Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / ff78fcdd7f15c8626c7e70add7a935221ee2920c^! / .
commitff78fcdd7f15c8626c7e70add7a935221ee2920c[log] [tgz]
authorTim Duesterhus <tim@bastelstu.be>Sun Jun 14 00:37:43 2020 +0200
committerWilly Tarreau <w@1wt.eu>Sun Jun 14 07:39:58 2020 +0200
tree51b6cce2c2767552519dcbdaa45d052c388d52ba
parent0a3b43d9c350793ecbe7c41eb9dd3c068ae0c954 [diff]
BUG/MINOR: haproxy: Free rule->arg.vars.expr during deinit_act_rules

Given the following example configuration:

    frontend foo
    	bind *:8080
    	mode http
    	http-request  set-var(txn.foo) str(bar)

Running a configuration check within valgrind reports:

    ==23665== Memcheck, a memory error detector
    ==23665== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
    ==23665== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
    ==23665== Command: ./haproxy -c -f ./crasher.cfg
    ==23665==
    [WARNING] 165/002941 (23665) : config : missing timeouts for frontend 'foo'.
       | While not properly invalid, you will certainly encounter various problems
       | with such a configuration. To fix this, please ensure that all following
       | timeouts are set to a non-zero value: 'client', 'connect', 'server'.
    Warnings were found.
    Configuration file is valid
    ==23665==
    ==23665== HEAP SUMMARY:
    ==23665==     in use at exit: 314,008 bytes in 87 blocks
    ==23665==   total heap usage: 160 allocs, 73 frees, 1,448,074 bytes allocated
    ==23665==
    ==23665== 132 (48 direct, 84 indirect) bytes in 1 blocks are definitely lost in loss record 15 of 28
    ==23665==    at 0x4C2FB55: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==23665==    by 0x4A2612: sample_parse_expr (sample.c:876)
    ==23665==    by 0x54DF84: parse_store (vars.c:766)
    ==23665==    by 0x528BDF: parse_http_req_cond (http_rules.c:95)
    ==23665==    by 0x469F36: cfg_parse_listen (cfgparse-listen.c:1339)
    ==23665==    by 0x459E33: readcfgfile (cfgparse.c:2167)
    ==23665==    by 0x5074FD: init (haproxy.c:2021)
    ==23665==    by 0x418262: main (haproxy.c:3126)
    ==23665==
    ==23665== LEAK SUMMARY:
    ==23665==    definitely lost: 48 bytes in 1 blocks
    ==23665==    indirectly lost: 84 bytes in 2 blocks
    ==23665==      possibly lost: 0 bytes in 0 blocks
    ==23665==    still reachable: 313,876 bytes in 84 blocks
    ==23665==         suppressed: 0 bytes in 0 blocks
    ==23665== Reachable blocks (those to which a pointer was found) are not shown.
    ==23665== To see them, rerun with: --leak-check=full --show-leak-kinds=all
    ==23665==
    ==23665== For counts of detected and suppressed errors, rerun with: -v
    ==23665== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

After this patch is applied the leak is gone as expected.

This is a very minor leak that can only be observed if deinit() is called,
shortly before the OS will free all memory of the process anyway. No
backport needed.

diff --git a/src/haproxy.c b/src/haproxy.c
index 6548db6..245ac3b 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c

@@ -2555,6 +2555,7 @@
 	list_for_each_entry_safe(rule, ruleb, rules, list) {
 		LIST_DEL(&rule->list);
 		deinit_acl_cond(rule->cond);
+		release_sample_expr(rule->arg.vars.expr);
 		if (rule->release_ptr)
 			rule->release_ptr(rule);
 		free(rule);