[
https://issues.apache.org/jira/browse/PROTON-1571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alan Conway resolved PROTON-1571.
---------------------------------
Resolution: Fixed
Raised PROTON-1615 for exception safety of container::run
> The ssl C++ example appears leaky, proton::listener does not have a destructor
> ------------------------------------------------------------------------------
>
> Key: PROTON-1571
> URL: https://issues.apache.org/jira/browse/PROTON-1571
> Project: Qpid Proton
> Issue Type: Bug
> Components: cpp-binding, examples
> Affects Versions: proton-c-0.18.0
> Environment: commit e631bf6b11960d9687d42dfdde1ff4c65804981c
> (upstream/master)
> Author: Andrew Stitcher <[email protected]>
> Date: Thu Aug 31 17:31:17 2017 -0400
> PROTON-1567: Implement failover urls
> - Example "reliable" client sending and receiving messages
> - Also add jitter to retry backoff (with C++11
> Reporter: Jiri Daněk
> Assignee: Alan Conway
> Fix For: proton-c-0.18.0
>
>
> After applying the following patch (to rin in a loop multiple times and to
> log RSS and VSS (the last two columns))
> {code}
> diff --git a/examples/cpp/ssl.cpp b/examples/cpp/ssl.cpp
> index 99ceb4aa..f5864f42 100644
> --- a/examples/cpp/ssl.cpp
> +++ b/examples/cpp/ssl.cpp
> @@ -37,6 +37,9 @@
>
> #include "fake_cpp11.hpp"
>
> +#include <stdlib.h>
> +#include <unistd.h>
> +
> using proton::connection_options;
> using proton::ssl_client_options;
> using proton::ssl_server_options;
> @@ -178,8 +181,21 @@ int main(int argc, char **argv) {
> if (verify != verify_noname && verify != verify_full && verify !=
> verify_fail)
> throw std::runtime_error("bad verify argument: " + verify);
>
> - hello_world_direct hwd(address);
> - proton::default_container(hwd).run();
> + for (int i = 0; i < 10000; i++) {
> + try {
> + hello_world_direct hwd(address);
> + proton::default_container(hwd).run();
> + } catch (const std::exception& e) {
> + if (verify_failed) {
> + if (verify == verify_fail) {
> + std::cout << "Expected failure of connection with wrong
> peer name: " << e.what() << std::endl;
> + }
> + }
> + }
> + int ret = system("ps -eo pmem,comm,pid,maj_flt,min_flt,rss,vsz |
> grep ssl");
> + (void)ret;
> +// sleep(1);
> + }
> return 0;
> } catch (const std::exception& e) {
> if (verify_failed) {
> {code}
> and normal compilation,
> {{CFLAGS=-g cmake .. -DBUILD_GO=OFF -DENABLE_VALGRIND=OFF
> -DCMAKE_BUILD_TYPE=Release -GNijna}}
> run the example and observe that with {{-v fail}}, the RSS grows, while
> without it, it seems to keep steady. This to me suggests that either the
> binding does not properly handle failures, or that the example itself does
> not.
> {noformat}
> $ examples/cpp/ssl -a amqps://localhost:46085/examples -c
> /home/jdanek/Work/repos/qpid-proton/examples/cpp/ssl_certs -v fail
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 378 6892 35928
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 475 7124 36344
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 572 7500 36756
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 669 7736 37160
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 773 7828 37444
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 874 8192 37860
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 972 8292 38272
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1074 8684 38664
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1175 8776 38936
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1274 9164 39336
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1375 9268 39752
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1476 9632 40164
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1575 9864 40568
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1677 9956 40852
> Expected failure of connection with wrong peer name:
> amqp:connection:framing-error: SSL Failure: error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 0.0 ssl 29657 0 1778 10320 41268
> {noformat}
> {noformat}
> [nix-shell:~/Work/repos/qpid-proton/build]$ examples/cpp/ssl -a
> amqps://localhost:46085/examples -c
> /home/jdanek/Work/repos/qpid-proton/examples/cpp/ssl_certs
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 377 6824 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 471 6864 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 554 6948 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 637 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 720 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 803 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 886 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 969 6988 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1063 6992 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1157 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1244 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1327 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1410 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1493 7000 35928
> Inbound server connection connected via SSL. Protocol: TLSv1/SSLv3
> Outgoing client connection connected via SSL. Server certificate identity
> CN=test_server
> Hello World!
> 0.0 ssl 29707 0 1576 7000 35928
> {noformat}
> With one loop through the for and running under valgrind, it shows leak in
> pn_listener. I think that either the example should free the listener, or the
> C++ binding should have a destructor in proton::listener object to take care
> of it. The first solution would be more flexible, the second is more C++
> style, RAII, I mean.
> {noformat}
> valgrind --leak-check=full examples/cpp/ssl -a
> amqps://localhost:46085/examples -c
> /home/jdanek/Work/repos/qpid-proton/examples/cpp/ssl_certs -v fail
> [...]
> ==29439== HEAP SUMMARY:
> ==29439== in use at exit: 472,452 bytes in 4,340 blocks
> ==29439== total heap usage: 17,516 allocs, 13,176 frees, 2,003,666 bytes
> allocated
> ==29439==
> ==29439== 373,692 (208 direct, 373,484 indirect) bytes in 1 blocks are
> definitely lost in loss record 1,583 of 1,583
> ==29439== at 0x4C2DBD5: calloc (in
> /nix/store/gv9x2j31hvn0wf37h4jmb9xz6vgc3vvv-valgrind-3.12.0/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==29439== by 0x509128F: pn_listener (epoll.c:1339)
> ==29439== by 0x4E6017B:
> proton::container::impl::listen_common_lh(std::__cxx11::basic_string<char,
> std::char_traits<char>, std::allocator<char> > const&) (in
> /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x4E60348:
> proton::container::impl::listen(std::__cxx11::basic_string<char,
> std::char_traits<char>, std::allocator<char> > const&) (in
> /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x408256:
> hello_world_direct::on_container_start(proton::container&) (in
> /home/jdanek/Work/repos/qpid-proton/build/examples/cpp/ssl)
> ==29439== by 0x5DA4EA8: __pthread_once_slow (in
> /nix/store/l48biijfr1j6d5kdg911051x2phfjrz7-glibc-2.25/lib/libpthread-2.25.so)
> ==29439== by 0x4E62CD9: void std::call_once<void
> (proton::container::impl::*)(), proton::container::impl*>(std::once_flag&,
> void (proton::container::impl::*&&)(), proton::container::impl*&&) (in
> /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x4E6223F: proton::container::impl::run(int) (in
> /home/jdanek/Work/repos/qpid-proton/build/proton-c/bindings/cpp/libqpid-proton-cpp.so.11.0.0)
> ==29439== by 0x4062BB: main (in
> /home/jdanek/Work/repos/qpid-proton/build/examples/cpp/ssl)
> ==29439==
> ==29439== LEAK SUMMARY:
> ==29439== definitely lost: 208 bytes in 1 blocks
> ==29439== indirectly lost: 373,484 bytes in 1,056 blocks
> ==29439== possibly lost: 0 bytes in 0 blocks
> ==29439== still reachable: 98,760 bytes in 3,283 blocks
> ==29439== suppressed: 0 bytes in 0 blocks
> ==29439== Reachable blocks (those to which a pointer was found) are not shown.
> [..]
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
