You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Alan Conway (JIRA)" <ji...@apache.org> on 2017/10/06 20:22:00 UTC
[jira] [Resolved] (PROTON-1571) The ssl C++ example appears leaky,
proton::listener does not have a destructor
[ https://issues.apache.org/jira/browse/PROTON-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alan Conway resolved PROTON-1571.
---------------------------------
Resolution: Fixed
Raised PROTON-1615 for exception safety of container::run
> The ssl C++ example appears leaky, proton::listener does not have a destructor
> ------------------------------------------------------------------------------
>
> Key: PROTON-1571
> URL: https://issues.apache.org/jira/browse/PROTON-1571
> Project: Qpid Proton
> Issue Type: Bug
> Components: cpp-binding, examples
> Affects Versions: proton-c-0.18.0
> Environment: commit e631bf6b11960d9687d42dfdde1ff4c65804981c (upstream/master)
> Author: Andrew Stitcher <as...@apache.org>
> Date: Thu Aug 31 17:31:17 2017 -0400
> PROTON-1567: Implement failover urls
> - Example "reliable" client sending and receiving messages
> - Also add jitter to retry backoff (with C++11
> Reporter: Jiri Daněk
> Assignee: Alan Conway
> Fix For: proton-c-0.18.0
>
>
> After applying the following patch (to rin in a loop multiple times and to log RSS and VSS (the last two columns))
> {code}
> diff --git a/examples/cpp/ssl.cpp b/examples/cpp/ssl.cpp
> index 99ceb4aa..f5864f42 100644
> --- a/examples/cpp/ssl.cpp
> +++ b/examples/cpp/ssl.cpp
> @@ -37,6 +37,9 @@
>
> #include "fake_cpp11.hpp"
>
> +#include <stdlib.h>
> +#include <unistd.h>
> +
> using proton::connection_options;
> using proton::ssl_client_options;
> using proton::ssl_server_options;
> @@ -178,8 +181,21 @@ int main(int argc, char **argv) {
> if (verify != verify_noname && verify != verify_full && verify != verify_fail)
> throw std::runtime_error("bad verify argument: " + verify);
>
> - hello_world_direct hwd(address);
> - proton::default_container(hwd).run();
> + for (int i = 0; i < 10000; i++) {
> + try {
> + hello_world_direct hwd(address);
> + proton::default_container(hwd).run();
> + } catch (const std::exception& e) {
> + if (verify_failed) {
> + if (verify == verify_fail) {
> + std::cout << "Expected failure of connection with wrong peer name: " << e.what() << std::endl;
> + }
> + }
> + }
> + int ret = system("ps -eo pmem,comm,pid,maj_flt,min_flt,rss,vsz | grep ssl");
> + (void)ret;
> +// sleep(1);
> + }
> return 0;
> } catch (const std::exception& e) {
> if (verify_failed) {
> {code}
> and normal compilation,
> {{CFLAGS=-g cmake .. -DBUILD_GO=OFF -DENABLE_VALGRIND=OFF -DCMAKE_BUILD_TYPE=Release -GNijna}}
> run the example and observe that with {{-v fail}}, the RSS grows, while without it, it seems to keep steady. This to me suggests that either the binding does not properly handle failures, or that the example itself does not.
> {noformat}
> $ examples/cpp/ssl -a amqps://localhost:46085/examples -c /home/jdanek/Work/repos/qpid-proton/examples/cpp/ssl_certs -v fail
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 378 6892 35928
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 475 7124 36344
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 572 7500 36756
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 669 7736 37160
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 773 7828 37444
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 874 8192 37860
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 972 8292 38272
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1074 8684 38664
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1175 8776 38936
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1274 9164 39336
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1375 9268 39752
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1476 9632 40164
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1575 9864 40568
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1677 9956 40852
> Expected failure of connection with wrong peer name: amqp:connection:framing-error: SSL Failure: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1778 10320 41268
> {noformat}
> {noformat}
> [nix-shell:~/Work/repos/qpid-proton/build]$ examples/cpp/ssl -a amqps://localhost:46085/examples -c /home/jdanek/Work/repos/qpid-proton/examples/cpp/ssl_certs
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 377 6824 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 471 6864 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 554 6948 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 637 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 720 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 803 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 886 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 969 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1063 6992 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1157 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1244 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1327 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1410 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1493 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1576 7000 35928
> {noformat}
> With one loop through the for and running under valgrind, it shows leak in pn_listener. I think that either the example should free the listener, or the C++ binding should have a destructor in proton::listener object to take care of it. The first solution would be more flexible, the second is more C++ style, RAII, I mean.
> {noformat}
> valgrind --leak-check=full examples/cpp/ssl -a amqps://localhost:46085/examples -c /home/jdanek/Work/repos/qpid-proton/examples/cpp/ssl_certs -v fail
> [...]
> ==29439== HEAP SUMMARY:
> ==29439== in use at exit: 472,452 bytes in 4,340 blocks
> ==29439== total heap usage: 17,516 allocs, 13,176 frees, 2,003,666 bytes allocated
> ==29439==
> ==29439== 373,692 (208 direct, 373,484 indirect) bytes in 1 blocks are definitely lost in loss record 1,583 of 1,583
> ==29439== at 0x4C2DBD5: calloc (in /nix/store/gv9x2j31hvn0wf37h4jmb9xz6vgc3vvv-valgrind-3.12.0/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==29439== by 0x509128F: pn_listener (epoll.c:1339)
> ==29439== by 0x4E6017B: proton::container::impl::listen_common_lh(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) (in /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x4E60348: proton::container::impl::listen(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) (in /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x408256: hello_world_direct::on_container_start(proton::container&) (in /home/jdanek/Work/repos/qpid-proton/build/examples/cpp/ssl)
> ==29439== by 0x5DA4EA8: __pthread_once_slow (in /nix/store/l48biijfr1j6d5kdg911051x2phfjrz7-glibc-2.25/lib/libpthread-2.25.so)
> ==29439== by 0x4E62CD9: void std::call_once<void (proton::container::impl::*)(), proton::container::impl*>(std::once_flag&, void (proton::container::impl::*&&)(), proton::container::impl*&&) (in /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x4E6223F: proton::container::impl::run(int) (in /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x4062BB: main (in /home/jdanek/Work/repos/qpid-proton/build/examples/cpp/ssl)
> ==29439==
> ==29439== LEAK SUMMARY:
> ==29439== definitely lost: 208 bytes in 1 blocks
> ==29439== indirectly lost: 373,484 bytes in 1,056 blocks
> ==29439== possibly lost: 0 bytes in 0 blocks
> ==29439== still reachable: 98,760 bytes in 3,283 blocks
> ==29439== suppressed: 0 bytes in 0 blocks
> ==29439== Reachable blocks (those to which a pointer was found) are not shown.
> [..]
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org