From: Jon Masters <jonathan@jonmasters.org>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: linux-kernel <linux-kernel@vger.kernel.org>,
netdev <netdev@vger.kernel.org>,
netfilter-devel <netfilter-devel@vger.kernel.org>,
Patrick McHardy <kaber@trash.net>
Subject: Re: debug: nt_conntrack and KVM crash
Date: Sat, 30 Jan 2010 05:03:14 -0500 [thread overview]
Message-ID: <1264845794.7499.10.camel@tonnant> (raw)
In-Reply-To: <1264840415.2919.19.camel@edumazet-laptop>
On Sat, 2010-01-30 at 09:33 +0100, Eric Dumazet wrote:
> Le samedi 30 janvier 2010 à 02:36 -0500, Jon Masters a écrit :
>
> > I'll play later. Right now, I'm looking over every iptables/ip call
> > libvirt makes - it explicitly plays with the netns for the loopback,
> > which looks interesting. Supposing it does cause the hashtables to get
> > unintentionally zereod or the sizing to get wiped out, we should also
> > nonetheless catch the case that the hash function generates a whacko
> > number or that the hash size is set to zero when we want to use it.
> I asked you if you had multiple namespaces, because I was not sure
> conntracking hash was global (shared by all namespaces), or local.
Well, I didn't think I had multiple namespaces, and in fact I don't see
more than one in gdb when I poke at the net struct. What I see libvirt
doing (very oddly indeed - looking at the source now) is calling ip and
asking for the lo device to be moved into the netns for pid "-1", which
isn't valid AFAIK (should be a valid pid, unless "-1" is supposed to be
"this process" or something, haven't played with multiple namespaces).
I'll do some more digging (network stuff isn't my area) now and come
back. It only reproduces if multiple VMs start at once (hence a race,
perhaps as you describe) whereas if I disable autostart and let them
come up one at a time, the box doesn't roll over.
Jon.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2010-01-30 10:03 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-30 1:10 debug: nt_conntrack and KVM crash Jon Masters
2010-01-30 1:57 ` Jon Masters
2010-01-30 1:59 ` Jon Masters
2010-01-30 6:58 ` Eric Dumazet
2010-01-30 7:36 ` Jon Masters
2010-01-30 7:40 ` Jon Masters
2010-01-30 8:33 ` Eric Dumazet
2010-01-30 10:03 ` Jon Masters [this message]
2010-02-01 9:32 ` Jon Masters
2010-02-01 9:36 ` Alexey Dobriyan
2010-02-01 10:12 ` Eric Dumazet
2010-02-01 10:25 ` Alexey Dobriyan
2010-02-01 10:38 ` Jon Masters
2010-02-01 11:23 ` Eric Dumazet
2010-02-01 14:48 ` Alexey Dobriyan
2010-02-01 14:57 ` Eric Dumazet
2010-02-01 14:52 ` [PATCH] netfilter: per netns nf_conntrack_cachep Eric Dumazet
2010-02-01 14:58 ` Alexey Dobriyan
2010-02-01 15:02 ` Eric Dumazet
2010-02-02 11:04 ` Jon Masters
2010-02-02 11:35 ` Jon Masters
2010-02-02 16:46 ` Jon Masters
2010-02-02 16:48 ` Patrick McHardy
2010-02-02 17:07 ` Jon Masters
2010-02-02 17:58 ` Alexey Dobriyan
2010-02-02 18:16 ` Jon Masters
2010-02-02 18:34 ` Jon Masters
2010-02-02 18:36 ` Patrick McHardy
2010-02-02 18:39 ` Jon Masters
2010-02-02 18:42 ` Jon Masters
2010-02-03 12:10 ` Patrick McHardy
2010-02-03 18:38 ` Jon Masters
2010-02-03 19:09 ` Alexey Dobriyan
2010-02-03 19:43 ` Jon Masters
2010-02-03 19:46 ` Jon Masters
2010-02-03 19:53 ` Alexey Dobriyan
2010-02-03 20:04 ` Jon Masters
2010-02-03 19:51 ` Alexey Dobriyan
2010-02-03 19:53 ` Jon Masters
2010-02-03 20:01 ` Alexey Dobriyan
2010-02-04 12:25 ` Patrick McHardy
2010-02-04 12:27 ` Alexey Dobriyan
2010-02-04 12:30 ` Patrick McHardy
2010-02-04 12:35 ` Alexey Dobriyan
2010-02-04 13:04 ` Patrick McHardy
2010-02-04 13:18 ` Jon Masters
2010-02-04 13:37 ` Patrick McHardy
2010-02-04 13:42 ` Jon Masters
2010-02-03 20:21 ` Jon Masters
2010-02-04 12:24 ` Patrick McHardy
2010-02-02 16:58 ` PROBLEM with summary: " Jon Masters
2010-02-02 17:04 ` Patrick McHardy
2010-02-02 17:16 ` Eric Dumazet
2010-02-02 17:23 ` Jon Masters
2010-02-02 4:36 ` Jon Masters
2010-02-02 7:02 ` Jon Masters
2010-02-02 10:47 ` Jon Masters
2010-02-04 14:00 ` Patrick McHardy
2010-02-01 10:35 ` debug: nt_conntrack and KVM crash Jon Masters
2010-02-01 10:44 ` Alexey Dobriyan
2010-02-01 10:47 ` Alexey Dobriyan
2010-02-01 10:49 ` Alexey Dobriyan
2010-02-01 10:53 ` Jon Masters
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1264845794.7499.10.camel@tonnant \
--to=jonathan@jonmasters.org \
--cc=eric.dumazet@gmail.com \
--cc=kaber@trash.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).