Re: 4.12 nf_conntrack_expect crash

From: Jiri Slaby
Date: Mon Jul 17 2017 - 10:54:54 EST

Next message: Greg Kroah-Hartman: "Re: [PATCH v2 3/4] w1: ds1wm: silence interrupts on HW before claiming the interrupt"
Previous message: Laurentiu Tudor: "Re: [PATCH 6/7] staging: fsl-mc: rewrite mc command send/receive to work on 32-bits"
In reply to: Jiri Slaby: "4.12 nf_conntrack_expect crash"
Next in thread: 高峰: "RE: 4.12 nf_conntrack_expect crash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/17/2017, 04:49 PM, Jiri Slaby wrote:
> Hi,
>
> on my system, I see a crash in del_timer invoked in nf_conntrack_expect.
> See the attached picture.
>
> I somehow suspect this commit:
>
> commit ec0e3f01114ad327112432a4da8840eb22fed577
> Author: Gao Feng <fgao@xxxxxxxxxx>
> Date: Mon Mar 27 10:31:26 2017 +0800
>
> netfilter: nf_ct_expect: Add nf_ct_remove_expect()
>
>
> I am going to play with it (debug, try to revert, etc.) if you have no
> better idea...

This?

--- a/net/netfilter/nf_conntrack_expect.c
+++ b/net/netfilter/nf_conntrack_expect.c
@@ -422,7 +422,7 @@ static inline int __nf_ct_expect_check(struct
nf_conntrack_expect *expect)
h = nf_ct_expect_dst_hash(net, &expect->tuple);
hlist_for_each_entry_safe(i, next, &nf_ct_expect_hash[h], hnode) {
if (expect_matches(i, expect)) {
- if (nf_ct_remove_expect(expect))
+ if (nf_ct_remove_expect(i))
break;
} else if (expect_clash(i, expect)) {
ret = -EBUSY;

>
> thanks,
>

--
js
suse labs

Next message: Greg Kroah-Hartman: "Re: [PATCH v2 3/4] w1: ds1wm: silence interrupts on HW before claiming the interrupt"
Previous message: Laurentiu Tudor: "Re: [PATCH 6/7] staging: fsl-mc: rewrite mc command send/receive to work on 32-bits"
In reply to: Jiri Slaby: "4.12 nf_conntrack_expect crash"
Next in thread: 高峰: "RE: 4.12 nf_conntrack_expect crash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]