203039 – The nf_tables module crashes on boot

Bug 203039 - The nf_tables module crashes on boot

Summary: The nf_tables module crashes on boot

Status:	RESOLVED CODE_FIX

Alias:	None

Product:	Networking
Classification:	Unclassified
Component:	Netfilter/Iptables (show other bugs)
Hardware:	x86-64 Linux

Importance:	P1 blocking
Assignee:	networking_netfilter-iptables@kernel-bugs.osdl.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-03-25 18:05 UTC by Artem S. Tashkinov
Modified:	2019-03-28 10:17 UTC (History)
CC List:	2 users (show)

See Also:
Kernel Version:	5.0.4
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Artem S. Tashkinov 2019-03-25 18:05:02 UTC

After I tried to restart a LAN interface the kernel crashed:

localhost kernel: RIP: 0010:nft_set_elem_destroy+0x27/0xf0 [nf_tables]
localhost kernel: Code: 1f 40 00 55 48 89 e5 41 55 41 54 49 89 f4 53 48 83 ec 30 48 8b 87 80 00 00 00 48 c7 45 e0 00 00 00 00 48 c7 45 c0 00 00 00 00 <8b> 58 70 48 8b 47 28 48 c7 45 c8 00 00 00 00 48 c7 45 d0 00 00 00
localhost kernel: RSP: 0018:ffffb08040253810 EFLAGS: 00010282
localhost kernel: RAX: 0000000000000000 RBX: ffff8bbf44124a80 RCX: dead000000000200
localhost kernel: RDX: 0000000000000001 RSI: ffff8bbf402d4980 RDI: ffff8bbf40120000
localhost kernel: RBP: ffffb08040253858 R08: 0000000000000001 R09: ffffffffc15f3300
localhost kernel: R10: ffff8bbf44215180 R11: 0000000000000157 R12: ffff8bbf402d4980
localhost kernel: R13: ffff8bbf44124900 R14: dead000000000200 R15: dead000000000100
localhost kernel: FS:  00007f7419a8a740(0000) GS:ffff8bbf4eb00000(0000) knlGS:0000000000000000
localhost kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
localhost kernel: CR2: 000055feb3bc8008 CR3: 0000000403a14002 CR4: 00000000000606e0
localhost systemd[1]: nftables.service: Main process exited, code=killed, status=9/KILL
localhost systemd[1]: nftables.service: Failed with result 'signal'.
localhost systemd[1]: Failed to start Netfilter Tables.

If necessary I can attach my /etc/sysconfig/nftables.conf

Comment 1 Artem S. Tashkinov 2019-03-25 18:05:53 UTC

My distro is Fedora 29.
GCC version: 8.3.1-2.fc29.x86_64

Comment 2 Artem S. Tashkinov 2019-03-25 18:07:25 UTC

I compiled the kernel from sources ( https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.0.4.tar.xz ) with zero patches or modifications applied.

Comment 3 Artem S. Tashkinov 2019-03-25 18:23:59 UTC

This might be a dupe of bug 202905 which has recieved zero attention from developers for almost two weeks.

This was also discussed on LKML: https://lkml.org/lkml/2019/3/8/141

Here's a patch which probably resolves the issue: https://patchwork.ozlabs.org/patch/1053232/

Comment 4 Artem S. Tashkinov 2019-03-25 18:37:46 UTC

It turns out the nf_tables module ****crashes on boot****.

Why on earth hasn't this bug been solved already?

Comment 5 Artem S. Tashkinov 2019-03-28 10:09:38 UTC

We are at kernel 5.0.5 already and the issue is still not solved.

WTF guys?

Comment 6 Florian Westphal 2019-03-28 10:16:46 UTC

Its in the queue for 5.0.6:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.0/netfilter-nf_tables-fix-set-double-free-in-abort-pat.patch

Comment 7 Artem S. Tashkinov 2019-03-28 10:17:39 UTC

(In reply to Florian Westphal from comment #6)
> Its in the queue for 5.0.6:
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/
> queue-5.0/netfilter-nf_tables-fix-set-double-free-in-abort-pat.patch

Thanks! Please close bug 202905 as well.

Note You need to log in before you can comment on or make changes to this bug.