Bug ID 448327: Aborting a connection with a suspended DNS iRule may leak memory

Last Modified: Feb 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP GTM, LTM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4

Fixed In:
11.6.0, 11.5.1 HF5, 11.5.0 HF1, 11.4.1 HF4, 11.2.1 HF11

Opened: Feb 08, 2014
Severity: 2-Critical
Related AskF5 Article:
K15718

Symptoms

Aborted connections with suspended DNS iRule may leak memory. libldns memory tag in umem grows indefinitely eventually leading to failover.

Impact

Memory leak (libldns variable in tmm memory_usage_stat)

Conditions

DNS_RESPONSE/DNS_REQUEST with iRule command which suspends and gets the connection aborted (e.g. RESOLV::lookup) because it exceeded the expire timeout for an iRule.

Workaround

Avoid iRule command(s) which suspend in a DNS_REQUEST or DNS_RESPONSE iRule event.

Fix Information

Prevent memory leak when iRule suspends or aborts an DNS command.

Behavior Change