Description | This article describes how to detect and resolve a wad memory leak in object ssl.fts.str.fstr_buffer_bytes. |
Scope | FortiOS 7.0.8, 7.0.9. |
Solution |
The wad process has a memory leak on FortiOS 7.0.8 and 7.0.9 in the object ssl.fts.str.fstr_buffer_bytes. The issue occurs when processing SSL/TLS traffic.
To confirm the device is matching this issue run show the memory usage of the user space processes:
# diagnose sys top-mem 99
Here the WAD process with the process ID (PID) 17503 allocated about 1200 MB.
Verify these wad processes are of type worker with commands:
# diagnose debug reset
Confirm the wad workers leaks memory in object ssl.fts.str.fstr_buffer_bytes:
# diagnose wad stats worker | grep fstr_buffer
Repeat the steps from above periodically to observe if memory increases i.e. after 30 minutes.
Workaround:As a quick workaround, the wad processes can be restarted with the command:
# diag test app wad 99
This can be automated via the 'config system auto-script' feature.
Solution:The solution is to upgrade to FortiOS versions 7.0.10, 7.2.4, or above. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.