This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: Memory leak due to circular references in ssl.SSLSocket
Type: resource usage Stage: resolved
Components: IO, Library (Lib) Versions: Python 2.7, Python 2.6
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: janssen Nosy List: Péter.Szabó, janssen, pitrou
Priority: normal Keywords: patch

Created on 2010-02-16 17:38 by Péter.Szabó, last changed 2022-04-11 14:56 by admin. This issue is now closed.

File name Uploaded Description Edit
pts-python2.6.4-ssl-init-memory-leak-fix.patch Péter.Szabó, 2010-02-16 17:38 Patch for the memory leak fix in ssl.SSLSocket.__init__ in Python 2.6
Messages (2)
msg99423 - (view) Author: Péter Szabó (Péter.Szabó) Date: 2010-02-16 17:38
Here is how to reproduce the leak in Python 2.6.4 and Python 2.7:

  import gc
  import socket
  import ssl
  sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  count0 = gc.get_count()[0]
  for i in xrange(1000):
  count1 = gc.get_count()[0]
  # This should be less than 100 without the leak, but it is >1000.
  diff = count1 - count0
  assert diff < 1000, diff

The reason why the memory usage has increased is that the SSLSocket objects contain a circular reference (self -> __init__ ->  recv -> lambda -> self), and thus Python cannot free them without garbage collection.

A side effect is that if the SSLSocket doesn't have external references, the underlying socket._realsocket may remain unclosed for a long time (until the garbage collection kicks in), because the SSLSocket still refers to it. Another side effect is that when there is an exception in the wrapping in SSLSocket.accept() (e.g. keyfile not found), then the newly accepted socket won't get closed immediately, and the client will experience a hanging open socket.

With gc.enable(), the leak goes away (the garbage collector finds and frees the SSLSocket objects with circular reference). Python 3.1.1 is not affected since it has a very different SSLSocket implementation.

Here is an easy fix: replace the self.recv = lambda ... lines in the code of ssl.SSLSocket.__init__ with this:

  import socket as socket_module
  for attr in socket_module._delegate_methods:
    delattr(self, attr)  

See the attached patch. You can also download the patch from
msg104060 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2010-04-23 23:12
Committed with test in r80423 (trunk) and r80425 (2.6).
Also ported the test to py3k/3.1. Thanks!
Date User Action Args
2022-04-11 14:56:57adminsetgithub: 52191
2010-04-23 23:12:34pitrousetstatus: open -> closed

nosy: + pitrou
messages: + msg104060

resolution: fixed
stage: test needed -> resolved
2010-04-09 20:07:37pitrousetassignee: janssen

nosy: + janssen
2010-04-09 03:36:19ajaksu2setpriority: normal
stage: test needed
2010-02-16 17:38:30Péter.Szabócreate