We are still chasing this one down but made a major breakthrough. The leak
is related to squid in intercept mode + SSL decryption + origin with
invalid certs. In our case, the majority of the cases were related to
Windows Update and Windows Defender domains, so a stopgap solution is to
bypass decry
Hi Hamilton, thanks for helping!
I wish I could provide this log while squid is crashing, but there
have been no incidents since wednesday. From what I've heard, the RAM
on that server's VM has been increased to 32GB.
Anyway, here is the squidclient mgr:mem log output. I hope it can be helpful.
Hi Gustavo,
I'm seeing the same thing. I could narrow down (but can't say with 100%
confidence) to the code that does certificate verification when configured
for SSL decryption. What is the output of squidclient mgr:mem for you? Do
you see unexplainably high counts for in-use objects like HttpReq
