Bug 275181

Summary: syslogd memory leak
Product: Red Hat Enterprise Linux 4 Reporter: Jose Plans <jplans>
Component: sysklogdAssignee: Peter Vrabec <pvrabec>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.5CC: astokes, ebenes, sgrubb, tao
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: RHBA-2008-0162 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-04-09 16:15:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 399271    
Attachments:
Description Flags
syslogd-memleak-fix.patch none

Description Jose Plans 2007-09-03 13:53:55 UTC 
Description of the problem:

syslogd after including the latest patch
"sysklogd-1.4.1-noforward_local_address.patch" introduced a memory leak when
using remote logging.
Everytime the syslogd daemon is restarted, it keeps leaking memory around the
size of ifaddrs and this is because there is a usage of getifaddrs() without
calling then freeifaddrs() to clear the dynamically allocated data.

Version-Release number of selected component (if applicable):
sysklogd-1.4.1-26_EL

How reproducible:
Always

Steps to Reproduce:
1. Setup syslog for remote auditing:
   In remote host change /etc/sysconfig/syslog to get the flag -r.
(SYSLOGD_OPTIONS="-m 0 -r")
   In local host  change /etc/syslog.conf to log into remote (for this case we
used *.info  @remote)
2. Reload syslogd. SIGHUP.
3. Run the following:
   % while true ; do /bin/kill -HUP `pidof syslogd` ; cat /proc/`pidof
syslogd`/status | grep -i vmdata; done
  
Actual results:
         VmData:      148 kB
         VmData:      148 kB
         VmData:      148 kB
         VmData:      796 kB
         VmData:     1696 kB
         VmData:     2588 kB

Expected results:
         VmData:      148 kB
         VmData:      148 kB
         VmData:      148 kB
         VmData:      148 kB
         VmData:      148 kB
         VmData:      148 kB
	 
Additional info:
Patch attached tested and writen by the customer.

Business Impact:

The custmer is using syslogd which configured logging to local files and remote
hosts. This customer's system is heavily logging, therefore logrotate runs every
10 seconds. Since kill -HUP is called when running logrotate, the syslogd's
memory increases swiftly.
Comment 1 Jose Plans 2007-09-03 13:53:57 UTC 
Created attachment 185271 [details]
syslogd-memleak-fix.patch
Comment 5 Jose Plans 2008-01-18 14:30:20 UTC 
*** Bug 429271 has been marked as a duplicate of this bug. ***
Comment 10 errata-xmlrpc 2008-04-09 16:15:17 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2008-0162.html