Monterey 12.0 appproxy network down with dns duration test

By the way, is there any feedback on the shrink down project I shared? Any luck to reproduce the issue?

The issue was reproduced and it is being investigated further, but there is no update or timeline on when a fix will become available.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Thanks Matt for the confirmation.

Tested with the latest Monterey Beta 12.1 and still see the two issues.

1. Memory leak when doing only piping through.

The leak can be >100MB for over night by only piping through udp traffic. This is resolvable by killing the system extension process. 1pkill -9 $(pgrep com.familyzone.macappproxy.fzmacappproxy)

1. Network stack crash after 2~3 hours with below error problem from kernel.

1[C24189 IPv4#334f7330:53 failed socket-flow (satisfied (Path is satisfied), interface: en0, ipv4, dns)] event: flow:failed_connect @0.079s, error Can't assign requested address 2nslookup: isc_socket_bind: address not available This is not recoverable even by uninstalling the system extension.

Can you help double confirm you got both reproduced with the code I shared?

We have at the moment some customers asking whether they could use Monterey with our software as there are some releases already available. But based on current test result, it is still not safe to use.

Thanks in advance for any suggestion.

Regards Richard

Tested with the latest Monterey Beta 12.1 and still see the two issues. We have at the moment some customers asking whether they could use Monterey with our software as there are some releases already available. But based on current test result, it is still not safe to use.

I would update your bug report with the latest information that you have. Unfortunately I do not have any further information on when a fix will be made available.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Please test this on the latest macOS Beta (21D5025f) to see if it has an impact. Please report the results of your test on the bug.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

Tested with the latest Monterey beta 12.2, same issue is still there: after a couple of hours dns request piping through appproxy, no more network anymore.

nslookup: isc_socket_bind: address not available
...

[C278 IPv4#4aea03a5:53 failed channel-flow (satisfied (Path is satisfied), interface: en0, ipv4, dns)] event: flow:failed_connect @0.004s, error Can't assign requested address

Hi there,

As confirmed with the latest Monterey Beta 12.2 with build number 21D5025f, this issue remains the same. And I believe I have provided the sysdiagnose as well as the minimum project to reproduce the issue (network crash + memory leak with dns request loop).

Now that it becomes critical for us since more and more customers are asking when can they use our product based on Monterey. We do need your assistance to speed up the investigation and a clear roadmap for a solution.

Thanks in advance for any suggestion.

Richard

Thanks a lot for this suggestion: by using netstat -vnp udp | wc -l, it is obvious the difference between BigSur and Monterey. On Monterey, the return value keeps increasing when doing dns request loop from < 100 all the way to thousands; while on BigSur, it is steady at around 46~48! That was tested with the same set of code (same installer of our software)

Obviously, there should be something wrong in terms of udp socket close missing with Monterey.

Just upgraded to the latest Beta 12.2 beta 2. From a brief test so far, netstat -vpn udp |wc -l returns back constant value which was never before on Monterey! Will let it go for overnight running this dns request... The Build number of Monterey is: 21D5039d

After overnight, netstat -vpn udp |wc -l is 55 which is good: socket leak seems fixed. Concerning app proxy memory leak, seems also fixed: after overnight dns pooling test, it is 11MB, same as its start value.I will go on with dns proxy test for the same.