[Bug 885] New: Kernel BUG (possibly panic) deleting chain used in map

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Thu Jan 23 01:13:54 CET 2014


           Summary: Kernel BUG (possibly panic) deleting chain used in map
           Product: nftables
           Version: unspecified
          Platform: x86_64
        OS/Version: Fedora
            Status: NEW
          Severity: major
          Priority: P5
         Component: kernel
        AssignedTo: pablo at netfilter.org
        ReportedBy: deleriux1 at gmail.com
   Estimated Hours: 0.0

This was done in the VM.

Creating a verdict map that jumps to a chain which you subsequently delete will
result in the kernel throwing a BUG message with the following:

kernel BUG at net/netfilter/nf_tables_api.c:1014!
invalid opcode: 0000 [#1] SMP
Modules linked in: nft_meta nft_reject_ipv4 nft_hash nft_rbtree nf_tables_ipv4_

The VM displays no more console output but I believe the kernel panics.

Here is the interactive session I used.

# nft -i
nft> add table filter
nft> add chain filter input { type filter hook input priority 0; }
nft> add map filter mymap { type ifindex : verdict; }
nft> add chain filter test
nft> add element filter mymap { eth0 : jump test }
nft> delete chain filter test

This is using rawhide fedora kernel 3.13.0-1.fc21.x86_64 on a base Fedora 20
release, using the libnftnl from netfilter git and nft from netfilter git.

Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list