Bug 3919

Summary: Possible memory leak in sysklogd-1.3.31-6
Product: [Retired] Red Hat Linux Reporter: sinjar
Component: sysklogdAssignee: David Lawrence <dkl>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: bclaypool, hayden, signal, sinjar
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-07-22 20:38:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description sinjar 1999-07-06 18:52:24 UTC 
The other day, we had a machine crash on us due to it
running out of memory. The only 3 things that were running
on the machine at the time were named, radiusd, and syslogd.
Through testing we believe that there is a memory leak
present in syslogd when it is run with the '-r' switch. On
our machine, it seems to consume memory at a rate of about
10K per minute. The rate depends on the mount of remote
traffic it recieves. While we didn't wait for the machine to
crash again, we waited until syslog had consumed about 40
meg before stopping it. Also, on a different note, I
couldn't find a 'component' entry on the bugzilla page for
syslog. Thanks for your time.
Comment 1 Bill Nottingham 1999-07-06 18:55:59 UTC 
FWIW, the component is sysklogd...
Comment 2 Brian Feeny 1999-07-12 19:50:59 UTC 
I have seen this bug too.  Its with the -r switch on 6.0.  Hopefully
someone can get a new rpm out real soon, so we don't lose remote
logging capibility.  Takes a day to kill our syslog host.
Comment 3 bclaypool 1999-07-20 21:30:59 UTC 
I have seen this also.  The sysklogd leak was
bringing down a host system that was experiencing a
lot of traffic.  It didn't take long to crash the
system (out of memory for syslogd, out of memory
for pump, etc. . .)  Glad to see I was not the only
one experiencing this problem.  Looking forward to
the fix.
Comment 4 Bill Nottingham 1999-07-22 20:38:59 UTC 
Upgrade to the latest glibc in Raw Hide, or remove
the 'nisplus' from the hosts entry of /etc/nsswitch.conf.
gethostbyname() leaked in its NIS attempts.