Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

iptables segfauls #17

Open
xlz opened this issue May 7, 2015 · 1 comment
Open

iptables segfauls #17

xlz opened this issue May 7, 2015 · 1 comment
Labels
bug

Comments

@xlz
Copy link

xlz commented May 7, 2015 

xlz@zotac-zboxei750:~/src/net-next-nuse/arch/lib/tools$ sudo NUSECONF=nuse.conf ./nuse strace -f iptables -L
<5>Linux version 4.0.0+ (xlz@zotac-zboxei750) (gcc version 4.9.2 (Debian 4.9.2-10) ) #0 Thu May 7 02:03:30 EDT 2015
<6>NET: Registered protocol family 16
<6>NET: Registered protocol family 2
<6>TCP established hash table entries: 512 (order: 0, 4096 bytes)
<6>TCP bind hash table entries: 512 (order: 0, 4096 bytes)
<6>TCP: Hash tables configured (established 512 bind 512)
<6>UDP hash table entries: 128 (order: 0, 4096 bytes)
<6>UDP-Lite hash table entries: 128 (order: 0, 4096 bytes)
<6>NET: Registered protocol family 1
<6>Netfilter messages via NETLINK v0.30.
<6>nfnl_acct: registering with nfnetlink.
<6>nf_conntrack version 0.5.0 (32 buckets, 128 max)
<6>nf_tables: (c) 2007-2009 Patrick McHardy <[email protected]>
<6>ip_set: protocol 6
<6>ipip: IPv4 over IPv4 tunneling driver
<6>nsc: GRE over IPv4 demultiplexor driver
<6>nsc: GRE over IPv4 tunneling driver
<6>nsc: (C) 2000-2006 Netfilter Core Team
<6>Initializing XFRM netlink socket
<6>NET: Registered protocol family 10
<6>nsc: Mobile IPv6
<6>nsc: IPv6 over IPv4 tunneling driver
<6>NET: Registered protocol family 17
<6>NET: Registered protocol family 15
<6>DCCP: Activated CCID 2 (TCP-like)
<6>DCCP: Activated CCID 3 (TCP-Friendly Rate Control)
<6>nsc: Hash tables configured (established 512 bind 512)
create vif eth0
  address = 192.168.1.10
  netmask = 255.255.255.0
  macaddr = 00:00:00:00:00:00
  type    = 0
mac address for eth0 is randomized 02:00:9e:a4:19:34
nuse syscall proxy start at unix:///tmp/rump-server-nuse.28521
execve("/sbin/iptables", ["iptables", "-L"], [/* 21 vars */]) = 0
brk(0)                                  = 0xcd4000
...
[pid 28534] write(2, "nuse syscall proxy start at unix"..., 63nuse syscall proxy start at unix:///tmp/rump-server-nuse.28534
) = 63
[pid 28534] socket(PF_LOCAL, SOCK_STREAM, 0) = 13
[pid 28534] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} ---
[pid 28541] +++ killed by SIGSEGV +++
[pid 28540] +++ killed by SIGSEGV +++
[pid 28538] +++ killed by SIGSEGV +++
[pid 28537] +++ killed by SIGSEGV +++
[pid 28536] +++ killed by SIGSEGV +++
[pid 28535] +++ killed by SIGSEGV +++
strace: Exit of unknown pid 28543 seen
strace: Exit of unknown pid 28542 seen
+++ killed by SIGSEGV +++
Segmentation fault

Another problem is iptables will try to load kernel modules. Can libos handle this?
@thehajime
Copy link
Member

definitely a bug in nuse_bind(), which should correctly handle the host fd.

@thehajime thehajime added the bug label May 7, 2015
@vincentmli vincentmli mentioned this issue Jul 1, 2015
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thehajime @xlz