[squid-users] SSL bump memory leak

Amos Jeffries squid3 at treenet.co.nz
Tue Feb 23 21:28:40 UTC 2016


On 24/02/2016 10:08 a.m., Steve Hill wrote:
> On 23/02/16 17:30, Amos Jeffries wrote:
> 
>> And a leak (real or pseudo) means they are still hanging around in
>> memory for some reason other than cert-cache references (being in the
>> cache by definition is not-leaking). For example as part of active TLS
>> sessions when the core was produced.
> 
> Seems pretty unlikely that there were over 130 thousand active TLS
> sessions in just one of 2 worker threads at the time the core was generated.
> 
> I'm seeing Squid processes continually increase to many gigabytes in
> size before I have to restart them to avoid the servers ending up deep
> in swap.  If this was just things held during "active sessions" I would
> expect to see the memory freed up again over night when there isn't much
> traffic - I see no such reduction in memory usage.
> 

Ah, you said "a small number" of wiki cert strings with those details. I
took that as meaning a small number of definitely squid generated ones
amidst the 130K indeterminate ones leaking.

Amos



More information about the squid-users mailing list