Created attachment 107064 [details] Kernel panic output I'm trying to use HTB qdisc. Using something like this commands: tc qdisc add dev eth1 root handle 55: htb default 1 tc class add dev eth1 parent 55: classid 55:1 htb rate 50000000 tc class add dev eth1 parent 55: classid 55:2 htb rate 50000000 prio -1 tc class add dev eth1 parent 55: classid 55:3 htb rate 50000000 iptables -t mangle -A OUTPUT -p icmp -j CLASSIFY --set-class 55:2 iptables -t mangle -A OUTPUT -p tcp --dport 5555 -j CLASSIFY --set-class 55:3 ifconfig eth1 192.168.98.2 up cat /dev/zero | nc 192.168.98.2 5555& cat /dev/zero | nc 192.168.98.2 5556& The network connection shall be be fully loaded (so classes compete with each other). The "+" in kernel version is because of I am using a patch from bug 58691 (should be unrelated with iptables or traffic shaping).
Created attachment 107065 [details] Kernel panic output 2, now not using netconsole's interface for the test itself
Reproducible on 3.11.0-rc3 Looks like negative priority value is essential for the kernel panic.
You must be using old version of iproute2. With current version the tc command does not allow negative priorities. + tc qdisc add dev eth1 root handle 55: htb default 1 + tc class add dev eth1 parent 55: classid 55:1 htb rate 50000000 + tc class add dev eth1 parent 55: classid 55:2 htb rate 50000000 prio -1 Illegal "prio"
Maybe, but the kernel still should check for it. As far as I understand, CAP_NET_ADMIN is not expected to be able to crash kernel.
Created attachment 107081 [details] HTB prio unsigned fix