Bug ID | 1094333 |
---|---|
Summary | cyrus-sasl-saslauthd looping and huge CPU-usage |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 42.3 |
Hardware | x86-64 |
OS | openSUSE 42.3 |
Status | NEW |
Severity | Critical |
Priority | P5 - None |
Component | Network |
Assignee | bnc-team-screening@forge.provo.novell.com |
Reporter | drobot@hornetsecurity.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 Build Identifier: We are running on all our systems saslauthd.service, this one was installed from the official opensuse-repository[1]. Sometimes, the CPU-usage on all systems is getting higher until our systems reach the critical point of fluent usage and load average of < 200. Please also take a look to the attached strace-output from the hanging process which consumes a huge amount of cpu[3] To workaround this situation, we are monitoring the saslauthd-processes for the CPU-time and after reaching a value of 10, the services gets restarted. >From this point the situation takes a couple of hours to reach this critical point again. Looking for same or similar issues bright us to the cyrus mailing list with the same issue description[2]. As the maintainer wrote, issue was fixed in version 2.1.27. Our analyses shows, that the opensuse cyrus-sasl-saslauthd-package was build from source-package cyrus-sasl-2.1.26.tar.gz. This one was published in 2012. So the issue seems to be still present in the sources. We have invested a lot of time to analyse this issue and have all this results attached to this report to receive hopefully in short time a fixed version of cyrus-sasl-saslauthd. If you need some additional information to this issue, please let me know it. Thank you in advance! Reproducible: Sometimes Steps to Reproduce: 1. start saslauthd.service 2. wait some time (requests are going through the service) 3. system load is going continuously higher 4. look for the saslauthd-processes (ps faxu) pick the pid which CPU-time consumption is higher than 0:00 5. strace on that process is included to this bug report Expected Results: Service is running normally with all treads without huge CPU-usage and resulting impact for the whole system. [1]Package-version: Loading repository data... Reading installed packages... Information for package cyrus-sasl-saslauthd: --------------------------------------------- Repository : openSUSE-42.3-Update Name : cyrus-sasl-saslauthd Version : 2.1.26-14.1 Arch : x86_64 Vendor : openSUSE Installed Size : 133.1 KiB Installed : Yes Status : up-to-date Source package : cyrus-sasl-saslauthd-2.1.26-14.1.src Summary : The SASL Authentication Server Description : This daemon is required when using cyrus-sasl in server software that should authenticate with PAM, for example. [2] Issue on Cyrus-sasl mailing lis: https://lists.andrew.cmu.edu/pipermail/cyrus-sasl/2016-November/002914.html [3] strace output from pid 15542 - see also [4] 15542 select(10, [9], NULL, NULL, {0, 0}) = 1 (in [9], left {0, 0}) 15542 read(9, "", 905) = 0 15542 select(10, [9], NULL, NULL, {0, 0}) = 1 (in [9], left {0, 0}) 15542 read(9, "", 905) = 0 15542 select(10, [9], NULL, NULL, {0, 0}) = 1 (in [9], left {0, 0}) 15542 read(9, "", 905) = 0 [...infinitely...] [4] running process-tree (you can see the increased cpu-time for the looping processes) root 15502 26.7 0.0 54144 2232 ? Rs 19:40 1:03 /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15540 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15542 32.5 0.0 54144 592 ? R 19:40 1:17 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15544 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15547 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15548 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15549 8.6 0.0 54144 592 ? R 19:40 0:20 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15551 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15552 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15553 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15554 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15555 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15558 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15560 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15561 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15562 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15563 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15564 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15565 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 root 15566 0.0 0.0 54144 592 ? S 19:40 0:00 \_ /usr/sbin/saslauthd -a rimap -c -r -O imapauth.server.com -n 20 [5] we are using the following configuration (/etc/sysconfig/saslauthd) SASLAUTHD_AUTHMECH="rimap -c -r -O imapauth.server.com" SASLAUTHD_THREADS=20