Description of problem: An operation of the form "echo -bond0 > /sys/class/net/bonding_masters" can trigger a NULL pointer dereference in sysfs. How reproducible: Set up bond0 interface, take it down and do: # echo -bond0 > /sys/class/net/bonding_masters Steps to Reproduce: 1) Bonding device is set. 2) ifdown bond0 3) echo -bond0 > /sys/class/net/bonding_masters Actual results: Panic Additional info: A fix is available to fix this problem and is on upstream: http://lkml.org/lkml/2007/6/19/279 I'll attach the patch with offsets fixed for RHEL5. -Flavio
Created attachment 181361 [details] Patch from upstream with offsets fixed for RHEL-5
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
My test kernels have been updated to include a patch for this bugzilla. http://people.redhat.com/agospoda/#rhel5 Please test them and report back your results.
Feedback from Fujitsu. ------------------------------------ Matsuya-san, I tested the same test on test-RPMS. When the bonding device was deleted, the system didn't do the kernel panic. Thank you for your fix. Izumi Takada Internal Status set to 'Waiting on Engineering' This event sent from IssueTracker by mmatsuya issue 130401
Hi Andy, From Fujitsu: ------------------------------------------ I tested the same test on test-kernel. Kernel version: 2.6.18-61.el5.gtest.34 The system didn't happen the kernel panic. But the following messages continued to output and command prompt didn't return when IPv6 state is on. kernel: unregister_netdevice: waiting for bond0 to become free. Usage count = 1 When I turned off and tested IPv6, this message was not output. This event sent from IssueTracker by mmatsuya issue 130401
in 2.6.18-62.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5
Unfortunately a bug slipped into the RHEL5 dev tree that caused the problem they describe, but it has already been fixed in the latest dev tree and my test kernels.
Hello Andy, > but it has already been fixed in the latest dev tree and my test kernels. But this problem occured again on the environment of Fujitsu with your test kernel. Can you please check it again? > Matsuya-san, > > I checked the same test on test-kernel again. > --> Kernel version: 2.6.18-62.el5.gtest.36 > But the following problem happened again. > Sorry, would you check it, please? >> But the following messages continued to output and command prompt didn't >> return when IPv6 state is on. >> kernel: unregister_netdevice: waiting for bond0 to become free. Usage count = 1 This event sent from IssueTracker by mmatsuya issue 130401
I was sure my most recent test kernels has this resolved. Does this issue still appear with gtest.36?
Yes, Fujitsu tested gtest.36. And they saw this problem. > But the following messages continued to output and command prompt didn't > return when IPv6 state is on. > kernel: unregister_netdevice: waiting for bond0 to become free. Usage count = 1 This event sent from IssueTracker by mmatsuya issue 130401
Created attachment 292974 [details] bonding-rhel5-fixes.patch I could not make my system on the latest kernel (2.6.18-72.el5) fail with a simple # ifdown bond0 but I did find that the original test case fails again due to some other patches that were added. The box doesn't panic, but there are some reference count issuse. This was already fixed upstream and I wanted to pull it anyway, so I've attached the patch that resolves the original test case. If the customer can reproduce this problem by simply typing # ifdown bond0 please have them provide more detailed information. I even assigned an ipv6 address in my testing and did not have any problems.
does this need to be mentioned in the release notes? if so, please post the necessary content for it. thanks!
in 2.6.18-79.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5
Greetings Red Hat Partner, A fix for this issue should be included in the latest packages contained in RHEL5.2-Snapshot1--available now on partners.redhat.com. Please test and confirm that your issue is fixed. After you (Red Hat Partner) have verified that this issue has been addressed, please perform the following: 1) Change the *status* of this bug to VERIFIED. 2) Add *keyword* of PartnerVerified (leaving the existing keywords unmodified) If this issue is not fixed, please add a comment describing the most recent symptoms of the problem you are having and change the status of the bug to ASSIGNED. If you are receiving this message in Issue Tracker, please reply with a message to Issue Tracker about your results and I will update bugzilla for you. If you need assistance accessing ftp://partners.redhat.com, please contact your Partner Manager. Thank you
can somebody please post the necessary release note text for this? i'm afraid i don't fully understand the issue that was resolved. thanks!
Don, you can probably just get away with a note that indicates that the bonding driver has been upgraded to version 3.2.4.
*** Bug 249806 has been marked as a duplicate of this bug. ***
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0314.html