[stunnel-users] possible stunnel memory leak

• Previous message (by thread): [stunnel-users] possible stunnel memory leak
• Next message (by thread): [stunnel-users] possible stunnel memory leak
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michał Trojnara wrote:
> Stefano Stabellini wrote:
>> I may have found a possible memory leak in stunnel
>> (version 4.15) when used with pthreads.
> 
> Please test it with latest stunnel and the OpenSSL library.
> I'd rather expect the leak to be within the OpenSSL library.
> Stunnel is very conservative about its dynamic memory allocation.
> 

I did some more tests and now I have a more in depth analysis of the 
situation.

First I can confirm that the latest stunnel version doesn't have any 
memory leaks, not even valgrind spots them, sorry for the previous wrong 
report.
In fact what I found is that the key factor is how the connections are 
closed: it seems that the latest stunnel has problems dealing with badly 
closed connections.
If the clients are killed the connections are not closed but stay in 
CLOSE_WAIT state, and this is not completely wrong. However in this 
situation stunnel uses 100% of the CPU!!
The following is the workflow of one of my tests:

1) create 500 netcat connections
2) observe the memory usage going up
3) execute a killall nc to kill all the clients
4) the connections remain in CLOSE_WAIT state
5) observe the memory usage stay high (50M) and the cpu going to 100%

If I do the same test spawning netcat processes with the argument -q 1 
(netcat properly exits when stdin closes, no need for killall), the test 
runs fine. At the end the memory usage is only 3MB!



The results of the tests using the old stunnel version (4.15) follow.
Please consider that in this case valgrind regularly reports memory 
leaks, but the CPU usage never reaches near 100%.
If I spawn 500 netcat connections and then I kill them, here is what 
happens:

1) create 500 netcat connections
2) observe the memory usage going up
3) execute a killall nc to kill all the clients
4) observe all the connections closing in the next 5 minutes
5) observe the memory usage stay the same

If I spawn 500 netcat connections using the option -q 1:

1) create 500 netcat connections
2) observe the memory usage going up
3) wait for the connections to close
4) observe all the connections closing in the next 5 minutes
5) observe the memory usage to be slightly higher than at the beginning 
of the test



Best Regards,

Stefano Stabellini

• Previous message (by thread): [stunnel-users] possible stunnel memory leak
• Next message (by thread): [stunnel-users] possible stunnel memory leak
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]