Bug 1045198

Summary:	network change triggers modprobe to hang, crashing firewalld and causing 100% CPU load
Product:	[Fedora] Fedora	Reporter:	Jason Haar <jhaar>
Component:	kernel	Assignee:	Kernel Maintainer List <kernel-maint>
Status:	CLOSED NEXTRELEASE	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	high	Docs Contact:
Priority:	unspecified
Version:	20	CC:	gansalmon, itamar, jhaar, jonathan, jpopelka, kernel-maint, madhu.chinakonda, michele, twoerner
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2014-03-13 19:22:07 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:

Description Jason Haar 2013-12-19 20:50:36 UTC

Description of problem:

Says it all really. It's not happening every time, but after connecting to a network (wifi only in my case), I suddenly hear my laptop fan kick into gear and top shows "/sbin/modprobe -r nf_conntrack_ipv4" taking 100% CPU

I cannot clear the fault, only a reboot fixes it

Version-Release number of selected component (if applicable):


How reproducible:

sometimes after network connect

Steps to Reproduce:
1. connect to network
2. 
3.

Actual results:


Expected results:


Additional info:

I'm guessing it's firewalld. syslog shows firewalld crashed, but pstree shows the hung modprobe command has "1" as it's parent - so I'm guessing firewalld called modprobe, it errored and caused firewalld to crash

syslog shows

Dec 20 09:27:18 jhaar-lnx-nzcl systemd: Starting firewalld - dynamic firewall daemon...
Dec 20 09:28:48 jhaar-lnx-nzcl systemd: firewalld.service operation timed out. Terminating.
Dec 20 09:30:18 jhaar-lnx-nzcl systemd: firewalld.service stopping timed out (2). Killing.
Dec 20 09:31:48 jhaar-lnx-nzcl systemd: firewalld.service still around after SIGKILL (2). Entering failed mode.
Dec 20 09:31:48 jhaar-lnx-nzcl systemd: Failed to start firewalld - dynamic firewall daemon.
Dec 20 09:31:48 jhaar-lnx-nzcl systemd: Unit firewalld.service entered failed state.

If I manually restart firewalld, it hangs, generating the syslog msg

Dec 20 09:49:21 jhaar-lnx-nzcl firewalld: 2013-12-20 09:49:21 ERROR: ipv4 table 'nat' does not exist (or not enough permission to check).



If I manually try to install the nf_conntrack_ipv4 module via modprobe, it triggers kernel errors, which implies my modules don't match my kernel? (I'm running vanilla F20: I had installed the beta and it has auto-updated to F20)

[168290.737697] nf_conntrack_ipv4: Unknown symbol __nf_ct_l4proto_find (err -2)
[168290.737703] nf_conntrack_ipv4: Unknown symbol nf_conntrack_find_get (err -2)
[168290.737706] nf_conntrack_ipv4: Unknown symbol nf_ct_l3proto_register (err -2)
[168290.737712] nf_conntrack_ipv4: Unknown symbol nf_conntrack_l4proto_udp4 (err -2)
[168290.737714] nf_conntrack_ipv4: Unknown symbol nf_ct_l3proto_pernet_unregister (err -2)
[168290.737718] nf_conntrack_ipv4: Unknown symbol nf_nat_seq_adjust_hook (err -2)
[168290.737726] nf_conntrack_ipv4: Unknown symbol nf_ct_l3proto_pernet_register (err -2)
[168290.737730] nf_conntrack_ipv4: Unknown symbol need_conntrack (err -2)
[168290.737734] nf_conntrack_ipv4: Unknown symbol nf_ct_l3proto_unregister (err -2)
[168290.737736] nf_conntrack_ipv4: Unknown symbol nf_conntrack_htable_size (err -2)
[168290.737739] nf_conntrack_ipv4: Unknown symbol nf_ct_l4proto_register (err -2)
[168290.737742] nf_conntrack_ipv4: Unknown symbol nf_ct_l4proto_pernet_unregister (err -2)
[168290.737745] nf_conntrack_ipv4: Unknown symbol __nf_conntrack_confirm (err -2)
[168290.737748] nf_conntrack_ipv4: Unknown symbol nf_ct_invert_tuple (err -2)
[168290.737752] nf_conntrack_ipv4: Unknown symbol nf_ct_l4proto_unregister (err -2)
[168290.737756] nf_conntrack_ipv4: Unknown symbol nf_conntrack_l4proto_tcp4 (err -2)
[168290.737759] nf_conntrack_ipv4: Unknown symbol nf_ct_deliver_cached_events (err -2)
[168290.737761] nf_conntrack_ipv4: Unknown symbol nf_conntrack_set_hashsize (err -2)
[168290.737766] nf_conntrack_ipv4: Unknown symbol nf_ct_get_tuplepr (err -2)
[168290.737768] nf_conntrack_ipv4: Unknown symbol nf_ct_l4proto_pernet_register (err -2)
[168290.737771] nf_conntrack_ipv4: Unknown symbol __nf_ct_refresh_acct (err -2)
[168290.737774] nf_conntrack_ipv4: Unknown symbol nf_conntrack_in (err -2)

Comment 1 Jiri Popelka 2013-12-20 16:04:10 UTC

(In reply to Jason Haar from comment #0)
> If I manually try to install the nf_conntrack_ipv4 module via modprobe, it
> triggers kernel errors, which implies my modules don't match my kernel? (I'm
> running vanilla F20: I had installed the beta and it has auto-updated to F20)

~> kernel

Comment 2 Michele Baldessari 2013-12-28 21:11:04 UTC

Can you upload a full /var/log/messages containing the sequence of events (network change, kernel error messages)

thanks
Michele

Comment 3 Jason Haar 2014-03-13 19:18:05 UTC

sorry, you'd better close this ticket. I think I disabled bugzilla notifications at Xmas and never got your message. Since then I have reinstalled F20 (it was that bad) and this problem hasn't reoccurred

Thanks

Jason

Comment 4 Josh Boyer 2014-03-13 19:22:07 UTC

Thanks.