Bug ID 741535: Memory leak when using SAML or Form-based Client-initiated SSO

Last Modified: Oct 29, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1

Fixed In:
14.1.0, 13.1.3

Opened: Aug 23, 2018
Severity: 2-Critical

Symptoms

With SAML or Form-based Client-initiated SSO configured, BIG-IP system memory usage increases with every HTTP request that is proxied to the backend. The type of memory that increases is tmjail. You can view memory usage using the following command: tmsh sys show memory. At some point, the BIG-IP system enables connection evictions in order to reduce the memory pressure, which causes service disruptions. You might see the following warning log messages. -- warning tmm[20537]: 011e0002:4: sweeper_segment_cb_any: Aggressive mode /Common/default-eviction-policy activated (0) (global memory). -- warning tmm1[20537]: 01010290:4: TCP: Memory pressure activated. -- err tmm1[20537]: 011e0003:3: Aggressive mode sweeper: /Common/default-eviction-policy (100000000000b) (global memory) 413 Connections killed.

Impact

Potential service disruption.

Conditions

SAML or Form-based Client-initiated SSO is used.

Workaround

No workaround other than not using SAML or Form-based Client-initiated SSO.

Fix Information

The memory leak associated with SAML or Form-based Client-initiated SSO no longer occurs.

Behavior Change