Description | This article describes how to detect and resolve a wad memory leak in object ssl.fts.str.fstr_buffer_bytes. |
Scope | FortiOS 7.0.8, 7.0.9. |
Solution |
The wad process has a memory leak on FortiOS 7.0.8 and 7.0.9 in the object ssl.fts.str.fstr_buffer_bytes. The issue occurs when processing SSL/TLS traffic.
To confirm the device is matching this issue run show the memory usage of the user space processes:
# diagnose sys top-mem 99
Here the WAD process with the process ID (PID) 17503 allocated about 1200 MB.
Verify these wad processes are of type worker with commands:
# diagnose debug reset
Confirm the wad workers leaks memory in object ssl.fts.str.fstr_buffer_bytes:
# diagnose wad stats worker | grep fstr_buffer
Repeat the steps from above periodically to observe if memory increases i.e. after 30 minutes.
Workaround:As a quick workaround, the wad processes can be restarted with the command:
# diag test app wad 99
This can be automated via the 'config system auto-script' feature.
Solution:The solution is to upgrade to FortiOS versions 7.0.10, 7.2.4, or above. |