[syslog-ng] Fwd: Memleak in syslog-ng v3.19.1
Vidya Balakrishnan
vidyabalakrishnan96 at gmail.com
Tue Jun 9 07:31:16 UTC 2020
Greetings,
This mail is regarding Memory leak in Syslog-ng v3.19.1. The process gets
launched at 26MB and then grows to 37MB or even upto 45MB.
Pasting the configurations used below:
@version: 3.19
@include "scl.conf"
source s_local {
#system();
#internal();
syslog(port(514) transport("udp"));
};
rewrite tag_SN {
set("ABC-XXXXXXX", value("HOST"));
};
destination d_Log_Server {
network("abcd.com"
port(514)
transport(tls)
tls( ca-dir("/etc/ssl") peer-verify("required-trusted") )
time-zone("+00:00")
template("${R_YEAR}-${R_MONTH}-${R_DAY}T${R_HOUR}:${R_MIN}:${R_SEC}.${R_MSEC}${TZOFFSET}
${HOST} ${MSGHDR}${MESSAGE}\n")
);
};
log {
source(s_local);
rewrite(tag_SN);
destination(d_Log_Server);
};
Also, tried debugging using valgrind but did not resolve the issue.
==19671== Memcheck, a memory error detector
==19671== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==19671== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==19671== Command: /sbin/syslog-ng --cfgfile=/var/syslog-ng.conf
==19671== Parent PID: 2190
==19671==
==19671== Conditional jump or move depends on uninitialised value(s)
==19671== at 0x401A8D4: index (in /lib/ld-linux.so.3)
==19671== by 0x4007F33: expand_dynamic_string_token (in
/lib/ld-linux.so.3)
==19671==
==19671== Conditional jump or move depends on uninitialised value(s)
==19671== at 0x401A8D8: index (in /lib/ld-linux.so.3)
==19671== by 0x4007F33: expand_dynamic_string_token (in
/lib/ld-linux.so.3)
==19671==
==19671== Conditional jump or move depends on uninitialised value(s)
==19671== at 0x4007F38: expand_dynamic_string_token (in
/lib/ld-linux.so.3)
==19671==
disInstr(arm): unhandled instruction: 0xEC510F1E
cond=14(0xE) 27:20=197(0xC5) 4:4=1 3:0=14(0xE)
==19671== valgrind: Unrecognised instruction at address 0x4cd6e68.
==19671== at 0x4CD6E68: _armv7_tick (in /lib/libcrypto.so.1.1)
==19671== Your program just tried to execute an instruction that Valgrind
==19671== did not recognise. There are two possible reasons for this.
==19671== 1. Your program has a bug and erroneously jumped to a non-code
==19671== location. If you are running Memcheck and you just saw a
==19671== warning about a bad jump, it's probably your program's fault.
==19671== 2. The instruction is legitimate but Valgrind doesn't handle it,
==19671== i.e. it's Valgrind's fault. If you think this is the case or
==19671== you are not sure, please let us know and we'll try to fix it.
==19671== Either way, Valgrind will now raise a SIGILL signal which will
==19671== probably kill your program.
==19700== Invalid read of size 4
==19700== at 0x401A8D4: index (in /lib/ld-linux.so.3)
==19700== by 0x40145BB: dl_open_worker (in /lib/ld-linux.so.3)
==19700== Address 0x4f86bb4 is 3 bytes after a block of size 41 alloc'd
==19700== at 0x4847654: malloc (vg_replace_malloc.c:299)
==19700== by 0x49B3BC3: g_malloc (gmem.c:94)
==19700== by 0x49CEA17: g_strdup (gstrfuncs.c:363)
==19700== by 0x49417BF: g_module_open (gmodule.c:543)
==19700== by 0x489AFDB: plugin_dlopen_module_as_filename (plugin.c:252)
==19700== by 0x489B8B3: plugin_dlopen_module_as_dir_and_filename
(plugin.c:271)
==19700== by 0x489B8B3: plugin_load_candidate_modules (plugin.c:457)
==19700== by 0x4887017: cfg_lexer_preprocess (cfg-lexer.c:1068)
==19700== by 0x4887017: cfg_lexer_lex (cfg-lexer.c:1110)
==19700== by 0x48A876F: main_parse (cfg-grammar.c:3143)
==19700== by 0x4887D8F: cfg_parser_parse (cfg-parser.c:369)
==19700== by 0x48845BF: cfg_run_parser (cfg.c:504)
==19700== by 0x48846B3: cfg_read_config (cfg.c:556)
==19700== by 0x489766B: main_loop_read_and_init_config (mainloop.c:552)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x401A8D4: index (in /lib/ld-linux.so.3)
==19700== by 0x40145BB: dl_open_worker (in /lib/ld-linux.so.3)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x401A8D8: index (in /lib/ld-linux.so.3)
==19700== by 0x40145BB: dl_open_worker (in /lib/ld-linux.so.3)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x40145C0: dl_open_worker (in /lib/ld-linux.so.3)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x401AD9C: strcpy (in /lib/ld-linux.so.3)
==19700== by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)
==19700==
==19700== Invalid read of size 4
==19700== at 0x401AC60: strcpy (in /lib/ld-linux.so.3)
==19700== by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)
==19700== Address 0x5185254 is 0 bytes after a block of size 20 alloc'd
==19700== at 0x4849EB4: realloc (vg_replace_malloc.c:785)
==19700== by 0x49B3C9B: g_realloc (gmem.c:159)
==19700== by 0x49FCAF3: _g_gnulib_vasnprintf (vasnprintf.c:5533)
==19700== by 0x49FD263: _g_gnulib_vasprintf (printf.c:142)
==19700== by 0x49F6B0B: g_vasprintf (gprintf.c:310)
==19700== by 0x49CEB7F: g_strdup_vprintf (gstrfuncs.c:514)
==19700== by 0x49CEBAB: g_strdup_printf (gstrfuncs.c:540)
==19700== by 0x489AF7F: plugin_get_module_init_name (plugin.c:234)
==19700== by 0x489B363: plugin_load_module (plugin.c:364)
==19700== by 0x48ABCAB: pragma_parse (pragma-grammar.y:443)
==19700== by 0x4887D8F: cfg_parser_parse (cfg-parser.c:369)
==19700== by 0x4886E9B: cfg_lexer_parse_pragma (cfg-lexer.c:996)
==19700== by 0x4886E9B: cfg_lexer_preprocess (cfg-lexer.c:1040)
==19700== by 0x4886E9B: cfg_lexer_lex (cfg-lexer.c:1110)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x401AD80: strcpy (in /lib/ld-linux.so.3)
==19700== by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)
==19700==
==19700== Use of uninitialised value of size 4
==19700== at 0x401ACB8: strcpy (in /lib/ld-linux.so.3)
==19700== by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)
==19700==
==19700== Invalid read of size 4
==19700== at 0x401ADAC: strcpy (in /lib/ld-linux.so.3)
==19700== by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)
==19700== Address 0x533bdac is 3 bytes after a block of size 25 alloc'd
==19700== at 0x4849EB4: realloc (vg_replace_malloc.c:785)
==19700== by 0x49B3C9B: g_realloc (gmem.c:159)
==19700== by 0x49FCAF3: _g_gnulib_vasnprintf (vasnprintf.c:5533)
==19700== by 0x49FD263: _g_gnulib_vasprintf (printf.c:142)
==19700== by 0x49F6B0B: g_vasprintf (gprintf.c:310)
==19700== by 0x49CEB7F: g_strdup_vprintf (gstrfuncs.c:514)
==19700== by 0x49CEBAB: g_strdup_printf (gstrfuncs.c:540)
==19700== by 0x489AF7F: plugin_get_module_init_name (plugin.c:234)
==19700== by 0x489B363: plugin_load_module (plugin.c:364)
==19700== by 0x489B6BB: plugin_find (plugin.c:199)
==19700== by 0x489921B: msg_format_options_init (msg-format.c:81)
==19700== by 0x4891A9B: log_reader_options_init (logreader.c:728)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x401ADC4: strcpy (in /lib/ld-linux.so.3)
==19700== by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x401A8D4: index (in /lib/ld-linux.so.3)
==19700== by 0x4008BFB: _dl_map_object (in /lib/ld-linux.so.3)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x401A8D8: index (in /lib/ld-linux.so.3)
==19700== by 0x4008BFB: _dl_map_object (in /lib/ld-linux.so.3)
==19700==
==19700== Conditional jump or move depends on uninitialised value(s)
==19700== at 0x4008C00: _dl_map_object (in /lib/ld-linux.so.3)
==19700==
==19700== Syscall param epoll_pwait(sigmask) points to unaddressable byte(s)
==19700== at 0x4BCC73C: epoll_pwait (in /lib/libc.so.6)
==19700== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==19700==
==19671==
==19671== HEAP SUMMARY:
==19671== in use at exit: 11,980 bytes in 55 blocks
==19671== total heap usage: 179 allocs, 124 frees, 49,157 bytes allocated
==19671==
==19671== 419 (44 direct, 375 indirect) bytes in 1 blocks are definitely
lost in loss record 44 of 46
==19671== at 0x4847654: malloc (vg_replace_malloc.c:299)
==19671== by 0x49B3BC3: g_malloc (gmem.c:94)
==19671== by 0x488BD07: g_process_set_argv_space (gprocess.c:569)
==19671== by 0x1127B: main (main.c:216)
==19671==
==19671== LEAK SUMMARY:
==19671== definitely lost: 44 bytes in 1 blocks
==19671== indirectly lost: 375 bytes in 10 blocks
==19671== possibly lost: 0 bytes in 0 blocks
==19671== still reachable: 11,561 bytes in 44 blocks
==19671== suppressed: 0 bytes in 0 blocks
==19671== Reachable blocks (those to which a pointer was found) are not
shown.
==19671== To see them, rerun with: --leak-check=full --show-leak-kinds=all
The memory usage keeps increasing. There are no local disks used to store
the logs messages. It is directly sent to the Graylog server.
Could you please take a look at this issue and help resolving the same.
Regards,
Vidya Balakrishnan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20200609/fa9bedaf/attachment-0001.html>
More information about the syslog-ng
mailing list