[request-tracker-maintainers] Bug#623553: duplicate email addresses lead to major memory leaks

Antoine Beaupre anarcat at koumbit.org
Thu Apr 21 06:35:52 UTC 2011


Package: request-tracker3.8
Version: 3.8.8-7+squeeze1~bpo50+1
Severity: normal


Under very specific circumstances, RT can start eating up all memory on the
server. Load would shoot up as mason processes (in fcgid mode) would eat all
available memory and CPU.

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
14991 www-data  20   0 1301m 1.1g 5028 R   89 14.6   3:53.97 mason_handler.f
15002 www-data  20   0 1235m 1.1g 5028 R   81 13.7   3:28.32 mason_handler.f
14983 www-data  20   0 1346m 1.2g 5028 R   79 15.2   3:49.92 mason_handler.f

Strace on those process shows seemingly random data being read on the #4 file descriptor:

rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
poll([{fd=4, events=POLLIN|POLLERR}], 1, -1) = 1 ([{fd=4, revents=POLLIN}])
rt_sigprocmask(SIG_BLOCK, [PIPE], [], 8) = 0
read(4, "\27\3\1\0 "..., 5)             = 5
read(4, "V\241\232\305\35r\271c'\307\311\266\212\267\2329\221\35\212\262 \34\351\20c\233\264\10!-\3 30V"..., 32) = 32
read(4, "\27\3\1\0000"..., 5)           = 5
read(4, "\235s\262RE!\314\314\1\263\10\200K\325\343\272\312\23\212=Ei\373\336\23M\365uP\245\301jI".  .., 48) = 48
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [PIPE], [], 8) = 0
write(4, "\27\3\1\0 \30\36\3030\224lH\373E\217\311\3115\25H\215\327\272W\263[a\224\251\250|\353\200 "..., 74) = 74
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
poll([{fd=4, events=POLLIN|POLLERR}], 1, -1) = 1 ([{fd=4, revents=POLLIN}]) 
rt_sigprocmask(SIG_BLOCK, [PIPE], [], 8) = 0
read(4, "\27\3\1\0 "..., 5)             = 5
read(4, "\250H\271D~\221\345\24\34\376\277\325ZC\336+\362;\222.\355x\316\270\351'\257\377\237\273,\ 226"..., 32) = 32
read(4, "\27\3\1\0000"..., 5)           = 5

That stuff is actually the wire protocol for PostgreSQL. From the pgsql side,
the socket looks mostly idle, except for SELECT queries that happen sometime.
This is the query:

SELECT main.* FROM Attributes main  WHERE (main.ObjectType = 'RT::User') AND (main.ObjectId = 77)

Now, the peculiar thing is that the user #77 has the *same* email address as
user #32 (my regular user). I do not understand how this was allowed, but I did
change the email address on account #32 today.

One way to trigger the bug is to visit the "ModifyPeople" page of a ticket that
has user #32 as an owner, for example:

https://rt.koumbit.net/rt/Ticket/ModifyPeople.html?id=77584

Incoming emails were also triggering the bug, which made it really nastier...

The workaround was for me to change the email address on user #77 to some
unique string.

Sorry if this is not really relevant for the Debian package, but it's really
late here and I've just spent the last 4h tracking this bug. I figured other
people could use that debugging info to fix the issue on their side too. :)

Oh, and note that this is present in 3.8.7 and 3.8.10 also... I tried the
unstable packages out of desperation. :)

-- Package-specific info:
Changed files:

There are locally modified files in /usr/local/share/request-tracker3.8/,
 these may (or may not) be the source of the problem.


-- System Information:
Debian Release: 5.0.8
  APT prefers oldstable
  APT policy: (500, 'oldstable'), (2, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-2-vserver-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages request-tracker3.8 depends on:
ii  dbconfig-common 1.8.39                   common framework for packaging dat
ii  debconf [debcon 1.5.24                   Debian configuration management sy
ii  libapache-sessi 1.86-1                   Perl modules for keeping persisten
ii  libcache-simple 0.27-2                   Perl module to cache and expire ke
ii  libcalendar-sim 1.20-1                   Perl extension to create simple ca
ii  libcgi-fast-per 5.10.0-19lenny3          CGI::Fast Perl module
ii  libcgi-pm-perl  3.38-2lenny3             Simple Common Gateway Interface Cl
ii  libclass-return 0.55-1                   A return-value object that lets yo
ii  libcss-squish-p 0.07-1                   Compact many CSS files into one bi
ii  libdata-ical-pe 0.13+dfsg-1              Perlmodule to generate and read iC
ii  libdbi-perl     1.605-1                  Perl5 database interface by Tim Bu
ii  libdbix-searchb 1.54-1                   Encapsulate SQL queries and rows i
ii  libdevel-stackt 1.1902-1                 Stack trace and stack trace frame 
ii  libemail-addres 1.889-2                  RFC 2822 Address Parsing and Creat
ii  libfcgi-procman 0.18-2                   Functions for managing FastCGI app
ii  libfile-sharedi 0.05-1.2                 Locate per-dist and per-module sha
ii  libgd-graph-per 1.44-3                   Graph Plotting Module for Perl 5
ii  libgd-text-perl 0.86-5                   Text utilities for use with GD
ii  libgnupg-interf 0.36-1                   Perl interface to GnuPG
ii  libgraphviz-per 2.03-2                   Perl interface to the GraphViz gra
ii  libhtml-mason-p 1:1.39-1                 HTML::Mason Perl module
ii  libhtml-parser- 3.56-1+lenny1            A collection of modules that parse
ii  libhtml-rewrite 0.03-1                   concise attribute rewriting
ii  libhtml-scrubbe 0.08-4                   Perl extension for scrubbing/sanit
ii  libipc-run-safe 0.02-1                   Use IPC::Run and IPC::Run3 safely
ii  libjs-prototype 1.6.0.2-4                JavaScript Framework for dynamic w
ii  libjs-scriptacu 1.8.1-5                  JavaScript library for dynamic web
ii  liblocale-maket 0.02-3                   Maketext from already interpolated
ii  liblocale-maket 0.66-1                   Lexicon-handling backends for "Loc
ii  liblog-dispatch 2.18-1                   Dispatches messages to multiple Lo
ii  libmailtools-pe 2.03-1                   Manipulate email in perl programs
ii  libmime-tools-p 5.427-1                  Perl5 modules for MIME-compliant m
ii  libmime-types-p 1.24-1                   Perl extension for determining MIM
ii  libmodule-versi 1.05-1                   Report versions of all modules in 
ii  libperlio-eol-p 0.14-1+b1                PerlIO layer for normalizing line 
ii  libregexp-commo 2.122-1                  Provide commonly requested regular
ii  libtext-autofor 1.14.0-1                 Perl module for automatic text wra
ii  libtext-quoted- 2.05-2                   Extract the structure of a quoted 
ii  libtext-templat 1.44-1.2                 Text::Template perl module
ii  libtext-wikifor 0.78-1                   translates Wiki formatted text int
ii  libtext-wrapper 1.02-1                   Simple word wrapping routine
ii  libtime-modules 2006.0814-2              Various Perl modules for time/date
ii  libtimedate-per 1.1600-9                 Time and date functions for Perl
ii  libtree-simple- 1.18-1                   A simple tree object
ii  libuniversal-re 0.11-1                   Load modules from a variable
ii  libxml-rss-perl 1.33-1                   Perl module for managing RSS (RDF 
ii  libxml-simple-p 2.18-1                   Perl module for reading and writin
ii  perl [libdigest 5.10.0-19lenny3          Larry Wall's Practical Extraction 
ii  perl-modules [l 5.10.0-19lenny3          Core Perl modules
ii  postfix [mail-t 2.5.5-1.1                High-performance mail transport ag
ii  rsyslog [system 3.18.6-4                 enhanced multi-threaded syslogd
ii  rt3.8-apache2   3.8.8-7+squeeze1~bpo50+1 Apache 2 specific files for reques
ii  rt3.8-clients   3.8.8-7+squeeze1~bpo50+1 mail gateway and command-line inte
ii  rt3.8-db-postgr 3.8.8-7+squeeze1~bpo50+1 PostgreSQL database backend for re
ii  ucf             3.0016                   Update Configuration File: preserv

Versions of packages request-tracker3.8 recommends:
pn  cron-daemon           <none>             (no description available)
ii  libdatetime-locale-pe 1:0.44-1           Perl extension providing localizat
ii  libdatetime-perl      2:0.6100-2~bpo50+1 module for manipulating dates, tim
ii  speedy-cgi-perl       2.22-10            speed up perl scripts by making th

Versions of packages request-tracker3.8 suggests:
ii  rt3.8-rtfm                    2.4.2-2    FAQ Manager for Request Tracker 3.

-- debconf information:
* request-tracker3.8/organization: koumbit.org
  request-tracker3.8/pgsql/no-empty-passwords:
  request-tracker3.8/pgsql/authmethod-user: password
* request-tracker3.8/handle-siteconfig-permissions: true
  request-tracker3.8/install-error: abort
* request-tracker3.8/correspondaddress: rt at rt.koumbit.net
  request-tracker3.8/dbconfig-remove:
  request-tracker3.8/mysql/method: unix socket
  request-tracker3.8/install-cronjobs:
  request-tracker3.8/upgrade-error: abort
  request-tracker3.8/mysql/admin-user: root
  request-tracker3.8/remote/port:
  request-tracker3.8/dbconfig-reinstall: false
  request-tracker3.8/db/dbname: rtdb
  request-tracker3.8/pgsql/changeconf: false
  request-tracker3.8/dbconfig-upgrade: true
  request-tracker3.8/missing-db-package-error: abort
  request-tracker3.8/pgsql/method: unix socket
* request-tracker3.8/dbconfig-install: false
  request-tracker3.8/purge: false
  request-tracker3.8/pgsql/authmethod-admin: ident
  request-tracker3.8/pgsql/manualconf:
* request-tracker3.8/webpath: /rt
  request-tracker3.8/remove-error: abort
  request-tracker3.8/upgrade-backup: true
  request-tracker3.8/warn-sqlite-file:
  request-tracker3.8/db/basepath:
  request-tracker3.8/internal/skip-preseed: true
  request-tracker3.8/remote/newhost:
  request-tracker3.8/pgsql/admin-user: postgres
  request-tracker3.8/db/app-user: rtuser
* request-tracker3.8/webbaseurl: https://rt.koumbit.net
  request-tracker3.8/remote/host:
* request-tracker3.8/rtname: Koumbit
  request-tracker3.8/internal/reconfiguring: false
* request-tracker3.8/commentaddress: rt-comment at rt.koumbit.net
  request-tracker3.8/passwords-do-not-match:
  request-tracker3.8/database-type: pgsql





More information about the pkg-request-tracker-maintainers mailing list