bugzilla-daemon at netfilter.org
2018-Jan-09 07:50 UTC
[Bug 1212] New: excessive memory usage with kernel 4.14
https://bugzilla.netfilter.org/show_bug.cgi?id=1212
Bug ID: 1212
Summary: excessive memory usage with kernel 4.14
Product: ipset
Version: unspecified
Hardware: All
OS: other
Status: NEW
Severity: major
Priority: P5
Component: default
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: thomas.schwark at gmail.com
Hey,
I�m sorry in advance I am not able to fix this but installing kernel 4.14 and
above leads to an excessive use of memory tested on two machines. A system that
needs around 500 MB now uses around 15 GB out of 16 GB.
The archwiki here
https://wiki.archlinux.org/index.php/Ipset
says to use this script to update sources:
https://github.com/ilikenwf/pg2ipset/blob/master/ipset-update.sh
As soon as I run the script manually with kernel 4.14 and newer the excessive
memory usage starts again. If I then stop ipset service the memory usage keeps
being high. Reboot without running the script solves it. It does not happen
with 4.13 kernel series.
There was a bug report opened here:
https://bugs.archlinux.org/task/56574#comment165267
and the problem was tracked down to this commit:
When reverting commit 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/net/netfilter/ipset?id=48596a8ddc46f96afb6a2cd72787cb15d6bb01fc
and rebuilding the kernel without the commit everything works as expected again
and the problem is gone.
Hope this helps to solve it.
Thanks in advance.
Kind regards
Tom
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180109/c46bab9a/attachment.html>
bugzilla-daemon at netfilter.org
2018-Jan-10 19:53 UTC
[Bug 1212] excessive memory usage with kernel 4.14
https://bugzilla.netfilter.org/show_bug.cgi?id=1212
Jozsef Kadlecsik <kadlec at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kadlec at netfilter.org
--- Comment #1 from Jozsef Kadlecsik <kadlec at netfilter.org> ---
Created attachment 517
--> https://bugzilla.netfilter.org/attachment.cgi?id=517&action=edit
range handling fix
Apply it with "patch -p2".
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180110/5eceb0a0/attachment-0001.html>
bugzilla-daemon at netfilter.org
2018-Jan-10 19:56 UTC
[Bug 1212] excessive memory usage with kernel 4.14
https://bugzilla.netfilter.org/show_bug.cgi?id=1212 --- Comment #2 from Jozsef Kadlecsik <kadlec at netfilter.org> --- Please try the attached patch, which should be applied on top of commit 48596a8d. The patch should fix the issue. Thanks for the thorough report. Jozsef -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180110/86df8f43/attachment.html>
bugzilla-daemon at netfilter.org
2018-Jan-11 08:43 UTC
[Bug 1212] excessive memory usage with kernel 4.14
https://bugzilla.netfilter.org/show_bug.cgi?id=1212 --- Comment #3 from thomas.schwark at gmail.com --- Thanks for the fast help. The archlinux community at the above mentioned filed bug helped me building the latest kernel 4.14.13 with this patch included and the problem is solved ;))) Thanks again. I hope the patch gets included in the kernel soon. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180111/c3b57971/attachment.html>
bugzilla-daemon at netfilter.org
2018-Jan-12 09:46 UTC
[Bug 1212] excessive memory usage with kernel 4.14
https://bugzilla.netfilter.org/show_bug.cgi?id=1212
Jozsef Kadlecsik <kadlec at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #4 from Jozsef Kadlecsik <kadlec at netfilter.org> ---
The patch will be pushed to kernel inclusion, thanks for the testing.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180112/485232b6/attachment.html>
bugzilla-daemon at netfilter.org
2018-Jan-12 18:32 UTC
[Bug 1212] excessive memory usage with kernel 4.14
https://bugzilla.netfilter.org/show_bug.cgi?id=1212 --- Comment #5 from thomas.schwark at gmail.com --- Very good, thank you and have a nice weekend ;) -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180112/5a98ed8e/attachment.html>
Maybe Matching Threads
- [Bug 1209] New: Replace 'netstat' with 'ss'
- [Bug 1750] New: 'ipset save' does not save in format loadable by systemd (it saves in 'ipset list' format)
- [Bug 1101] New: SET target unreliable in iptables - add does not work as expected
- [Bug 880] New: ipset doesn't refresh the timeout for an existing entry when the table is FULL.
- [Bug 1139] New: The include guards on the include/libipset/linux_ip_set*.h are wrong