From owner-svn-src-head@freebsd.org Tue Dec 12 16:12:53 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8E8A3E9D9E6; Tue, 12 Dec 2017 16:12:53 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 2383363E26; Tue, 12 Dec 2017 16:12:52 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBCGCl0A017260 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 17:12:47 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: cem@FreeBSD.org Received: from [10.58.0.4] (dadv@[10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id vBCGChLn042657 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 12 Dec 2017 23:12:43 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: svn commit: r326758 - in head/sys/i386: conf include To: rgrimes@FreeBSD.org, Don Lewis References: <201712121530.vBCFUU2G086785@pdx.rh.CN85.dnsmgr.net> Cc: Alexey Dokuchaev , Konstantin Belousov , svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org, Conrad Meyer From: Eugene Grosbein Message-ID: <5A2FFFFB.4030501@grosbein.net> Date: Tue, 12 Dec 2017 23:12:43 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: <201712121530.vBCFUU2G086785@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 16:12:53 -0000 12.12.2017 22:30, Rodney W. Grimes: >>> Now I run FreeBSD 11/i386 as my home router with IPSEC and torrent >>> client, and I run several virtualized routers with IPSEC tunnels, >>> jabber and mail server, squid and ZFS for src/obj/ports compression >>> and they all easily crash unless kern.kstack_pages raised upto 4. Same >>> for some other my i386 installations having IPSEC tunnels. >> >> IPSEC definitely used to wwith with kstack_pages=2 since I ran that way >> for a number of years. I haven't used IPSEC since I upgraded from >> FreeBSD 8.x to 10.x a while back, so it could be broken now. > > I think this comes as a regression in 10.x or perhaps later. So that > atleast narrows down what has triggered the need for more kernel stack > space. Once again, that's not about IPSEC only that, indeed, had this kind of "regression" with overhaul of its code between 11.0 and 11.1 releases with r315514. It was already polished in stable/11 with later r319118 plus there is https://reviews.freebsd.org/D9721 that introduces new sysctl net.inet.ipsec.use_netisr=1 to convert long path of direct function calls requiring large stack to queuing of outgoing to-be-encrypted traffic using NETISR at cost of some performance penalty when enabled. But many other parts of kernel think it's OK to allocate big arrays or structures on stack.