Limit service memory usage

meshenjoyer · June 23, 2025, 10:24pm

Hi,

I would like to limit Adguard Home in its memory usage as it caused an unexpected router reboot when it updated dns filter lists a number of times due to OOM conditions.

in its init script I set procd_set_param limits rss="131072 131072" to hopefully limit memory usage to 128 MiB. the thing is, router (when not running adguard instance) constantly has more free memory that that limit, so if that limit worked it should prevent any further crashes. Yet it doesn't.

So here is my question, how to properly limit memory/cpu usage of a service? I noticed that each running service has its own cgroup defined under /sys/fs/cgroup/services/<service name>, yet there is memory.max_bytes nor anything related to memory whatsoever. Is it dependent on hardware perchance?

brada4 · June 23, 2025, 10:53pm

Good hoping, it will dump client traces in /tmp until full.

meshenjoyer · June 24, 2025, 5:02am

Is it unavoidable? Does openwrt even collect core dumps by default?

brada4 · June 24, 2025, 5:52am

agh does, does not seem there is any limit on storage of those.

eduperez · June 24, 2025, 7:50am

Isn't AdBlock going to crash when it fails to allocate all the memory it needs?

egc · June 24, 2025, 8:01am

Adguard Home is rather bloated, depending on your needs you can use an Adblock package and e.g. https-dns proxy for secure DNS, that is what is working for me at least :).

slh · June 24, 2025, 8:54am

In practical terms, is there really much of a difference between 'just' the DNS server crashing - or the whole router?

meshenjoyer · June 24, 2025, 3:42pm

The unfortunate consequence, which is preferable to crashing the whole router. But with proper service management crashed services should just come right back up, am I right?

I used adblock-lean in the past but the webUI of adguard is hard to pass for me.

In my book the less fatal crashes there are the better but what do I know.
Also rebooting takes more time, breaks ssh sessions and puts (minimal) albeit non-zero stress on hardware and firmware which may or may not be so keen on booting up again after unscheduled abrupt shutdown.
Also again, with local DNS caching I can get by without DNS for a bit and local networking still works, and those 2 seconds when AGH reboots shall not pose a great problem.

Back to the point: how can I limit system resources per service?

eduperez · June 24, 2025, 6:16pm

Sorry, but I do not see the point... If a service, under normal circumstances, uses too much memory, what is the point? You make it crash, it restarts, then back to using too much memory...

meshenjoyer · June 24, 2025, 7:17pm

It crashes onlsdy in certain conditions, adguard home is memory hungry on filter updates, sometimes to the point of crashing the whole thing.
It starts with filters disabled so there is no chance of it just crashing in a loop.

frollic · June 24, 2025, 7:23pm

Update as in fetching updated lists ?

Disable auto update, and restart the service every day to force an "update"?