Bug 501118 - [PEM] huge memory leaks within pfind.c
Summary: [PEM] huge memory leaks within pfind.c
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: nss
Version: 10
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Elio Maldonado Batiz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 501138
TreeView+ depends on / blocked
 
Reported: 2009-05-16 16:52 UTC by Kamil Dudka
Modified: 2009-12-04 16:54 UTC (History)
3 users (show)

Fixed In Version: 3.12.3.99.3-2.10.4.fc10
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-07-19 10:25:33 UTC


Attachments (Terms of Use)
proposed fix (11.00 KB, patch)
2009-05-16 16:52 UTC, Kamil Dudka
no flags Details | Diff

Description Kamil Dudka 2009-05-16 16:52:48 UTC
Created attachment 344278 [details]
proposed fix

Description of problem:
One more step closer to leak-less curl... Why are internal objects cloned by collect_objects() function? Nobody is cared to free them.

Version-Release number of selected component (if applicable):
nss-3.12.2-5.fc10

Steps to Reproduce:
1. run libcurl based application performing SSL transfers
  
Actual results:
Allocated memory is growing quickly, machine runs into swap...

Expected results:
Constant amount of allocated memory.

Additional info:
patch ready and awaiting review

Comment 1 Elio Maldonado Batiz 2009-05-16 21:49:06 UTC
Kamil, Please check the ? review request flag so I can review it.

Comment 2 Elio Maldonado Batiz 2009-05-22 17:14:52 UTC
This patch get and r+ from me. It would be nice to get Rob's opinion on this one in particular.

Comment 3 Kamil Dudka 2009-05-22 17:32:32 UTC
Sure. It's actually significant change of the code and it deserves some clarification from my side:

The internal objects are never freed, so there is no reason to clone them when exposing out of the module. The only way to free internal object is by unloading the module (handled by attachment #344239 [details]) and once the module is unloaded, nobody can expect its objects to be accessible.

I didn't follow any documentation while changing this, but it gives me pretty good results in valgrind - no errors, no memory leaks. Any objections?

Comment 4 Elio Maldonado Batiz 2009-05-22 17:53:08 UTC
I have found it instructive to compare the pem module code with that in capi and nssmkey, the modules that deal with the Microsoft CAPI key/cert store and Macintosh keychain, respectively.

Comment 5 Rob Crittenden 2009-05-22 19:39:54 UTC
It looks pretty sane to me. +r.

Comment 6 Fedora Update System 2009-06-23 04:06:01 UTC
nss-3.12.3.99.3-2.11.3.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/nss-3.12.3.99.3-2.11.3.fc11

Comment 7 Fedora Update System 2009-06-27 02:38:59 UTC
nss-3.12.3.99.3-2.11.3.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update nss'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-6948

Comment 8 Fedora Update System 2009-06-27 02:56:47 UTC
nss-3.12.3.99.3-2.10.4.fc10 has been pushed to the Fedora 10 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update nss'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-7017

Comment 9 Fedora Update System 2009-07-19 10:25:01 UTC
nss-3.12.3.99.3-2.11.3.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2009-07-19 10:26:08 UTC
nss-3.12.3.99.3-2.10.4.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.