Repeatable kernel oops on container delete
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Leann Ogasawara | ||
Natty |
Fix Released
|
Medium
|
Leann Ogasawara | ||
Oneiric |
Fix Released
|
Medium
|
Leann Ogasawara | ||
linux-lts-backport-natty (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Natty |
Fix Released
|
Undecided
|
Unassigned | ||
Oneiric |
Fix Released
|
Medium
|
Unassigned |
Bug Description
== SRU Justification ==
Destroying a container causes a kernel Oops and will hang the system. The issue is reproducible. The user has successfully tested the patch against Oneiric and can confirm the Oops no longer occurs when using a patched Oneiric kernel. The patch has been submitted upstream (CC'd upstream stable) and is currently queued in the -mm tree. It also appears it will hit the 3.2 merge window. Please consider for SRU against Oneiric and Natty.
== Impact ==
The commit message of the patch notes that this will likely affect 2.6.26 and newer kernels, ie affects Lucid, Maverick, Natty, Oneiric. However, due to the nature of our SRU process, the bug reporter is likely only able to readily test Natty and Oneiric. Thus I'm only submitting this for SRU against Oneiric and Natty.
== Test Case ==
See reproducer in comment #6
== Fix ==
http://
-----
On linux-image-
Procedure to repeat:
Use the attached perl program.
The perl program:
a) sets up a veth device
b) forks
c) does clone(NS_NEWNET) on the child
d) moves one end of the veth device into the child's network namespace
e) pings between the parent and the child and runs conntrack -L
f) kills the child after a while.
[NB: this section used to mention lxc - this is a red herring caused by some surprising semantics of lxc, and in fact is nothing to do with the bug]
The oops is in general not possible to catch save via the console as the reboot/hang is immediate. However, I have attached an Oops from a marginally different kernel (2.6.38-10-server on Lucid) which is created in a marginally different way, but has the same call stack.
Bug information as required
1. System information.
lsb_release -rd gives:
Description: Ubuntu 11.04
Release: 11.04
or on another machine showing the same issue
$ lsb_release -rd
Description: Ubuntu oneiric (development branch)
Release: 11.10
2. apt-cache policy linux-image-
linux-image-
Installed: 2.6.38-11.49
Candidate: 2.6.38-11.49
Version table:
*** 2.6.38-11.49 0
500 http://
100 /var/lib/
2.6.38-11.48 0
500 http://
500 http://
or on the second machine:
$ apt-cache policy linux-image-
linux-image-
Installed: 3.0.0-10.16
Candidate: 3.0.0-10.16
Version table:
*** 3.0.0-10.16 0
500 http://
100 /var/lib/
3) What I expected to happen:
Test program continues to run, showing ICMP traffic moving periodically
4) What actually happened:
Kernel hang within 10-20 seconds, Oops on console, data lost
5) We currently do not believe this to be a security vulnerability as containers cannot be created as non-root.
---
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 2011-09-10 19:18 seq
crw-rw---- 1 root audio 116, 33 2011-09-10 19:18 timer
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 1.22.1-0ubuntu2
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
CRDA: Error: [Errno 2] No such file or directory
DistroRelease: Ubuntu 11.10
HibernationDevice: RESUME=
InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Alpha amd64 (20110301.4)
IwConfig:
lo no wireless extensions.
eth0 no wireless extensions.
Lsusb:
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd
MachineType: Bochs Bochs
Package: linux-lts-
PciMultimedia:
ProcEnviron:
LANG=en_GB.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=
ProcVersionSign
RelatedPackageV
linux-
linux-
linux-firmware 1.60
RfKill: Error: [Errno 2] No such file or directory
Tags: oneiric
Uname: Linux 3.0.0-11-server x86_64
UpgradeStatus: Upgraded to oneiric on 2011-09-10 (0 days ago)
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
dmi.bios.date: 01/01/2007
dmi.bios.vendor: Bochs
dmi.bios.version: Bochs
dmi.chassis.type: 1
dmi.chassis.vendor: Bochs
dmi.modalias: dmi:bvnBochs:
dmi.product.name: Bochs
dmi.sys.vendor: Bochs
Changed in linux-lts-backport-natty (Ubuntu): | |
importance: | Undecided → Medium |
status: | New → Incomplete |
description: | updated |
Changed in linux (Ubuntu): | |
status: | Incomplete → Confirmed |
Changed in linux (Ubuntu): | |
assignee: | nobody → Leann Ogasawara (leannogasawara) |
importance: | Undecided → Medium |
status: | Confirmed → In Progress |
description: | updated |
Changed in linux-lts-backport-natty (Ubuntu Natty): | |
status: | Confirmed → Fix Released |
Changed in linux-lts-backport-natty (Ubuntu Oneiric): | |
status: | Confirmed → Fix Released |
Note that this bug affects Lucid (10.04 LTS) where 2.6.38-10 is a shipped kernel, as well as 11.04.