Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 503040 - sys-kernel/gentoo-sources-3.13.5 - kernel panic using nftables' log
Summary: sys-kernel/gentoo-sources-3.13.5 - kernel panic using nftables' log
Status: RESOLVED NEEDINFO
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: AMD64 Linux
: Normal normal
Assignee: Gentoo Kernel Bug Wranglers and Kernel Maintainers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-02-28 13:13 UTC by William
Modified: 2014-04-22 11:51 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
my .config (config,92.67 KB, text/plain)
2014-02-28 13:14 UTC, William 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description William 2014-02-28 13:13:41 UTC 
Nftables works fine as long as you don't enable logging.
Something like this: 

table firewall {
        chain incoming {
                type filter hook input priority 0;
                        ip protocol icmp drop
                        accept
        }
}

Ping the interface, the kernel panics in ipt_log_fn, nf_log_packet.



Reproducible: Always

Steps to Reproduce:
1. add rule in nftables that logs an event
2. trigger rule
3. watch machine die
Actual Results:  
kernel panic

Expected Results:  
no kernel panic

I'll attach my .config.
Comment 1 William 2014-02-28 13:14:46 UTC 
Created attachment 371426 [details]
my .config
Comment 2 William 2014-02-28 13:16:54 UTC 
Oh, the nftables rule I quoted works because no logging is requested. This would kernel panic:


table firewall {
        chain incoming {
                type filter hook input priority 0;
                        ip protocol icmp log drop
                        accept
        }
}

And the a ping results to "kernel panic not syncing, Fatal exception in interrupt"
Comment 3 Mike Pagano gentoo-dev 2014-03-07 20:01:16 UTC 
Can I see the panic, please? Maybe the full dmesg and also your emerge --info