Update to Tomcat 9.0.54. This could be a known security bug that is fixed in this version.
https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.54 Shawn Beard • Sr. Systems Engineer Middleware Engineering [cid:[email protected]] 3840 109th Street , Urbandale , IA 50322 Phone: +1-515-564-2528<tel:+1-515-564-2528> Email: [email protected]<mailto:[email protected]> Website: https://berkleytechnologyservices.com/ [cid:[email protected]] Technology Leadership Unleashing Business Potential -----Original Message----- From: Tim K <[email protected]> Sent: Monday, October 18, 2021 1:07 PM To: Tomcat Users List <[email protected]> Subject: Potential Memory Leak with StandardManager [EXTERNAL] ** CAUTION: External message Running 4 balanced nodes of tomcat 9.0.52 in Linux. While running with production load, memory usage is slowly growing, it does not appear to really drop unless the OS/tomcat is restarted. I did a load test locally with just login actions, did a heap dump, and MAT says: One instance of org.apache.catalina.session.StandardManager loaded by sun.misc.Launcher$AppClassLoader @ 0x9978028 occupies 59,628,760 (57.09%) bytes. The memory is accumulated in one instance of java.util.concurrent.ConcurrentHashMap$Node[], loaded by <system class loader>, which occupies 59,615,224 (57.07%) bytes. My session timeout is set to 15 minutes... I set just a name and userId in the session object in our single application running on these servers. Not sure how else to troubleshoot and/or resolve this from reaching the heap max. Are there settings to change in order to get these sessions removed from heap? Does GC occur out of the box with tomcat or do I need to define that in order for it to happen? Thanks, Tim --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] CONFIDENTIALITY NOTICE: This e-mail and the transmitted documents contain private, privileged and confidential information belonging to the sender. The information therein is solely for the use of the addressee. If your receipt of this transmission has occurred as the result of an error, please immediately notify us so we can arrange for the return of the documents. In such circumstances, you are advised that you may not disclose, copy, distribute or take any other action in reliance on the information transmitted.
