diff options
| -rw-r--r-- | ChangeLog | 11 | ||||
| -rw-r--r-- | runtime/nsd_gtls.c | 5 | ||||
| -rw-r--r-- | runtime/nsd_ptcp.c | 6 | ||||
| -rw-r--r-- | runtime/nsdsel_gtls.c | 1 | ||||
| -rw-r--r-- | tcpsrv.c | 9 | ||||
| -rw-r--r-- | tests/Makefile.am | 3 | ||||
| -rwxr-xr-x | tests/manytcp-too-few-tls.sh | 15 | ||||
| -rw-r--r-- | tests/testsuites/manytcp-too-few-tls.conf | 22 |
8 files changed, 67 insertions, 5 deletions
@@ -1,5 +1,8 @@ --------------------------------------------------------------------------- Version 6.1.9 [BETA] (rgerhards), 2011-0?-?? +- bugfix: memory leak in imtcp & subsystems under some circumstances + This leak is tied to error conditions which lead to incorrect cleanup + of some data structures. [backport from v6].3 - bugfix: $ActionFileDefaultTemplate did not work closes: http://bugzilla.adiscon.com/show_bug.cgi?id=262 --------------------------------------------------------------------------- @@ -178,6 +181,11 @@ Version 5.9.0 [V5-DEVEL] (rgerhards), 2011-03-?? affected directive was: $ActionExecOnlyWhenPreviousIsSuspended on closes: http://bugzilla.adiscon.com/show_bug.cgi?id=236 --------------------------------------------------------------------------- +Version 5.8.2 [V5-stable] (rgerhards), 2011-06-?? +- bugfix: memory leak in imtcp & subsystems under some circumstances + This leak is tied to error conditions which lead to incorrect cleanup + of some data structures. [backport from v6] +--------------------------------------------------------------------------- Version 5.8.1 [V5-stable] (rgerhards), 2011-05-19 - bugfix: invalid processing in QUEUE_FULL condition If the the multi-submit interface was used and a QUEUE_FULL condition @@ -1009,6 +1017,9 @@ Version 4.7.0 [v4-devel] (rgerhards), 2010-04-14 - imported changes from 4.5.6 and below --------------------------------------------------------------------------- Version 4.6.6 [v4-stable] (rgerhards), 2010-11-?? +- bugfix: memory leak in imtcp & subsystems under some circumstances + This leak is tied to error conditions which lead to incorrect cleanup + of some data structures. [backport from v6, limited testing under v4] - bugfix: invalid processing in QUEUE_FULL condition If the the multi-submit interface was used and a QUEUE_FULL condition occured, the failed message was properly destructed. However, the diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index d0fd0e0f..cc8f78d1 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -1099,6 +1099,7 @@ gtlsEndSess(nsd_gtls_t *pThis) } } gnutls_deinit(pThis->sess); + pThis->bHaveSess = 0; } RETiRet; } @@ -1152,8 +1153,8 @@ CODESTARTobjDestruct(nsd_gtls) gnutls_x509_crt_deinit(pThis->ourCert); if(pThis->bOurKeyIsInit) gnutls_x509_privkey_deinit(pThis->ourKey); -#warning need more checks if the new gnutls_deinit() breaks things during normal operations -// gnutls_deinit(pThis->sess); /* see ln 600 pThis->bInSess as something to check? */ + if(pThis->bHaveSess) + gnutls_deinit(pThis->sess); ENDobjDestruct(nsd_gtls) diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index c8915231..69eb7684 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -334,6 +334,12 @@ AcceptConnReq(nsd_t *pNsd, nsd_t **ppNew) iNewSock = accept(pThis->sock, (struct sockaddr*) &addr, &addrlen); if(iNewSock < 0) { + if(Debug) { + char errStr[1024]; + rs_strerror_r(errno, errStr, sizeof(errStr)); + dbgprintf("nds_ptcp: error accepting connection on socket %d, errno %d: %s\n", + pThis->sock, errno, errStr); + } ABORT_FINALIZE(RS_RET_ACCEPT_ERR); } diff --git a/runtime/nsdsel_gtls.c b/runtime/nsdsel_gtls.c index 1a389a00..aff55af2 100644 --- a/runtime/nsdsel_gtls.c +++ b/runtime/nsdsel_gtls.c @@ -177,6 +177,7 @@ doRetry(nsd_gtls_t *pNsd) finalize_it: if(iRet != RS_RET_OK && iRet != RS_RET_CLOSED && iRet != RS_RET_RETRY) pNsd->bAbortConn = 1; /* request abort */ +dbgprintf("XXXXXX: doRetry: iRet %d, pNsd->bAbortConn %d\n", iRet, pNsd->bAbortConn); RETiRet; } @@ -704,6 +704,7 @@ RunSelect(tcpsrv_t *pThis, nsd_epworkset_t workset[], size_t sizeWorkset) int iTCPSess; int bIsReady; nssel_t *pSel = NULL; + rsRetVal localRet; ISOBJ_TYPE_assert(pThis, tcpsrv); @@ -760,8 +761,8 @@ RunSelect(tcpsrv_t *pThis, nsd_epworkset_t workset[], size_t sizeWorkset) while(nfds && iTCPSess != -1) { if(glbl.GetGlobalInputTermState() == 1) ABORT_FINALIZE(RS_RET_FORCE_TERM); - CHKiRet(nssel.IsReady(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD, &bIsReady, &nfds)); - if(bIsReady) { + localRet = nssel.IsReady(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD, &bIsReady, &nfds); + if(bIsReady || localRet != RS_RET_OK) { workset[iWorkset].id = iTCPSess; workset[iWorkset].pUsr = (void*) pThis->pSessions[iTCPSess]; ++iWorkset; @@ -785,7 +786,9 @@ finalize_it: /* this is a very special case - this time only we do not exit the * crashed, which made sense (the rest of the engine was not prepared for * that) -- rgerhards, 2008-05-19 */ - /*EMPTY*/; + if(pSel != NULL) { /* cleanup missing? happens during err exit! */ + nssel.Destruct(&pSel); + } } /* note that this point is usually not reached */ diff --git a/tests/Makefile.am b/tests/Makefile.am index 6272c0dd..b3422297 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -104,6 +104,9 @@ TESTS += \ sndrcv_tls_anon.sh \ sndrcv_tls_anon_rebind.sh \ imtcp-tls-basic.sh +if HAVE_VALGRIND +TESTS += manytcp-too-few-tls.sh +endif endif if ENABLE_OMUXSOCK diff --git a/tests/manytcp-too-few-tls.sh b/tests/manytcp-too-few-tls.sh new file mode 100755 index 00000000..899a87dc --- /dev/null +++ b/tests/manytcp-too-few-tls.sh @@ -0,0 +1,15 @@ +# test many concurrent tcp connections +echo \[manytcp-too-few-tls.sh\]: test concurrent tcp connections +source $srcdir/diag.sh init +source $srcdir/diag.sh startup-vg manytcp-too-few-tls.conf +echo wait for DH param generation -- NOT needed in v6! +sleep 15 +# the config file specifies exactly 1100 connections +source $srcdir/diag.sh tcpflood -c1000 -m40000 +# the sleep below is needed to prevent too-early termination of the tcp listener +sleep 1 +source $srcdir/diag.sh shutdown-when-empty # shut down rsyslogd when done processing messages +source $srcdir/diag.sh wait-shutdown-vg # we need to wait until rsyslogd is finished! +source $srcdir/diag.sh check-exit-vg +source $srcdir/diag.sh seq-check 0 39999 +source $srcdir/diag.sh exit diff --git a/tests/testsuites/manytcp-too-few-tls.conf b/tests/testsuites/manytcp-too-few-tls.conf new file mode 100644 index 00000000..5269e73b --- /dev/null +++ b/tests/testsuites/manytcp-too-few-tls.conf @@ -0,0 +1,22 @@ +# Test for tcp "flood" testing +# rgerhards, 2009-04-08 +$IncludeConfig diag-common.conf + +$ModLoad ../plugins/imtcp/.libs/imtcp +$MainMsgQueueTimeoutShutdown 10000 +$MaxOpenFiles 200 +$InputTCPMaxSessions 1100 +# certificates +$DefaultNetstreamDriverCAFile testsuites/x.509/ca.pem +$DefaultNetstreamDriverCertFile testsuites/x.509/client-cert.pem +$DefaultNetstreamDriverKeyFile testsuites/x.509/client-key.pem + +$DefaultNetstreamDriver gtls # use gtls netstream driver + +$InputTCPServerStreamDriverMode 1 +$InputTCPServerStreamDriverAuthMode anon +$InputTCPServerRun 13514 + +$template outfmt,"%msg:F,58:2%\n" +$template dynfile,"rsyslog.out.log" # trick to use relative path names! +:msg, contains, "msgnum:" ?dynfile;outfmt |