[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#806130: linux: netlink_sock_destruct() crash in netns

Source: linux
Version: 4.2.6-1
Severity: normal

Dear Maintainer,

thanks for your work in the linux kernel.

I'm experimenting reports like this:

[mar nov 24 16:38:16 2015] ------------[ cut here ]------------
[mar nov 24 16:38:16 2015] WARNING: CPU: 1 PID: 22224 at /build/linux-CrHvZ_/linux-4.2.6/net/netlink/af_netlink.c:946 netlink_sock_destruct+0x103/0x140()
[mar nov 24 16:38:16 2015] Modules linked in: nft_nat nft_chain_nat_ipv4 nf_nat_ipv4 nf_nat nft_log fuse uas usb_storage nft_counter nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 nft_ct nf_conntrack nft_meta nft_hash nft_rbtree nfnetlink_log nf_tables_inet nf_tables_ipv6 nf_tables_ipv4 nf_tables nfnetlink nouveau snd_hda_codec_idt snd_hda_codec_generic mxm_wmi wmi video ttm drm_kms_helper drm iTCO_wdt i2c_algo_bit iTCO_vendor_support coretemp kvm_intel lpc_ich kvm snd_hda_intel mfd_core i2c_i801 snd_hda_codec evdev snd_hda_core pcspkr psmouse serio_raw snd_hwdep snd_pcm sg rng_core tpm_tis tpm 8250_fintek shpchp button snd_timer snd soundcore acpi_cpufreq processor thermal_sys parport_pc ppdev lp parport autofs4 ext4 crc16 mbcache jbd2 dm_mod sr_mod cdrom sd_mod ata_generic floppy ata_piix e100
[mar nov 24 16:38:16 2015]  mii libata scsi_mod ehci_pci uhci_hcd ehci_hcd usbcore usb_common
[mar nov 24 16:38:16 2015] CPU: 1 PID: 22224 Comm: bash Tainted: G        W       4.2.0-1-amd64 #1 Debian 4.2.6-1
[mar nov 24 16:38:16 2015] Hardware name:                  /D946GZIS, BIOS TS94610J.86A.0047.2006.0911.0110 09/11/2006
[mar nov 24 16:38:16 2015]  0000000000000000 ffffffff81855268 ffffffff8154e2f6 0000000000000000
[mar nov 24 16:38:16 2015]  ffffffff8106e5b1 ffff88002d1f2000 ffff88007fa965b0 000000000000000a
[mar nov 24 16:38:16 2015]  0000000000000006 ffff88002d2485e0 ffffffff8148aba3 0000000000000000
[mar nov 24 16:38:16 2015] Call Trace:
[mar nov 24 16:38:16 2015]  <IRQ>  [<ffffffff8154e2f6>] ? dump_stack+0x40/0x50
[mar nov 24 16:38:16 2015]  [<ffffffff8106e5b1>] ? warn_slowpath_common+0x81/0xb0
[mar nov 24 16:38:16 2015]  [<ffffffff8148aba3>] ? netlink_sock_destruct+0x103/0x140
[mar nov 24 16:38:16 2015]  [<ffffffff8144993a>] ? sk_destruct+0x1a/0x120
[mar nov 24 16:38:16 2015]  [<ffffffff810c829a>] ? rcu_process_callbacks+0x20a/0x5a0
[mar nov 24 16:38:16 2015]  [<ffffffff8101c325>] ? read_tsc+0x5/0x10
[mar nov 24 16:38:16 2015]  [<ffffffff8107258e>] ? __do_softirq+0xfe/0x250
[mar nov 24 16:38:16 2015]  [<ffffffff81072852>] ? irq_exit+0x92/0xa0
[mar nov 24 16:38:16 2015]  [<ffffffff815566be>] ? smp_apic_timer_interrupt+0x3e/0x50
[mar nov 24 16:38:16 2015]  [<ffffffff8155489b>] ? apic_timer_interrupt+0x6b/0x70
[mar nov 24 16:38:16 2015]  <EOI>  [<ffffffff811c6a81>] ? lookup_fast+0x161/0x330
[mar nov 24 16:38:16 2015]  [<ffffffff811c6962>] ? lookup_fast+0x42/0x330
[mar nov 24 16:38:16 2015]  [<ffffffff811c81f6>] ? walk_component+0x36/0x460
[mar nov 24 16:38:16 2015]  [<ffffffff811c8790>] ? link_path_walk+0x170/0x530
[mar nov 24 16:38:16 2015]  [<ffffffff811c79fa>] ? path_init+0x1ea/0x3c0
[mar nov 24 16:38:16 2015]  [<ffffffff811c8c37>] ? path_lookupat+0x77/0x100
[mar nov 24 16:38:16 2015]  [<ffffffff811cb695>] ? filename_lookup+0x95/0x150
[mar nov 24 16:38:16 2015]  [<ffffffff811cb31f>] ? getname_flags+0x6f/0x1e0
[mar nov 24 16:38:16 2015]  [<ffffffff811c1029>] ? vfs_fstatat+0x49/0x90
[mar nov 24 16:38:16 2015]  [<ffffffff811c14bc>] ? SYSC_newstat+0x1c/0x40
[mar nov 24 16:38:16 2015]  [<ffffffff81553a32>] ? system_call_fast_compare_end+0xc/0x6b
[mar nov 24 16:38:16 2015] ---[ end trace 4049115024c3f29a ]---


I can reproduce the issue:

 % sudo ip netns add test
 % sudo ip netns exec test nft -f test.nft
 % sudo ip netns del test

Find attached the test.nft file.

best regards.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

flush ruleset
table ip nat {
	chain prerouting {
		type nat hook prerouting priority 0; policy accept;
	}

	chain postrouting {
		type nat hook postrouting priority 0; policy accept;
		ip saddr 192.168.5.0/24 snat 1.1.1.1
	}
}
table inet inet-filter {
	chain input {
		type filter hook input priority 0; policy drop;
		ct state new accept
	}

	chain forward {
		type filter hook forward priority 0; policy drop;
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		ip saddr {1.1.1.1, 2.2.2.2} ip daddr {2.3.4.5, 2.3.4.6} tcp dport 22 counter accept
		counter accept
	}

	chain output {
		type filter hook output priority 0; policy accept;
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		iifname eth0 oifname eth0 counter drop
		counter accept
	}
}
Reply to: