Preview Tool

Cisco Bug: CSCte53109 - memory leak with ACLs that use object-groups

Last Modified

Jan 28, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

12.4(24)T 12.4(24)T1 12.4(24)T2

Description (partial)

A router may allocate memory to store an access-list that cannot be freed. In the extreme case this can cause memory allocation failures.

This is only seen when using object groups in access-lists. If you attempt to remove the ACL, not all of the memory used to store the ACL will be freed. If the ACL is applied again the system does not reuse any memory previously allocated. 

If this process is repeated then the router may run out of free memory. The process that holds the memory can be Exec, Virtual Exec, or *DEAD*. Regardless of which process holds the memory, the <CmdBold>show memory allocating-process totals <NoCmdBold> command will always show the name as List Headers:

F340.07.26-2800-15#show memory allocating-process totals
                Head    Total(b)     Used(b)     Free(b)   Lowest(b)  Largest(b)
Processor   47D3EA20   925636064   293698688   631937376   599033524   627500360
      I/O   3F000000    16777216    13386852     3390364     3365232     3339740

Allocator PC Summary for: Processor
Displayed first 2048 Allocator PCs only
    PC          Total   Count  Name
0x435C894C  228536492   44050  List Headers
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.