Bug 13129

Summary: Kernel panic after adding tap interface to bridge
Product: Networking Reporter: Aleksander Trofimowicz (aatrof)
Component: OtherAssignee: Arnaldo Carvalho de Melo (acme)
Status: CLOSED OBSOLETE    
Severity: normal CC: alan, philippe.gauthier
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 2.6.27.21 Subsystem:
Regression: No Bisected commit-id:
Attachments: serial output after kernel panic
kernel ring buffer
kernel config

Description Aleksander Trofimowicz 2009-04-17 13:51:05 UTC 
Created attachment 21029 [details]
serial output after kernel panic

Box has a 1 active truncated Ethernet link with dozens VLANs. During system startup virtual interfaces are created to separate each VLAN data from the others'. Several brigdes sit on the top of them, one for each VLAN. Everything works fine until I try to add kvm linux guest to whichever VLAN brigde. Then kernel freezes in a few seconds.

Steps to reproduce:

1) configure network interfaces accordingly to what has been described above (standard RedHat/Fedora config files in /etc/sysconfig/network-scripts suffice).
2) create TAP device using tunctl
3) change the state of the device to up 
4) add it to one of the bridges
5) run guest machine with one interface paired with previously created TAP device

Steps 2-4 can be handled automatically by qemu-kvm running script like this one:

#!/bin/sh
# prep_script.sh
set -x

switch=br100

if [ -n "$1" ];then
        /usr/sbin/tunctl -p -t $1
        /sbin/ip link set $1 up
        sleep 0.5s
        /usr/sbin/brctl addif $switch $1
        exit 0
else
        echo "Error: no interface specified"
        exit 1
fi

Then guest can be fired up using the following command:

qemu-kvm -m 1024 -net nic,model=e1000 -net tap,script=/path/to/prep_script.sh /path/to/disk.img

Additional info:

Host: Fedora 10 (see kernel ring buffer output file and kernel config file)
Guest: CentOS 5.3
Comment 1 Aleksander Trofimowicz 2009-04-17 13:54:26 UTC 
Created attachment 21030 [details]
kernel ring buffer
Comment 2 Aleksander Trofimowicz 2009-04-17 13:55:19 UTC 
Created attachment 21031 [details]
kernel config
Comment 3 Andrew Morton 2009-04-17 18:51:12 UTC 
(switched to email.  Please respond via emailed reply-to-all, not via the
bugzilla web interface).

On Fri, 17 Apr 2009 13:51:06 GMT
bugzilla-daemon@bugzilla.kernel.org wrote:

> http://bugzilla.kernel.org/show_bug.cgi?id=13129

There's some additional info at the bugzillal ink.

>            Summary: Kernel panic after adding tap interface to bridge
>            Product: Networking
>            Version: 2.5
>     Kernel Version: 2.6.27.21
>           Platform: All
>         OS/Version: Linux
>               Tree: Fedora
>             Status: NEW
>           Severity: normal
>           Priority: P1
>          Component: Other
>         AssignedTo: acme@ghostprotocols.net
>         ReportedBy: aatrof@gmail.com
>         Regression: No
> 
> 
> Created an attachment (id=21029)
>  --> (http://bugzilla.kernel.org/attachment.cgi?id=21029)
> serial output after kernel panic
> 
> Box has a 1 active truncated Ethernet link with dozens VLANs. During system
> startup virtual interfaces are created to separate each VLAN data from the
> others'. Several brigdes sit on the top of them, one for each VLAN.
> Everything
> works fine until I try to add kvm linux guest to whichever VLAN brigde. Then
> kernel freezes in a few seconds.
> 
> Steps to reproduce:
> 
> 1) configure network interfaces accordingly to what has been described above
> (standard RedHat/Fedora config files in /etc/sysconfig/network-scripts
> suffice).
> 2) create TAP device using tunctl
> 3) change the state of the device to up 
> 4) add it to one of the bridges
> 5) run guest machine with one interface paired with previously created TAP
> device
> 
> Steps 2-4 can be handled automatically by qemu-kvm running script like this
> one:
> 
> #!/bin/sh
> # prep_script.sh
> set -x
> 
> switch=br100
> 
> if [ -n "$1" ];then
>         /usr/sbin/tunctl -p -t $1
>         /sbin/ip link set $1 up
>         sleep 0.5s
>         /usr/sbin/brctl addif $switch $1
>         exit 0
> else
>         echo "Error: no interface specified"
>         exit 1
> fi
> 
> Then guest can be fired up using the following command:
> 
> qemu-kvm -m 1024 -net nic,model=e1000 -net tap,script=/path/to/prep_script.sh
> /path/to/disk.img
> 
> Additional info:
> 
> Host: Fedora 10 (see kernel ring buffer output file and kernel config file)
> Guest: CentOS 5.3
>
Comment 4 Aleksander Trofimowicz 2009-04-24 20:51:14 UTC 
2009/4/17  <bugzilla-daemon@bugzilla.kernel.org>:
> http://bugzilla.kernel.org/show_bug.cgi?id=13129
>

I found that using an iptables rule with physdev module in FORWARD
chain (e.g. iptables -I FORWARD -m physdev
--physdev-is-bridged -j ACCEPT) helps kernel survive after guest gets
up.That's also true for a host
without any iptables rules loaded. Even if such a rule is a requisite
for proper system configuration,
shouldn't kernel make some kind of sanity checks?
Comment 5 Aleksander Trofimowicz 2009-04-27 09:14:11 UTC 
2009/4/17  <bugzilla-daemon@bugzilla.kernel.org>:
> http://bugzilla.kernel.org/show_bug.cgi?id=13129
>
I found that using an iptables rule with physdev module in FORWARD
chain (e.g. iptables -I FORWARD -m physdev
--physdev-is-bridged -j ACCEPT) helps kernel survive after guest gets
up.That's also true for a host
without any iptables rules loaded. Even if such a rule is a requisite
for proper system configuration,
shouldn't kernel make some kind of sanity checks?
Comment 6 Alan 2012-05-30 16:16:27 UTC 
Closing as obsolete, if this is still seen with a modern kernel please report