RE: 4.12 nf_conntrack_expect crash
From: 高峰
Date: Mon Jul 17 2017 - 20:23:45 EST
Hi Jiri,
> From: Jiri Slaby [mailto:jslaby@xxxxxxx]
> Subject: Re: 4.12 nf_conntrack_expect crash
>
> On 07/17/2017, 04:49 PM, Jiri Slaby wrote:
> > Hi,
> >
> > on my system, I see a crash in del_timer invoked in nf_conntrack_expect.
> > See the attached picture.
> >
> > I somehow suspect this commit:
> >
> > commit ec0e3f01114ad327112432a4da8840eb22fed577
> > Author: Gao Feng <fgao@xxxxxxxxxx>
> > Date: Mon Mar 27 10:31:26 2017 +0800
> >
> > netfilter: nf_ct_expect: Add nf_ct_remove_expect()
> >
> >
> > I am going to play with it (debug, try to revert, etc.) if you have no
> > better idea...
>
> This?
>
> --- a/net/netfilter/nf_conntrack_expect.c
> +++ b/net/netfilter/nf_conntrack_expect.c
> @@ -422,7 +422,7 @@ static inline int __nf_ct_expect_check(struct
> nf_conntrack_expect *expect)
> h = nf_ct_expect_dst_hash(net, &expect->tuple);
> hlist_for_each_entry_safe(i, next, &nf_ct_expect_hash[h], hnode) {
> if (expect_matches(i, expect)) {
> - if (nf_ct_remove_expect(expect))
> + if (nf_ct_remove_expect(i))
> break;
> } else if (expect_clash(i, expect)) {
> ret = -EBUSY;
>
>
>
> >
> > thanks,
> >
>
>
> --
> js
> suse labs
It is a bug caused by typo indeed. I am sorry about that.
And Florian has fixed it recently, but thanks your catch again.
Regards
Feng