Bug 129412 - Kernel panics in ip6_nexthdr when eth0 is bought up during boot
Kernel panics in ip6_nexthdr when eth0 is bought up during boot
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
i586 Linux
medium Severity high
: ---
: ---
Assigned To: Dave Jones
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2004-08-08 10:56 EDT by Tom Hughes
Modified: 2015-01-04 17:08 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-10-05 20:27:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Fix for ip6t_LOG.c OOPS (1.20 KB, patch)
2004-08-29 02:29 EDT, David Miller
no flags Details | Diff

  None (edit)
Description Tom Hughes 2004-08-08 10:56:32 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.00 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
If I have an IPv6 firewall rule setup with LOG as a target then the
kernel panics in ip6_nexthdr when eth0 is bought up during the boot
process - at a guess it only actually panics when the first IPv6
packet hits that rule but that happens fairly quickly. This doesn't
happen with the original kernel-2.6.5-1.358 package. The panic is as

*pde = 09446067
Oops: 0000 [#1]
Modules linked in: de4x5 ipt_REJECT ipt_LOG ipt_limit ipt_state
iptable_filter iptable_nat ip_conntrack ip_tables ip6t_LOG ip6t_limit
ip6t_tables ipv6 floppy sg scsi_mod dm_mod uhci_hcd ext3 jbd

CPU: 0
EIP: 0060 [<cc841040>] Not tainted
EFLAGS: 00010246 (2.6.7-1.494.2.2)
EIP is at ip6_nexthdr+0x40/0x63 [ip6t_LOG]
eax: 00000000 ebx: 0000003b ecx: c03cb084 edx: c9514838
esi: 00000000 edi: 00000000 ebp: c9514810 esp: c03cbe54
ds: 007b es: 007b ss: 0068

Process: ifup (...)
Stack: ...
Call Trace:
Stack pointer is garbage, not printing trace
Code: 0f b6 00 8a 1a 8d 04 c5 08 00 00 00 0f b6 c0 01 c2 89 11 eb
<0> Kernel panic: Fatal exception in interrupt

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Add IPv6 firewall rull with LOG as target
2. Bring up interface
3. Allow packet to hit target?

Actual Results:  The kernel paniced.

Expected Results:  Packet should have been logged

Additional info:
Comment 1 Louis Lagendijk 2004-08-11 18:36:39 EDT
I have seen the same oops on the 2.6.7-1.494.2.2 kernel, for example
at shutting down the system, where some IPv6 messages are sent that
get filtered by the IPv6 packet filter. Reverting to kernel
2.6.6-1.435.2.3 solved the problem for now.
Comment 2 Tom Hughes 2004-08-21 07:03:53 EDT
This is still occurring in the 2.6.8-1.521 kernel - there seems to be
a small window at boot time and shutdown time when the oops can occur.
Once the system is up I can add an IPv6 firewall rule with a LOG
target and everything will be fine until I shutdown at which point it
will oops during the shutdown.
Comment 3 David Miller 2004-08-29 02:29:31 EDT
Created attachment 103217 [details]
Fix for ip6t_LOG.c OOPS

Fixed by Olaf Kirch in 2.6.9-preX
Comment 4 Tom Hughes 2004-11-24 13:42:10 EST
The 2.6.9-1.6_FC2 errate kernel appears to have fixed this for me.
Comment 5 Tom Hughes 2004-11-24 13:43:43 EST
Closed by accident (with wrong resolution), so reopening.

Note You need to log in before you can comment on or make changes to this bug.