https://lists.ubuntu.com/archives/kernel-team/2011-September/017129.html
** Description changed: == SRU Justification == + Destroying a container causes a kernel Oops and will hang the system. The issue is reproducible. The user has successfully tested the patch against Oneiric and can confirm the Oops no longer occurs when using a patched Oneiric kernel. The patch has been submitted upstream (CC'd upstream stable) and is currently queued in the -mm tree. It also appears it will hit the 3.2 merge window. Please consider for SRU against Oneiric and Natty. + == Impact == - It's been reported that on destroying a container causes a kernel Oops and will hang the system. Issue is reproducible. + The commit message of the patch notes that this will likely affect 2.6.26 and newer kernels, ie affects Lucid, Maverick, Natty, Oneiric. However, due to the nature of our SRU process, the bug reporter is likely only able to readily test Natty and Oneiric. Thus I'm only submitting this for SRU against Oneiric and Natty. == Test Case == - See reproducer below as described by user. + See reproducer in comment #6 == Fix == http://marc.info/?l=linux-mm-commits&m=131603308900694&w=2 ----- On linux-image-2.6.38-11-generic and linux-image-3.0.0-10-server, destroying a container causes a kernel OOPS and hang. This is totally repeatable. Procedure to repeat: Use the attached perl program. The perl program: a) sets up a veth device b) forks c) does clone(NS_NEWNET) on the child d) moves one end of the veth device into the child's network namespace e) pings between the parent and the child and runs conntrack -L f) kills the child after a while. [NB: this section used to mention lxc - this is a red herring caused by some surprising semantics of lxc, and in fact is nothing to do with the bug] The oops is in general not possible to catch save via the console as the reboot/hang is immediate. However, I have attached an Oops from a marginally different kernel (2.6.38-10-server on Lucid) which is created in a marginally different way, but has the same call stack. Bug information as required 1. System information. lsb_release -rd gives: Description: Ubuntu 11.04 Release: 11.04 or on another machine showing the same issue $ lsb_release -rd Description: Ubuntu oneiric (development branch) Release: 11.10 2. apt-cache policy linux-image-2.6.38-11-generic linux-image-2.6.38-11-generic: Installed: 2.6.38-11.49 Candidate: 2.6.38-11.49 Version table: *** 2.6.38-11.49 0 500 http://gb.archive.ubuntu.com/ubuntu/ natty-proposed/main amd64 Packages 100 /var/lib/dpkg/status 2.6.38-11.48 0 500 http://gb.archive.ubuntu.com/ubuntu/ natty-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ natty-security/main amd64 Packages or on the second machine: $ apt-cache policy linux-image-3.0.0-10-server linux-image-3.0.0-10-server: Installed: 3.0.0-10.16 Candidate: 3.0.0-10.16 Version table: *** 3.0.0-10.16 0 500 http://gb.archive.ubuntu.com/ubuntu/ oneiric/main amd64 Packages 100 /var/lib/dpkg/status 3) What I expected to happen: Test program continues to run, showing ICMP traffic moving periodically 4) What actually happened: Kernel hang within 10-20 seconds, Oops on console, data lost 5) We currently do not believe this to be a security vulnerability as containers cannot be created as non-root. --- AlsaDevices: total 0 crw-rw---- 1 root audio 116, 1 2011-09-10 19:18 seq crw-rw---- 1 root audio 116, 33 2011-09-10 19:18 timer AplayDevices: Error: [Errno 2] No such file or directory ApportVersion: 1.22.1-0ubuntu2 Architecture: amd64 ArecordDevices: Error: [Errno 2] No such file or directory AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CRDA: Error: [Errno 2] No such file or directory DistroRelease: Ubuntu 11.10 HibernationDevice: RESUME=UUID=49b12664-6859-4b83-b861-2354c9c23c26 InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Alpha amd64 (20110301.4) IwConfig: lo no wireless extensions. eth0 no wireless extensions. Lsusb: Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd MachineType: Bochs Bochs Package: linux-lts-backport-natty PciMultimedia: ProcEnviron: LANG=en_GB.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.0.0-11-server root=/dev/mapper/hostname-root ro crashkernel=384M-2G:64M,2G-:128M quiet ProcVersionSignature: Ubuntu 3.0.0-11.17-server 3.0.4 RelatedPackageVersions: linux-restricted-modules-3.0.0-11-server N/A linux-backports-modules-3.0.0-11-server N/A linux-firmware 1.60 RfKill: Error: [Errno 2] No such file or directory Tags: oneiric Uname: Linux 3.0.0-11-server x86_64 UpgradeStatus: Upgraded to oneiric on 2011-09-10 (0 days ago) UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare dmi.bios.date: 01/01/2007 dmi.bios.vendor: Bochs dmi.bios.version: Bochs dmi.chassis.type: 1 dmi.chassis.vendor: Bochs dmi.modalias: dmi:bvnBochs:bvrBochs:bd01/01/2007:svnBochs:pnBochs:pvr:cvnBochs:ct1:cvr: dmi.product.name: Bochs dmi.sys.vendor: Bochs ** Changed in: linux (Ubuntu Natty) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Natty) Status: New => In Progress ** Changed in: linux (Ubuntu Natty) Assignee: (unassigned) => Leann Ogasawara (leannogasawara) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/843892 Title: Repeatable kernel oops on container delete To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/843892/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
