kernel version: 4.4.56 In my linux box,when some PPPoE link are disconnected, nf_ct_iterate_cleanup will be called.nf_ct_iterate_cleanup may have access to the wrong conntrack address: <1>[927268.772583] BUG: unable to handle kernel paging request at ffff88a0050402c7 <1>[927268.785578] IP: [<ffffffff818c7472>] nf_ct_iterate_cleanup+0xa2/0x230 <4>[927268.792969] PGD 0 <4>[927268.800512] Oops: 0000 [#1] SMP <4>[927268.808463] Modules linked in: ipmi_watchdog iptable_raw xt_CT nf_nat_sip nf_nat_pptp nf_nat_proto_gre nf_nat_ftp nf_conntrack_sip nf_conntrack_pptp nf_conntrack_proto_gre nf_conntrack_ftp ip_set_hash_netiface ip_set_hash_net ip_set_hash_ip xt_set ip_set ixgbe(O) vxlan igb(O) e1000e(O) <4>[927268.862764] CPU: 46 PID: 6186 Comm: pppd Tainted: G O 4.4.56 #58 <4>[927268.882176] Hardware name: Supermicro Super Server/X10DRL-i, BIOS 2.0a 08/25/2016 <4>[927268.903142] task: ffff880472611c40 ti: ffff880223ed8000 task.ti: ffff880223ed8000 <4>[927268.925685] RIP: 0010:[<ffffffff818c7472>] [<ffffffff818c7472>] nf_ct_iterate_cleanup+0xa2/0x230 <4>[927268.949862] RSP: 0018:ffff880223edbc28 EFLAGS: 00010246 <4>[927268.962330] RAX: ffffc90001eb1000 RBX: ffffffff8193a8d0 RCX: ffff8801f4a668a8 <4>[927268.988124] RDX: 0000000000000001 RSI: 0000000000000200 RDI: ffffffff82007af4 <4>[927269.015332] RBP: ffff880223edbc78 R08: ffff88047fc43f08 R09: 0000000000000101 <4>[927269.043272] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000006c89 <4>[927269.072536] R13: ffffffff820ac780 R14: ffff88a005040290 R15: ffff8801f56f2a80 <4>[927269.102576] FS: 00007f1d30a3d720(0000) GS:ffff88047fc40000(0000) knlGS:0000000000000000 <4>[927269.132067] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 <4>[927269.147159] CR2: ffff88a0050402c7 CR3: 000000046e37e000 CR4: 00000000001406e0 <4>[927269.177840] Stack: <4>[927269.192958] ffff880223edbc38 0000000000000000 000000000000013d ffffffff0013593d <4>[927269.223469] ffff880223edbc88 0000000000000002 ffff880223edbd20 00000000fffffff0 <4>[927269.253778] ffffffff820b7050 0000000000000000 ffff880223edbc88 ffffffff8193a940 <4>[927269.283402] Call Trace: <4>[927269.297585] [<ffffffff8193a940>] masq_device_event+0x30/0x40 <4>[927269.311561] [<ffffffff8108de0b>] notifier_call_chain+0x4b/0x70 <4>[927269.325391] [<ffffffff8108df01>] raw_notifier_call_chain+0x11/0x20 <4>[927269.338999] [<ffffffff81870c9b>] call_netdevice_notifiers_info+0x3b/0x70 <4>[927269.352544] [<ffffffff81870d31>] call_netdevice_notifiers+0x11/0x20 <4>[927269.365945] [<ffffffff818782ef>] __dev_notify_flags+0x5f/0xb0 <4>[927269.379318] [<ffffffff81878a54>] dev_change_flags+0x54/0x70 <4>[927269.392522] [<ffffffff8191bf31>] devinet_ioctl+0x5a1/0x670 <4>[927269.405462] [<ffffffff8191cd16>] inet_ioctl+0x66/0x80 <4>[927269.418095] [<ffffffff8185b776>] sock_ioctl+0x66/0x260 <4>[927269.430430] [<ffffffff81176301>] do_vfs_ioctl+0x81/0x4d0 <4>[927269.442515] [<ffffffff81176797>] SyS_ioctl+0x47/0x80 <4>[927269.454330] [<ffffffff819ad997>] entry_SYSCALL_64_fastpath+0x12/0x6a <4>[927269.465924] Code: 00 00 0f 83 54 01 00 00 49 8b 85 80 0c 00 00 4e 8b 34 f0 41 f6 c6 01 74 12 e9 3e 01 00 00 4d 8b 36 41 f6 c6 01 0f 85 31 01 00 00 <41> 80 7e 37 00 75 ec 4d 8d 7e f0 4c 89 e6 4c 89 ff ff d3 85 c0 <1>[927269.506749] RIP [<ffffffff818c7472>] nf_ct_iterate_cleanup+0xa2/0x230 <4>[927269.519054] RSP <ffff880223edbc28> <4>[927269.531071] CR2: ffff88a0050402c7 <4>[927269.552110] ---[ end trace 01e3243232603b17 ]--- <0>[927270.934341] Kernel panic - not syncing: Fatal exception in interrupt ---------------------------- 103c: 0f 85 31 01 00 00 jne 1173 <nf_ct_iterate_cleanup+0x1d3> if (NF_CT_DIRECTION(h) != IP_CT_DIR_ORIGINAL) 1042: 41 80 7e 37 00 cmpb $0x0,0x37(%r14) 1047: 75 ec jne 1035 <nf_ct_iterate_cleanup+0x95> -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
