[Bug 150] New: Possible memory leak for TLS connections
https://bugzilla.balabit.com/show_bug.cgi?id=150 Summary: Possible memory leak for TLS connections Product: syslog-ng Version: 3.3.x Platform: PC OS/Version: Linux Status: NEW Severity: normal Priority: unspecified Component: syslog-ng AssignedTo: bazsi@balabit.hu ReportedBy: eric@sevenscale.com Type of the Report: --- Estimated Hours: 0.0 I've noticed that memory usage seems to grow as clients using TLS connect and disconnect. I ran syslog-ng under valgrind while I caused a number of clients to connect and disconnect a few times and saved the leak summary from valgrind: https://gist.github.com/893a9687bf98dc53f0e7 -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.balabit.com/show_bug.cgi?id=150 --- Comment #1 from Balazs Scheidler <bazsi@balabit.hu> 2011-12-01 08:09:14 --- thanks for the report. it really seems to be useful. I'm not sure when I can diagnose this further though, probably not until next week, can anyone help, perhaps on the mailing list? Thanks. -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.balabit.com/show_bug.cgi?id=150 --- Comment #2 from Eric Lindvall <eric@sevenscale.com> 2011-12-02 07:03:09 --- My basic testing has shown that this patch fixes the leak: https://github.com/eric/syslog-ng-3.3/compare/free-tls-context.patch I haven't been able to figure out if this entry from valgrind is related to a legitimate leak or just cleanup that doesn't happen on shutdown: ==5415== 6,349,488 bytes in 358 blocks are possibly lost in loss record 1,016 of 1,016 ==5415== at 0x4C25E46: malloc (vg_replace_malloc.c:195) ==5415== by 0x7BA585D: CRYPTO_malloc (in /lib64/libcrypto.so.1.0.0e) ==5415== by 0x7914A52: ssl3_setup_read_buffer (in /usr/lib64/libssl.so.1.0.0e) ==5415== by 0x7914BA8: ssl3_setup_buffers (in /usr/lib64/libssl.so.1.0.0e) ==5415== by 0x79151F4: ssl23_get_client_hello (in /usr/lib64/libssl.so.1.0.0e) ==5415== by 0x7915602: ssl23_accept (in /usr/lib64/libssl.so.1.0.0e) ==5415== by 0x7916790: ssl23_read (in /usr/lib64/libssl.so.1.0.0e) ==5415== by 0x76EB111: log_transport_tls_read_method (tlstransport.c:56) ==5415== by 0x50B58CC: log_proto_buffered_server_read_data (logtransport.h:74) ==5415== by 0x50B6E79: log_proto_buffered_server_fetch (logproto.c:1115) ==5415== by 0x50BA2E0: log_reader_work_perform (logproto.h:100) ==5415== by 0x50BA698: log_reader_io_process_input (logreader.c:191) -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.balabit.com/show_bug.cgi?id=150 --- Comment #3 from Balazs Scheidler <bazsi@balabit.hu> 2011-12-19 15:51:24 --- the fix looks sane, but can you please attach a "signed-off-by" line so I can apply that? Thanks. -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.balabit.com/show_bug.cgi?id=150 --- Comment #4 from Eric Lindvall <eric@sevenscale.com> 2011-12-19 19:38:44 --- Update: I've found that while this does fix a memory leak, there are still other ones that are TLS-related that should be fixed. Do you want this to be signed-off by me or by you? If you want to apply the patch to your tree and have you sign-off on it (with me as the committer), you should be able to use (assuming you've downloaded the patch first): $ git am --signoff < free-tls-context.patch -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.balabit.com/show_bug.cgi?id=150 --- Comment #5 from Balazs Scheidler <bazsi@balabit.hu> 2011-12-19 22:14:50 --- I'd like your signoff to indicate that you willfully contributed this code. http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/... the submitting code section. -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.balabit.com/show_bug.cgi?id=150 Gergely Nagy <algernon@balabit.hu> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution| |FIXED Status|NEW |RESOLVED --- Comment #6 from Gergely Nagy <algernon@balabit.hu> 2012-03-23 13:32:22 --- This has been applied to git, closing the bug to follow that. -- Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
participants (1)
-
bugzilla@bugzilla.balabit.com