I reverted the changes to Cosmic because that needs at least a different
approach. In that version the rbtree usage is not yet present and the
IPv4 expire function does the exactly same thing (increment the refcount
of the skb) and we have no hard evidence this actually causes crashes in
the 4.18 kernel. So for now only keep the xenial change.
** Changed in: linux (Ubuntu Cosmic)
Status: Fix Committed => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1824687
Title:
4.4.0-145-generic Kernel Panic ip6_expire_frag_queue
Status in linux package in Ubuntu:
Triaged
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Cosmic:
Incomplete
Status in linux source package in Disco:
Triaged
Bug description:
[SRU Justification]
== Impact ==
Since 05c0b86b96 "ipv6: frags: rewrite ip6_expire_frag_queue()" the
16.04/4.4 kernel crashes whenever that functions gets called (on busy
systems this can be every 3-4 hours). While this potentially affects
Cosmic and later, too, the fix differs on later kernels (Bionic is not
yet affected as it does not yet carry updates to the frags handling).
== Fix ==
For Xenial and Cosmic, the proposed fix would be additional changes to
ip6_expipre_frag_queue(), taken from follow-up changes to ip_expire().
For Disco, I would hold back because we have a backlog of stable patches
there and depending on what got backported to 5.0.y there would be a simpler
fix.
For current development kernels, one just needs to ensure that the following
upstream change is included: 47d3d7fdb10a "ip6: fix skb leak in
ip6frag_expire_frag_queue()".
== Testcase ==
Unfortunately this could not be re-created locally. But a test kernel
which had the proposed fix applied was showing good testing (see
comment #37 and #38).
== Risk of Regression ==
The modified function is only called in rare cases and the positive
testing in production would cover this. So I would consider it low.
---
Description: Ubuntu 16.04.6 LTS
Release: 16.04
After upgrading our server to this Kernel we experience frequent Kernel
panics (Attachment).
Every 3 hours.
Our machine has a throuput of about 600 Mbits/s
The Panics are around the area of ip6_expire_frag_queue.
__pskb_pull_tail
ip6_dst_lookup_tail
_decode_session6
__xfrm_decode_session
icmpv6_route_lookup
icmp6_send
It seems similar to Bug Report in Debian.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922488
According to the bug finder of above bug it also occurred after using a
Kernel with the change of
rewrite ip6_expire_frag_queue()
Intermediate solution. We disabled IPv6 on this machine to avoid further
Panics.
Please let me know what information is missing. The ubuntu-bug linux was
send. And I hope it is attached to this report.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-145-generic 4.4.0-145.171
ProcVersionSignature: Ubuntu 4.4.0-145.171-generic 4.4.176
Uname: Linux 4.4.0-145-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
Date: Sun Apr 14 11:40:11 2019
InstallationDate: Installed on 2018-03-18 (391 days ago)
InstallationMedia: Ubuntu-Server 16.04.4 LTS "Xenial Xerus" - Release amd64
(20180228)
ProcEnviron:
LANGUAGE=en_GB:en
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_GB.UTF-8
SHELL=/bin/bash
SourcePackage: linux-signed
UpgradeStatus: Upgraded to xenial on 2018-10-21 (174 days ago)
---
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Apr 12 21:04 seq
crw-rw---- 1 root audio 116, 33 Apr 12 21:04 timer
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq',
'/dev/snd/timer'] failed with exit code 1:
DistroRelease: Ubuntu 16.04
HibernationDevice: RESUME=/dev/mapper/tor3--vg-swap_1
InstallationDate: Installed on 2018-03-18 (393 days ago)
InstallationMedia: Ubuntu-Server 16.04.4 LTS "Xenial Xerus" - Release amd64
(20180228)
IwConfig: Error: [Errno 2] No such file or directory
Lsusb:
Bus 002 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 003: ID 0557:2221 ATEN International Co., Ltd Winbond Hermon
Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
MachineType: Supermicro X9SRE/X9SRE-3F/X9SRi/X9SRi-3F
Package: linux (not installed)
PciMultimedia:
ProcEnviron:
LANGUAGE=en_GB:en
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_GB.UTF-8
SHELL=/bin/bash
ProcFB: 0 VESA VGA
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-145-generic
root=/dev/mapper/hostname--vg-root ro
ProcVersionSignature: Ubuntu 4.4.0-145.171-generic 4.4.176
RelatedPackageVersions:
linux-restricted-modules-4.4.0-145-generic N/A
linux-backports-modules-4.4.0-145-generic N/A
linux-firmware 1.157.21
RfKill: Error: [Errno 2] No such file or directory
Tags: xenial xenial
Uname: Linux 4.4.0-145-generic x86_64
UpgradeStatus: Upgraded to xenial on 2018-10-21 (176 days ago)
UserGroups:
_MarkForUpload: True
dmi.bios.date: 10/08/2012
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 1.0c
dmi.board.asset.tag: To be filled by O.E.M.
dmi.board.name: X9SRE/X9SRE-3F/X9SRi/X9SRi-3F
dmi.board.vendor: Supermicro
dmi.board.version: 1.2
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: Supermicro
dmi.chassis.version: 0123456789
dmi.modalias:
dmi:bvnAmericanMegatrendsInc.:bvr1.0c:bd10/08/2012:svnSupermicro:pnX9SRE/X9SRE-3F/X9SRi/X9SRi-3F:pvr0123456789:rvnSupermicro:rnX9SRE/X9SRE-3F/X9SRi/X9SRi-3F:rvr1.2:cvnSupermicro:ct3:cvr0123456789:
dmi.product.name: X9SRE/X9SRE-3F/X9SRi/X9SRi-3F
dmi.product.version: 0123456789
dmi.sys.vendor: Supermicro
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1824687/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
