On Sun, May 21, 2017 at 07:22:49AM +0800, Liping Zhang wrote:
> From: Liping Zhang <zlpnobody@xxxxxxxxx>
>
> If nf_conntrack_htable_size was adjusted by the user during the ct
> dump operation, we may invoke nf_ct_put twice for the same ct, i.e.
> the "last" ct. This will cause the ct will be freed but still linked
> in hash buckets.
>
> It's very easy to reproduce the problem by the following commands:
> # while : ; do
> echo $RANDOM > /proc/sys/net/netfilter/nf_conntrack_buckets
> done
> # while : ; do
> conntrack -L
> done
> # iperf -s 127.0.0.1 &
> # iperf -c 127.0.0.1 -P 60 -t 36000
>
> After a while, the system will hang like this:
> NMI watchdog: BUG: soft lockup - CPU#1 stuck for 22s! [bash:20184]
> NMI watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [iperf:20382]
> ...
>
> So at last if we find cb->args[1] is equal to "last", this means hash
> resize happened, then we can set cb->args[1] to 0 to fix the above
> issue.
Applied, thanks.
I have added:
Fixes: d205dc40798d ("[NETFILTER]: ctnetlink: fix deadlock in table dumping")
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
