[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-ha-dev
Subject:    [Linux-ha-dev] Re: ldirectord 1.59 memory problems
From:       Horms <horms () verge ! net ! au>
Date:       2002-11-20 3:02:42
[Download RAW message or body]

Apologies once again for the cross post. But in my haste to get a fix
for this problem out I made a slight error in the patch that I supplied.
Hopefully I have got it right this time.

The three patches attached to this message should resolve the reported
memory leaks when using ldirectord to monitor https services using a
negotiate check. Details of the nature of these memory leaks
can be found in the original version of this post, archived at:

http://marc.theaimsgroup.com/?l=linux-virtual-server&m=103770853113815&w=2
http://www.in-addr.de/pipermail/lvs-users/2002-November/007232.html
http://lists.community.tummy.com/pipermail/linux-ha-dev/2002-November/004531.html


a) Net_SSLeay.pm-1.21.leak.patch
 
   Resolves two memory leaks in Net::SSLeay Perl. Applies cleanly to
   1.21 and 1.20 and probably earlier versions. I would recommend
   using 1.21 + Net_SSLeay.pm-1.21.leak.patch

   The author Sampo Kellomak advises me that these fixes (in some form)
   will go into the next release of Net::SSLeay Perl, but that there are
   no immediate plans for a release.

b) ldirectord.1.59-1.60.patch

   Patch to allow ldirectord work around a memory leak
   in perl's socket() call.

c) ldirectord.1.60-1.61.patch

   Patch to allow b) to actually work.  Sorry about that.

The 1.61, latest version of ldirectord in CVS includes b) and c).


ldirectord is a daemon to monitor and administer real servers
in a LVS cluster of load balanced virtual servers. ldirectord typically
used as a resource for heartbeat , but can also be run from the command
line.

As per http://www.vergenet.net/linux/ldirectord/, all versions
of ldirectord are most easily obtained via cvs web from
http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/linux-ha/ldirectord/

1.59

http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/~checkout~/linux-ha/ldirectord/ldirectord?rev=1.59&content-type=text/plain


1.60

http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/~checkout~/linux-ha/ldirectord/ldirectord?rev=1.60&content-type=text/plain


1.61

http://cvs.linux-ha.org/viewcvs/viewcvs.cgi/~checkout~/linux-ha/ldirectord/ldirectord?rev=1.61&content-type=text/plain



As always, patches an bug reports for ldirectord are more than welcome.

-- 
Horms -> Breaking things. Fixing things. Fill up peoples mail boxes. Repeat


["Net_SSLeay.pm-1.21.leak.patch" (text/plain)]

--- Net_SSLeay.pm-1.21/SSLeay.pm	2002-09-20 08:00:37.000000000 +0900
+++ Net_SSLeay.pm-1.21.new/SSLeay.pm	2002-11-19 18:35:10.000000000 +0900
@@ -1699,6 +1699,18 @@
 }
 
 ###
+### Wrap load_error_strings so it is only called once
+### to avoid leaking like a sieve
+###
+
+my $load_error_strings_state = 0;
+sub load_error_strings_wrapper {
+	return if $load_error_strings_state == 1;
+	$load_error_strings_state = 1;
+	load_error_strings();
+}
+
+###
 ### Basic request - response primitive (don't use for https)
 ###
 
@@ -1712,7 +1724,7 @@
     ### Do SSL negotiation stuff
 	    
     warn "Creating SSL $ssl_version context...\n" if $trace>2;
-    load_error_strings();         # Some bloat, but I'm after ease of use
+    load_error_strings_wrapper(); # Some bloat, but I'm after ease of use
     SSLeay_add_ssl_algorithms();  # and debuggability.
     randomize();
     
@@ -1804,7 +1816,7 @@
     ### Do SSL negotiation stuff
 	    
     warn "Creating SSL $ssl_version context...\n" if $trace>2;
-    load_error_strings();         # Some bloat, but I'm after ease of use
+    load_error_strings_wrapper(); # Some bloat, but I'm after ease of use
     SSLeay_add_ssl_algorithms();  # and debuggability.
     randomize();
 
@@ -1967,7 +1979,10 @@
 ### to return all instances of duplicate headers.
 
 sub do_https2 {
-    my ($page, $response, $headers) = &do_https3;
+    my ($page, $response, $headers, $server_cert) = &do_https3;
+    if(defined($server_cert)) {
+        X509_free($server_cert);
+    }
     return ($page, $response,
 	    map( { ($h,$v)=/^(\S+)\:\s*(.*)$/; (uc($h),$v); }
 		split(/\s?\n/, $headers)
@@ -1979,7 +1994,10 @@
 ### are handled correctly.
 
 sub do_https4 {
-    my ($page, $response, $headers) = &do_https3;
+    my ($page, $response, $headers, $server_cert) = &do_https3;
+    if(defined($server_cert)) {
+        X509_free($server_cert);
+    }
     my %hr = ();
     for my $hh (split /\s?\n/, $headers) {
 	my ($h,$v)=/^(\S+)\:\s*(.*)$/;

["ldirectord.1.59-1.60.patch" (text/plain)]

? ldirectord.1.58-1.59.patch
? ldirectord.1.59-1.60.patch
? leak.patch
Index: ldirectord
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/ldirectord/ldirectord,v
retrieving revision 1.59
retrieving revision 1.60
diff -r1.59 -r1.60
4c4
< my($VERSION)=(qw$Id: ldirectord,v 1.59 2002/10/17 00:53:29 horms Exp $)[2];
---
> my($VERSION)=(qw$Id: ldirectord,v 1.60 2002/11/19 11:38:15 horms Exp $)[2];
361a362,370
> 	# There is a memory leak in perl's socket code when
> 	# the default IO layer is used. So use "perlio" unless
> 	# something else has been explicitly set.
> 	# http://archive.develooper.com/perl5-porters@perl.org/msg85468.html
> 	unless(defined($ENV{'PERLIO'})) {
> 		$ENV{'PERLIO'} = "perlio";
> 		exec_wrapper($0, @OLD_ARGV);
> 	}
> 
2168c2177
< # Wrapper arround system command to log errors
---
> # Wrapper around system() to log errors
2170,2171c2179,2181
< # post: system is called and if it returns non-zero a failure message is logged
< # return: none
---
> # post: system() is called and if it returns non-zero a failure 
> #       message is logged
> # return: return value of system()
2175a2186,2188
> 
> 	my $status;
> 
2177c2190,2219
< 	system(@args) == 0 or &ld_log("system(@args) failed");
---
> 	$status = system(@args);
> 	if($status != 0) {
> 		&ld_log("system(@args) failed");
> 	}
> 
> 	return($status)
> }
> 
> 
> # exec_wrapper
> # Wrapper around exec() to log errors
> # pre: LIST: arguments to pass to exec()
> # post: exec() is called and if it returns non-zero a failure 
> #       message is logged
> # return: return value of exec() on failure
> #         does not return on success
> 
> sub exec_wrapper
> {
> 	my (@args)=(@_);
> 
> 	my $status;
> 
>         &ld_log("Running exec(@args)") if $DEBUG>2;
> 	$status = exec(@args);
> 	if($status != 0) {
> 		&ld_log("exec(@args) failed");
> 	}
> 
> 	return($status)

["ldirectord.1.60-1.61.patch" (text/plain)]

? ldirectord.1.58-1.59.patch
? ldirectord.1.59-1.60.patch
? ldirectord.1.60-1.61.patch
? leak.patch
Index: ldirectord
===================================================================
RCS file: /home/cvs/linux-ha/linux-ha/ldirectord/ldirectord,v
retrieving revision 1.60
retrieving revision 1.61
diff -r1.60 -r1.61
4c4
< my($VERSION)=(qw$Id: ldirectord,v 1.60 2002/11/19 11:38:15 horms Exp $)[2];
---
> my($VERSION)=(qw$Id: ldirectord,v 1.61 2002/11/20 02:15:22 horms Exp $)[2];
341a342
> my @OLD_ARGV = @ARGV;

_______________________________________________________
Linux-HA-Dev: Linux-HA-Dev@lists.community.tummy.com
http://lists.community.tummy.com/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/

[prev in list] [next in list] [prev in thread] [next in thread]