Re: pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable

Reply: Kristof Provost: "Re: pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable"
In reply to: Kristof Provost: "Re: pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Thomas Steen Rasmussen via freebsd-pf <freebsd-pf_at_freebsd.org>
Date: Mon, 28 Jun 2021 11:49:16 UTC

On 6/28/21 1:07 PM, Kristof Provost wrote:
> On 26 Jun 2021, at 21:38, Özkan KIRIK wrote:
>> Hi,
>>
>> pfctl -P -ss -vv command cannot finish and eats %100 of single core cpu
>> when number of states is over 50.000.
>> Even killall -9 pfctl doesn't help. process cannot be killed.
>>
>> I'm using FreeBSD stable/12 that pulled at 2021-06-05.
>> State policy is configured as floating. I don't know if it matters
>> switching to if-bound.
>>
>> Do you have any suggestions to overcome this problem?
>>
> None for now. I’m aware of the problem, it’s still related to nvlists. 
> It’s being worked on right now, but I have no ETA for a fix.
> 
> — Kristof
> 

Hello!

Is there a PR for this issue?
When did the code causing the issue enter 12/STABLE?

Thanks! :)

Best regards,

Thomas