[ZBX-10493] Potential memory leak in case of retries in web-scenarios Created: 2016 Mar 03  Updated: 2017 May 30  Resolved: 2016 Apr 06

Status: Closed
Project: ZABBIX BUGS AND ISSUES
Component/s: Server (S)
Affects Version/s: 2.2.11
Fix Version/s: 2.2.12rc1, 3.0.2rc1, 3.2.0alpha1

Type: Incident report Priority: Minor
Reporter: Sandis Neilands (Inactive) Assignee: Unassigned
Resolution: Fixed Votes: 0
Labels: curl, memoryleak
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: File main.c    

 Description   

From process_httptest():

                /* try to retrieve page several times depending on number of retries */
                do
                {
                        memset(&page, 0, sizeof(page));

                        if (CURLE_OK == (err = curl_easy_perform(easyhandle)))
                                break;
                }
                while (0 < --httptest->httptest.retries);

page contains dynamically-allocated write buffer data which is managed by write-callback WRITEFUNCTION2(). If it was called by the libcurl (curl_easy_perform()) but the (re)try failed then we'll lose the allocated memory (data set to 0 with memset()).

 Comments   
Comment by Viktors Tjarve [ 2016 Apr 04 ]

Attached main.c - a simple program to repeat this memory leak.

Compile main.c with debbuging and libcurl gcc main.c -g -lcurl
Start Valgrind sudo valgrind --tool=memcheck --read-var-info=yes --track-origins=yes --leak-check=full ./a.out
Disconnect internet for 10 seconds and after that connect it back on. After you see an error message curl_easy_perform() failed:... stop Valgrind.

Memory leak Valgrind test result:

==4664== HEAP SUMMARY:
==4664==     in use at exit: 2,308,362 bytes in 3,157 blocks
==4664==   total heap usage: 11,038 allocs, 7,881 frees, 4,591,392 bytes allocated
==4664== 
==4664== 2,072,576 bytes in 1 blocks are definitely lost in loss record 644 of 644
==4664==    at 0x4C2CE8E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4664==    by 0x400D5A: zbx_strncpy_alloc (main.c:37)
==4664==    by 0x400E4D: WRITEFUNCTION2 (main.c:61)
==4664==    by 0x4E4BCCF: Curl_client_write (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.3.0)
==4664==    by 0x4E6073F: Curl_readwrite (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.3.0)
==4664==    by 0x4E69ACB: multi_runsingle (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.3.0)
==4664==    by 0x4E6A270: curl_multi_perform (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.3.0)
==4664==    by 0x4E618A2: curl_easy_perform (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.3.0)
==4664==    by 0x401122: main (main.c:169)
==4664== 
==4664== LEAK SUMMARY:
==4664==    definitely lost: 2,072,576 bytes in 1 blocks
==4664==    indirectly lost: 0 bytes in 0 blocks
==4664==      possibly lost: 0 bytes in 0 blocks
==4664==    still reachable: 235,786 bytes in 3,156 blocks
==4664==         suppressed: 0 bytes in 0 blocks
==4664== Reachable blocks (those to which a pointer was found) are not shown.
==4664== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==4664== 
==4664== For counts of detected and suppressed errors, rerun with: -v
==4664== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Comment by Viktors Tjarve [ 2016 Apr 04 ]

Fixed in development branch svn://svn.zabbix.com/branches/dev/ZBX-10493

Comment by Sandis Neilands (Inactive) [ 2016 Apr 05 ]

Successfully tested with minor improvement in r59288. Just note that the development branch is based on 2.2 but fix version mentions only 3+.

Also no such problem for EzTexting since there are no retries.

Comment by Viktors Tjarve [ 2016 Apr 06 ]

Released in:

  • 2.2.12rc1 r59300
  • 3.0.2rc1 r59301
  • 3.1.0 r59302
Generated at Thu Apr 18 23:12:01 EEST 2024 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.