[syslog-ng] Fwd: Memleak in syslog-ng v3.19.1

Vidya Balakrishnan vidyabalakrishnan96 at gmail.com
Tue Jun 9 07:31:16 UTC 2020


Greetings,

This mail is regarding Memory leak in Syslog-ng v3.19.1. The process gets
launched at 26MB and then grows to 37MB or even upto 45MB.

Pasting the configurations used below:
@version: 3.19
@include "scl.conf"
source s_local {
    #system();
    #internal();
    syslog(port(514) transport("udp"));
};
rewrite tag_SN {
    set("ABC-XXXXXXX", value("HOST"));
};

destination d_Log_Server {
    network("abcd.com"
            port(514)
            transport(tls)
            tls( ca-dir("/etc/ssl") peer-verify("required-trusted") )
            time-zone("+00:00")

template("${R_YEAR}-${R_MONTH}-${R_DAY}T${R_HOUR}:${R_MIN}:${R_SEC}.${R_MSEC}${TZOFFSET}
${HOST} ${MSGHDR}${MESSAGE}\n")
            );
};
log {
    source(s_local);
    rewrite(tag_SN);
    destination(d_Log_Server);
};

Also, tried debugging using valgrind but did not resolve the issue.

==19671== Memcheck, a memory error detector

==19671== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.

==19671== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info

==19671== Command: /sbin/syslog-ng --cfgfile=/var/syslog-ng.conf

==19671== Parent PID: 2190

==19671==

==19671== Conditional jump or move depends on uninitialised value(s)

==19671==    at 0x401A8D4: index (in /lib/ld-linux.so.3)

==19671==    by 0x4007F33: expand_dynamic_string_token (in
/lib/ld-linux.so.3)

==19671==

==19671== Conditional jump or move depends on uninitialised value(s)

==19671==    at 0x401A8D8: index (in /lib/ld-linux.so.3)

==19671==    by 0x4007F33: expand_dynamic_string_token (in
/lib/ld-linux.so.3)

==19671==

==19671== Conditional jump or move depends on uninitialised value(s)

==19671==    at 0x4007F38: expand_dynamic_string_token (in
/lib/ld-linux.so.3)

==19671==

disInstr(arm): unhandled instruction: 0xEC510F1E

                 cond=14(0xE) 27:20=197(0xC5) 4:4=1 3:0=14(0xE)

==19671== valgrind: Unrecognised instruction at address 0x4cd6e68.

==19671==    at 0x4CD6E68: _armv7_tick (in /lib/libcrypto.so.1.1)

==19671== Your program just tried to execute an instruction that Valgrind

==19671== did not recognise.  There are two possible reasons for this.

==19671== 1. Your program has a bug and erroneously jumped to a non-code

==19671==    location.  If you are running Memcheck and you just saw a

==19671==    warning about a bad jump, it's probably your program's fault.

==19671== 2. The instruction is legitimate but Valgrind doesn't handle it,

==19671==    i.e. it's Valgrind's fault.  If you think this is the case or

==19671==    you are not sure, please let us know and we'll try to fix it.

==19671== Either way, Valgrind will now raise a SIGILL signal which will

==19671== probably kill your program.

==19700== Invalid read of size 4

==19700==    at 0x401A8D4: index (in /lib/ld-linux.so.3)

==19700==    by 0x40145BB: dl_open_worker (in /lib/ld-linux.so.3)

==19700==  Address 0x4f86bb4 is 3 bytes after a block of size 41 alloc'd

==19700==    at 0x4847654: malloc (vg_replace_malloc.c:299)

==19700==    by 0x49B3BC3: g_malloc (gmem.c:94)

==19700==    by 0x49CEA17: g_strdup (gstrfuncs.c:363)

==19700==    by 0x49417BF: g_module_open (gmodule.c:543)

==19700==    by 0x489AFDB: plugin_dlopen_module_as_filename (plugin.c:252)

==19700==    by 0x489B8B3: plugin_dlopen_module_as_dir_and_filename
(plugin.c:271)

==19700==    by 0x489B8B3: plugin_load_candidate_modules (plugin.c:457)

==19700==    by 0x4887017: cfg_lexer_preprocess (cfg-lexer.c:1068)

==19700==    by 0x4887017: cfg_lexer_lex (cfg-lexer.c:1110)

==19700==    by 0x48A876F: main_parse (cfg-grammar.c:3143)

==19700==    by 0x4887D8F: cfg_parser_parse (cfg-parser.c:369)

==19700==    by 0x48845BF: cfg_run_parser (cfg.c:504)

==19700==    by 0x48846B3: cfg_read_config (cfg.c:556)

==19700==    by 0x489766B: main_loop_read_and_init_config (mainloop.c:552)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x401A8D4: index (in /lib/ld-linux.so.3)

==19700==    by 0x40145BB: dl_open_worker (in /lib/ld-linux.so.3)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x401A8D8: index (in /lib/ld-linux.so.3)

==19700==    by 0x40145BB: dl_open_worker (in /lib/ld-linux.so.3)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x40145C0: dl_open_worker (in /lib/ld-linux.so.3)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x401AD9C: strcpy (in /lib/ld-linux.so.3)

==19700==    by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)

==19700==

==19700== Invalid read of size 4

==19700==    at 0x401AC60: strcpy (in /lib/ld-linux.so.3)

==19700==    by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)

==19700==  Address 0x5185254 is 0 bytes after a block of size 20 alloc'd

==19700==    at 0x4849EB4: realloc (vg_replace_malloc.c:785)

==19700==    by 0x49B3C9B: g_realloc (gmem.c:159)

==19700==    by 0x49FCAF3: _g_gnulib_vasnprintf (vasnprintf.c:5533)

==19700==    by 0x49FD263: _g_gnulib_vasprintf (printf.c:142)

==19700==    by 0x49F6B0B: g_vasprintf (gprintf.c:310)

==19700==    by 0x49CEB7F: g_strdup_vprintf (gstrfuncs.c:514)

==19700==    by 0x49CEBAB: g_strdup_printf (gstrfuncs.c:540)

==19700==    by 0x489AF7F: plugin_get_module_init_name (plugin.c:234)

==19700==    by 0x489B363: plugin_load_module (plugin.c:364)

==19700==    by 0x48ABCAB: pragma_parse (pragma-grammar.y:443)

==19700==    by 0x4887D8F: cfg_parser_parse (cfg-parser.c:369)

==19700==    by 0x4886E9B: cfg_lexer_parse_pragma (cfg-lexer.c:996)

==19700==    by 0x4886E9B: cfg_lexer_preprocess (cfg-lexer.c:1040)

==19700==    by 0x4886E9B: cfg_lexer_lex (cfg-lexer.c:1110)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x401AD80: strcpy (in /lib/ld-linux.so.3)

==19700==    by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)

==19700==

==19700== Use of uninitialised value of size 4

==19700==    at 0x401ACB8: strcpy (in /lib/ld-linux.so.3)

==19700==    by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)

==19700==

==19700== Invalid read of size 4

==19700==    at 0x401ADAC: strcpy (in /lib/ld-linux.so.3)

==19700==    by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)

==19700==  Address 0x533bdac is 3 bytes after a block of size 25 alloc'd

==19700==    at 0x4849EB4: realloc (vg_replace_malloc.c:785)

==19700==    by 0x49B3C9B: g_realloc (gmem.c:159)

==19700==    by 0x49FCAF3: _g_gnulib_vasnprintf (vasnprintf.c:5533)

==19700==    by 0x49FD263: _g_gnulib_vasprintf (printf.c:142)

==19700==    by 0x49F6B0B: g_vasprintf (gprintf.c:310)

==19700==    by 0x49CEB7F: g_strdup_vprintf (gstrfuncs.c:514)

==19700==    by 0x49CEBAB: g_strdup_printf (gstrfuncs.c:540)

==19700==    by 0x489AF7F: plugin_get_module_init_name (plugin.c:234)

==19700==    by 0x489B363: plugin_load_module (plugin.c:364)

==19700==    by 0x489B6BB: plugin_find (plugin.c:199)

==19700==    by 0x489921B: msg_format_options_init (msg-format.c:81)

==19700==    by 0x4891A9B: log_reader_options_init (logreader.c:728)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x401ADC4: strcpy (in /lib/ld-linux.so.3)

==19700==    by 0x400A8D3: _dl_lookup_symbol_x (in /lib/ld-linux.so.3)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x401A8D4: index (in /lib/ld-linux.so.3)

==19700==    by 0x4008BFB: _dl_map_object (in /lib/ld-linux.so.3)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x401A8D8: index (in /lib/ld-linux.so.3)

==19700==    by 0x4008BFB: _dl_map_object (in /lib/ld-linux.so.3)

==19700==

==19700== Conditional jump or move depends on uninitialised value(s)

==19700==    at 0x4008C00: _dl_map_object (in /lib/ld-linux.so.3)

==19700==

==19700== Syscall param epoll_pwait(sigmask) points to unaddressable byte(s)

==19700==    at 0x4BCC73C: epoll_pwait (in /lib/libc.so.6)

==19700==  Address 0x0 is not stack'd, malloc'd or (recently) free'd

==19700==

==19671==

==19671== HEAP SUMMARY:

==19671==     in use at exit: 11,980 bytes in 55 blocks

==19671==   total heap usage: 179 allocs, 124 frees, 49,157 bytes allocated

==19671==

==19671== 419 (44 direct, 375 indirect) bytes in 1 blocks are definitely
lost in loss record 44 of 46

==19671==    at 0x4847654: malloc (vg_replace_malloc.c:299)

==19671==    by 0x49B3BC3: g_malloc (gmem.c:94)

==19671==    by 0x488BD07: g_process_set_argv_space (gprocess.c:569)

==19671==    by 0x1127B: main (main.c:216)

==19671==

==19671== LEAK SUMMARY:

==19671==    definitely lost: 44 bytes in 1 blocks

==19671==    indirectly lost: 375 bytes in 10 blocks

==19671==      possibly lost: 0 bytes in 0 blocks

==19671==    still reachable: 11,561 bytes in 44 blocks

==19671==         suppressed: 0 bytes in 0 blocks

==19671== Reachable blocks (those to which a pointer was found) are not
shown.

==19671== To see them, rerun with: --leak-check=full --show-leak-kinds=all



The memory usage keeps increasing. There are no local disks used to store
the logs messages. It is directly sent to the Graylog server.

Could you please take a look at this issue and help resolving the same.


Regards,

Vidya Balakrishnan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20200609/fa9bedaf/attachment-0001.html>


More information about the syslog-ng mailing list