[jira] [Comment Edited] (TS-3554) ATS memory leak reloading ssl_multicert.config with many ssl cert configs

Thu, 23 Apr 2015 12:38:27 -0700 

    [ 
https://issues.apache.org/jira/browse/TS-3554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14509612#comment-14509612
 ] 

Susan Hinrichs edited comment on TS-3554 at 4/23/15 7:37 PM:
-------------------------------------------------------------

There indeed is a leak.  We were missing the release for the 
SSLCertificateConfig in the ticket callback.  I fear that I might have been 
there last to tidy things up.  Replaced the direct acquire/release with a 
scoped pointer to be more defensive against such ref counting leaks.

I also added a "config" debug tag to print information and config objects are 
set and released.  But James is exactly right that in a high traffic, large 
certificate situation, it may take quite a while before the release happens.  
At a minimum the system hard codes in a minute delay before it releases the 
root count on the old config object.


was (Author: shinrich):
There indeed is a leak.  We were missing the release for the 
SSLCertificateConfig in the ticket callback.  I fear that I might have been 
there last to tidy things up.  Replaced the direct acquire/release with a 
scoped pointer to be more defensive against such ref counting leaks.

I also added a "config" debug tag to print information and config objects are 
set and released.  But James is exactly right that in a high traffic, large 
certificate situation, it make take quite a while before the release happens.  
At a minimum the system hard codes in a minute delay before it releases the 
root count on the old config object.

> ATS memory leak reloading ssl_multicert.config with many ssl cert configs
> -------------------------------------------------------------------------
>
>                 Key: TS-3554
>                 URL: https://issues.apache.org/jira/browse/TS-3554
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: Configuration, Core, SSL
>            Reporter: Steven Feltner
>            Assignee: Susan Hinrichs
>             Fix For: 6.0.0
>
>
> ATS will consume all available memory on a server with 128GB of RAM.  
> @shinrich suspects it may be due to CertLookup table not being freed on a 
> config reload.
> Our current process:
> - New cert comes in
> - ssl_multicert.config and remap.config updated
> - traffic_line -x
> This reload could occur as often as every 3 mins with 5000+ certs configured.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to