On Thu, Apr 07, 2016 at 02:25:32PM +0200, Lukas Tribus wrote: > Hi, > > Am 05.04.2016 um 10:17 schrieb Nenad Merdanovic: > > > >I am not sure, as I haven't even be able to reliably reproduce it on 1.5 > >(though we are running with some backports from 1.6) as it seems to be > >traffic-pattern related. On one workload I exhibit instant and constant > >jump in CPU usage (from 40% to 80-100%, about 50:50 sys:usr), but on > >other, there are just some very short spikes to 100%. > > I've played around with an unscientific testcase (single session, large 10MB > response), perf > and ltrace, and while the number of SSL_Write calls are the same, OpenSSL > seems to > be doing more low level stuff in functions like _x86_DES_encrypt and > _x86_DES_decrypt. > > So this commit does make OpenSSL uncomfortable in some way, although it is > probably > not related to the number of SSL_write calls. > > Not sure if this is helpful.
It definitely is, as any piece of information we can find around this. I was wondering whether there was something in relation with the max TLS record size maybe. The other possibility would be that the fix uncovered another bug which was hidden by this fix. Unfortunately for now I failed to find which one by just reading the code, and I still couldn't find any way to reproduce the issue to try to analyze it deeper :-( Cheers, Willy
