sts-sponsors team mailing list archive
-
sts-sponsors team
-
Mailing list archive
-
Message #00582
[Bug 1750013] Re: systemd-logind: memory leaks on session's connections (trusty-only)
> when SSH ends, for example, a Release event is sent
> through dbus and systemd-logind captures it, in the function manager_message_handler().
>
> From there, the function session_remove_fifo() is called. That point is our "bootstrap"
> to add the closing session on gc
ok i see that path, dbus Release -> remove fifo, however i don't think
it's appropriate to put the add_to_gc into remove_fifo; because,
remove_fifo is also called from session_free()..consider this code:
session_remove_fifo(s);
free(s->state_file);
free(s);
}
so...that call to session_remove_fifo() previously only removed the
fifo. but with your patch, it's also adding 's' back onto the gc
queue...but then immediately freeing s!!! When the gc queue is
processed, this code:
while ((session = m->session_gc_queue)) {
LIST_REMOVE(Session, gc_queue, m->session_gc_queue, session);
session->in_gc_queue = false;
will dereference 's' ('session' in the gc handler), accessing freed
memory.
Since you're trying to use the dbus Release notification to add the
session to the gc, wouldn't it be better to simply update the dbus
Release handler to remove the fifo *and* add the session to the gc, from
there? not modify the remove_fifo function?
--
You received this bug notification because you are a member of STS
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1750013
Title:
systemd-logind: memory leaks on session's connections (trusty-only)
Status in systemd package in Ubuntu:
Fix Released
Status in systemd source package in Trusty:
In Progress
Status in systemd source package in Xenial:
Fix Released
Status in systemd source package in Artful:
Fix Released
Status in systemd source package in Bionic:
Fix Released
Bug description:
Below the SRU request form. Please refer to the Original Description
to a more comprehensive explanation of the problem observed.
[Impact]
* systemd-logind tool is leaking memory at each session connected. The
issues happens in systemd from Trusty (14.04) only.
* Three issues observed:
- systemd-logind is leaking entire sessions, i.e, the sessions are not
feeed after they're closed. In order to fix that, we proactively add
the sessions to systemd garbage collector (gc) when they are closed.
Also, part of the fix is to make cgmanager package a dependency. Refer
to comment #1 to a more thorough explanation of the issue and the fix.
- a small memory leak was observed in the session creation logic of
systemd-logind. The fix for that is the addition of an appropriate
free() call. Refer to comment #2 to more details on the issue and fix.
- another small memory leak was observed in the cgmanager glue code of
systemd-logind - this code is only present in this specific Ubuntu
release of the package, due to necessary compatibility layer with
upstart init system. The fix is to properly call free() in 2
functions. Refer to comment #3 to a deep exposition of the issue and
the fix.
[Test Case]
* The basic test-case is to run the following loop from a remote machine:
while true; do ssh <hostname-target> "whoami"; done
* It's possible to watch the increase in memory consumption from
"systemd-logind" process in the target machine. One can use the
"ps uax" command to verify the RSS of the process, or count its
anonymous pages from /proc/<logind_pid>/smaps.
[Regression Potential]
* Since the fixes are small and not intrusive, the potential for
regressions are low. More regression considerations on comments #1, #2
and #3 for each fix.
* A potential small regressson is performance-wise, since now we add
sessions to garbage collector proactively.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1750013/+subscriptions
