[pkg-netfilter-team] Bug#999758: iptables: segfault at 88 ip 00007ff6a8db8e47 sp 00007fffd39bdf08 error 4 in libnftnl.so.11.3.0[7ff6a8db4000+16000]
Harald Dunkel
harald.dunkel at aixigo.com
Tue Nov 16 08:50:11 GMT 2021
Package: iptables
Version: 1.8.7-1
iptables-nft gives me SIGSEGVs on the nodes of my Kubernetes
cluster, e.g.
:
[Fri Nov 12 11:43:46 2021] iptables-save[4166038]: segfault at 80 ip 00007effd99c3964 sp 00007ffee513d5f8 error 4 in libnftnl.so.11.2.0[7effd99be000+19000]
[Fri Nov 12 11:43:46 2021] Code: 83 c4 08 5b 5d 41 5c 41 5d c3 0f 1f 40 00 48 83 c4 08 31 c0 5b 5d 41 5c 41 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa <48> 8b 87 80 00 00 00 48 83 ef 80 48 39 f8 74 1b 85 f6 75 0c eb 18
[Fri Nov 12 11:43:46 2021] iptables-save[4166042]: segfault at 80 ip 00007fc431f54964 sp 00007ffd014950e8 error 4 in libnftnl.so.11.2.0[7fc431f4f000+19000]
[Fri Nov 12 11:43:46 2021] Code: 83 c4 08 5b 5d 41 5c 41 5d c3 0f 1f 40 00 48 83 c4 08 31 c0 5b 5d 41 5c 41 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa <48> 8b 87 80 00 00 00 48 83 ef 80 48 39 f8 74 1b 85 f6 75 0c eb 18
[Fri Nov 12 12:13:35 2021] iptables-save[9693]: segfault at 80 ip 00007f6b1b7a8964 sp 00007ffeb79a9098 error 4 in libnftnl.so.11.2.0[7f6b1b7a3000+19000]
[Fri Nov 12 12:13:35 2021] Code: 83 c4 08 5b 5d 41 5c 41 5d c3 0f 1f 40 00 48 83 c4 08 31 c0 5b 5d 41 5c 41 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa <48> 8b 87 80 00 00 00 48 83 ef 80 48 39 f8 74 1b 85 f6 75 0c eb 18
[Fri Nov 12 12:13:35 2021] iptables-save[9698]: segfault at 80 ip 00007f865a8ad964 sp 00007ffdb51fac98 error 4 in libnftnl.so.11.2.0[7f865a8a8000+19000]
[Fri Nov 12 12:13:35 2021] Code: 83 c4 08 5b 5d 41 5c 41 5d c3 0f 1f 40 00 48 83 c4 08 31 c0 5b 5d 41 5c 41 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa <48> 8b 87 80 00 00 00 48 83 ef 80 48 39 f8 74 1b 85 f6 75 0c eb 18
[Fri Nov 12 17:42:57 2021] perf: interrupt took too long (4093 > 4062), lowering kernel.perf_event_max_sample_rate to 48750
[Sat Nov 13 05:35:44 2021] perf: interrupt took too long (5158 > 5116), lowering kernel.perf_event_max_sample_rate to 38750
[Sat Nov 13 09:28:43 2021] iptables[1326141]: segfault at 88 ip 00007ff6a8db8e47 sp 00007fffd39bdf08 error 4 in libnftnl.so.11.3.0[7ff6a8db4000+16000]
[Sat Nov 13 09:28:43 2021] Code: bf 88 00 00 00 48 8b 2f 48 39 df 74 13 4c 89 ee 41 ff d4 85 c0 78 0b 48 89 ef 48 8b 6d 00 eb e8 31 c0 5a 5b 5d 41 5c 41 5d c3 <48> 8b 87 88 00 00 00 48 81 c7 88 00 00 00 48 39 f8 74 0b 85 f6 74
[Sun Nov 14 22:20:44 2021] iptables[3588851]: segfault at 88 ip 00007ff99f6a0e47 sp 00007ffe44963518 error 4 in libnftnl.so.11.3.0[7ff99f69c000+16000]
[Sun Nov 14 22:20:44 2021] Code: bf 88 00 00 00 48 8b 2f 48 39 df 74 13 4c 89 ee 41 ff d4 85 c0 78 0b 48 89 ef 48 8b 6d 00 eb e8 31 c0 5a 5b 5d 41 5c 41 5d c3 <48> 8b 87 88 00 00 00 48 81 c7 88 00 00 00 48 39 f8 74 0b 85 f6 74
[Mon Nov 15 07:49:44 2021] perf: interrupt took too long (6455 > 6447), lowering kernel.perf_event_max_sample_rate to 30750
[Mon Nov 15 21:16:08 2021] iptables[805097]: segfault at 88 ip 00007f5520b78e47 sp 00007ffdea2e22c8 error 4 in libnftnl.so.11.3.0[7f5520b74000+16000]
[Mon Nov 15 21:16:08 2021] Code: bf 88 00 00 00 48 8b 2f 48 39 df 74 13 4c 89 ee 41 ff d4 85 c0 78 0b 48 89 ef 48 8b 6d 00 eb e8 31 c0 5a 5b 5d 41 5c 41 5d c3 <48> 8b 87 88 00 00 00 48 81 c7 88 00 00 00 48 39 f8 74 0b 85 f6 74
[Tue Nov 16 06:44:57 2021] iptables[1385202]: segfault at 88 ip 00007f3834592e47 sp 00007ffdfb74e0f8 error 4 in libnftnl.so.11.3.0[7f383458e000+16000]
[Tue Nov 16 06:44:57 2021] Code: bf 88 00 00 00 48 8b 2f 48 39 df 74 13 4c 89 ee 41 ff d4 85 c0 78 0b 48 89 ef 48 8b 6d 00 eb e8 31 c0 5a 5b 5d 41 5c 41 5d c3 <48> 8b 87 88 00 00 00 48 81 c7 88 00 00 00 48 39 f8 74 0b 85 f6 74
:
This is Debian 11 and iptables-nft. My other clusters (running
Debian 10 and legacy iptables) are fine.
Regards
Harri
More information about the pkg-netfilter-team
mailing list