Andrey Konovalov <andreyknvl@xxxxxxxxxx> wrote: > Hi, > > I've got the following error report while fuzzing the kernel with syzkaller. > > On commit 926af6273fc683cd98cd0ce7bf0d04a02eed6742. > > A reproducer and .config are attached. > > WARNING: CPU: 2 PID: 26582 at > net/ipv4/netfilter/nf_nat_l3proto_ipv4.c:261 > nf_nat_ipv4_fn+0x7f2/0xa50 > net/ipv4/netfilter/nf_nat_l3proto_ipv4.c:261 > Kernel panic - not syncing: panic_on_warn set ... Thats this assert: /* We never see fragments: conntrack defrags on pre-routing * and local-out, and nf_nat_out protects post-routing. */ NF_CT_ASSERT(!ip_is_fragment(ip_hdr(skb))); ... and its wrong. I will send a patch to remove it. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
