[gnutls-devel] GnuTLS | _gnutls_rnd_init allocates memory per thread but does not seem to deallocate it (#1401)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Thu Sep 8 17:47:08 CEST 2022 


Pedro Marzo created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1401



## Description of problem:
Implementing an https server with the libmicrohttpd library using one different thread per each https connection results in an slow but steady memory increment usage as TLS sessions are openned and closed. libmicrohttpd uses gnutls to implement the TLS layer.

Using valgrind massif tool it seems the problem is on _gnutls_rnd_init which calls wrap_nettle_rnd_init which makes a calloc for the random context.
These callocs seems to never be free as_gnutls_rnd_init allocates memory per each thread, but seems to not deallocate it when the thread ends, or at least I cannot see a way of doing that deallocation per thread.

These context are stored on variables defined per each thread, so as the number of threads using gnu tls increases the number of allocated contexts grows.

static _Thread_local void *gnutls_rnd_ctx;

static _Thread_local unsigned rnd_initialized = 0;

All contexts are deallocated when the program finally calls _gnutls_rnd_deinit, but that is only called by _gnutls_global_deinit, so libmicrohttpd never seems to call it because the https server never ends.
May be it is not a bug on gnutls but on libmicrohttpd, but I see no way to free the random context associated to a particular thread on the gnutls library.

## Version of gnutls used:
3.6.14

## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu

## How reproducible:

Launch a libmicrohttpd daemon running on https with the flag MHD_USE_THREAD_PER_CONNECTION. 
Using an script with curl perform https requests to the server.
Memory starts growing with each new thread created and destroyed by the libmicrohttpd library.

## Actual results:
Memory usage increments due to wrap_nettle_rnd_init calloc, I attach the massif image
![memoryusage](/uploads/ad315bd1d60400826c9a96d6da2af10b/memoryusage.png)

## Expected results:
Memory usage should not grow.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1401
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220908/97f23b0d/attachment-0001.html>

More information about the Gnutls-devel mailing list