Mikhail Morfikov <mmorfikov@xxxxxxxxx> wrote: > # nft -f rules.nft > rules.nft:21:1-26: Error: Could not process rule: No such file or directory > delete table ip testtable > ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > I have a question. Basically, when you create a table or a chain > you can use "add" or "create", and only the second option will > return an error if the table/chain you wanted to create already > exists. But in the case of deleting tables/chains, which don't > exist, there's only one option -- return an error. Good point. Pablo, do you think we should NOT abort/error in case of -ENOENT on table delete? The postcondition is the same -- the table doesn't exist. (it doesn't exist any more, or it did not exist in first place). OTOH, maybe user wanted to delete table 'foo' not 'fii' (typo), so I'm not sure what the better option is. > Of course, my main ruleset script doesn't trigger the kernel BUG > anymore, since it can't delete the not existing table now. > > Do you want to dig deeper about that kernel BUG? I could send you > the ruleset if you want to target what actually causes the BUG. Yes, I would like to dig deeper, I am worried that other conditions can trigger same bug. (e.g. when we are low on memory and can't allocate some object in the batch).
