Bug 481670
Summary: | TPS startup code is leaky! | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | Ade Lee <alee> | ||||||||
Component: | TPS | Assignee: | Ade Lee <alee> | ||||||||
Status: | CLOSED EOL | QA Contact: | Ben Levenson <benl> | ||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | unspecified | CC: | alee, cfu, dpal, jgalipea, jmagne, mharmsen | ||||||||
Target Milestone: | 1.0 | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2020-03-27 18:39:42 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 530474 | ||||||||||
Attachments: |
|
Description
Ade Lee
2009-01-26 23:01:21 UTC
Created attachment 331046 [details]
patch to fix multiple bugs
Patch to fix:
484268: length validation checks needed for TPS inputs added for TPS roles
224889: TPS: configuration wizard: when no server-side-keygen option is selected, CS.cfg contains incorrect values
431158: mis-display Serial Number on TPS Agent page
483303: for IPA compatibility, change groups used in TPS to groupOfNames
484077: Adding _All Profiles_ or any of the given profiles to the the TPS admin does not reflect in the Profile memberships
and this bug -- TPS startup code is leaky.
Note: I do not eliminate all leaks - just the most noxious ones on startup, and any leaks that get larger as the application continues.
cfu, please review!
Please separate the fixes into each respective bug next time. thanks. mharmsen please take note in attribute change for migration tool. cfu+ builder@dhcp231-124 tps]$ svn ci -m "Bugzilla BZ# 481670 and others" Sending tps/forms/esc/cgi-bin/sow/cfg.pl Sending tps/lib/perl/PKI/TPS/DRMInfoPanel.pm Sending tps/scripts/addAgents.ldif Sending tps/src/engine/RA.cpp Sending tps/src/include/engine/RA.h Sending tps/src/include/tus/tus_db.h Sending tps/src/main/ConfigStore.cpp Sending tps/src/modules/tokendb/mod_tokendb.cpp Sending tps/src/processor/RA_Enroll_Processor.cpp Sending tps/src/tus/tus_db.c Transmitting file data .......... Committed revision 211. [builder@dhcp231-124 tps]$ svn ci -m "Bugzilla BZ# 481670 and others" Sending tps/pki-tps.spec Transmitting file data . Committed revision 212. Can you please add steps to run TPS through valgrind? Thanks sure -- in /etc/init.d/pki-tps, there is a section which looks like : if [ -x /etc/init.d/functions ]; then /usr/sbin/selinuxenabled RETVAL=$? if [ $RETVAL = 0 ] ; then if [ ${ARCHITECTURE} = "i386" ] ; then LANG=$HTTPD_LANG daemon runcon -t pki_tps_t -- $httpd $OPTIONS # overwrite output from "daemon" echo -n $"Starting $prog: " elif [ ${ARCHITECTURE} = "x86_64" ] ; then # NOTE: "daemon" is incompatible with "httpd" # on 64-bit architectures LANG=$HTTPD_LANG runcon -t pki_tps_t -- $httpd $OPTIONS fi else LANG=$HTTPD_LANG daemon $httpd $OPTIONS # overwrite output from "daemon" echo -n $"Starting $prog: " fi else LANG=$HTTPD_LANG $httpd $OPTIONS -k start fi You need to replace the appropriate line (depending on architecture and OS) LANG $HTTP_LANG runcon -t pki_tps_t -- $httpd $OPTIONS with : valgrind --trace-children=yes --log-file=/tmp/results/foo LANG $HTTP_LANG runcon -t pki_tps_t -- $httpd $OPTIONS This will create log files for the parent and child processes in /tmp/results. Make sure to create the directory /tmp/results. The restart the TPS. The results may be useful, but please note that not all memory leaks have been fixed - so its not clear that running this is useful for QE. A more appropriate test would be to run the TPS under a load and confirm that the rate of memory leak is not too large. Between this fix and a later one on leaks, most of the leaks while running the tps have been fixed. Verified - output of valgrind issues [root@qe-blade-11 results]# ./valpyk.py foo.12* line ==12888== Syscall param semctl(IPC_SET, arg.buf) points to uninitialised byte(s) is param error but did not match regex_param Total: 0 (0) Total: 0 (0) Created attachment 350644 [details]
valgrind logs starting TPS with no log signing
Reopening bug:
there are still a few startup leaks with TPS and with log signing enabled remaining to be fixed see attached valgrind logs
Created attachment 350645 [details]
valgrind logs restart log signing enabled
logs with audit signing enabled
dropping priority |