On Thu, 7 Oct 2004, Jon Trulson wrote:
On Thu, 7 Oct 2004, Michael Parker wrote:
On Thu, Oct 07, 2004 at 10:53:30AM -0600, Jon Trulson wrote:
FWIW, in our case a child would go to 320MB and just stay there until the child was terminated (even after finishing a message). We do use AWL and bayes.
Is it possible to try and find the msgs that was being scanned at that point in time? If so, can you reproduce by re-processing that message?
Also, if you can, do an sa-learn --dump magic shortly after the jump happens and see what it says for the "last expiry atime" value. Does it happen to match when you saw the memory jump?
I'll give that a shot this weekend when I'll have time to try to watch for it to happen.
I missed the actual message (though it was only 2.5K, rejected at MTA), but I did happen to see one of the blowups happen this morning - to 325MB.
The "last expiry atime" did indeed correspond with the time of the blowup.
FWIW, here is the output of 'sa-learn --dump magic'
[ pulsar ] sa-learn --dump magic
0.000 0 3 0 non-token data: bayes db version
0.000 0 175877 0 non-token data: nspam
0.000 0 132455 0 non-token data: nham
0.000 0 149125 0 non-token data: ntokens
0.000 0 1097168279 0 non-token data: oldest atime
0.000 0 1097513975 0 non-token data: newest atime
0.000 0 0 0 non-token data: last journal sync atime
0.000 0 1097513872 0 non-token data: last expiry atime
0.000 0 345600 0 non-token data: last expire atime delta
0.000 0 15505 0 non-token data: last expire reduction count
The time 1097513872 (Mon Oct 11 10:57:52 2004) - matches when the the blowup started. The scan for this particular message lasted 125.9 seconds, and ran the CPU at 99% until the child exited. I am using '--max-conn-per-child=1' option to spamd.
I am also running Perl 5.8.0, if that makes a diff.
-- Jon Trulson mailto:[EMAIL PROTECTED] ID: 1A9A2B09, FP: C23F328A721264E7 B6188192EC733962 PGP keys at http://radscan.com/~jon/PGPKeys.txt #include <std/disclaimer.h> "I am Nomad." -Nomad
