDarwin::OnTimerFire(__CFRunLoopTimer*, fml::MessageLoopDarwin*)
| 0x106fb15c0 (Flutter) fml::MessageLoopImpl::RunExpiredTasksNow()
| 0x106fb2424 (Flutter) fml::MessageLoopImpl::RunExpiredTasks()
| 0x106fb3508 (Flutter) std::__1::function<void ()>::operator()() const
| 0x10702ac00 (Flutter) std::__1::__function::__func<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0, std::__1::allocator<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0>, void ()>::operator()()
| 0x10702ac54 (Flutter) void std::__1::__invoke_void_return_wrapper<void>::__call<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0&>(blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0&&&)
| 0x10702ac7c (Flutter) blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0::operator()() const
| 0x107029d80 (Flutter) blink::UIDartState::FlushMicrotasksNow()
| 0x1080ce220 (Flutter) tonic::DartMicrotaskQueue::RunMicrotasks()
| 0x1080df444 (Flutter) tonic::DartInvokeVoid(_Dart_Handle*)
| 0x10868a85c (Flutter) Dart_InvokeClosure
| 0x10833d858 (Flutter) dart::DartEntry::InvokeFunction(dart::Function const&, dart::Array const&, dart::Array const&, unsigned long)
| 0x10851e8e0 (Flutter) dart::Simulator::Call(dart::Code const&, dart::Array const&, dart::Array const&, dart::Thread*)
| 0x108522734 (Flutter) dart::InvokeNative(dart::Thread*, dart::Simulator*, void (*)(_Dart_NativeArguments*, void (*)(_Dart_NativeArguments*)), void (*)(_Dart_NativeArguments*), _Dart_NativeArguments*)
| 0x1083a0a64 (Flutter) dart::NativeEntry::AutoScopeNativeCallWrapperNoStackCheck(_Dart_NativeArguments*, void (*)(_Dart_NativeArguments*))
| 0x1080f8194 (Flutter) dart::bin::Builtin_SecureSocket_Handshake(_Dart_NativeArguments*)
| 0x1080f81bc (Flutter) dart::bin::SSLFilter::Handshake()
| 0x10824afd4 (Flutter) SSL_do_handshake
| 0x10821f018 (Flutter) bssl::ssl_run_handshake(bssl::SSL_HANDSHAKE*, bool*)
| 0x10821fef0 (Flutter) bssl::ssl_client_handshake(bssl::SSL_HANDSHAKE*)
| 0x108221a0c (Flutter) bssl::do_read_server_certificate(bssl::SSL_HANDSHAKE*)
| 0x10825c9dc (Flutter) bssl::ssl_crypto_x509_session_cache_objects(ssl_session_st*)
| 0x1081ee084 (Flutter) X509_parse_from_buffer
| 0x1081edebc (Flutter) d2i_X509
| 0x10811b830 (Flutter) ASN1_item_d2i
| 0x10811b8c4 (Flutter) ASN1_item_ex_d2i
| 0x10811c5c8 (Flutter) asn1_item_ex_d2i
| 0x10811d1b8 (Flutter) asn1_template_ex_d2i
| 0x10811e12c (Flutter) asn1_template_noexp_d2i
| 0x10811c5c8 (Flutter) asn1_item_ex_d2i
| 0x10811d0d4 (Flutter) asn1_template_ex_d2i
| 0x10811e12c (Flutter) asn1_template_noexp_d2i
| 0x10811bb70 (Flutter) asn1_item_ex_d2i
| 0x10811d7a8 (Flutter) asn1_d2i_ex_primitive
| 0x10811ccfc (Flutter) asn1_ex_c2i
| 0x108114ec0 (Flutter) c2i_ASN1_INTEGER
| 0x10811ac70 (Flutter) ASN1_STRING_type_new
| 0x1081b97f4 (Flutter) OPENSSL_malloc
| 0x18271a0b0 (libsystem_malloc.dylib) malloc
| 0x1827175dc (libsystem_malloc.dylib) malloc_zone_malloc
| 0x182724950 (libsystem_malloc.dylib) stack_logging_lite_malloc
nightwolf-chen

nightwolf-chen commented on Sep 3, 2018

@nightwolf-chen
nightwolf-chen
on Sep 3, 2018 · edited by cbracken
Author
Leak: 0x10c0db600  size=1536  zone: MallocStackLoggingLiteZone_0x10ac10000   CFData  ObjC  CoreFoundation
  Call stack: 0x18287fb10 (libsystem_pthread.dylib) thread_start
| 0x182881110 (libsystem_pthread.dylib) _pthread_body
| 0x182881220 (libsystem_pthread.dylib) _pthread_body
| 0x106fbfb58 (Flutter) std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, fml::Thread::Thread(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)::$_0> >(void*, void*)
| 0x106fbfd78 (Flutter) fml::Thread::Thread(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)::$_0::operator()() const
| 0x106faf044 (Flutter) fml::MessageLoop::Run()
| 0x106fb2bbc (Flutter) fml::MessageLoopImpl::DoRun()
| 0x106fc20f4 (Flutter) fml::MessageLoopDarwin::Run()
| 0x182b20da8 (CoreFoundation) CFRunLoopRunSpecific
| 0x182c00b60 (CoreFoundation) __CFRunLoopRun
| 0x182c03010 (CoreFoundation) __CFRunLoopDoTimers
| 0x182c0376c (CoreFoundation) __CFRunLoopDoTimer
| 0x182c03aa8 (CoreFoundation) __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__
| 0x106fc1c84 (Flutter) fml::MessageLoopDarwin::OnTimerFire(__CFRunLoopTimer*, fml::MessageLoopDarwin*)
| 0x106fb15c0 (Flutter) fml::MessageLoopImpl::RunExpiredTasksNow()
| 0x106fb2424 (Flutter) fml::MessageLoopImpl::RunExpiredTasks()
| 0x106fb3508 (Flutter) std::__1::function<void ()>::operator()() const
| 0x10702ac00 (Flutter) std::__1::__function::__func<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0, std::__1::allocator<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0>, void ()>::operator()()
| 0x10702ac54 (Flutter) void std::__1::__invoke_void_return_wrapper<void>::__call<blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0&>(blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0&&&)
| 0x10702ac7c (Flutter) blink::UIDartState::AddOrRemoveTaskObserver(bool)::$_0::operator()() const
| 0x107029d80 (Flutter) blink::UIDartState::FlushMicrotasksNow()
| 0x1080ce220 (Flutter) tonic::DartMicrotaskQueue::RunMicrotasks()
| 0x1080df444 (Flutter) tonic::DartInvokeVoid(_Dart_Handle*)
| 0x10868a85c (Flutter) Dart_InvokeClosure
| 0x10833d858 (Flutter) dart::DartEntry::InvokeFunction(dart::Function const&, dart::Array const&, dart::Array const&, unsigned long)
| 0x10851e8e0 (Flutter) dart::Simulator::Call(dart::Code const&, dart::Array const&, dart::Array const&, dart::Thread*)
| 0x108522734 (Flutter) dart::InvokeNative(dart::Thread*, dart::Simulator*, void (*)(_Dart_NativeArguments*, void (*)(_Dart_NativeArguments*)), void (*)(_Dart_NativeArguments*), _Dart_NativeArguments*)
| 0x1083a0a64 (Flutter) dart::NativeEntry::AutoScopeNativeCallWrapperNoStackCheck(_Dart_NativeArguments*, void (*)(_Dart_NativeArguments*))
| 0x1080f8194 (Flutter) dart::bin::Builtin_SecureSocket_Handshake(_Dart_NativeArguments*)
| 0x1080f81bc (Flutter) dart::bin::SSLFilter::Handshake()
| 0x10824afd4 (Flutter) SSL_do_handshake
| 0x10821f018 (Flutter) bssl::ssl_run_handshake(bssl::SSL_HANDSHAKE*, bool*)
| 0x10821ff10 (Flutter) bssl::ssl_client_handshake(bssl::SSL_HANDSHAKE*)
| 0x108221ef4 (Flutter) bssl::do_verify_server_certificate(bssl::SSL_HANDSHAKE*)
| 0x10821dd90 (Flutter) bssl::ssl_verify_peer_cert(bssl::SSL_HANDSHAKE*)
| 0x10825d20c (Flutter) bssl::ssl_crypto_x509_session_verify_cert_chain(ssl_session_st*, bssl::SSL_HANDSHAKE*, unsigned char*)
| 0x1080fb4ec (Flutter) dart::bin::CertificateVerificationCallback(x509_store_ctx_st*, void*)
| 0x1080fb7b8 (Flutter) dart::bin::CreateSecCertificateFromX509(x509_st*)
| 0x182bd53c0 (CoreFoundation) __CFDataInit
| 0x182b1b468 (CoreFoundation) _CFRuntimeCreateInstance
| 0x1827175dc (libsystem_malloc.dylib) malloc_zone_malloc
| 0x182724950 (libsystem_malloc.dylib) stack_logging_lite_malloc
nightwolf-chen

nightwolf-chen commented on Sep 3, 2018

@nightwolf-chen
nightwolf-chen
on Sep 3, 2018 · edited by nightwolf-chen
Author

@xster I've posted several backtrace for most significant memory leaks. I hope that helps you understand the SSL memory leak problem.

bkonyi
self-assigned this
on Sep 10, 2018
bkonyi

bkonyi commented on Sep 28, 2018

@bkonyi
bkonyi
on Sep 28, 2018
Contributor

Quick status update: we haven't found the exact cause of the majority of the leaked memory here, but we have a hunch that this may be an issue with BoringSSL. Someone familiar with the BoringSSL internals is going to look into it more closely next week.

7 remaining items

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

c: performanceRelates to speed or footprint issues (see "perf:" labels)customer: alibabadependency: dartDart team may need to help usengineflutter/engine repository. See also e: labels.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

    Development

    No branches or pull requests

      Participants

      @xster@cbracken@zoechi@nightwolf-chen@Natoto

      Issue actions
        Flutter SSL Memory Leaks · Issue #20409 · flutter/flutter