From: Matt Ayres <matta@tektonic.net>
To: Patrick McHardy <kaber@trash.net>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>,
Netfilter Development Mailinglist
<netfilter-devel@lists.netfilter.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Panic in ipt_do_table with 2.6.16.13-xen
Date: Mon, 15 May 2006 20:01:45 -0400 [thread overview]
Message-ID: <44691669.4080903@tektonic.net> (raw)
In-Reply-To: <4468D613.20309@trash.net>
Patrick McHardy wrote:
> Matt Ayres wrote:
>> I have been noticing this same problem dozens of times and have finally
>> caught a full trace. I have run it through ksymoops, but there is no
>> /proc/ksyms. Is there a better method for getting information out of
>> the Code line than using ksymoops in 2.6 kernels?
>
>
> CONFIG_KALLSYMS will make the kernel decode the oops itself.
>
That's odd, I had thought that too. This is what "zcat /proc/config.gz
| grep KALL" shows:
CONFIG_KALLSYMS=y
# CONFIG_KALLSYMS_ALL is not set
# CONFIG_KALLSYMS_EXTRA_PASS is not set
I take it my run through ksymoops was of no help in diagnosing the
problem? The panic is _always_ in ipt_do_table.
>> The kernel is for Xen, but it does not appear to be related to Xen.
>
>
> We haven't had problems in that code for ages, so my initial feeling
> is that it probably is related to Xen. Do you have any other patches
> applied besides Xen? Please also post the full ruleset you're using
> and anything else that might appear special about your setup.
>
I had initially sent my traces to the Xen guys. They have not stated it
is NOT specific to Xen, just that's it's unlikely. I did not experience
the problem with kernel 2.6.12, just with 2.6.16 (up to .13 bugfix
release). I have completely disabled all support for SCTP
(protocol/netfilter/conntrack) as I know it is still quite buggy. I
know Xen touches the network code a lot, but nothing specific to
iptables. I had contacted them twice before LKML as I didn't want to
post patch specific problems here. I have no other patches applied
besides the Xen patch.
My ruleset is pretty bland. 2 rules in the raw table to tell the system
to only track my forwarded ports, 2 rules in the nat table for
forwarding (intercepting) 2 ports, and then in the FORWARD tables 2
rules per VM to just account traffic.
I've CC'ed xen-devel on this in case they can provide some insight. I
am not subscribed to LKML so please make sure to reply to me also in
responses.
Thank you,
Matt Ayres
WARNING: multiple messages have this Message-ID (diff)
From: Matt Ayres <matta@tektonic.net>
To: Patrick McHardy <kaber@trash.net>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Netfilter Development Mailinglist
<netfilter-devel@lists.netfilter.org>,
"xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
Subject: Re: Panic in ipt_do_table with 2.6.16.13-xen
Date: Mon, 15 May 2006 20:01:45 -0400 [thread overview]
Message-ID: <44691669.4080903@tektonic.net> (raw)
In-Reply-To: <4468D613.20309@trash.net>
Patrick McHardy wrote:
> Matt Ayres wrote:
>> I have been noticing this same problem dozens of times and have finally
>> caught a full trace. I have run it through ksymoops, but there is no
>> /proc/ksyms. Is there a better method for getting information out of
>> the Code line than using ksymoops in 2.6 kernels?
>
>
> CONFIG_KALLSYMS will make the kernel decode the oops itself.
>
That's odd, I had thought that too. This is what "zcat /proc/config.gz
| grep KALL" shows:
CONFIG_KALLSYMS=y
# CONFIG_KALLSYMS_ALL is not set
# CONFIG_KALLSYMS_EXTRA_PASS is not set
I take it my run through ksymoops was of no help in diagnosing the
problem? The panic is _always_ in ipt_do_table.
>> The kernel is for Xen, but it does not appear to be related to Xen.
>
>
> We haven't had problems in that code for ages, so my initial feeling
> is that it probably is related to Xen. Do you have any other patches
> applied besides Xen? Please also post the full ruleset you're using
> and anything else that might appear special about your setup.
>
I had initially sent my traces to the Xen guys. They have not stated it
is NOT specific to Xen, just that's it's unlikely. I did not experience
the problem with kernel 2.6.12, just with 2.6.16 (up to .13 bugfix
release). I have completely disabled all support for SCTP
(protocol/netfilter/conntrack) as I know it is still quite buggy. I
know Xen touches the network code a lot, but nothing specific to
iptables. I had contacted them twice before LKML as I didn't want to
post patch specific problems here. I have no other patches applied
besides the Xen patch.
My ruleset is pretty bland. 2 rules in the raw table to tell the system
to only track my forwarded ports, 2 rules in the nat table for
forwarding (intercepting) 2 ports, and then in the FORWARD tables 2
rules per VM to just account traffic.
I've CC'ed xen-devel on this in case they can provide some insight. I
am not subscribed to LKML so please make sure to reply to me also in
responses.
Thank you,
Matt Ayres
next prev parent reply other threads:[~2006-05-16 0:01 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-15 17:46 Panic in ipt_do_table with 2.6.16.13-xen Matt Ayres
2006-05-15 19:27 ` Patrick McHardy
2006-05-15 19:27 ` Patrick McHardy
2006-05-16 0:01 ` Matt Ayres [this message]
2006-05-16 0:01 ` Matt Ayres
2006-05-16 3:31 ` James Morris
2006-05-16 13:49 ` Matt Ayres
2006-05-16 13:49 ` [Xen-devel] " Matt Ayres
2006-05-16 15:28 ` James Morris
2006-05-18 23:58 ` Matt Ayres
2006-05-18 23:58 ` [Xen-devel] " Matt Ayres
2006-05-19 0:05 ` James Morris
2006-05-19 0:16 ` Matt Ayres
2006-05-19 0:16 ` [Xen-devel] " Matt Ayres
2006-05-19 0:45 ` Matt Ayres
2006-05-19 0:45 ` [Xen-devel] " Matt Ayres
2006-05-21 17:43 ` Patrick McHardy
2006-05-21 17:43 ` Patrick McHardy
2006-05-22 14:31 ` Matt Ayres
2006-05-22 14:31 ` [Xen-devel] " Matt Ayres
2006-05-22 14:42 ` Keir Fraser
2006-05-22 14:43 ` Patrick McHardy
2006-05-22 14:43 ` Patrick McHardy
2006-05-23 9:54 ` Keir Fraser
2006-05-23 9:54 ` [Xen-devel] " Keir Fraser
2006-05-23 12:03 ` Matt Ayres
2006-05-23 12:03 ` [Xen-devel] " Matt Ayres
2006-05-23 21:15 ` Keir Fraser
2006-05-23 21:15 ` [Xen-devel] " Keir Fraser
2006-05-23 21:23 ` Matt Ayres
2006-05-23 21:23 ` [Xen-devel] " Matt Ayres
2006-05-23 21:27 ` Keir Fraser
2006-05-23 21:27 ` [Xen-devel] " Keir Fraser
2006-05-24 7:16 ` Gerd Hoffmann
2006-05-24 7:16 ` [Xen-devel] " Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44691669.4080903@tektonic.net \
--to=matta@tektonic.net \
--cc=kaber@trash.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netfilter-devel@lists.netfilter.org \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.