Date: Mon, 22 Sep 1997 17:01:27 -0700 From: Julian Elischer <julian@whistle.com> To: Graham Wheeler <gram@cdsec.com> Cc: "Jonathan M. Bresler" <jmb@FreeBSD.ORG>, hackers@FreeBSD.ORG Subject: Re: Bug in malloc/free (was: Memory leak in getservbyXXX?) Message-ID: <342706D7.794BDF32@whistle.com> References: <199709221537.RAA09859@cdsec.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Graham Wheeler wrote: > > > > > Graham, > > have you been able to create a minimal program that tickles > > the bug? if i remember correctly, one suspicion is that > > the links that malloc uses to track memory allocations > > are being corrupted....creating a circular list. > > > > jmb > > Unfortunately not. At present most of our clients are still running the > firewall software on FreeBSD 2.1.0, and have no problem (with at least > one site of about 2000 users having run the gateway process for about > four months without a restart or reboot). We recently upgraded a couple > of sites to FreeBSD 2.2.2, mostly to allow Adaptec 2940 support. Of these > sites, most are either running proxies only or have fairly low traffic. > Only one site has been affected by the bug, with the main distinguishing > characteristic being a very heavy network load (there are approximately > 5000 users behind this firewall, with quite heavy WWW browser useage taking > place). > > As the loop can occur anywhere where there is a call to malloc, directly > or indirectly, we have not been able to isolate it at all. Most of the C++ > classes that are used have their own test programs to test them in isolation, > but no problems have been found with these. Also, many of the classes used > by the gateway program are used in other modules in the firewall; none of > these modules have shown any problems. One thing that can be said about the > gateway program is that it performs far more dynamic memory allocations and > frees than any other module in the firewall (every packet that passes through > the gateway, for starters). sounds like it might be a candidate for a buffer cache... i.e. keep 100 pre-allocated buffers or similar, so that malloc is not called nearly as much.. yeah I know it doesn't solve the problem, but.... > > -- > Dr Graham Wheeler E-mail: gram@cdsec.com > Citadel Data Security Phone: +27(21)23-6065/6/7 > Internet/Intranet Network Specialists Mobile: +27(83)-253-9864 > Firewalls/Virtual Private Networks Fax: +27(21)24-3656 > Data Security Products WWW: http://www.cdsec.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?342706D7.794BDF32>