[tor-bugs] #21312 [Obfuscation/Snowflake]: Memory and file descriptor leaks in programs that use go-webrtc

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Mar 22 03:47:38 UTC 2018 

#21312: Memory and file descriptor leaks in programs that use go-webrtc
-----------------------------------+-------------------------
 Reporter:  arlolra                |          Owner:  arlolra
     Type:  defect                 |         Status:  closed
 Priority:  High                   |      Milestone:
Component:  Obfuscation/Snowflake  |        Version:
 Severity:  Major                  |     Resolution:  fixed
 Keywords:                         |  Actual Points:
Parent ID:                         |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+-------------------------

Comment (by dcf):

 Replying to [comment:59 dcf]:
 > I'm thinking about losing the periodic restarts, and just putting a
 memory ulimit on the processes (just in case).

 I've done this now, removing the periodic restarts. There are still the
 same number of proxies, 3 for the App Engine broker and 3 for the
 standalone broker.

 I first tried limiting the memory using the
 [http://smarden.org/runit/chpst.8.html chpst] program that we're already
 using to change the uid:
 {{{
 exec chpst -u snowflake-proxy -m 419430400 proxy-go
 }}}
 However chpst does not work, it seems due to some bad interaction with
 Cgo. No matter how much memory I give it, it aborts immediately with this
 error:
 {{{
 runtime/cgo: pthread_create failed: Resource temporarily unavailable
 SIGABRT: abort
 PC=0x7f0fe207afcf m=0

 goroutine 0 [idle]:

 goroutine 1 [running]:
 runtime.systemstack_switch()
         /usr/lib/go-1.7/src/runtime/asm_amd64.s:252 fp=0xc42001e768
 sp=0xc42001e760
 runtime.main()
         /usr/lib/go-1.7/src/runtime/proc.go:127 +0x6c fp=0xc42001e7c0
 sp=0xc42001e768
 runtime.goexit()
         /usr/lib/go-1.7/src/runtime/asm_amd64.s:2086 +0x1 fp=0xc42001e7c8
 sp=0xc42001e7c0

 goroutine 17 [syscall, locked to thread]:
 runtime.goexit()
         /usr/lib/go-1.7/src/runtime/asm_amd64.s:2086 +0x1
 }}}

 So instead, I'm just using ulimit like this:
 {{{
 ulimit -v 409600
 exec chpst -u snowflake-proxy proxy-go
 }}}
 I originally gave each process 200 MB. But they were restarting (on
 average once during the 15 minutes I was watching). So I then bumped it up
 to 400 MB. Here are the timestamps:
 ||2018-03-22 03:03:45 ||ulimit to 200 MB ||
 ||2018-03-22 03:19:19 ||ulimit to 400 MB ||

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21312#comment:63>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list