From owner-freebsd-bugs@freebsd.org Fri Feb 5 21:46:36 2021 Return-Path: Delivered-To: freebsd-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DE78A52B1A4 for ; Fri, 5 Feb 2021 21:46:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DXTWw5nlLz4bgL for ; Fri, 5 Feb 2021 21:46:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id C6C9252AFD5; Fri, 5 Feb 2021 21:46:36 +0000 (UTC) Delivered-To: bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C692552B1A3 for ; Fri, 5 Feb 2021 21:46:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DXTWw5BdGz4bM3 for ; Fri, 5 Feb 2021 21:46:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A568725F23 for ; Fri, 5 Feb 2021 21:46:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 115LkaKQ024946 for ; Fri, 5 Feb 2021 21:46:36 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 115LkaKS024945 for bugs@FreeBSD.org; Fri, 5 Feb 2021 21:46:36 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 253281] enabling ktls leads to severe kernel memory leak Date: Fri, 05 Feb 2021 21:46:36 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: weiss@uni-mainz.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Feb 2021 21:46:36 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253281 Bug ID: 253281 Summary: enabling ktls leads to severe kernel memory leak Product: Base System Version: 13.0-STABLE Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: weiss@uni-mainz.de Created attachment 222192 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D222192&action= =3Dedit dmesg.boot System: 13.0-ALPHA3 on amd64=20 lagg with two ix 10 gigabit ethernet adaptors ktls_intel-isa-l crypto software crypto nginx-lite as caching reverse proxy between client and web server on different machines, both client - proxy and proxy - web server connections over tls with ktls enabled (kern.ipc.tls.enable=3D1) kernel memory disappears within= 1 hour. processes get killed by oom condition, system must be booted to get back to normal - terminating nginx is not enough top: Fri Feb 5 00:07:47 CET 2021 last pid: 6283; load averages: 6.01, 4.65, 3.73 up 0+00:17:18 00:0= 7:47 52 processes: 2 running, 50 sleeping CPU: 4.6% user, 0.0% nice, 15.1% system, 0.1% interrupt, 80.2% idle Mem: 1850M Active, 16G Inact, 2300K Laundry, 30G Wired, 10G Free ARC: 27G Total, 5669M MFU, 20G MRU, 682M Anon, 118M Header, 612M Other 24G Compressed, 28G Uncompressed, 1.16:1 Ratio Swap: 16G Total, 13M Used, 16G Free top: Fri Feb 5 01:03:11 CET 2021 last pid: 6460; load averages: 4.51, 5.62, 5.83 up 0+01:12:42 01:0= 3:11 54 processes: 4 running, 50 sleeping CPU: 2.9% user, 0.0% nice, 15.1% system, 0.1% interrupt, 81.9% idle Mem: 7560K Active, 5204K Inact, 4314M Wired, 248M Free ARC: 2060M Total, 156M MFU, 891M MRU, 468K Anon, 19M Header, 993M Other 166M Compressed, 936M Uncompressed, 5.62:1 Ratio Swap: 16G Total, 134M Used, 16G Free netstat -m 25011/159/25170 mbufs in use (current/cache/total) 24698/2/24700/4074507 mbuf clusters in use (current/cache/total/max) 0/0 mbuf+clusters out of packet secondary zone in use (current/cache) 0/0/0/2037253 4k (page size) jumbo clusters in use (current/cache/total/max) 0/0/0/603630 9k jumbo clusters in use (current/cache/total/max) 0/0/0/339542 16k jumbo clusters in use (current/cache/total/max) 55648K/43K/55692K bytes allocated to network (current/cache/total) 0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters) 0/0/0 requests for mbufs delayed (mbufs/clusters/mbuf+clusters) 0/0/0 requests for jumbo clusters delayed (4k/9k/16k) 0/0/0 requests for jumbo clusters denied (4k/9k/16k) 100940570 sendfile syscalls 28612821 sendfile syscalls completed without I/O request 72578063 requests for I/O initiated by sendfile 305506031 pages read by sendfile as part of a request 288967671 pages were valid at time of a sendfile request 197618 pages were valid and substituted to bogus page 0 pages were requested for read ahead by applications 377190 pages were read ahead by sendfile 4494 times sendfile encountered an already busy page 0 requests for sfbufs denied 0 requests for sfbufs delayed same setup, with ktls not enabled, nothing bad happens even after 1/2 a day --=20 You are receiving this mail because: You are the assignee for the bug.=