-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
antivirus seems to keep files in memory #6803
Comments
It keeps them in memory while scanning. Currently there is no streaming possible from the dataserver. It never stores files on disc. We would need to implement: Just for the records: This is a feature request, not a bug 😄 |
I had a look at @butonic 's configuration and it seems like he did not limit the maximum scansize. But from what I know, his tests never use files larger than 100MB. So even if the antivirus service has this file in memory, it should not need > 600MB of memory. |
Mmh. Codewise it looks fine. Compare antivirus scanning. It holds the response body in memory until the file is scanned, but closes it correctly, even in error cases. Could it be that there are multiple virus scans active at the same time? |
ocis/services/antivirus/pkg/service/service.go Lines 99 to 100 in c9651de
But we don't know what happens inside the icap lib? |
Yes, icap lib could be the baddy. We have already a ticket to replace it: #6764 |
This also sounds as if it could cause severe trouble on big installations. Increasing prio. |
Handled in #6764, thus removing this from the prio list. Sorry for the noise. |
From what I know, these issues are about different problems. Or do you think #6764 will handle it because of discussions to completely replace the icap lib? If so it may make sense to have a new / dedicated ticket for that and link these two tickets only... |
@dragotin you said it has been handled in another ticket, could you please confirm that the high memory usage described in this ticket (#6903) is actually fixed since #6764 is now closed and was about connection closed behavior!? |
@dragotin I re-tested on oCIS 5.0.0-rc.2 an this memory issue still perists. I tried to scan a 500MB file with a memory limit of 200M and 770M on the antivirus service. If that one would do proper streaming it should just work. Please get it fixed to proper streaming. Eg. for the cs3org WOPI server we had a similar issue: cs3org/wopiserver#134 |
this causes the process to be OOMKilled quite frequently in loadtests. maybe because it does not release the memory early enough? maybe because it does not stream the file content? Needs to be investigated.
600Mi memory gets killed, 700Mi seems to work
The text was updated successfully, but these errors were encountered: