OpenWrt/LEDE Project

  • Status Closed
  • Percent Complete
    100%
  • Task Type Bug Report
  • Category Kernel
  • Assigned To No-one
  • Operating System All
  • Severity Medium
  • Priority Very Low
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Tomasz Moń - 07.04.2018
Last edited by Baptiste Jonglez - 20.01.2020

FS#1472 - Stopping lxc container results in kernel oops

Device: Linksys WRT1900ACS v2
OpenWrt version: Latest master (c0742307a18178ee7d2cee1fc6b0e199ccb1e1fa)

root@OpenWrt:~# lxc-checkconfig 
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled

--- Control groups ---
Cgroups: enabled

Cgroup v1 mount points: 
/sys/fs/cgroup

Cgroup v2 mount points: 


Cgroup v1 systemd controller: /usr/bin/lxc-checkconfig: line 169: printf \033[1;31m: not found

Cgroup v1 freezer controller: /usr/bin/lxc-checkconfig: line 176: printf \033[1;31m: not found

Cgroup v1 clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled, loaded
Macvlan: enabled, loaded
Vlan: enabled, not loaded
Bridges: enabled, not loaded
Advanced netfilter: enabled, not loaded
CONFIG_NF_NAT_IPV4: enabled, loaded
CONFIG_NF_NAT_IPV6: missing
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: missing
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, loadedCONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, loaded
FUSE (for use with lxcfs): enabled, loaded

--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

Prerequisities:
1.lxc-create -t alpine –name container
2.Modify /srv/lxc/container/config adding:
lxc.net.0.type = veth
lxc.net.0.link = br-lan
lxc.net.0.flags = up
lxc.net.0.ipv4.address = 192.168.1.5/24
lxc.net.0.ipv4.gateway = 192.168.1.1
lxc.net.0.name = eth0
3.lxc-start –name container

Steps to reproduce:
1.lxc-stop –name container

[   89.634758] ------------[ cut here ]------------
[   89.639416] WARNING: CPU: 0 PID: 39 at net/netfilter/core.c:392 nf_unregister_net_hooks+0x7c/0x188
[   89.648432] Modules linked in: qcserial pppoe ppp_async option ipw cdc_mbim usb_wwan usb_serial_simple ueagle_atm ti_usb_3410_5052 sr9700 speedtch smsc95xx sierra_net sierra rndis_host qmi_wwan pppox ppp_generic plusb pl2303 oti6858 nf_nat_pptp nf_conntrack_pptp mos7720 mct_u232 mcs7830 keyspan kalmia iptable_nat ipt_MASQUERADE ipt_CLUSTERIP io_edgeport huawei_cdc_ncm garmin_gps ftdi_sio ebtable_nat ebtable_filter ebtable_broute dm9601 cypress_m8 cxacru cp210x ch341 cdc_subset cdc_ncm cdc_ether cdc_eem belkin_sa ax88179_178a asix ark3116 yealink xt_u32 xt_time xt_tcpmss xt_string xt_statistic xt_state xt_recent xt_quota2 xt_quota xt_psd xt_pkttype xt_physdev xt_owner xt_nat xt_multiport xt_mark xt_mac xt_lscan xt_limit xt_length2 xt_length xt_ipv4options xt_iprange xt_ipp2p xt_iface xt_hl xt_helper
[   89.719541]  xt_hashlimit xt_geoip xt_fuzzy xt_esp xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_condition xt_comment xt_cluster xt_addrtype xt_TRACE xt_TPROXY xt_TEE xt_TCPMSS xt_SYSRQ xt_REDIRECT xt_NFQUEUE xt_NFLOG xt_NETMAP xt_LUA xt_LOGMARK xt_LOG xt_LED xt_IPMARK xt_HL xt_FLOWOFFLOAD xt_DSCP xt_DNETMAP xt_DHCPMAC xt_CT xt_CLASSIFY xt_CHECKSUM xt_DELUDE xt_TARPIT ipt_REJECT xt_tcpudp xt_CHAOS xt_ACCOUNT xr_usb_serial_common vport_vxlan vport_gre vport_geneve visor vhci_hcd usbserial usbnet usblp usbip_host usbip_core usbhid usbatm ums_usbat ums_sddr55 ums_sddr09 ums_karma ums_jumpshot ums_isd200 ums_freecom ums_datafab ums_cypress ums_alauda ts_fsm ts_bm slhc rtl8150 r8152 pegasus openvswitch nfnetlink_queue nfnetlink_log nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip
[   89.791156]  nf_nat_rtsp nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_ftp nf_nat_amanda nf_nat nf_log_ipv4 nf_log_common nf_flow_table_hw nf_flow_table nf_dup_ipv4 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtsp nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_ftp nf_conntrack_broadcast ts_kmp nf_conntrack_amanda nf_conntrack macvlan libcrc32c kaweth iptable_raw iptable_mangle iptable_filter ipt_rpfilter ipt_ah ipt_ECN ipheth ip_tables hso hid_generic ezusb ebtables ebt_vlan ebt_stp ebt_snat ebt_redirect ebt_pkttype ebt_nflog ebt_mark_m ebt_mark ebt_log ebt_limit ebt_ip ebt_dnat ebt_arpreply ebt_arp ebt_among ebt_802_3 dmx_usb
[   89.862055]  crc_ccitt compat_xtables cm109 cdc_wdm cdc_acm br_netfilter arptable_filter arpt_mangle arp_tables fuse configs sg hid evdev input_core mwlwifi mac80211 cfg80211 compat xt_set x_tables ip_set_list_set ip_set_hash_netiface ip_set_hash_netport ip_set_hash_netnet ip_set_hash_net ip_set_hash_netportnet ip_set_hash_mac ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_port ip_set_bitmap_ipmac ip_set_bitmap_ip ip_set nfnetlink nfsv4 nfsv3 nfsd nfs ip_gre gre ip_tunnel veth tun nbd mpls_gso mpls_iptunnel mpls_router vfat fat ntfs lockd sunrpc grace isofs cramfs autofs4 dns_resolver dm_crypt dm_mirror dm_region_hash dm_log dm_mod dax br2684 atm nls_utf8 nls_iso8859_2 nls_iso8859_15 nls_iso8859_1 nls_cp437 rfkill vxlan geneve udp_tunnel
[   89.933239]  uas dwc3 dwc2 ohci_pci uhci_hcd ohci_platform ohci_hcd gpio_button_hotplug reiserfs exfat mii
[   89.942957] CPU: 0 PID: 39 Comm: kworker/u4:2 Not tainted 4.14.32 #0
[   89.949337] Hardware name: Marvell Armada 380/385 (Device Tree)
[   89.955283] Workqueue: netns cleanup_net
[   89.959234] [<c010f640>] (unwind_backtrace) from [<c010b30c>] (show_stack+0x10/0x14)
[   89.967014] [<c010b30c>] (show_stack) from [<c05f6608>] (dump_stack+0x88/0x9c)
[   89.974269] [<c05f6608>] (dump_stack) from [<c012228c>] (__warn+0xe4/0x100)
[   89.981260] [<c012228c>] (__warn) from [<c0122358>] (warn_slowpath_null+0x20/0x28)
[   89.988864] [<c0122358>] (warn_slowpath_null) from [<c0574568>] (nf_unregister_net_hooks+0x7c/0x188)
[   89.998037] [<c0574568>] (nf_unregister_net_hooks) from [<c0533084>] (ops_exit_list+0x38/0x60)
[   90.006686] [<c0533084>] (ops_exit_list) from [<c0534358>] (cleanup_net+0x188/0x294)
[   90.014462] [<c0534358>] (cleanup_net) from [<c013881c>] (process_one_work+0x240/0x3d0)
[   90.022500] [<c013881c>] (process_one_work) from [<c01397b8>] (worker_thread+0x330/0x560)
[   90.030715] [<c01397b8>] (worker_thread) from [<c013e01c>] (kthread+0x148/0x154)
[   90.038143] [<c013e01c>] (kthread) from [<c0107a68>] (ret_from_fork+0x14/0x2c)
[   90.045411] ---[ end trace ea4697cf910febb4 ]---
Closed by  Baptiste Jonglez
20.01.2020 21:32
Reason for closing:  Fixed
Additional comments about closing:  

Fixed in 19.07.0 and 18.06.6

GANDALF commented on 09.07.2019 13:31

same on espressobin from snapshots tagged 19-07 in self compiled kernel...

I have made a thread on the forum ;
I get the error on lxc-start, but look same problem, for the kernel panic in ;

Workqueue: netns cleanup_net

GANDALF commented on 09.07.2019 13:52

same problem, same kernel panic, from the official snapshots image ;

root@OpenWrt:/# uname -ar
Linux OpenWrt 4.19.56 #0 SMP Tue Jul 9 11:57:31 2019 aarch64 GNU/Linux

lxc-start get a kernel panic

GANDALF commented on 13.07.2019 07:49

https://forum.openwrt.org/t/solved-espressobin-board-kernel-and-lxc/40170

Solved by adding SECCOMP support in my KERNEL.

Only LXC_SECCOMP ws present at first, and KERNEL_SECCOMP and KERNEL_SECCOMP_FILTER was missing ...

No more kernel panic at lxc-attach and lxc-start, and now works fine !

edit: I still get kernel panic, I will check deeper...

GANDALF commented on 08.08.2019 09:55

still get kernel panic with a debian stretch container but not with a debian jessie container

Project Manager
Yousong Zhou commented on 23.11.2019 10:58

Likely duplicate of  FS#2353 

Project Manager
Baptiste Jonglez commented on 02.01.2020 10:59

This should be fixed in 19.07.0-rc2 and in the upcoming 18.06.6. Can you test and report if it works?

Paul Oranje commented on 23.01.2020 14:15

Please mention the fixing commits, it makes life easier.

Project Manager
Baptiste Jonglez commented on 25.01.2020 13:28

Master: b7c58a1eeba5be2e1f77ec05b417be9d87e26916

19.07: 436dbf12aa7381bd6db1b03b36be5a73df386eb4

18.06: 72ddeffc0922aa469150bd32c8ce98ce4725a557

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing