Re: Possible sasyncd memory leak ?

Sat, 09 Mar 2019 03:45:32 -0800 

On Sat, Mar 09, 2019 at 12:10:34PM +0100, Michał Koc wrote:

> W dniu 09.03.2019 o 08:15, Otto Moerbeek pisze:
> > On Fri, Mar 08, 2019 at 12:03:25PM +0100, Michał Koc wrote:
> > 
> > > Hi all,
> > > 
> > > We have a triple redundant vpn gateway setup with sasyncd running and tons
> > > of tunnels, about 1000 flows.
> > > 
> > > Looking at the graph of memory usage, you can clearly see that something 
> > > is
> > > sucking up the memory.
> > > 
> > > The graph can be viewed here: https://pasteboard.co/I4sjzQ8.jpg
> > > 
> > > Looking at the ps, sasyncd shows huge memory consumption:
> > > 
> > > USER         PID       %CPU  %MEM   VSZ          RSS        TT STAT
> > > STARTED       TIME       COMMAND
> > > _isakmpd 33560  0.0       17.0        699264   708508 ?? S
> > > 26Feb19        6:58.81  /usr/sbin/sasyncd
> > > 
> > > It only happens on the master node. Slaves do not show such a behavior.
> > > 
> > > There is nothing about sasyncd in the logs.
> > > 
> > > After sasyncd restart memory consumption is minimal, but tends to grow.
> > > 
> > > Is it normal ? or am I missing something ?
> > > 
> > > Best regards
> > > M.K.
> > > 
> > This is not normal. You could try to run with -vv to see if some error
> > path is taken that triggers a leak.
> > 
> >     -Otto
> > 
> Should I look for something specific ?
> 
> The log grows pretty fast and it looks like it could contain some security
> data which I wouldn't like to post online.
> 
> The statistics of the log(about 2 hours) looks like this:
> carp_init:       1
> config:       7
> monitor_get_pfkey_snap:       4
> monitor_loop:       1
> net:       1
> net_connect:       3
> net_ctl:       4
> net_disconnect_peer:       3
> net_handle_messages:       2
> net_queue:   91780
> net_read:      10
> net_send_messages:   39192
> pfkey_send_flush:       4
> pfkey_snapshot:    6832
> timer_add:      19
> timer_run:      18
> 
> Best regards
> M.K.
> 

Just the counts does not reveal anything. I did a quick audit of the
memory allocation logic of sasyncd and did not spot an error. If you
do not want to post the logs, you'll neeed to analyze them yourself.
This requires matching the log lines to the code and tracking where
stuff gets allocated and deallocated. Some digging could reveal the error.

I used to run sasyncd, but I do no longer. Settig up a test env is
quite some work I do not have time for.

        -Otto

Reply via email to