* Stephan A. Rickauer <[EMAIL PROTECTED]> [2008-07-14 17:27]: > On Mon, 2008-07-14 at 14:22 +0200, Henning Brauer wrote: > > perfect analysis! > > > > looks like the only sane thing to do in that case is to bail and not > > send the icmp. > > I've compiled a new kernel with the patch. The machine is no longer > crashing on pf_send_icmp(). However, I now see memory leaking until the > machine locks up (it doesn't crash but its network becomes unusable). > Unfortunately, it then also puts all CARP interfaces in MASTER state, > though the other node works perfectly as master already. This will, of > course, knock down our entire network until I manually put down the carp > interfaces. > > I have increased kern.maxclusters to gain more time for debugging of the > memory leak. However, all I could find out so far is that lots of mbufs > are allocated while there is no significant traffic to be handled > (remember the machine is the CARP backup). The machine crashes within 15 > minutes after reboot.
ok that is weird. icmp_error as called in pf_send_icmp does not m_free anything but the passed mbuf, and we now just bail if tghe allocation of it fails. so i have a hard time seeing this as related... might be something completely different. and finding mbuf leaks tends to be damn hard and following a lot of code... -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
