On Sat, Oct 12, 2013 at 07:58:07AM +0200, Holger Eitzenberger wrote: > > > > My proposed fix is therefore to change nf_ct_unlink_expect_report() > > > so that it uses __hlist_del() instead, so that the loop cursor in > > > hlist_for_each_entry_safe() terminates correctly at the end of the > > > list. > > > > > > Patch is reported to have fixed the issue at the customers site. > > > > Do your 3.3 kernels include this patch? > > > > 3f509c6 netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP expectation > > > > It fixes a double insertion of an expectation, I think it may manifest > > the way that oops look like. > > The 3.3 kernel does not include it. So I'll queue it up, thanks! > > However, the other identical report is for v3.8, which already includes > it. So I think the issue I see in unrelated to the patch. I've reviewed the code and all I could find wrt. missing locking is the call to nf_ct_remove_expectations() in process_urq() (H.323). Is the H.323 helper used on the machine where you're experiencing the crash? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
