[ntp:security] memory leak

Heiko Gerstung heiko.gerstung at meinberg.de
Tue Dec 18 08:26:08 UTC 2007


Danny et al,

I can confirm a memory leak with 4.2.4p4, penetrating it with ntpload at 
33000 req/s results in ~0.5M/s increased memory consumption rate which 
is not freed as it seems. I did not crash it, but this would be the 
result if I just let ntpload do its ugly job :-)

The overall performance is ok:
Host 172.16.3.129: running 8s, 36380.5 req/s, 288649 requests, dly[ms] 
0.171..34.189, offs[ms] -15.650..9.212, ltcy[ms] -0.211..1.495
Host 172.16.3.129: running 9s, 36448.7 req/s, 325250 requests, dly[ms] 
0.171..34.189, offs[ms] -15.650..9.212, ltcy[ms] -0.211..1.495
Host 172.16.3.129: running 10s, 36440.8 req/s, 361774 requests, dly[ms] 
0.170..34.189, offs[ms] -15.650..9.212, ltcy[ms] -0.211..1.495
Host 172.16.3.129: running 11s, 36432.9 req/s, 398332 requests, dly[ms] 
0.170..34.189, offs[ms] -15.650..9.212, ltcy[ms] -0.211..1.495
Host 172.16.3.129: running 12s, 36505.6 req/s, 435055 requests, dly[ms] 
0.170..34.189, offs[ms] -15.650..9.212, ltcy[ms] -0.211..1.495
Host 172.16.3.129: running 13s, 36491.8 req/s, 471682 requests, dly[ms] 
0.170..34.189, offs[ms] -15.650..9.212, ltcy[ms] -0.211..1.495

(50 threads with no pausing between queries, i.e. ntpload sends a 
request as soon as it received the reply of the previous request).

Best Regards,
 Heiko


Danny Mayer schrieb:
> kevin.mcgrath at no.abb.com wrote:
>   
>> Hi
>>
>> We are running NTP on Windows XP Pro SP2.
>> When flooding the NTP service the ntpd process' private bytes usage
>> grows continuously. At some point the service will reach its allocated
>> buffer limit and probably crash. Prior to starting flooding the ntpd
>> process' private bytes usage is at 921k but once flooding commences
>> after a short time interval of 100 seconds the private bytes performance
>> counter is 50 MB. These results apply to both the stable and development
>> codebase. The tested stable version is 4.2.4p4 at 1.1520-modena-o
>> (Meinberg) and the development version is 4.2.5p106.
>>
>> The flooding test tool used is the "IP Stack Integrity Checker" (ISIC)
>> suite at full speed. The purpose of these tests is to understand the
>> impact on the NTP stack to flooding. The ISIC suite is an open source
>> tool, which runs on Linux and is available from
>> http://isic.sourceforge.net. The ISIC version in use is v0.07. The
>> following ISIC syntax can be used to reproduce the above scenario:
>>
>> *udpsic -i ethX -r 1 -s rand -d <ip_addr>,123 -F0 -V0 -I0 -p10000000, *
>>
>> where X is the Ethernet interface number and /123/ is the NTP port number.
>>
>>     
>
> Can you send us details of the error that you are seeing? I will try and
> reproduce this one some of our systems.
>
> Danny
>
>   
>> Kind Regards
>> Geir & Kevin
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> security mailing list
>> security at lists.ntp.org
>> https://lists.ntp.org/mailman/listinfo/security
>>     
>
>   



More information about the security mailing list