Bug 499493

Summary: run tps under valgrind
Product: [Retired] Dogtag Certificate System Reporter: Chandrasekar Kannan <ckannan>
Component: TPSAssignee: Jenny Severance <jgalipea>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: urgent    
Version: unspecifiedCC: alee, awnuk, benl, cfu, jgalipea, jmagne
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-07-22 23:35:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 443788    
Attachments:
Description Flags
Valgrind logs with full leak check
none
valgrind logs startup with no signing
none
valgrind logs restart log signing enabled
none
valgrind logs tpsclient activitiy
none
valgrind logs admin activity none

Description Chandrasekar Kannan 2009-05-06 21:00:02 UTC 
we prefer to run tps under valgrind to detect
for memory leaks while doing some importans tasks like.

- card enrollment
- card format
- card pin reset
- tps admin/agent/operator actions
 -- list certs
 -- show certs
 -- mark token lost/destroyed
 -- add/list/del users/groups
Comment 9 Ade Lee 2009-05-27 19:56:00 UTC 
[builder@dhcp231-124 dogtag-src]$ svn ci -m "Bugzilla Bug #499493 - run tps under valgrind" pki/dogtag/tps pki/base/tps 
Sending        pki/base/tps/src/authentication/LDAP_Authentication.cpp
Sending        pki/base/tps/src/cms/CertEnroll.cpp
Sending        pki/base/tps/src/engine/RA.cpp
Sending        pki/base/tps/src/include/engine/RA.h
Sending        pki/base/tps/src/modules/tokendb/mod_tokendb.cpp
Sending        pki/base/tps/src/modules/tps/AP_Session.cpp
Sending        pki/base/tps/src/msg/RA_Extended_Login_Response_Msg.cpp
Sending        pki/base/tps/src/processor/RA_Enroll_Processor.cpp
Sending        pki/base/tps/src/processor/RA_Format_Processor.cpp
Sending        pki/base/tps/src/processor/RA_Pin_Reset_Processor.cpp
Sending        pki/base/tps/src/processor/RA_Processor.cpp
Sending        pki/base/tps/src/tus/tus_db.c
Sending        pki/dogtag/tps/pki-tps.spec
Transmitting file data .............
Committed revision 500.
Comment 12 Ade Lee 2009-06-29 19:26:39 UTC 
Jenny, 

Please rerun the test and add the argument 
--leak-check=full 

to the set of arguments to valgrind.  This will provide the information I need to see where the leaks you found occur.
Comment 13 Jenny Severance 2009-06-29 19:28:45 UTC 
sure!
Comment 14 Jenny Severance 2009-06-29 20:22:38 UTC 
Created attachment 349870 [details]
Valgrind logs with full leak check

Attaching valgrind logs with full leak check enabled.
Comment 16 Jack Magne 2009-07-01 17:30:19 UTC 
Ade, this patch looks good. One caveat, there is a specific function you can use to free a SECItem. Look here: http://www.mozilla.org/projects/security/pki/nss/ref/ssl/ssltyp.html#1030620

Take a look at that and see if it would better fit the bill for deleting that signedResult variable.

Attachement: (id=350138) +jmagne.
Comment 17 Ade Lee 2009-07-01 18:32:56 UTC 
Jack's change added ..

[builder@dhcp231-124 pki]$ svn ci -m "Bugzilla Bug #499493 - Run TPS under valgrind" base/tps dogtag/tps
Sending        base/tps/src/engine/RA.cpp
Sending        base/tps/src/main/ConfigStore.cpp
Sending        dogtag/tps/pki-tps.spec
Transmitting file data ...
Committed revision 666.
Comment 19 Jenny Severance 2009-07-06 16:01:27 UTC 
Created attachment 350630 [details]
valgrind logs startup with no signing

attached valgrind logs - startup with no signing
Comment 20 Jenny Severance 2009-07-06 16:02:17 UTC 
Created attachment 350631 [details]
valgrind logs restart log signing enabled

valgrind logs restart with log signing enabled.
Comment 21 Jenny Severance 2009-07-06 16:03:25 UTC 
Created attachment 350632 [details]
valgrind logs tpsclient activitiy

valgrind logs with tpsclient activity
1. restart tps
2. format token
3. enroll token
4. reset pin
Comment 22 Jenny Severance 2009-07-06 16:05:42 UTC 
Created attachment 350633 [details]
valgrind logs admin activity

valgrind logs with admin activity:
1. restart tps with log signing
2. list/search tokens
3. add token
4. add user
5. edit user add all profiles
6. edit token re-enroll
7. delete token
8. delete user
9. list/search/delete activity
10. edit audit signing configuration - selected events
Comment 23 Ade Lee 2009-07-06 16:53:48 UTC 
after looking at the logs uploaded by Jenny - confirmed that the only leaks observed are those on startup.

Recommend that we close this bug as verified and clone as a medium priority bug for 8.1 to fix startup leaks.
Comment 24 Jenny Severance 2009-07-06 17:06:07 UTC 
Verified:
remaining leaks are in startup and being address by bug 481670 - see attached valgrind logs