[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #24806 [Core Tor/Tor]: LTS branch leaks memory continuously under stress/attack, requires back-port of 0.3.2.8-rc fixes to remain viable
#24806: LTS branch leaks memory continuously under stress/attack, requires back-
port of 0.3.2.8-rc fixes to remain viable
--------------------------+----------------------------------
Reporter: starlight | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+----------------------------------
Comment (by starlight):
Relay came under attack again and total memory utilization went from 1.6GB
(drifted up from 1.5GB) to 2GB in matter of hours. This is 0.3.2.8-rc I'm
talking about with MaxMemInQueues=1024MB.
Fiddling with it, suspended the daemon for a few minutes to see if that
would shake off attack circuits and unfortunately this resulted in an
immediate socket buffer memory consumption surge and kernel OOPS. So was
unable to try a gdb-assisted shutdown and obtain pre-exit() statistics.
The LSAN build has some problem causing it to trap so no progress on
identifying the exact leak(s). I am now nearly convinced this a memory
leak. Have iptables blocking direct connections from abusive clients, so
it's clearly distributed circuit-extend attack. Two crypto threads were
at 35% CPU each while the main event thread was pegged at 100%.
Also observed an attack on my exit in recent days and it survived, having
16GB of RAM--throwing hardware at it is one mitigation. Don't have time
right now to deploy the replacement for the "temporary," ancient box
swapped in due to a hardware failure last summer, so setting
MaxMemInQueues=512MB and will try again with existing box. Will try to
prepare a functional LSAN image.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24806#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs