Bug 243561 - pfctl -f fails on tables if system is swapping: cannot define table ${table_name}: Cannot allocate memory
Summary: pfctl -f fails on tables if system is swapping: cannot define table ${table_n...
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs mailing list
Depends on:
Reported: 2020-01-24 11:48 UTC by Lorenzo Salvadore
Modified: 2020-01-24 12:41 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Lorenzo Salvadore freebsd_committer 2020-01-24 11:48:07 UTC
My system is very busy and thus is using swap: swapinfo reports I am using 5% of swapping.

If I run "pfctl -f /etc/pf.conf" I get an error message "cannot define table ${table_name}: Cannot allocate memory" for every table I defined in /etc/pf.conf. After all this errors I get "Syntax error in config file: pf rules not loaded".

This happens on 13.0-CURRENT r356358.
Comment 1 Kristof Provost freebsd_committer 2020-01-24 12:41:52 UTC
Yeah ... you're out of memory, there's not much we can do in that situation.

The allocation code for tables deliberately does not try forever to get memory (i.e. it allocates with M_NOWAIT), because if it did you could lock up pf accidentally by trying to allocate a far too large table.
A consequence of this is that if you're under heavy memory pressure you're going to fail to allocate, and fail the reconfiguration.