Couldn't find a netfilter category so I chose iptables. Description of problem: Fedora 11 host OS with one F11 fully virtualized domain (KVM) directly connected to host eth0 via a bridge br0. Both fresh installs. Once the virtual machine is set to autostart and the host rebooted, the host locks up shortly after bootup (under a minute, faster with a faster CPU), with a message like "BUG: unable to handle kernel NULL pointer dereference at 00000001" (not always same message) followed by a hefty stack dump, sometimes repeated. If autostart is disabled and the domain is started manually after boot then the system appears to be stable (which is why the install succeeded). The problem has also _completely gone away_, even with autostart enabled, once I took the bridge traffic off iptables (sysctl.conf) and rebooted. The iptables setting is the only one that mattered but all of them should be off on a server for security anyway, I realize that probably messes the default NATed bridged setup but that's not useful in a server anyway. net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-arptables = 0 Version-Release number of selected component (if applicable): kernel-PAE-2.6.29.6-217.2.16.fc11.i686 libvirt-0.6.2-14.fc11.i586 iptables-1.4.3.1-1.fc11.i586 bridge-utils-1.2-7.fc11.i586 How reproducible: Lockup happens in under a minute with the above setup. On a faster machine (E6400 @2.1GHz) it happens almost as soon as login prompt appears. Steps to Reproduce: 1. Install Fedora 11 with virtualization 2. Disable NetworkManager chkconfig NetworkManager off chkconfig network on 3. Create bridge for eth0 Create /etc/sysconfig/network-scripts/ifcfg-br0 DEVICE=br0 TYPE=Bridge BOOTPROTO=dhcp ONBOOT=yes Modify /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=none BRIDGE=br0 add "-A FORWARD -i br0 -o br0 -j ACCEPT" to /etc/sysconfig/iptables set default runlevel to 3 in /etc/inittab (to watch panics) reboot 4. Install a fully-virtualized Fedora 11 domain "test", its network device connected to br0 (host eth0). 5. Confirm system is stable while domain "test" is up. 6. virsh autostart test; reboot 7. Within 1min after login prompt appears, the host OS hangs. The kernel panic is not always the same, sometimes it can't finish writing it. 8. Stop the bridge from sending traffic via netfilter: Add to /etc/sysctl.conf net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-arptables = 0 virsh autostart test reboot 9. The system does not lock up any more. Actual results: Host hangs when virtual domain is set to autostart. Expected results: Host should not hang under any circumstance. Additional info: System: Dell Dimension 9200, CPU Intel Core 2 Duo E6300 @1.8GHz, eth0 is Intel 82566DC Gigabit onboard, runlevel 3 in fb text console mode to eliminate xorg video driver. The physical network contains a lot of Windows machines that do a lot of broadcast chatter (this is apparently needed because I noticed the e1000 driver is always listed somewhere in the stack dumps). May be related to bug 501137 but that one does not have enough info be sure.
Created attachment 359859 [details] Screen photo of kernel panic stack dump
This is a kernel problem. Reassigning to kernel.
Please try the latest update, kernel-2.6.30.5-43
Same thing with 2.6.30.5-43, tried both PAE and non-PAE.
I think I'm seeing the same bug -- 32-bit F11 guest on 64-bit F11 host. Everything is fine when guest is started manually, but autostarting causes host kernel panic. I already have net.bridge.bridge-nf-call-iptables = 0, I'll try setting arptables and ip6tables to 0 also.
Just to confirm, setting net.bridge.bridge-nf-call-{arptables,ip6tables} to 0 gets rid of the panic for me as well.
I have these sysctls set (by default, it would seem) on F12 and have a box falling over under very similar circumstances. This isn't fixed.
*** This bug has been marked as a duplicate of bug 533087 ***