apm-agent-rum-js icon indicating copy to clipboard operation
apm-agent-rum-js copied to clipboard

Published 20 hours ago verified publisher icon elastic

EncodedBodySize overflow

Open kruskall opened this issue 2 years ago • 2 comments
trafficstars

According to the specification, EncodedBodySize must be a number.

As part of the ops KPI review we've been investigating the following errors in ecs logs:

decode error: data read error: v2.spanRoot.Span: v2.span.Context: v2.spanContext.HTTP: v2.spanContextHTTP.Response: v2.spanContextHTTPResponse.EncodedBodySize: readUint64: overflow, error found in #10 byte of ...|":184467440737095520|..., bigger context ...|:{"transfer_size":299,"encoded_body_size":18446744073709552000,"decoded_body_size":0}},"destination"|..

decode error: data read error: v2.transactionRoot.Transaction: v2.transaction.Context: v2.context.Response: v2.contextResponse.EncodedBodySize: readUint64: overflow, error found in #10 byte of ...|":184467440737095520|..., bigger context ...|:{"transfer_size":299,"encoded_body_size":18446744073709552000,"decoded_body_size":0}},"marks":{"age|...

It seems 18446744073709552000 is bigger than the maximum int64, thus not a valid value for the encoded body size, making the ingestion fail in apm-server.

kruskall avatar Aug 03 '23 13:08 kruskall

Hi @kruskall,

Thanks for raising this!

I have a few questions:

  • Do we know the number of occurrences of this error?
  • Is this related to any SDH?

I'm asking those questions to know the level of priority we should assign to it

Cheers, Alberto

devcorpio avatar Aug 03 '23 14:08 devcorpio

Thanks for the quick response!

Do we know the number of occurrences of this error?

~300k hit last week, happening on several clusters

Is this related to any SDH?

Not that I'm aware

kruskall avatar Aug 03 '23 14:08 kruskall