Bug 129412 - Kernel panics in ip6_nexthdr when eth0 is bought up during boot
Summary: Kernel panics in ip6_nexthdr when eth0 is bought up during boot
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: rawhide
Hardware: i586
OS: Linux
medium
high
Target Milestone: ---
Assignee: Dave Jones
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-08-08 14:56 UTC by Tom Hughes
Modified: 2015-01-04 22:08 UTC (History)
3 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2005-10-06 00:27:41 UTC


Attachments (Terms of Use)
Fix for ip6t_LOG.c OOPS (1.20 KB, patch)
2004-08-29 06:29 UTC, David Miller
no flags Details | Diff

Description Tom Hughes 2004-08-08 14:56:32 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.00 (compatible; MSIE 5.5; Windows NT 5.0)

Description of problem:
If I have an IPv6 firewall rule setup with LOG as a target then the
kernel panics in ip6_nexthdr when eth0 is bought up during the boot
process - at a guess it only actually panics when the first IPv6
packet hits that rule but that happens fairly quickly. This doesn't
happen with the original kernel-2.6.5-1.358 package. The panic is as
follows:

*pde = 09446067
Oops: 0000 [#1]
Modules linked in: de4x5 ipt_REJECT ipt_LOG ipt_limit ipt_state
iptable_filter iptable_nat ip_conntrack ip_tables ip6t_LOG ip6t_limit
ip6t_tables ipv6 floppy sg scsi_mod dm_mod uhci_hcd ext3 jbd

CPU: 0
EIP: 0060 [<cc841040>] Not tainted
EFLAGS: 00010246 (2.6.7-1.494.2.2)
EIP is at ip6_nexthdr+0x40/0x63 [ip6t_LOG]
eax: 00000000 ebx: 0000003b ecx: c03cb084 edx: c9514838
esi: 00000000 edi: 00000000 ebp: c9514810 esp: c03cbe54
ds: 007b es: 007b ss: 0068

Process: ifup (...)
Stack: ...
Call Trace:
Stack pointer is garbage, not printing trace
Code: 0f b6 00 8a 1a 8d 04 c5 08 00 00 00 0f b6 c0 01 c2 89 11 eb
<0> Kernel panic: Fatal exception in interrupt

Version-Release number of selected component (if applicable):
kernel-2.6.7-1.494.2.2

How reproducible:
Always

Steps to Reproduce:
1. Add IPv6 firewall rull with LOG as target
2. Bring up interface
3. Allow packet to hit target?
    

Actual Results:  The kernel paniced.

Expected Results:  Packet should have been logged

Additional info:

Comment 1 Louis Lagendijk 2004-08-11 22:36:39 UTC
I have seen the same oops on the 2.6.7-1.494.2.2 kernel, for example
at shutting down the system, where some IPv6 messages are sent that
get filtered by the IPv6 packet filter. Reverting to kernel
2.6.6-1.435.2.3 solved the problem for now.

Comment 2 Tom Hughes 2004-08-21 11:03:53 UTC
This is still occurring in the 2.6.8-1.521 kernel - there seems to be
a small window at boot time and shutdown time when the oops can occur.
Once the system is up I can add an IPv6 firewall rule with a LOG
target and everything will be fine until I shutdown at which point it
will oops during the shutdown.

Comment 3 David Miller 2004-08-29 06:29:31 UTC
Created attachment 103217 [details]
Fix for ip6t_LOG.c OOPS

Fixed by Olaf Kirch in 2.6.9-preX

Comment 4 Tom Hughes 2004-11-24 18:42:10 UTC
The 2.6.9-1.6_FC2 errate kernel appears to have fixed this for me.

Comment 5 Tom Hughes 2004-11-24 18:43:43 UTC
Closed by accident (with wrong resolution), so reopening.


Note You need to log in before you can comment on or make changes to this bug.