You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2020/06/01 07:47:38 UTC

[Bug 64485] New: UserDatabase Realm leaks os file descriptors for conf/tomcat-users.xml

https://bz.apache.org/bugzilla/show_bug.cgi?id=64485

            Bug ID: 64485
           Summary: UserDatabase Realm leaks os file descriptors for
                    conf/tomcat-users.xml
           Product: Tomcat 9
           Version: 9.0.35
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: angry.skull@yandex.ru
  Target Milestone: -----

Created attachment 37285
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=37285&action=edit
Stacktrace of file open failure when os file descriptors is over (recorded with
v9.0.29)

There is a bug in org.apache.catalina.users.MemoryUserDatabase that leaves the
os file descriptors in open state.
This is caused by the code line:
https://github.com/apache/tomcat/blob/9.0.35/java/org/apache/catalina/users/MemoryUserDatabase.java#L428

Exact code line is:
this.lastModified =
resource.getURI().toURL().openConnection().getLastModified();

The org.apache.tomcat.util.file.ConfigurationSource.Resource is handled
properly by the try-with-resources block, but a call to the URI/URL inside this
block does not close any opened resources. 
These resources just stay in memory and occupy limited os resources.

There is a similar bug in the OpenJDK:
https://bugs.openjdk.java.net/browse/JDK-6956385

This behavior was introduced in version 9.0.13 and after bugs:
https://bz.apache.org/bugzilla/show_bug.cgi?id=62924
https://bz.apache.org/bugzilla/show_bug.cgi?id=62958

The leaked file handles are usually collected by the GC, but if server has
enough memory and stays idle, then too many handles are acquired from the os
and there is no more available.
A stacktrace of such failure is in the attachment.

The read time period is 10 seconds by default and one file handle is leaked
withing every read of tomcat-users.xml file.
MemoryUserDatabase#watchSource is also true by default and this behavior is
enabled in the default conf.

A list of open files can be obtained by cmd:
lsof -K | grep $TOMCAT_PID | grep "tomcat-users.xml" | wc -l

org.apache.tomcat.util.file.ConfigurationSource.Resource#getLastModified() may
be voulnerable too.
Please analyze all places where java.net.URL#openConnection() is used

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64485] UserDatabase Realm leaks os file descriptors for conf/tomcat-users.xml

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64485

Vassili Alibabaev <an...@yandex.ru> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #37285|Stacktrace of file open     |Stacktrace of file open
        description|failure when os file        |failure when os file
                   |descriptors is over         |descriptors are over
                   |(recorded with v9.0.29)     |(recorded with v9.0.29)

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64485] UserDatabase Realm leaks os file descriptors for conf/tomcat-users.xml

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64485

--- Comment #1 from Remy Maucherat <re...@apache.org> ---
I guess it can be improved, but this problem actually doesn't do anything for
me, so I never care.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 64485] UserDatabase Realm leaks os file descriptors for conf/tomcat-users.xml

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=64485

Remy Maucherat <re...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #2 from Remy Maucherat <re...@apache.org> ---
The fis will be in 10.0.0-M6 and 9.0.36.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org