View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0012711 | CentOS-7 | kernel | public | 2017-01-24 16:06 | 2017-05-28 07:07 |
Reporter | alfredo | Assigned To | |||
Priority | normal | Severity | block | Reproducibility | random |
Status | resolved | Resolution | fixed | ||
Platform | X86_64 | ||||
Product Version | 7.3.1611 | ||||
Summary | 0012711: [Patch] IFP Refcount Leak Causes "Unregister Netdevice Failed" errors | ||||
Description | [Reproduced From RedHat Bugzilla #1416105] In net/ipv6/addrconf.c if there is a duplicate IPV6 address or some issue setting an address, a race condition exists that can cause an IFP refcount leak. Attempts to unregister a netdevice will then produce a message like: "unregister_netdevice: waiting for <device> to become free. Usage count = 1" where <device> is system specific. This issue was documented and patched upstream in Kernel 4.4.22 (and related LTS kernels) (commit 751eb6b6042a596b0080967c1a529a9fe98dac1d) but I have backported the fix to 3.10.x kernels in the attached patch. Docker users (and anyone heavily using network namespaces) are heavily affected by this issue as evidenced in this thread: https://github.com/docker/docker/issues/5618 | ||||
Steps To Reproduce | Running a docker daemon featuring IPV6 support under heavy load (lots of container creation, removal) using a docker network with the MacVLAN driver will eventually produce the "waiting for <device> to become free" issue. | ||||
Additional Information | I've backported the fix from the 4.xx kernels to the 3.10.x kernel. The patch is attached. | ||||
Tags | No tags attached. | ||||
abrt_hash | |||||
URL | |||||
ipv6refcnt.patch (581 bytes)
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index b7d5ce6..dc65579 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1656,6 +1656,7 @@ void addrconf_dad_failure(struct inet6_ifaddr *ifp) spin_unlock_bh(&ifp->state_lock); addrconf_mod_dad_work(ifp, 0); + in6_ifa_put(ifp); } /* Join to solicited addr multicast group. @@ -3300,6 +3301,7 @@ static void addrconf_dad_work(struct work_struct *w) addrconf_dad_begin(ifp); goto out; } else if (action == DAD_ABORT) { + in6_ifa_hold(ifp); addrconf_dad_stop(ifp, 1); goto out; } |
|
From the fact that this is already in the RH bugzilla (private), I presume the issue is being worked on. CentOS will get the fix once it is in the RHEL kernel. In the meantime, we can apply the patch to the centosplus kernel. |
|
kernel-plus-3.10.0-514.6.2.el7.centos.plus is out. It has the patch from this bug report. | |
The patch is now in kernel-3.10.0-514.21.1.el7, so has been removed from the plus kernel. | |
Date Modified | Username | Field | Change |
---|---|---|---|
2017-01-24 16:06 | alfredo | New Issue | |
2017-01-24 16:06 | alfredo | File Added: ipv6refcnt.patch | |
2017-02-06 17:43 | toracat | Note Added: 0028536 | |
2017-02-06 17:43 | toracat | Status | new => assigned |
2017-02-23 16:45 | toracat | Note Added: 0028669 | |
2017-05-28 07:07 | toracat | Note Added: 0029344 | |
2017-05-28 07:07 | toracat | Status | assigned => resolved |
2017-05-28 07:07 | toracat | Resolution | open => fixed |