Bug 11742 - tevent_add_signal() can cause a memory leak.
Summary: tevent_add_signal() can cause a memory leak.
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on: 11771
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-17 20:44 UTC by Jeremy Allison
Modified: 2018-04-24 07:00 UTC (History)
2 users (show)

See Also:


Attachments
git-am fix for 4.4.0, 4.3.next, 4.2.next. (2.00 KB, patch)
2016-02-18 22:08 UTC, Jeremy Allison
metze: review-
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Allison 2016-02-17 20:44:56 UTC
Reported by Pavel Březina <pbrezina@redhat.com>. From the Samba-technical list:

From: Pavel Březina <pbrezina@redhat.com>
To: samba-technical@lists.samba.org
Subject: tevent memory leak?
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0

Hi,
we are dealing with user-reported memory leak in sssd and I can see in
talloc report that there are ~140k if struct sigaction:

    struct tevent_sig_state        contains 21149312 bytes in 139123
blocks (ref 6) 0x7f0b97781990
        struct sigaction               contains    152 bytes in   1
blocks (ref 0) 0x7f0b9c1d9f10
        struct sigaction               contains    152 bytes in   1
blocks (ref 0) 0x7f0b9c195f80
        struct sigaction               contains    152 bytes in   1
blocks (ref 0) 0x7f0b9c195e80
        struct sigaction               contains    152 bytes in   1
blocks (ref 0) 0x7f0b9c195d80
        ...

Looking into tevent code, it comes from tevent_common_add_signal():

sig_state->oldact[signum] = talloc(sig_state, struct sigaction);
if (sig_state->oldact[signum] == NULL) {
    talloc_free(se);
    return NULL;
}

But it is nowhere freed. I would expect it to be freed in signal
destructor after restoring the original sigaction. Is it intentional
or a bug?

-------------------------------------------------------------

Patch to follow.
Comment 1 Jeremy Allison 2016-02-18 22:08:01 UTC
Created attachment 11849 [details]
git-am fix for 4.4.0, 4.3.next, 4.2.next.

Cherry-picked from master.
Comment 2 Stefan Metzmacher 2016-02-22 00:32:10 UTC
Comment on attachment 11849 [details]
git-am fix for 4.4.0, 4.3.next, 4.2.next.

We need to backport tevent-0.9.28 completely. I'll do that tomorrow...
Comment 3 Stefan Metzmacher 2018-04-24 07:00:37 UTC
Fixed in tevent-0.9.28