Red Hat Bugzilla – Bug 1309439
libtevent leaks memory during signal handling
Last modified: 2016-11-17 06:47:29 EST
Description of problem:
libtevent allocates memory during tevent_common_add_signal() but doesn't free it.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. register a signal handler with libtevent
2. watch the memory usage of a program after startup
3. receive a bunch of signals
3. observe memory usage go up
this is best tested through sssd performing many allocations
Steps to reproduce are wrong. It is not about receiving the signals, the leak occurs on registering a signal handler. I'm attaching a simple reproducer in C.
Created attachment 1128225 [details]
Steeve, do you think we can manage to have this in Z-stream?
(In reply to gagriogi from comment #5)
> Steeve, do you think we can manage to have this in Z-stream?
We tentatively agreed to include this in U4.
Pavel, can you please create some reproducer (C code would be fine) that QE could use to reproduce and verify the bug?
The reproducer was attached in February :-)
To reproduce, grab the source file that Pavel attached as comment #3 and save it as some file, I used tev.c as an example. Make sure that libtevent-devel and libtalloc-devel are installed.
Then compile the source with:
$ gcc -ltevent -ltalloc tev.c
and run the resulting binary:
With the unpatched packages, you should see a bunch of "struct sigaction" structures being reported by libtalloc as leaked. You should not see these leaks with the patched version.
Steeve, can you add a qa_ack based on comment #12 as a reproducer?
Verified the bug on libtevent Version: libtevent-0.9.28-1.el7.x86_64
Steps followed during verification:
1. Already reproduced this bug with the older build: libtevent-0.9.25-1.el7.x86_64 during verification of RHEL-7.2.Z bug BZ1324387.
2. With the patched build, the "struct sigaction" shouldn't be reported, see the output:
full talloc report on 'null_context' (total 2928 bytes in 7 blocks)
struct tevent_sig_state contains 2768 bytes in 1 blocks (ref 0) 0x1a53680
struct tevent_ops_list contains 32 bytes in 1 blocks (ref 0) 0x1a53320
struct tevent_ops_list contains 32 bytes in 1 blocks (ref 0) 0x1a53290
struct tevent_ops_list contains 32 bytes in 1 blocks (ref 0) 0x1a53200
struct tevent_ops_list contains 32 bytes in 1 blocks (ref 0) 0x1a53170
struct tevent_ops_list contains 32 bytes in 1 blocks (ref 0) 0x1a530e0
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.