Hello Ponnuvel, or anyone else affected, Accepted krb5 into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/krb5/1.17-6ubuntu4.7 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/2060666 Title: [SRU] Memory leak in krb5 version 1.17 Status in krb5 package in Ubuntu: Fix Released Status in krb5 source package in Focal: Fix Committed Bug description: [ Impact ] Commit https://github.com/krb5/krb5/commit/1cd2821c19b2b95e39d5fc2f451a035585a40fa5 altered the memory management of krb5_gss_inquire_cred(), introducing defcred to act as an owner pointer when the function must acquire a default credential. The commit neglected to update the code to release the default cred along the successful path. The old code does not trigger because cred_handle is now reassigned, so the default credential is leaked. Resulting gradual increase in memory usage (memory leak) and eventual crash. [ Test Plan ] Setup 3 VMs: 1. Windows Server act as Domain controller (AD) 2. Windows machine AD Joined with Ostress installed. (Ostress is part of RML utilities https://learn.microsoft.com/en-us/troubleshoot/sql/tools/replay-markup-language-utility) 3. SQL on Linux AD Joined ( configuration steps https://learn.microsoft.com/en-us/sql/linux/sql-server-linux-ad-auth-adutil-tutorial?view=sql-server-ver16) On the Machine with OStress create a file (name it disconnect.ini) with the following content under the same folder “C:\Program Files\Microsoft Corporation\RMLUtils” where OStress is installed. disconnect.ini ============== [Connection Options] LoginTimeout=30 QuotedIdentifier=Off AutocommitMode=On DisconnectPct=100.0 MaxThreadErrors=0 [Query Options] NoSQLBindCol=Off NoResultDisplay=Off PrepareExecute=Off ExecuteAsync=Off RollbackOnCancel=Off QueryTimeout=0 QueryDelay=0 MaxRetries=0 BatchDisconnectPct=0.0 CancelPct=0.00 CancelDelay=0 CancelDelayMin=0 CursorType= CursorConcurrency= RowFetchDelay=0 [Replay Options] Sequencing Options=global sequence ::Sequencing Options=global sequence, dtc replay DTC Timeout= DTC Machine=(local) Playback Coordinator=(local) StartSeqNum= StopSeqNum= TimeoutFactor=1.0 Run the following command to start the load using Ostress, change Server name (-S) accordingly and the number of threads (-n) as needed. Start 4 different CMD consoles and use the following different commands for each CMD window: 1. ostress.exe -E -S<ServerName/port> -Q"select * from sys.all_objects" -q -cdisconnect.ini -n40 -r9999999 -oc:\temp\log01 -T146 2. ostress.exe -E -S<ServerName/port> -Q"select * from sys.all_views" -q -cdisconnect.ini -n40 -r9999999 -oc:\temp\log02 -T146 3. ostress.exe -E -S<ServerName/port> -Q"select * from sys.all_columns" -q -cdisconnect.ini -n40 -r9999999 -oc:\temp\log03 -T146 4. ostress.exe -E -S<ServerName/port> -Q"select * from sys.all_parameters" -q -cdisconnect.ini -n40 -r9999999 -oc:\temp\log04 -T146 After a run of about 5 hours, the memory usage for this is expected to be around 5G with the fix. Without the fix, it was observed that it reached around ~22G in 5 hours. Hence the increase in memory usage can be observed if the ostress.exe programs are let to run longer. [ Where problems could occur ] The fix may not fix the memory leak or could result in releasing the memory early in a different code path, and thus resulting in crashes. A mitigating fact is that the fix has been in Ubuntu since at least 22.04 and they do not exhibit any issues. Likewise I've previously provided the fix in a PPA https://launchpad.net/~pponnuvel/+archive/ubuntu/krb5-focal to user who's been hit by this issue. They've tested and confirmed it fixes the memory leak. [ Other Info ] The commit https://github.com/krb5/krb5/commit/098f874f3b50dd2c46c0a574677324b5f6f3a1a8 fixes the leak. The fix has been included in newer krb5 releases (Jammy, and Noble have the releases with the fix). Bionic doesn't have the commit the introduced the memory leak in the first place. So this will be a Focal-only backport. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/2060666/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
