Bug 460692 - m2crypto leaks fds into GC
m2crypto leaks fds into GC
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: m2crypto (Show other bugs)
All Linux
medium Severity medium
: rc
: ---
Assigned To: Miloslav Trmač
Depends On:
  Show dependency treegraph
Reported: 2008-08-29 14:35 EDT by James Antill
Modified: 2009-09-02 07:19 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-09-02 07:19:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch against 0.19.1 - applies against the RHEL5 version as well (1.14 KB, patch)
2009-02-04 14:17 EST, Miloslav Trmač
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:1351 normal SHIPPED_LIVE m2crypto bug fix update 2009-09-01 06:49:36 EDT

  None (edit)
Description James Antill 2008-08-29 14:35:58 EDT
Description of problem:

 This is basically a copy and paste of the problem from urllib2:


...in m2urllib2, you do:

        r.recv = r.read

...which creates a circular reference, I've tested the fix I posted in m2crypto and it seems to work (although I'm not convinced it's the best fix).

 This would be nice to fix for 5.3.
Comment 1 Miloslav Trmač 2008-09-01 17:32:18 EDT
Thanks for your report.

Does the leak have any noticeable user impact?
Comment 2 Charles Duffy 2008-09-01 17:37:18 EDT
Yes; using reposync (from yum-utils) it is possible to overrun the 1024 FDs allowed by default ulimit settings and crash the process.
Comment 3 James Antill 2008-09-04 21:02:40 EDT
 It's worth noting that the generic fix has gone into the 5.3 errata, so putting it into m2crypto wouldn't be a deviation from core python urllib2 in RHEL-5.
Comment 5 Miloslav Trmač 2009-02-04 12:43:34 EST
Reproducer for M2Crypto:

import gc
import M2Crypto
o = M2Crypto.m2urllib2.build_opener()
r = o.open('https://addons.mozilla.org')
s = [r.fp._sock.fp._sock]
print gc.get_referrers(s[0])
... should print only [[<M2Crypto.SSL.Connection.Connection instance ... >]],
    not including a <socket._fileobject> instance

Upstream urllib2 solves this by ignoring the circular reference, and explicitly disconnecting r.fp from r on r.close(): see http://svn.python.org/view/python/trunk/Lib/urllib2.py?rev=53511&r1=52481&r2=53511 .  This drops other references and eventually closes the underlying socket - but only if the user of "r" calls r.close() on it.

AFAICS reposync uses urlgrab, which always calls r.close().
Comment 6 Miloslav Trmač 2009-02-04 14:17:11 EST
Created attachment 330905 [details]
Patch against 0.19.1 - applies against the RHEL5 version as well

The attached patch will be available in rawhide m2crypto-0.19.1-5.

Can you test the patch in the scenario where the circular reference actually causes problems, please?
Comment 11 errata-xmlrpc 2009-09-02 07:19:56 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.