Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-77836

The AntiSamy package (1.6.8-atlassian-5 to 1.6.8-atlassian-10) has a slow memory leak, which eventually impacts Jira performance

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 9.12.12, 9.17.1
    • 9.12.8, 9.12.9, 9.12.10, 9.12.11, 9.15.2, 9.16.1
    • Dashboard & Gadgets
    • None
    • 9.12
    • 19
    • Severity 2 - Major
    • 64
    • Hide
      Atlassian Update – 28 June 2024

      Dear Customers,
      We're happy to announce that this issue is fixed in 9.12.12 and 9.17.1 releases. Learn more about the release

      Best regards,
      Grzegorz Kuliński
      Jira DC Software Engineer

      Show
      Atlassian Update – 28 June 2024 Dear Customers, We're happy to announce that this issue is fixed in 9.12.12 and 9.17.1 releases. Learn more about the release Best regards, Grzegorz Kuliński Jira DC Software Engineer

      Issue Summary

      Somewhere around antisamy-1.6.8-atlassian-5, a bug was introduced which causes a slow but gradual rise in heap usage. Once the heap is near to exhaustion, full GC pauses and even OutOfMemoryErrors (OOM) can occur as a result.

      This is reproducible on Data Center: yes

      Steps to Reproduce

      1. Install an impacted version of Jira (9.12.8. or higher)
      2. Load some content (which uses Activity Streams like dashboard) 
      3. Monitor GC logs over time to observe the slow but persistent rise in heap usage

      Expected Results

      Heap usage should remain fairly static over time

      Actual Results

      Heap usage slowly rises, often leading to full GC and then OutOfMemoryErrors (OOM), especially on smaller heaps (ie. less than 4GB)

      Heap dumps will show that the the DOM parser for AntiSamy grows bigger and bigger, with all DOM elements added to an internal list that are never cleared.

      Workaround

      Restart Jira if heap usage rises too high towards Xmx. The frequency with which restarts are required will depend on heap size and the level of activity on your instance.

        1. AntiSamyDOMScanner-heapdump.png
          AntiSamyDOMScanner-heapdump.png
          181 kB

              00379afc8394 Grzegorz Kuliński (Inactive)
              556084c56f12 Rinish
              Votes:
              10 Vote for this issue
              Watchers:
              26 Start watching this issue

                Created:
                Updated:
                Resolved: