From mboxrd@z Thu Jan  1 00:00:00 1970
From: Martin Steigerwald <martin@lichtvoll.de>
Subject: Re: [REGRESSION] 5.0-rc2: iptables -nvL consumes 100% of CPU and hogs memory with kernel 5.0-rc2
Date: Tue, 15 Jan 2019 12:52:06 +0100
Message-ID: <1716489.K3OScS4TjR@merkaba>
References: <1608957.xtEoauR4Ya@merkaba> <20190115101006.GE26670@unicorn.suse.cz> <20190115101519.pf7ogpvdz22wku7g@breakpoint.cc>
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8BIT
Cc: Michal Kubecek <mkubecek@suse.cz>, netfilter-devel@vger.kernel.org,
        netdev@vger.kernel.org, linux-kernel@vger.kernel.org
To: Florian Westphal <fw@strlen.de>
Return-path: <linux-kernel-owner@vger.kernel.org>
In-Reply-To: <20190115101519.pf7ogpvdz22wku7g@breakpoint.cc>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: netdev.vger.kernel.org

Florian Westphal - 15.01.19, 11:15:
> Michal Kubecek <mkubecek@suse.cz> wrote:
> > > I upgraded to self-compiled 5.0-rc2 today and found the machine to
> > > be slow after startup. I saw iptables consuming 100% CPU, it only
> > > responded to SIGKILL. It got restarted several times, probably by
> > > some systemd service.
> > > 
> > > Then I started 'iptables -nvL' manually. And I got this:
> > > 
> > > % strace -p 5748
> > > [… tons more, in what appeared an endless loop …]
> 
> This is fixed by:
> 
> http://patchwork.ozlabs.org/patch/1024772/
> ("netfilter: nf_tables: Fix for endless loop when dumping ruleset").

Thanks, Florian.

Will wait for first 5.0-rcx with x=>2 that contains the fix. Bug closed on 
Debian side already, was premature to report it there.

Ciao,
-- 
Martin

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Tvwj=PX=vger.kernel.org=netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_PASS,URIBL_BLOCKED autolearn=unavailable
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A9192C43387
	for <netdev@archiver.kernel.org>; Tue, 15 Jan 2019 12:00:04 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 8004F20657
	for <netdev@archiver.kernel.org>; Tue, 15 Jan 2019 12:00:04 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729027AbfAOMAD convert rfc822-to-8bit (ORCPT
        <rfc822;netdev@archiver.kernel.org>); Tue, 15 Jan 2019 07:00:03 -0500
Received: from mondschein.lichtvoll.de ([194.150.191.11]:60073 "EHLO
        mail.lichtvoll.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727376AbfAOMAD (ORCPT
        <rfc822;netdev@vger.kernel.org>); Tue, 15 Jan 2019 07:00:03 -0500
X-Greylist: delayed 475 seconds by postgrey-1.27 at vger.kernel.org; Tue, 15 Jan 2019 07:00:02 EST
Authentication-Results: auth=pass smtp.auth=martin smtp.mailfrom=martin@lichtvoll.de
Received: from 127.0.0.1 (localhost [127.0.0.1])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.lichtvoll.de (Postfix) with ESMTPSA id B6E43437F7B;
        Tue, 15 Jan 2019 12:52:06 +0100 (CET)
From:   Martin Steigerwald <martin@lichtvoll.de>
To:     Florian Westphal <fw@strlen.de>
Cc:     Michal Kubecek <mkubecek@suse.cz>, netfilter-devel@vger.kernel.org,
        netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [REGRESSION] 5.0-rc2: iptables -nvL consumes 100% of CPU and hogs memory with kernel 5.0-rc2
Date:   Tue, 15 Jan 2019 12:52:06 +0100
Message-ID: <1716489.K3OScS4TjR@merkaba>
In-Reply-To: <20190115101519.pf7ogpvdz22wku7g@breakpoint.cc>
References: <1608957.xtEoauR4Ya@merkaba> <20190115101006.GE26670@unicorn.suse.cz> <20190115101519.pf7ogpvdz22wku7g@breakpoint.cc>
MIME-Version: 1.0
Content-Transfer-Encoding: 8BIT
Content-Type: text/plain; charset="UTF-8"
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org
Message-ID: <20190115115206.z5ZAfiiNnrB7wZ66QERmveHVIClt2N3zIoycDlfdC1k@z>

Florian Westphal - 15.01.19, 11:15:
> Michal Kubecek <mkubecek@suse.cz> wrote:
> > > I upgraded to self-compiled 5.0-rc2 today and found the machine to
> > > be slow after startup. I saw iptables consuming 100% CPU, it only
> > > responded to SIGKILL. It got restarted several times, probably by
> > > some systemd service.
> > > 
> > > Then I started 'iptables -nvL' manually. And I got this:
> > > 
> > > % strace -p 5748
> > > [… tons more, in what appeared an endless loop …]
> 
> This is fixed by:
> 
> http://patchwork.ozlabs.org/patch/1024772/
> ("netfilter: nf_tables: Fix for endless loop when dumping ruleset").

Thanks, Florian.

Will wait for first 5.0-rcx with x=>2 that contains the fix. Bug closed on 
Debian side already, was premature to report it there.

Ciao,
-- 
Martin