I agree with Taher (in https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1842447/comments/15), this bug seems to impact a lot of systems (my colo host was kernel panic restarting about every 75-90 minutes, all weekend). It has a NAT firewall on it (for the hosted VMs), but no Docker/Wireguard, etc. My guess for the 75-90 minutes is that is how long it took to dirty enough memory that the relevant value just happened not to already be 0 (NULL). (Curiously I installed -60 on Thursday last week, and the first issue didn't happen until Friday, so it's been worse over the weekend than the first 24 hours. I enabled kernel.panic=15 after the first issue, to automate recovery, and was *extremely* glad I did so.)
Honestly I'd suggest withdrawing -60 as it's very unstable in a lot of common configurations. And also suggest expediting the release of -62, which AFAICT just contains the one line fix for the bug in -60. Now it's Monday morning (and thus I can get into the colo if needed), I've upgraded the colo system to the proposed -62 version, and crossing my fingers the system is more stable as a result. In case it helps others, I found I needed to: (a) https://wiki.ubuntu.com/Testing/EnableProposed (changing "xenial" to "bionic", for 18.04 LTS, including enabling the low priority pin of bionic-proposed); and (b) sudo apt-get install linux-generic/bionic-proposed linux-signed- generic/bionic-proposed linux-headers-generic/bionic-proposed (without at least two of those three, the proposed update metapackages wouldn't install due to conflicts; I'm not sure if linux-signed-generic is needed, but it's still installed, so I chose to keep it in sync.) That list of packages found by looking for 4.15.0-60 versioned packages that didn't have that version in their package name (ie, to find the generic metapackages). Ewen PS: Reboots (due to kernel panic, and kernel.panic=15 sysctl) over the weekend: -=- cut here -=- ewen@naosr620:~$ last | grep reboot reboot system boot 4.15.0-62-generi Mon Sep 9 10:43 still running reboot system boot 4.15.0-60-generi Mon Sep 9 10:14 - 10:39 (00:25) reboot system boot 4.15.0-60-generi Mon Sep 9 08:48 - 10:09 (01:21) reboot system boot 4.15.0-60-generi Mon Sep 9 07:33 - 10:09 (02:36) reboot system boot 4.15.0-60-generi Mon Sep 9 06:18 - 10:09 (03:51) reboot system boot 4.15.0-60-generi Mon Sep 9 05:03 - 10:09 (05:06) reboot system boot 4.15.0-60-generi Mon Sep 9 03:48 - 10:09 (06:21) reboot system boot 4.15.0-60-generi Mon Sep 9 02:33 - 10:09 (07:36) reboot system boot 4.15.0-60-generi Mon Sep 9 01:13 - 10:09 (08:56) reboot system boot 4.15.0-60-generi Sun Sep 8 23:58 - 10:09 (10:11) reboot system boot 4.15.0-60-generi Sun Sep 8 22:43 - 10:09 (11:26) reboot system boot 4.15.0-60-generi Sun Sep 8 21:28 - 10:09 (12:41) reboot system boot 4.15.0-60-generi Sun Sep 8 20:08 - 10:09 (14:01) reboot system boot 4.15.0-60-generi Sun Sep 8 18:53 - 10:09 (15:16) reboot system boot 4.15.0-60-generi Sun Sep 8 17:38 - 10:09 (16:31) reboot system boot 4.15.0-60-generi Sun Sep 8 16:23 - 10:09 (17:46) reboot system boot 4.15.0-60-generi Sun Sep 8 15:08 - 10:09 (19:01) reboot system boot 4.15.0-60-generi Sun Sep 8 13:53 - 10:09 (20:16) reboot system boot 4.15.0-60-generi Sun Sep 8 12:29 - 10:09 (21:40) reboot system boot 4.15.0-60-generi Sun Sep 8 11:14 - 10:09 (22:55) reboot system boot 4.15.0-60-generi Sun Sep 8 09:57 - 10:09 (1+00:12) reboot system boot 4.15.0-60-generi Sun Sep 8 08:43 - 10:09 (1+01:26) reboot system boot 4.15.0-60-generi Sun Sep 8 07:28 - 10:09 (1+02:41) reboot system boot 4.15.0-60-generi Sun Sep 8 06:13 - 10:09 (1+03:56) reboot system boot 4.15.0-60-generi Sun Sep 8 04:54 - 10:09 (1+05:15) reboot system boot 4.15.0-60-generi Sun Sep 8 03:34 - 10:09 (1+06:35) reboot system boot 4.15.0-60-generi Sun Sep 8 02:18 - 10:09 (1+07:51) reboot system boot 4.15.0-60-generi Sun Sep 8 01:03 - 10:09 (1+09:06) reboot system boot 4.15.0-60-generi Sat Sep 7 23:48 - 10:09 (1+10:21) reboot system boot 4.15.0-60-generi Sat Sep 7 22:55 - 10:09 (1+11:14) reboot system boot 4.15.0-60-generi Sat Sep 7 22:34 - 10:09 (1+11:35) reboot system boot 4.15.0-60-generi Sat Sep 7 21:19 - 10:09 (1+12:50) reboot system boot 4.15.0-60-generi Sat Sep 7 20:03 - 10:09 (1+14:06) reboot system boot 4.15.0-60-generi Sat Sep 7 18:48 - 10:09 (1+15:21) reboot system boot 4.15.0-60-generi Sat Sep 7 17:33 - 10:09 (1+16:36) reboot system boot 4.15.0-60-generi Sat Sep 7 16:18 - 10:09 (1+17:51) reboot system boot 4.15.0-60-generi Sat Sep 7 15:03 - 10:09 (1+19:06) reboot system boot 4.15.0-60-generi Sat Sep 7 13:42 - 10:09 (1+20:27) reboot system boot 4.15.0-60-generi Sat Sep 7 12:27 - 10:09 (1+21:42) reboot system boot 4.15.0-60-generi Sat Sep 7 11:12 - 10:09 (1+22:57) reboot system boot 4.15.0-60-generi Sat Sep 7 10:57 - 10:09 (1+23:12) reboot system boot 4.15.0-60-generi Sat Sep 7 09:58 - 10:09 (2+00:11) reboot system boot 4.15.0-60-generi Sat Sep 7 08:43 - 10:09 (2+01:26) reboot system boot 4.15.0-60-generi Sat Sep 7 07:27 - 10:09 (2+02:42) reboot system boot 4.15.0-60-generi Sat Sep 7 06:07 - 10:09 (2+04:02) reboot system boot 4.15.0-60-generi Sat Sep 7 04:52 - 10:09 (2+05:17) reboot system boot 4.15.0-60-generi Sat Sep 7 03:37 - 10:09 (2+06:32) reboot system boot 4.15.0-60-generi Sat Sep 7 02:36 - 10:09 (2+07:33) reboot system boot 4.15.0-60-generi Sat Sep 7 02:07 - 10:09 (2+08:02) reboot system boot 4.15.0-60-generi Sat Sep 7 01:53 - 10:09 (2+08:16) reboot system boot 4.15.0-60-generi Fri Sep 6 11:27 - 10:09 (2+22:42) reboot system boot 4.15.0-60-generi Thu Sep 5 12:11 - 10:09 (3+21:58) ewen@naosr620:~$ -=- cut here -=- -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1842447 Title: Kernel Panic with linux-image-4.15.0-60-generic when specifying nameserver in docker-compose Status in linux package in Ubuntu: Confirmed Status in linux source package in Bionic: Fix Committed Bug description: [Impact] Some fragmentation+NAT workloads will cause kernel BUG/Ooops. [Test case] sudo iptables -t nat -I POSTROUTING -j MASQUERADE sudo hping3 192.168.122.1 -s 1000 -p 2000 -d 60000 [Regression potential] This could make fragmented packets stop flowing. So, make sure fragmented pings still work. ping 192.168.122.1 -s 60000 still works, even with the above nat rule. -------------------------------------------- Hello, there are multiple inquries in the mailcow GitHub issues over at https://github.com/mailcow/mailcow-dockerized/issues/2904 that the latest kernel linux-image-4.15.0-60-generic causes kernel panics when "- dns" setting is used within the docker-compose.yml file, for yet some unclear reasons. Multiple users on different systems (e.g. virtualized ones on VMware ESXi and KVM) were able to reproduce the same issue. I was also able to reproduce this constantly on a completely new deployed Ubuntu 18.04 VM (KVM) with a fresh mailcow installation. Steps to reproduce: 1. Install a clean Ubuntu 18.04(.03) machine 2. Upgrade the installation to linux-image-4.15.0-60-generic 3. Setup mailcow as instructed at https://mailcow.github.io/mailcow-dockerized-docs/i_u_m_install/ (just takes less than a minute, easy to reproduce) 4. Start mailcow with "dns"-settings specified in docker-compose file (Make sure using the older docker-compose version with dns settings: https://raw.githubusercontent.com/mailcow/mailcow-dockerized/a1403b7a5969637df23001d05c59c2a20774fbb5/docker-compose.yml) 5. Wait a few minutes, then kernel crash appears Using this workaround it appears to be stable again: https://github.com/mailcow/mailcow- dockerized/commit/dc6eea5142c063e26408a685b66fbb7754408ec2 I've attached the apport file to this bug. Please let me know if you need any kind of further information. (As this is my first bug report here, I hope I have included all required information helping you finding the cause.) Kind regards, Patrik To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1842447/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
