moonchen opened a new pull request, #13292:
URL: https://github.com/apache/trafficserver/pull/13292

   ## Problem
   
   `NetVConnection` embeds `ProxyProtocol pp_info` by value, and 
`ProxyProtocol` owns heap (the `additional_data` string and the parsed `tlv` 
map). `has_proxy_protocol()` parses an inbound PROXY v2 header into `pp_info` 
once per connection, allocating both.
   
   The NetVC `ClassAllocator`s are `Destruct_on_free=false`, so 
`~ProxyProtocol` never runs when a VC is recycled and 
`UnixNetVConnection::clear()` did not release `pp_info`. The slot's next 
placement-`new` then abandons the string buffer and map nodes — leaking once 
per recycled connection that carried a PROXY v2 header, i.e. every inbound 
connection behind a PROXY-protocol load balancer.
   
   ## Fix
   
   Add `ProxyProtocol::reset()` and call it from `UnixNetVConnection::clear()`, 
the single recycle chokepoint (SSL and QUIC `clear()` chain to it, and 
`clear()` runs only on the free path). `reset()` swaps the members with empty 
containers rather than `clear()`ing them, since `clear()` keeps capacity that 
the recycle would still abandon. Releasing `pp_info` in `clear()` is safe: it 
is read only while the VC is live.
   
   Targeted rather than flipping the allocators to `Destruct_on_free=true`, 
which would run the full destructor chain on top of the existing manual 
`clear()`/`free_thread()` teardown and needs a separate idempotency audit.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to