Fedora 11 slapd "too many open files": /lib64/libnspr4.so
Bernie Innocenti
bernie at codewiz.org
Thu Aug 20 01:54:29 UTC 2009
El Thu, 13-08-2009 a las 07:56 +0200, Bernie Innocenti escribió:
> El Thu, 13-08-2009 a las 07:12 +0200, Bernie Innocenti escribió:
> > Ping?
> >
> > This bug is pretty nasty: we have to restart slapd
> > 2 or 3 times a day :-/
>
> Ok, I think I'm starting to see the light here, but perhaps
> it's just because it's already dawn.
>
> nss-3.12.3.99.3/mozilla/security/nss/lib/freebl/stubs.c
> dlopen()s nspr4.so like so:
>
> -----8<----------8<----------8<----------8<----------8<-----
> #define freebl_getLibrary(libName) \
> dlopen (libName, RTLD_LAZY|RTLD_NOLOAD)
>
> #define freebl_releaseLibrary(lib) \
> if (lib) dlclose(lib)
>
> #endif
>
> extern SECStatus
> FREEBL_InitStubs()
> {
> SECStatus rv = SECSuccess;
> #ifdef FREEBL_NO_WEAK
> void *nspr = NULL;
> void *nssutil = NULL;
>
> /* NSPR should be first */
> if (!ptr_PR_DestroyLock) {
> nspr = freebl_getLibrary(nsprLibName);
> if (!nspr) {
> return SECFailure;
> }
> rv = freebl_InitNSPR(nspr);
> if (rv != SECSuccess) {
> freebl_releaseLibrary(nspr);
> return rv;
> }
> }
> /* now load NSSUTIL */
> if (!ptr_SECITEM_ZfreeItem_Util) {
> nssutil= freebl_getLibrary(nssutilLibName);
> if (!nssutil) {
> return SECFailure;
> }
> rv = freebl_InitNSSUtil(nssutil);
> if (rv != SECSuccess) {
> freebl_releaseLibrary(nssutil);
> return rv;
> }
> }
> #endif
>
> return rv;
> }
> -----8<----------8<----------8<----------8<----------8<-----
>
> There's no corresponding place in the code to call dlclose().
> If slapd enters this multiple times (perhaps from multiple threads),
> it might indeed leak file descriptors.
>
> It remains to be determined what codepath in openldap does this.
Looks like the above code is being by this Fedora-specific patch carried
by the nss package:
-----8<----------8<----------8<----------8<----------8<-----
diff -rupN nss-3.12.3.99.3-orig/mozilla/security/nss/lib/freebl/stubs.c nss-3.12.3.99.3/mozilla/security/nss/lib/freebl/stubs.c
--- ./mozilla/security/nss/lib/freebl/stubs.c 2009-03-28 19:21:50.000000000 -0700
+++ ./mozilla/security/nss/lib/freebl/stubs.c 2009-06-08 20:37:20.000000000 -0700
@@ -558,8 +558,8 @@ FREEBL_InitStubs()
return SECFailure;
}
rv = freebl_InitNSPR(nspr);
- freebl_releaseLibrary(nspr);
if (rv != SECSuccess) {
+ freebl_releaseLibrary(nspr);
return rv;
}
}
@@ -570,8 +570,8 @@ FREEBL_InitStubs()
return SECFailure;
}
rv = freebl_InitNSSUtil(nssutil);
- freebl_releaseLibrary(nssutil);
if (rv != SECSuccess) {
+ freebl_releaseLibrary(nssutil);
return rv;
}
}
-----8<----------8<----------8<----------8<----------8<-----
The patch was motivated by this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=502133
--
// Bernie Innocenti - http://codewiz.org/
\X/ Sugar Labs - http://sugarlabs.org/
More information about the fedora-devel-list
mailing list