When Winbind is configured with winbind offline logon = true we leak with memory with each login. On systems with heavy load this can add up quickly and the OOM will kill winbind then. Patch will follow.
Created attachment 12233 [details] patch for master (also applies to Samba 3.6)
==3045== 47,360 bytes in 160 blocks are indirectly lost in loss record 442 of 445 ==3045== at 0x4A06A2E: malloc (vg_replace_malloc.c:270) ==3045== by 0x1E1359: traverse_fn_get_credlist (winbindd_cache.c:3396) ==3045== by 0x6E87814: tdb_traverse_internal (traverse.c:190) ==3045== by 0x6E87A51: tdb_traverse (traverse.c:272) ==3045== by 0x1E1CDD: wcache_remove_oldest_cached_creds (winbindd_cache.c:3438) ==3045== by 0x21AC8A: winbindd_store_creds (winbindd_creds.c:103) ==3045== by 0x1EA589: winbindd_dual_pam_auth (winbindd_pam.c:1831) ==3045== by 0x20031A: child_handler (winbindd_dual.c:440) ==3045== by 0x6C7CEA5: epoll_event_loop_once (tevent_epoll.c:728) ==3045== by 0x6C7B2D5: std_event_loop_once (tevent_standard.c:114) ==3045== by 0x6C76C3C: _tevent_loop_once (tevent.c:533) ==3045== by 0x201473: fork_domain_child (winbindd_dual.c:1548) ==3045== by 0x201BE4: wb_child_request_trigger (winbindd_dual.c:145) ==3045== by 0x6C77867: tevent_common_loop_immediate (tevent_immediate.c:135) ==3045== by 0x6C7CC95: epoll_event_loop_once (tevent_epoll.c:906) ==3045== by 0x6C7B2D5: std_event_loop_once (tevent_standard.c:114) ==3045== by 0x6C76C3C: _tevent_loop_once (tevent.c:533) ==3045== by 0x1D89B3: main (winbindd.c:1490) ==3045== ==3045== 53,280 (5,920 direct, 47,360 indirect) bytes in 20 blocks are definitely lost in loss record 443 of 445 ==3045== at 0x4A06A2E: malloc (vg_replace_malloc.c:270) ==3045== by 0x1E1359: traverse_fn_get_credlist (winbindd_cache.c:3396) ==3045== by 0x6E87814: tdb_traverse_internal (traverse.c:190) ==3045== by 0x6E87A51: tdb_traverse (traverse.c:272) ==3045== by 0x1E1CDD: wcache_remove_oldest_cached_creds (winbindd_cache.c:3438) ==3045== by 0x21AC8A: winbindd_store_creds (winbindd_creds.c:103) ==3045== by 0x1EA589: winbindd_dual_pam_auth (winbindd_pam.c:1831) ==3045== by 0x20031A: child_handler (winbindd_dual.c:440) ==3045== by 0x6C7CEA5: epoll_event_loop_once (tevent_epoll.c:728) ==3045== by 0x6C7B2D5: std_event_loop_once (tevent_standard.c:114) ==3045== by 0x6C76C3C: _tevent_loop_once (tevent.c:533) ==3045== by 0x201473: fork_domain_child (winbindd_dual.c:1548) ==3045== by 0x201BE4: wb_child_request_trigger (winbindd_dual.c:145) ==3045== by 0x6C77867: tevent_common_loop_immediate (tevent_immediate.c:135) ==3045== by 0x6C7CC95: epoll_event_loop_once (tevent_epoll.c:906) ==3045== by 0x6C7B2D5: std_event_loop_once (tevent_standard.c:114) ==3045== by 0x6C76C3C: _tevent_loop_once (tevent.c:533) ==3045== by 0x1D89B3: main (winbindd.c:1490)
Comment on attachment 12233 [details] patch for master (also applies to Samba 3.6) LGTM, Thanks!
Created attachment 12245 [details] patch for 4.3
Created attachment 12246 [details] patch for 4.4
Karloin, please add the patches to the relevant branches. Thanks!
Comment on attachment 12246 [details] patch for 4.4 Great catch. I feel bad for having missed that in the original code :-).
(In reply to Andreas Schneider from comment #6) Pushed to autobuild-v4-[4|3]-test.
(In reply to Karolin Seeger from comment #8) Pushed to both branches. Closing out bug report. Thanks!