bugzilla-daemon at netfilter.org
2013-May-22 03:27 UTC
[Bug 823] New: IPv6 NAT memory leaking
https://bugzilla.netfilter.org/show_bug.cgi?id=823 Summary: IPv6 NAT memory leaking Product: netfilter/iptables Version: unspecified Platform: x86_64 OS/Version: other Status: NEW Severity: critical Priority: P5 Component: ip6_tables (kernel) AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: lex.weishun at gmail.com Estimated Hours: 0.0 I tried IPv6 NAT and the system always crashes due to out-of-memory. Here are my steps to reproduce: [VM-a] ------------------- [VM-b] fd00:1234::a/64 fd00:1234::b/64 * VM-a and VM-b are both virtualbox VMs (Arch Linux, kernel 3.9.3-1-ARCH, x866_64, with 64M memory) 1. Add an IPv6 NAT rule on VM-b (even it is never matched): (VM-b)# ip6tables -t nat -A POSTROUTING -s abcd::1 -j LOG 2. Ping with big packets from VM-a: (VM-a)# for i in {1..5000}; do ping6 -s 2000 -c 1 fd00:1234::b; done 3. Check slabinfo at VM-b, the size of kmalloc-256 increases fast and never be released even all conntections are closed. 4-1. Reboot VM-b and do the test again by 'ping -s 1024'. Every thing is fine. 4-2. Reboot VM-b and do the test again without any IPv6 NAT rules. Every thing is fine. It looks like a memory leaking problem. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.netfilter.org/show_bug.cgi?id=823 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter at linuxace.com --- Comment #1 from Phil Oester <netfilter at linuxace.com> 2013-05-31 17:34:57 CEST --- I am unable to reproduce this issue on a 3.9.x kernel. I sent over 1,000,000 packets, and slab use did not increase at all. Kindly send output of lsmod, so we know what netfilter modules you have loaded. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.netfilter.org/show_bug.cgi?id=823 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 |P3 Severity|critical |normal --- Comment #2 from Phil Oester <netfilter at linuxace.com> 2013-06-13 02:36:34 CEST --- Lex - please respond to request for additional information. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.netfilter.org/show_bug.cgi?id=823 --- Comment #3 from lex.weishun at gmail.com 2013-06-13 07:50:40 CEST --- Created attachment 401 --> https://bugzilla.netfilter.org/attachment.cgi?id=401 The lsmod of crashed system -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.netfilter.org/show_bug.cgi?id=823 --- Comment #4 from lex.weishun at gmail.com 2013-06-13 08:06:20 CEST --- (In reply to comment #2)> Lex - please respond to request for additional information.Sorry. I didn't back in last 2 weeks. I tried my Arch linux (kernel 3.9.5, x86_64, 64mb RAM) again this morning, and it still crashed due to out-of-memory. These are my test scripts: (server)# ip link set dev eth2 up (server)# ip addr add fd00:1234::b/64 dev eth2 (server)# ip6tables -t nat -A OUTPUT -s abcd::1 -j LOG (client)# ip link set dev eth2 up (client)# ip addr add fd00:1234::a/64 dev eth2 (client)# for i in {1..5000}; do ping6 -s 2000 -c 1 fd00:1234::b; done Output of lsmod is uploaded. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.netfilter.org/show_bug.cgi?id=823 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #5 from Phil Oester <netfilter at linuxace.com> 2013-06-14 17:03:28 CEST --- Thank you - I am able to reproduce this behavior and will look into it. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugzilla.netfilter.org/show_bug.cgi?id=823 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #6 from Phil Oester <netfilter at linuxace.com> 2013-06-21 08:48:07 CEST --- Lex - thank you very much for posting this bug report. The issue has been resolved via commit 142dcdd3. Details here: https://git.kernel.org/cgit/linux/kernel/git/pablo/nf.git/commit/?id=142dcdd3c25fc7a3866bb06980e8f93a2ed7e050 It should appear in kernel 3.10 and will likely be backported to various 3.x stable kernels. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
Seemingly Similar Threads
- [Bug 877] New: nftables - Set - define core dumps
- [Bug 886] New: iptables-xml segfaults on "-APOSTROUTING"
- [Bug 857] New: ConnLimit unable to work properly
- [Bug 864] New: Verbose output options rejected when modifying chains
- [Bug 868] New: Null pointer segfault in netlink code