-
Bug
-
Resolution: Fixed
-
High
-
9.5.0, 9.2.9, 9.6.0
-
None
-
4
-
Severity 2 - Major
-
15
-
Issue Summary
In Bamboo 9.2.14, customers are experiencing performance issues and high CPU utilisation after running the application for a few days. Further examining the heap dumps we could see that the object org.owasp.validator.html.scan.AntiSamyDOMScanner$CachedItem occupies most of the heap memory. Because of this issue, Bamboo is consuming a lot of memory, and in turn, GC is taking a very long time to complete.
On further checking, in Bamboo 9.2.14, Bamboo has upgraded dependent plugins streams-aggregator-plugin and streams-core-plugin to 9.1.36. Plugins streams-aggregator-plugin and streams-core-plugin are, in turn, dependent on AntiSamy Library which got upgraded to antisamy-1.6.8-atlassian-5.jar This issue appears to be a product of a bug stemming from the version of the AntiSamy library that is used in Bamboo 9.2.14.
Same issue is noticed observed in Confluance as well https://jira.atlassian.com/browse/CONFSERVER-95967
Steps to Reproduce
- After using the Bamboo application over a period of time, heap memory will get piled up and causes the performance issues.
Expected Results
Heap memory should get cleared and should not get piled up along with usage
Actual Results
Heap memory is getting increased over a period of time and causing performance issues.
Workaround
Workaround 1
Restart Bamboo if heap usage rises too high towards Xmx. The frequency with which restarts are required will depend on heap size and the level of activity on your instance.
Workaround 2
- Shutdown Bamboo
- Navigate to <BAMBOO-INSTALL-FOLDER>/atlassian-bamboo/WEB-INF/atlassian-bundled-plugins and move the old version of JAR files streams-spi-9.1.36.jar, streams-api-9.1.36.jar, streams-core-plugin-9.1.36.jar, streams-aggregator-plugin-9.1.36.jar out of Bamboo installation directory and keep it as backup
- Copy the latest version of JAR files streams-spi-9.1.40.jar
streams-core-plugin-9.1.40.jar streams-api-9.1.40.jar streams-aggregator-plugin-9.1.40.jar in the path <BAMBOO-INSTALL-FOLDER>/atlassian-bamboo/WEB-INF/atlassian-bundled-plugins - Start the Bamboo
Workaround 3 for Bamboo 9.2.x
Enable apps upload to UPM by providing system property -Dupm.plugin.upload.enabled=true at setenv.sh/setenv.bat
Install attached streams-spi-9.1.40.jar streams-core-plugin-9.1.40.jar streams-api-9.1.40.jar streams-aggregator-plugin-9.1.40.jar at BAMBOO_URL/plugins/servlet/upm
Remove system property -Dupm.plugin.upload.enabled=true from setenv.sh/setenv.bat
Restart Bamboo instance
Bamboo has slow memory leaks because of AntiSamy package (1.6.8-atlassian-5)
-
-
Resolution: Fixed
-
High
-
9.5.0, 9.2.9, 9.6.0
-
None
-
4
-
Severity 2 - Major
-
15
-
Issue Summary
In Bamboo 9.2.14, customers are experiencing performance issues and high CPU utilisation after running the application for a few days. Further examining the heap dumps we could see that the object org.owasp.validator.html.scan.AntiSamyDOMScanner$CachedItem occupies most of the heap memory. Because of this issue, Bamboo is consuming a lot of memory, and in turn, GC is taking a very long time to complete.
On further checking, in Bamboo 9.2.14, Bamboo has upgraded dependent plugins streams-aggregator-plugin and streams-core-plugin to 9.1.36. Plugins streams-aggregator-plugin and streams-core-plugin are, in turn, dependent on AntiSamy Library which got upgraded to antisamy-1.6.8-atlassian-5.jar This issue appears to be a product of a bug stemming from the version of the AntiSamy library that is used in Bamboo 9.2.14.
Same issue is noticed observed in Confluance as well https://jira.atlassian.com/browse/CONFSERVER-95967
Steps to Reproduce
- After using the Bamboo application over a period of time, heap memory will get piled up and causes the performance issues.
Expected Results
Heap memory should get cleared and should not get piled up along with usage
Actual Results
Heap memory is getting increased over a period of time and causing performance issues.
Workaround
Workaround 1
Restart Bamboo if heap usage rises too high towards Xmx. The frequency with which restarts are required will depend on heap size and the level of activity on your instance.
Workaround 2
- Shutdown Bamboo
- Navigate to <BAMBOO-INSTALL-FOLDER>/atlassian-bamboo/WEB-INF/atlassian-bundled-plugins and move the old version of JAR files streams-spi-9.1.36.jar, streams-api-9.1.36.jar, streams-core-plugin-9.1.36.jar, streams-aggregator-plugin-9.1.36.jar out of Bamboo installation directory and keep it as backup
- Copy the latest version of JAR files streams-spi-9.1.40.jar streams-core-plugin-9.1.40.jar streams-api-9.1.40.jar streams-aggregator-plugin-9.1.40.jar in the path <BAMBOO-INSTALL-FOLDER>/atlassian-bamboo/WEB-INF/atlassian-bundled-plugins
- Start the Bamboo
Workaround 3 for Bamboo 9.2.x
Enable apps upload to UPM by providing system property -Dupm.plugin.upload.enabled=true at setenv.sh/setenv.bat
Install attached streams-spi-9.1.40.jar streams-core-plugin-9.1.40.jar streams-api-9.1.40.jar streams-aggregator-plugin-9.1.40.jar at BAMBOO_URL/plugins/servlet/upm
Remove system property -Dupm.plugin.upload.enabled=true from setenv.sh/setenv.bat
Restart Bamboo instance
-
Alexey Chystoprudov
-
- Votes:
-
3 Vote for this issue
- Watchers:
-
6 Start watching this issue
- Created:
- Updated:
- Resolved: