Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory leaks on the Xray-client on Windows 11 using Xray 1.8.17 and xjasonlyu/tun2socks 2.5.2 (wintun 0.14.1) #3714

Closed
3 tasks done
tw0ch opened this issue Aug 21, 2024 · 5 comments
Closed
3 tasks done

Memory leaks on the Xray-client on Windows 11 using Xray 1.8.17 and xjasonlyu/tun2socks 2.5.2 (wintun 0.14.1) #3714

tw0ch opened this issue Aug 21, 2024 · 5 comments

Comments

@tw0ch
Copy link

tw0ch commented Aug 21, 2024
edited
Loading

Integrity requirements

  • I confirm that I have read the documentation, understand the meaning of all the configuration items I wrote, and did not pile up seemingly useful options or default values.
  • I provided the complete config and logs, rather than just providing the truncated parts based on my own judgment.
  • I searched issues and did not find any similar issues.

Version

1.8.17

Description

I am faced with the problem of large memory leaks when using the Xray-client with xjasonlyu/tun2socks (for local socks proxy) on Windows 11, here is my Xray config:

Xray-client config.json
{
  "dns": {
    "disableCache": true,
    "hosts": {
      "one.one.one.one": [
        "1.1.1.1"
      ]
    },
    "queryStrategy": "UseIPv4",
    "servers": [
      {
        "address": "https://one.one.one.one/dns-query"
      },
      {
        "address": "https+local://dns.quad9.net/dns-query",
        "domains": [
          "regexp:\\.ru$",
          "geosite:category-gov-ru",
          "geosite:yandex",
          "geosite:mailru"
        ]
      },
      "1.1.1.1"
    ]
  },
  "inbounds": [
    {
      "listen": "127.0.0.1",
      "port": 10808,
      "protocol": "socks",
      "settings": {
        "auth": "noauth",
        "udp": true,
        "userLevel": 8
      },
      "sniffing": {
        "destOverride": [
          "http",
          "tls"
        ],
        "enabled": true
      },
      "tag": "socks"
    },
    {
      "listen": "127.0.0.1",
      "port": 10809,
      "protocol": "http",
      "settings": {
        "userLevel": 8
      },
      "tag": "http"
    }
  ],
  "log": {
    "dnsLog": true,
    "loglevel": "debug"
  },
  "outbounds": [
    {
      "mux": {
        "concurrency": 8,
        "enabled": false
      },
      "protocol": "vless",
      "settings": {
        "vnext": [
          {
            "address": "my-server-address",
            "port": 443,
            "users": [
              {
                "encryption": "none",
                "flow": "xtls-rprx-vision",
                "id": "my-server-id",
                "level": 8,
                "security": "auto"
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "tcp",
        "realitySettings": {
          "allowInsecure": false,
          "fingerprint": "chrome",
          "publicKey": "my-server-key",
          "serverName": "my-server-name",
          "shortId": "my-server-short-id",
          "show": false,
          "spiderX": ""
        },
        "security": "reality",
        "tcpSettings": {
          "header": {
            "type": "none"
          }
        }
      },
      "tag": "proxy"
    },
    {
      "protocol": "freedom",
      "settings": {},
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "settings": {
        "response": {
          "type": "http"
        }
      },
      "tag": "block"
    }
  ],
  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": [
      {
        "ip": [
          "1.1.1.1"
        ],
        "outboundTag": "proxy",
        "port": "53",
        "type": "field"
      },
      {
        "inboundTag": [
          "dnsQuery"
        ],
        "outboundTag": "proxy",
        "type": "field"
      },
      {
        "outboundTag": "dnsOut",
        "port": "53",
        "type": "field"
      },
      {
        "ip": [
          "1.1.1.1"
        ],
        "outboundTag": "proxy",
        "type": "field"
      },
      {
        "outboundTag": "block",
        "protocol": [
          "bittorrent"
        ],
        "type": "field"
      },
      {
        "ip": [
          "geoip:ru"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "ip": [
          "geoip:private"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "regexp:\\.ru$"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "geosite:category-gov-ru"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "geosite:yandex"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "geosite:mailru"
        ],
        "outboundTag": "direct",
        "type": "field"
      }
    ]
  }
}

Leaks reaches 1GB+ on Xray.exe and 2GB+ on Tun2socks.exe

xray-memory-leak
tun2socks-memory-leak

I guess that the problems may be due to these rules:

{
  "protocol": "freedom",
  "settings": {},
  "tag": "direct"
},
{
  "protocol": "blackhole",
  "settings": {
    "response": {
      "type": "http"
    }
  },
  "tag": "block"
}

But I also assume that my virtual adapter is being created incorrectly in some way and traffic just starts to overflow the Tun2socks and Xray stacks. Maybe someone can provide me with other tools for local socks-proxying to the xray-client (at 127.0.0.1:10808) I will be very grateful!

Tun2socks-logs 

[Tun2socks] time="2024-08-16T10:48:56+03:00" level=warning msg="[UDP] dial "server-ip": connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: bind: An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full."
[Tun2socks] time="2024-08-16T10:48:58+03:00" level=warning msg="[UDP] dial "server-ip": connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."

Links to external utilities:
xjasonlyu/tun2socks 2.5.2: https://github.com/xjasonlyu/tun2socks/releases/tag/v2.5.2
wintun 0.14.1: https://github.com/WireGuard/wintun

Reproduction Method

  1. Adapt the Xray-config file to your server.

  2. In cmd run Xray-core as admin with config from the description :

.\xray.exe
  1. In another cmd run Tun2socks as admin:
.\tun2socks.exe -device tun-device -proxy 127.0.0.1:10808
  1. In another cmd configure the virtual adapter:
netsh interface ip set address name=tun-device addr=10.0.236.10 source=static mask=255.255.255.0 gateway=none
  1. Set DNS from the xray-config for tun-device:
netsh interface ip set dns name=tun-device static (dns-ip-address, ex: 1.1.1.1)
  1. Adding routes to the local DNS table:
route add (xray-server-ip, ex: 172.210.11.100) mask 255.255.255.255 (windows-default-gateway-ip, ex: 192.168.0.1)

route add 0.0.0.0 mask 0.0.0.0 10.0.236.10

Client config

Xray-client config.json
{
  "dns": {
    "disableCache": true,
    "hosts": {
      "one.one.one.one": [
        "1.1.1.1"
      ]
    },
    "queryStrategy": "UseIPv4",
    "servers": [
      {
        "address": "https://one.one.one.one/dns-query"
      },
      {
        "address": "https+local://dns.quad9.net/dns-query",
        "domains": [
          "regexp:\\.ru$",
          "geosite:category-gov-ru",
          "geosite:yandex",
          "geosite:mailru"
        ]
      },
      "1.1.1.1"
    ]
  },
  "inbounds": [
    {
      "listen": "127.0.0.1",
      "port": 10808,
      "protocol": "socks",
      "settings": {
        "auth": "noauth",
        "udp": true,
        "userLevel": 8
      },
      "sniffing": {
        "destOverride": [
          "http",
          "tls"
        ],
        "enabled": true
      },
      "tag": "socks"
    },
    {
      "listen": "127.0.0.1",
      "port": 10809,
      "protocol": "http",
      "settings": {
        "userLevel": 8
      },
      "tag": "http"
    }
  ],
  "log": {
    "dnsLog": true,
    "loglevel": "debug"
  },
  "outbounds": [
    {
      "mux": {
        "concurrency": 8,
        "enabled": false
      },
      "protocol": "vless",
      "settings": {
        "vnext": [
          {
            "address": "my-server-address",
            "port": 443,
            "users": [
              {
                "encryption": "none",
                "flow": "xtls-rprx-vision",
                "id": "my-server-id",
                "level": 8,
                "security": "auto"
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "tcp",
        "realitySettings": {
          "allowInsecure": false,
          "fingerprint": "chrome",
          "publicKey": "my-server-key",
          "serverName": "my-server-name",
          "shortId": "my-server-short-id",
          "show": false,
          "spiderX": ""
        },
        "security": "reality",
        "tcpSettings": {
          "header": {
            "type": "none"
          }
        }
      },
      "tag": "proxy"
    },
    {
      "protocol": "freedom",
      "settings": {},
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "settings": {
        "response": {
          "type": "http"
        }
      },
      "tag": "block"
    }
  ],
  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": [
      {
        "ip": [
          "1.1.1.1"
        ],
        "outboundTag": "proxy",
        "port": "53",
        "type": "field"
      },
      {
        "inboundTag": [
          "dnsQuery"
        ],
        "outboundTag": "proxy",
        "type": "field"
      },
      {
        "outboundTag": "dnsOut",
        "port": "53",
        "type": "field"
      },
      {
        "ip": [
          "1.1.1.1"
        ],
        "outboundTag": "proxy",
        "type": "field"
      },
      {
        "outboundTag": "block",
        "protocol": [
          "bittorrent"
        ],
        "type": "field"
      },
      {
        "ip": [
          "geoip:ru"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "ip": [
          "geoip:private"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "regexp:\\.ru$"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "geosite:category-gov-ru"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "geosite:yandex"
        ],
        "outboundTag": "direct",
        "type": "field"
      },
      {
        "domain": [
          "geosite:mailru"
        ],
        "outboundTag": "direct",
        "type": "field"
      }
    ]
  }
}

Server config


-

Client log

Tun2socks-logs 

[Tun2socks] time="2024-08-16T10:48:56+03:00" level=warning msg="[UDP] dial "server-ip": connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: bind: An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full."
[Tun2socks] time="2024-08-16T10:48:58+03:00" level=warning msg="[UDP] dial "server-ip": connect to 127.0.0.1:10808: dial tcp 127.0.0.1:10808: connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."

Server log


-
@mmmray
Copy link
Collaborator

mmmray commented Aug 21, 2024

This is a thorough report but there are a lot of moving parts. I suggest to find and eliminate some components that are not necessary to reproduce this issue.

  1. if you remove all routing and outbounds in xray and replace them with freedom, does this leak still occur?
  2. if you swap out tun2socks with another tun2socks implementation, or instead set xray as system proxy, does the leak still occur?
  3. if you restart tun2socks, does the memory usage of xray also reset? and if you restart xray, does the memory usage of tun2socks reset?

I also see that you have filed the same issue against tun2socks itself: xjasonlyu/tun2socks#390 -- it's usually more efficient to keep conversation in one place, it saves developer's time.

@Fangliding
Copy link
Member

Fangliding commented Aug 21, 2024
edited
Loading

Perhaps some parts of the configuration caused the loop, such as the freedom outbound mentioned try removing it
and

    "response": {
      "type": "http"
    }

This feature has not been used for a long time, and I don't know if it will have any problems. It's best to remove it as well

@RPRX
Copy link
Member

RPRX commented Aug 23, 2024

v1.8.17 只是一个 pre-release 版本,后续版本修了很多 bug,这里只处理针对最新版本的 issue,或者你要说 v1.8.17 开始才有问题

我不知道上面两位为什么不关掉这个 issue,@Fangliding 我不是早给你说了只处理针对最新版本的 issue 吗

@RPRX RPRX closed this as not planned Won't fix, can't repro, duplicate, stale Aug 23, 2024
@Fangliding
Copy link
Member

v1.8.17 只是一个 pre-release 版本,后续版本修了很多 bug,这里只处理针对最新版本的 issue,或者你要说 v1.8.17 开始才有问题

我不知道上面两位为什么不关掉这个 issue,@Fangliding 我不是早给你说了只处理针对最新版本的 issue 吗

嘛 毕竟这也不像是最近版本可能修复的bug 具体问题具体分析 要是splithttp的问题我肯定第一时间说更新了 不然大概还是一句 still exist 至于这个一眼丁真是freedom给自己左手倒右手倒炸了

@RPRX
Copy link
Member

RPRX commented Aug 23, 2024

@Fangliding 能不能麻利点更新 issue 模板

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Fangliding @RPRX @tw0ch @mmmray