Potential memory leak found by DrMemory


when I run windows filebeat together with DrMemory (http://drmemory.org/) it shows the following errors (and stops):

filebeat is 7.1.1

Thanks for the report!

      0 unique,     0 total potential unaddressable access(es)
      0 unique,     0 total potential invalid heap argument(s)
      0 unique,     0 total potential GDI usage error(s)
    120 unique,   159 total potential handle leak(s)
      0 unique,     0 total potential warning(s)
      2 unique,     2 total,   1382 byte(s) of potential leak(s)
      7 unique,    33 total,   1384 byte(s) of potential possible leak(s)

Most of the memory leaks look like one-time allocations by the Go runtime that it doesn't care to free (they are freed at program termination anyway).

However, there is a repeated handle leak that warrants further investigation:

Potential Error #122: HANDLE LEAK: KERNEL handle 0x0000000000000560 and 1 similar handle(s) were opened but not closed:
# 0 system call NtCreateEvent        
# 1 KERNELBASE.dll!CreateEventA                    +0x9b     (0x00007ffa6f72430c <KERNELBASE.dll+0x3430c>)
# 2 CRYPT32.dll!I_CryptUninstallAsn1Module         +0x6a5    (0x00007ffa6f91d856 <CRYPT32.dll+0xd856>)
# 3 CRYPT32.dll!CertCloseStore                     +0xa3     (0x00007ffa6f935a74 <CRYPT32.dll+0x25a74>)
# 4 CRYPT32.dll!CertControlStore                   +0x20b    (0x00007ffa6f9363dc <CRYPT32.dll+0x263dc>)
# 5 CRYPT32.dll!CertControlStore                   +0x63     (0x00007ffa6f936234 <CRYPT32.dll+0x26234>)
# 6 CRYPT32.dll!CertControlStore                   +0xf8     (0x00007ffa6f9362c9 <CRYPT32.dll+0x262c9>)
# 7 CRYPT32.dll!CertControlStore                   +0xf8     (0x00007ffa6f9362c9 <CRYPT32.dll+0x262c9>)
# 8 CRYPT32.dll!CertOpenStore                      +0x3f5    (0x00007ffa6f934136 <CRYPT32.dll+0x24136>)
# 9 CRYPT32.dll!I_CryptFindLruEntry                +0x3bf    (0x00007ffa6f961930 <CRYPT32.dll+0x51930>)
#10 CRYPT32.dll!I_CryptFindLruEntry                +0x2e2    (0x00007ffa6f961853 <CRYPT32.dll+0x51853>)
#11 CRYPT32.dll!CertAddStoreToCollection           +0xb3     (0x00007ffa6f93f6c4 <CRYPT32.dll+0x2f6c4>)
#12 CRYPT32.dll!CertGetCertificateContextProperty  +0x2edd   (0x00007ffa6f93c21e <CRYPT32.dll+0x2c21e>)
#13 ucrtbase.dll!o_memset                          +0xba     (0x00007ffa6eccd6eb <ucrtbase.dll+0xd6eb>)
#14 runtime.asmstdcall                              [/usr/local/go/src/runtime/sys_windows_amd64.s:58]
#15 KERNELBASE.dll!GetProcAddressForCaller         +0x64     (0x00007ffa6f742085 <KERNELBASE.dll+0x52085>)
#16 runtime.asmstdcall                              [/usr/local/go/src/runtime/sys_windows_amd64.s:58]
#17 runtime.acquirep                                [/usr/local/go/src/runtime/proc.go:4154]
#18 runtime.exitsyscallfast_pidle                   [/usr/local/go/src/runtime/proc.go:3160]
#19 runtime.exitsyscallfast.func1                   [/usr/local/go/src/runtime/proc.go:3103]
Note: @0:00:14.650 in thread 5088

I've created an issue to remember to have a look at it

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.