[libvirt] Memory leak in libvirt / gnutls

Richard W.M. Jones rjones at redhat.com
Sat Apr 7 09:33:46 UTC 2012 

I'm trying to track down:
https://bugzilla.redhat.com/show_bug.cgi?id=810613

I *think* this is a libvirt bug, but I can only reproduce it on one
machine, not on another machine that has a virtually identical setup.

Anyway, something is confusing me about libvirt.  In this commit:

----------------------------------------------------------------------
  commit 74c75671331d284e1f777f9692b72e9737520bf0
  Author: Michal Privoznik <mprivozn at redhat.com>
  Date:   Thu Aug 18 10:44:08 2011 +0200

    daemon: initialize GnuTLS
    
    When spice_tls is set but listen_tls is not, we don't initialize
    GnuTLS library. So any later gnutls call (e.g. during migration,
    where we initialize a certificate) will access uninitialized GnuTLS
    internal structs and throws an error.
    
    Although, we might now initialize GnuTLS twice, it is safe according
    to the documentation:
    
        This function can be called many times,
        but will only do something the first time.
    
    This patch creates 2 functions: virNetTLSInit and virNetTLSDeinit
    with respect to written above.
----------------------------------------------------------------------

... a pair of functions called virNetTLSInit & virNetTLSDeinit are
introduced, which would appear to do the right thing, calling first
gnutls_global_init, then gnutls_global_deinit.  This looks correct to
me.

However the above commit is later amended by this commit:

----------------------------------------------------------------------
  commit eaddec976ef06457fee4a4ce86b8c7ee906183b7
  Author: Michal Privoznik <mprivozn at redhat.com>
  Date:   Wed Aug 24 16:16:45 2011 +0200

    daemon: Move TLS initialization to virInitialize
    
    My previous patch 74c75671331d284e1f777f9692b72e9737520bf0
    introduced a regression by removing TLS initialization from client.
----------------------------------------------------------------------

which removes virNetTLSDeinit.  This appears to be a mistake, or at
least I can't see the logical reason for it, and according to the
gnutls docs, it would introduce a memory leak looking exactly like the
one I am chasing down.

The current code mentions virNetTLSDeinit only in a comment, and never
calls gnutls_global_deinit.

Any ideas?

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top

More information about the libvir-list mailing list