https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=68
Summary: Kernel panic
Product: netfilter/iptables
Version: linux-2.4.x
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: critical
Priority: P2
Component: unknown
AssignedTo: laforge@netfilter.org
ReportedBy: nolife@sigsegv.cc
CC: netfilter-buglog@lists.netfilter.org
Hi,
I've had this kernel panic with about 5 or 6 different 2.4.* kernel
including
2.4.18, 2.4.19 and 2.4.20.
I've had this panic (at least the allways act the same way) on 4 or 5
different
computers ranging from cheap to expensive equipment.
I have this problem now for a pretty long time, and was able to catch the
message on a disk now (the firewalls run on places which can't be offline so
people there allways were happy to get it running and did not want to write
down a panic dump)
The kernel panic usually happens when the firewall is loaded/reloaded from
remote (sshd) but this does not mean it allways happens, i was yet not able to
find any reason and the only common thing is that it happens when you don't
expect it and you usually can't make it happen when you are prepared.
Like i once had a test running for 3 days which reloadewd the firewall all 10
seconds without a problem.
The day after i loaded it a last time and it crashed.
It also does not seem to be in connection with the time the box is running or
the traffic as i also have cases where it crashes - reboot - loading makes it
crash again.
I've built iptables as modules.
Here the ksymoops response:
Warning (compare_maps): ip_conntrack symbol
GPLONLY_ip_conntrack_expect_find_get not found
in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o.
Ignoring /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o entry
Warning (compare_maps): ip_conntrack symbol GPLONLY_ip_conntrack_expect_put not
found in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o.
Ignoring /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o entry
Warning (compare_maps): ip_conntrack symbol GPLONLY_ip_conntrack_find_get not
found in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o.
Ignoring /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o entry
Warning (compare_maps): ip_conntrack symbol GPLONLY_ip_conntrack_put not found
in /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o.
Ignoring /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o entry
Warning (compare_maps): mismatch on symbol ip_conntrack_hash , ip_conntrack
says d0937be0, /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o
says d09376a0.
Ignoring /lib/modules/2.4.20/kernel/net/ipv4/netfilter/ip_conntrack.o entry
<4>kernel BUG at slab.c:1128!
<4>invalid operand: 0000
<4>CPU: 0
<4>EIP: 0010:[<c012da44>] Tainted: P
Using defaults from ksymoops -t elf32-i386 -a i386
<4>EFLAGS: 00010202
<4>eax: 000001f0 ebx: c12c5080 ecx: c12c5090 edx: 00000000
<4>esi: c12c5080 edi: 000001f0 ebp: 00000246 esp: cd0b1cc0
<4>ds: 0018 es: 0018 ss: 0018
<4>Process iptables (pid: 26785, stackpage=cd0b1000)
<4>Stack: 00000000 cd0b0000 ccfde6c0 00000246 00000286 00001000 c12c5080
c12c5080
<4> d0998000 c12c5080 00000246 c012e080 c12c5080 000001f0 cd0b0000
00001000
<4> 0000dd00 00000296 00000000 00001000 d0998000 00001000 d0994000
c012cb07
<4>Call Trace: [<c012e080>] [<c012cb07>] [<c012ccde>]
[<d095d90d>]
[<d0931a45>]
<4> [<d0932315>] [<c01305bf>] [<d09327f7>]
[<d0934700>] [<c01f3898>]
[<c01f38fc>]
<4> [<c0200a49>] [<c021ed21>] [<c01e7663>]
[<c01e7cb3>] [<c01126e0>]
[<c01075d4>]
<4> [<c01074e3>]
<4>Code: 0f 0b 68 04 cd 43 24 c0 89 7c 24 04 81 64 24 04 f0 01 00 00
>>EIP; c012da44 <kmem_cache_grow+54/240> <====Trace; c012e080
<kmalloc+150/180>
Trace; c012cb07 <get_vm_area+17/100>
Trace; c012ccde <__vmalloc+3e/200>
Trace; d095d90d <[iptable_filter].data.end+3fae/56a1>
Trace; d0931a45 <[ip_conntrack]__unexpect_related+5/60>
Trace; d0932315 <[ip_conntrack]icmp_error_track+d5/1a0>
Trace; c01305bf <__alloc_pages+3f/170>
Trace; d09327f7 <[ip_conntrack]init_conntrack+2a7/390>
Trace; d0934700 <[ip_conntrack]tcp_exp_matches_pkt+40/46>
Trace; c01f3898 <nf_sockopt+d8/120>
Trace; c01f38fc <nf_setsockopt+1c/20>
Trace; c0200a49 <ip_setsockopt+759/8b0>
Trace; c021ed21 <inet_setsockopt+21/30>
Trace; c01e7663 <sys_setsockopt+53/70>
Trace; c01e7cb3 <sys_socketcall+183/1d0>
Trace; c01126e0 <do_page_fault+0/4cb>
Trace; c01075d4 <error_code+34/3c>
Trace; c01074e3 <system_call+33/38>
Code; c012da44 <kmem_cache_grow+54/240>
00000000 <_EIP>:
Code; c012da44 <kmem_cache_grow+54/240> <==== 0: 0f 0b
ud2a <====Code; c012da46 <kmem_cache_grow+56/240>
2: 68 04 cd 43 24 push $0x2443cd04
Code; c012da4b <kmem_cache_grow+5b/240>
7: c0 89 7c 24 04 81 64 rorb $0x64,0x8104247c(%ecx)
Code; c012da52 <kmem_cache_grow+62/240>
e: 24 04 and $0x4,%al
Code; c012da54 <kmem_cache_grow+64/240>
10: f0 01 00 lock add %eax,(%eax)
<4> <0>Kernel panic: Aiee, killing interrupt handler!
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.