[Lxc-users] lxc-stop make Kernel crashing

Stéphane Graber stgraber at ubuntu.com
Fri Oct 14 16:21:13 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 10/14/2011 04:35 PM, Admin wrote:
> I am using lxc tools (0.7.4-0ubuntu7.1) on a ubuntu natty kernel 
> 2.6.38-11-server, running several lucid containers with iptables
> rules inside. Sometimes (quite difficult to reproduce), stopping
> the container make the host kernel crashing :
> 
> # lxc-stop -n lucid [system hangs]
> 
> Oct 14 16:12:07 lab2 kernel: [ 1629.627196] br0: port
> 2(vethlucid1) entering forwarding state Oct 14 16:12:07 lab2
> kernel: [ 1629.781408] br0: port 2(vethlucid1) entering disabled
> state Oct 14 16:12:09 lab2 kernel: [ 1629.839799] ------------[ cut
> here ]------------ Oct 14 16:12:09 lab2 kernel: [ 1629.840899]
> kernel BUG at 
> /build/buildd/linux-2.6.38/net/netfilter/xt_recent.c:610! Oct 14
> 16:12:09 lab2 kernel: [ 1629.873678] invalid opcode: 0000 [#1] SMP 
> Oct 14 16:12:09 lab2 kernel: [ 1629.905346] last sysfs file: 
> /sys/devices/system/cpu/cpu7/cache/index2/shared_cpu_map Oct 14
> 16:12:09 lab2 kernel: [ 1629.969152] CPU 7 Oct 14 16:12:09 lab2
> kernel: [ 1629.969615] Modules linked in: xt_multiport xt_recent
> ipt_LOG xt_limit xt_state xt_tcpudp iptable_mangle iptable_nat
> nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 iptable_raw
> iptable_filter ip_tables x_tables veth mptctl vesafb bridge stp lp
> i7core_edac ghes edac_core hed psmouse ioatdma serio_raw joydev
> parport dca raid10 raid456 async_pq async_xor xor async_memcpy
> async_raid6_recov usbhid hid mptsas mptscsih ahci mptbase libahci
> raid6_pq async_tx scsi_transport_sas raid1 raid0 multipath e1000e
> linear btrfs floppy zlib_deflate libcrc32c Oct 14 16:12:09 lab2
> kernel: [ 1630.240144] Oct 14 16:12:09 lab2 kernel: [ 1630.275030]
> Pid: 230, comm: kworker/u:5 Not tainted 2.6.38-11-server #50-Ubuntu
> Supermicro X8STi/X8STi Oct 14 16:12:09 lab2 kernel: [ 1630.347107]
> RIP: 0010:[<ffffffffa02e98dd>]  [<ffffffffa02e98dd>] 
> recent_net_exit+0x3d/0x40 [xt_recent] Oct 14 16:12:09 lab2 kernel:
> [ 1630.421399] RSP: 0018:ffff8805eb1bfda0 EFLAGS: 00010202 Oct 14
> 16:12:09 lab2 kernel: [ 1630.459109] RAX: ffff8805ed667c20 RBX: 
> ffffffffa02ec038 RCX: 0000000000000000 Oct 14 16:12:09 lab2 kernel:
> [ 1630.497969] RDX: ffff8805eeb50f00 RSI: ffffffffa02ec040 RDI:
> ffff8805edfa8a00 Oct 14 16:12:09 lab2 kernel: [ 1630.536978] RBP:
> ffff8805eb1bfda0 R08: 00007a80fffffff8 R09: fffffff8fffffff8 Oct 14
> 16:12:09 lab2 kernel: [ 1630.576091] R10: fffffff8fffffff8 R11: 
> 00007a80fffffff8 R12: ffffffffa02ec040 Oct 14 16:12:09 lab2 kernel:
> [ 1630.614431] R13: ffff8805edfa8a00 R14: ffff8805eb1bfde0 R15:
> ffffffff814ddf80 Oct 14 16:12:09 lab2 kernel: [ 1630.652751] FS:
> 0000000000000000(0000) GS:ffff8800df4e0000(0000)
> knlGS:0000000000000000 Oct 14 16:12:09 lab2 kernel: [ 1630.729573]
> CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b Oct 14 16:12:09
> lab2 kernel: [ 1630.769127] CR2: 00007f2fd5e7be3c CR3: 
> 0000000001a03000 CR4: 00000000000006e0 Oct 14 16:12:09 lab2 kernel:
> [ 1630.809478] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
> 0000000000000000 Oct 14 16:12:09 lab2 kernel: [ 1630.848909] DR3:
> 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Oct 14
> 16:12:09 lab2 kernel: [ 1630.887002] Process kworker/u:5 (pid: 230,
> threadinfo ffff8805eb1be000, task ffff8805eb6044a0) Oct 14 16:12:09
> lab2 kernel: [ 1630.962073] Stack:
> 
> For information, i have iptables rules running inside my containers
> and they use the netfilter recent module that seems playing a role
> in the lernel panic. I will try disabling recent rules inside
> containers to see if the problem disappears If someone have an idea
> how to fix it.
> 
> Another question, anybody implement iptables inside containers and
> could give me advices configuring LOG chain or rsyslog inside
> container to isolate iptables kernel log message from the
> hypervisor ?
> 
> Regards Tony OGER -- LibrA-LinuX

Sounds like:
https://bugs.launchpad.net/ubuntu/+source/linux-lts-backport-natty/+bug/843892

- -- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJOmGF5AAoJEMY4l01keS1n2cUP/3BlBnLUboT8ASwgMRlY/Y5e
JiuJI9kRE5+jBlc5YJ10cz1KnLPz+3sZK5RR9EBE4diRn1DIR+Po7lCgPm/x5tzQ
3dRpy+Rd6eljBk8F2J/e5uq4T1rAZMrOyEuAsxpfXBZ/dbOzA/F+Am0wIfu05m/V
63b8PizsGuG3peMv7mAEhNXRBF9mFYI8JUpm7Ha5SNgh2rH7am0rg2wxn/Zp+Dzg
A7/RxEqBYnsnr++B5OUm7RPuDJ7xdiKTB0fJEqoC90NvVoYtiG9ovBWuQh4tzLBt
rUCBlRsCLGBnOYjjPJolqQ+nPBdbSe3sSgzGEgANlPemKs/ImuH/ZrTltVlKhGfs
7jdLij0X5qdcDqB1y7FzjjNh3hhEIw/mruPlSsZ9+rkl+nDc6SIa/5iyIMDoSMNz
MVhvjOhhagUYeZM2aj+oUvvVVb1YYyGdYcugGAIlrRWzGXJuc3U70xnZFb0sYtJM
pRCcZjytqUfw+Ogf/s/dbBgzi1LbTzis81NgqgxtZR5P3ZicjbD5pmJoZEPz1qEd
GlkDFMTfb8zKvzrRqUodEcEkA+MEnp3WKoivy/rwxFjvbv9s2+vtwFIZrN0v+2LK
w2pnynEz99tUsOjmRrIdOQS9yaNquN43KkihaWCDLl4BjuyGDpXzzAq4vHS0Dvik
1GXcxVzki3TnesmfA7I/
=wlSG
-----END PGP SIGNATURE-----

More information about the lxc-users mailing list