search

secureworks / dcept

A tool for deploying and detecting use of Active Directory honeytokens
https://www.secureworks.com/blog/dcept
GNU General Public License v3.0
498 stars 102 forks source link

High CPU usage (possible deadlock) #6

Open vlakas opened 7 years ago

vlakas commented 7 years ago

High CPU usage has been noticed with dcept in docker (master branch). dcep process consumes 100% of CPU core permanently.

root     22540  0.0  0.0  14776  2168 pts/2    S+   16:36   0:00 grep dcep
root     31237  0.0  0.0 155364 14896 ?        Ssl  Jun28   0:02 /usr/bin/docker start -a dcept
root     31261  0.0  0.0  20076  2812 pts/1    Ss+  Jun28   0:00 /bin/sh -c cron; /opt/dcept/dcept.py
root     31275 99.9  0.1 224028 24728 pts/1    Sl+  Jun28 45392:56 /usr/bin/python /opt/dcept/dcept.py

Here is strace of dcept process (with children).

dcept-deadlock.txt

vlakas commented 7 years ago

Now I'm working on the following commit:

834a523fa0db1ece62abe2f19a15f83735ea7d15