Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 453902 - sys-kernel/hardened-sources-3.7.0 kernel panic or something like this
Summary: sys-kernel/hardened-sources-3.7.0 kernel panic or something like this
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Anthony Basile
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-01-24 19:24 UTC by Kirill Elagin
Modified: 2013-04-13 22:32 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Screen photo (screen.jpg,425.71 KB, image/jpeg)
2013-01-24 19:27 UTC, Kirill Elagin
Details
Old kernel configuration (config-3.4.5,68.25 KB, text/plain)
2013-01-24 19:27 UTC, Kirill Elagin
Details
New kernel configuration (config-3.7.0,71.31 KB, text/plain)
2013-01-24 19:28 UTC, Kirill Elagin
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Kirill Elagin 2013-01-24 19:24:57 UTC
I have to admit, I have no idea, how to debug those random kernel panics, so…

After upgrading to 3.7.0 I immediately noticed that my home-server became really unstable. I realised it was randomly rebooting short after boot (because I have kernel.panic=1), so I plugged in a monitor, set kernel.panic=0. What actually happens doesn't quite look like a kernel panic—just a stacktrace somewhere around tcp/ip, as far as I can tell (see attached photo).

Before that I was running 3.4.5 and it's working fine now again. There are two differences in configuration: 1) New options 2) I've enabled CONFIG_IP_NF_MATCH_RPFILTER.

The “panic” happens nearly randomly, but I think I figured out one way to reproduce it: telnet to port 80 (lighttpd is running there) and start typing some random garbage. The bad thing is that this server is giving internet to my whole family so I can't really experiment a lot right now. I'll try to find some time this weekend, though.
Comment 1 Kirill Elagin 2013-01-24 19:27:13 UTC
Created attachment 336758 [details]
Screen photo
Comment 2 Kirill Elagin 2013-01-24 19:27:48 UTC
Created attachment 336760 [details]
Old kernel configuration
Comment 3 Kirill Elagin 2013-01-24 19:28:01 UTC
Created attachment 336762 [details]
New kernel configuration
Comment 4 Kirill Elagin 2013-01-24 19:29:03 UTC
Portage 2.2.0_alpha160 (hardened/linux/amd64, gcc-4.6.3, glibc-2.15-r3, 3.4.5-hardenedkirServ x86_64)
=================================================================
System uname: Linux-3.4.5-hardenedkirServ-x86_64-Intel-R-_Core-TM-2_CPU_6300_@_1.86GHz-with-gentoo-2.1
KiB Mem:     2052644 total,   1628968 free
KiB Swap:    2104508 total,   2104508 free
Timestamp of tree: Thu, 24 Jan 2013 11:45:01 +0000
ld GNU ld (GNU Binutils) 2.22
app-shells/bash:          4.2_p37
dev-lang/python:          2.5.4-r4, 2.6.8, 2.7.3-r2, 3.1.5, 3.2.3
dev-util/cmake:           2.8.9
dev-util/pkgconfig:       0.27.1
sys-apps/baselayout:      2.1-r1
sys-apps/openrc:          0.11.8
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.69
sys-devel/automake:       1.11.6
sys-devel/binutils:       2.22-r1
sys-devel/gcc:            4.6.3
sys-devel/gcc-config:     1.7.3
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82-r4
sys-kernel/linux-headers: 3.6 (virtual/os-headers)
sys-libs/glibc:           2.15-r3
Repositories: gentoo Local-overlay pythonhead mrcat NEERC-Linux-overlay gentoo-haskell sunrise
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA PUEL"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=core2"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.4/ext-active/ /etc/php/cgi-php5.4/ext-active/ /etc/php/cli-php5.4/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -pipe -march=core2"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="--keep-going --jobs=2"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs candy config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="http://mirror.yandex.ru/gentoo-distfiles/ ftp://mirror.yandex.ru/gentoo-distfiles/ http://mirror.switch.ch/ftp/mirror/gentoo/ ftp://mirror.switch.ch/mirror/gentoo/ "
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage /var/lib/layman/pythonhead /var/lib/layman/mrcat /var/lib/layman/neerc-linux /var/lib/layman/haskell /var/lib/layman/sunrise"
SYNC="rsync://rsync.ru.gentoo.org/gentoo-portage"
USE="acl amd64 bash-completion berkdb bzip2 cli cracklib crypt cxx dri gdbm hardened iconv iproute2 ipv6 justify ldap mmx modules mudflap multilib ncurses nls nptl openmp pam pax_kernel pcre readline session sse sse2 ssl syslog tcpd threads unicode urandom vim-syntax zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="alias auth_basic authn_file authz_host authz_user autoindex dav deflate dir env expires filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" PHP_TARGETS="php5-3" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" QEMU_SOFTMMU_TARGETS="i386" QEMU_USER_TARGETS="i386" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
Comment 5 Anthony Basile gentoo-dev 2013-04-13 22:32:13 UTC
Sorry I missed this earlier.  This should be solve in 3.7.5-r1 or later.  Do you want to try upgrading to that, and if you still hit this, then reopen this bug.