Vincent, Maintainers, Am 17.07.19 um 19:32 schrieb Vincent Tondellier: > I think it's fixed by this patch: > https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/plain/releases/4.19.38/netfilter-nf_tables-fix-set-double-free-in-abort-pat.patch > > https://bugzilla.kernel.org/show_bug.cgi?id=203039 > > There were some critical bugfixes for nftables in 4.19.38 and 4.19.44, > but buster is still using 4.19.37. > > I tried building a vanilla 4.19.59 and excepting a (harmless ?) warning > ("WARNING: CPU: 0 PID: 176 at net/netfilter/nf_tables_api.c:3588 > nft_set_destroy+0x45/0x50 [nf_tables]) when the nf_tables_set module > is not loaded before using nftables, everything seems to work fine. >
I've re-attempted the upgrade after the point release. With Linux 4.19.67-2 I'm still seeing the issue. The backtrace is slightly different, though. `nf_tables_rule_destroy` no longer appears. Instead it's `nf_tables_rule_release` now. > Sep 10 20:53:35 buster-test kernel: list_del corruption. prev->next should be > ffff9dbc35050000, but was 0000028800000f78 > Sep 10 20:53:35 buster-test kernel: ------------[ cut here ]------------ > Sep 10 20:53:35 buster-test kernel: kernel BUG at lib/list_debug.c:53! > Sep 10 20:53:35 buster-test kernel: invalid opcode: 0000 [#1] SMP PTI > Sep 10 20:53:35 buster-test kernel: CPU: 0 PID: 394 Comm: nft Tainted: P > OE 4.19.0-6-amd64 #1 Debian 4.19.67-2 > Sep 10 20:53:35 buster-test kernel: Hardware name: Hetzner vServer, BIOS > 20171111 11/11/2017 > Sep 10 20:53:35 buster-test kernel: RIP: > 0010:__list_del_entry_valid.cold.1+0x34/0x4c > Sep 10 20:53:35 buster-test kernel: Code: ae c9 9e e8 78 96 d0 ff 0f 0b 48 c7 > c7 c8 ae c9 9e e8 6a 96 d0 ff 0f 0b 48 89 f2 48 89 fe 48 c7 c7 88 ae c9 9e e8 > 56 96 d0 ff <0f> 0b 48 89 fe 48 c7 c7 50 ae c9 9e e8 45 96 d0 ff 0f 0b 90 90 > 90 > Sep 10 20:53:35 buster-test kernel: RSP: 0018:ffffb031804bb968 EFLAGS: > 00010246 > Sep 10 20:53:35 buster-test kernel: RAX: 0000000000000054 RBX: > ffff9dbc35e56260 RCX: 0000000000000000 > Sep 10 20:53:35 buster-test kernel: RDX: 0000000000000000 RSI: > ffff9dbc3aa166b8 RDI: ffff9dbc3aa166b8 > Sep 10 20:53:35 buster-test kernel: RBP: ffff9dbc35050000 R08: > 00000000000001c4 R09: 0000000000000007 > Sep 10 20:53:35 buster-test kernel: R10: 0000000000000738 R11: > ffffffff9f3f26ed R12: 0000000000000000 > Sep 10 20:53:35 buster-test kernel: R13: ffffb031804bb9f8 R14: > 000000000000000c R15: ffff9dbc353386c8 > Sep 10 20:53:35 buster-test kernel: FS: 00007f1eafda3200(0000) > GS:ffff9dbc3aa00000(0000) knlGS:0000000000000000 > Sep 10 20:53:35 buster-test kernel: CS: 0010 DS: 0000 ES: 0000 CR0: > 0000000080050033 > Sep 10 20:53:35 buster-test kernel: CR2: 00007f49072a8114 CR3: > 0000000076502004 CR4: 00000000003606f0 > Sep 10 20:53:35 buster-test kernel: DR0: 0000000000000000 DR1: > 0000000000000000 DR2: 0000000000000000 > Sep 10 20:53:35 buster-test kernel: DR3: 0000000000000000 DR6: > 00000000fffe0ff0 DR7: 0000000000000400 > Sep 10 20:53:35 buster-test kernel: Call Trace: > Sep 10 20:53:35 buster-test kernel: nf_tables_unbind_set+0x64/0xa0 > [nf_tables] > Sep 10 20:53:35 buster-test kernel: nf_tables_rule_release+0x56/0x90 > [nf_tables] > Sep 10 20:53:35 buster-test kernel: nf_tables_newrule+0x5c1/0x970 [nf_tables] > Sep 10 20:53:35 buster-test kernel: ? unmap_page_range+0x851/0xa60 > Sep 10 20:53:35 buster-test kernel: nfnetlink_rcv_batch+0x4aa/0x660 > [nfnetlink] > Sep 10 20:53:35 buster-test kernel: ? vmap_page_range_noflush+0x26e/0x380 > Sep 10 20:53:35 buster-test kernel: ? refcount_inc_checked+0x5/0x30 > Sep 10 20:53:35 buster-test kernel: ? apparmor_capable+0x6b/0xc0 > Sep 10 20:53:35 buster-test kernel: ? nla_parse+0x31/0xe0 > Sep 10 20:53:35 buster-test kernel: nfnetlink_rcv+0x10c/0x141 [nfnetlink] > Sep 10 20:53:35 buster-test kernel: netlink_unicast+0x181/0x210 > Sep 10 20:53:35 buster-test kernel: netlink_sendmsg+0x204/0x3d0 > Sep 10 20:53:35 buster-test kernel: sock_sendmsg+0x36/0x40 > Sep 10 20:53:35 buster-test kernel: ___sys_sendmsg+0x295/0x2f0 > Sep 10 20:53:35 buster-test kernel: ? mem_cgroup_commit_charge+0x7a/0x560 > Sep 10 20:53:35 buster-test kernel: ? mem_cgroup_try_charge+0x86/0x190 > Sep 10 20:53:35 buster-test kernel: ? refcount_inc_checked+0x5/0x30 > Sep 10 20:53:35 buster-test kernel: ? apparmor_capable+0x6b/0xc0 > Sep 10 20:53:35 buster-test kernel: ? security_capable+0x35/0x50 > Sep 10 20:53:35 buster-test kernel: ? release_sock+0x19/0x90 > Sep 10 20:53:35 buster-test kernel: __sys_sendmsg+0x57/0xa0 > Sep 10 20:53:35 buster-test kernel: do_syscall_64+0x53/0x110 > Sep 10 20:53:35 buster-test kernel: entry_SYSCALL_64_after_hwframe+0x44/0xa9 > Sep 10 20:53:35 buster-test kernel: RIP: 0033:0x7f1eb011b914 > Sep 10 20:53:35 buster-test kernel: Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff > ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 > 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 > 53 > Sep 10 20:53:35 buster-test kernel: RSP: 002b:00007ffffc696508 EFLAGS: > 00000246 ORIG_RAX: 000000000000002e > Sep 10 20:53:35 buster-test kernel: RAX: ffffffffffffffda RBX: > 00007ffffc696520 RCX: 00007f1eb011b914 > Sep 10 20:53:35 buster-test kernel: RDX: 0000000000000000 RSI: > 00007ffffc697580 RDI: 0000000000000003 > Sep 10 20:53:35 buster-test kernel: RBP: 00007ffffc697680 R08: > 0000000000000004 R09: 000055ff26b15c90 > Sep 10 20:53:35 buster-test kernel: R10: 00007ffffc69756c R11: > 0000000000000246 R12: 00007ffffc6976f0 > Sep 10 20:53:35 buster-test kernel: R13: 00007ffffc696520 R14: > 00007ffffc696520 R15: 000055ff26b0ef20 > Sep 10 20:53:35 buster-test kernel: Modules linked in: nft_limit nft_ct > nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c crc32c_generic > nf_tables_set nf_tables nfnetlink ip_tables x_tables autofs4 hid_generic > usbhid hid zfs(POE) zunicode(POE) zavl(POE) icp(POE) zcommon(POE) > znvpair(POE) spl(OE) sr_mod cdrom sd_mod ata_generic virtio_scsi virtio_net > net_failover failover crc32c_intel ata_piix uhci_hcd libata ehci_hcd > aesni_intel scsi_mod aes_x86_64 psmouse crypto_simd usbcore cryptd > glue_helper virtio_pci virtio_ring virtio i2c_piix4 usb_common floppy > Sep 10 20:53:35 buster-test kernel: ---[ end trace 736fb626f5cf6389 ]--- > Sep 10 20:53:35 buster-test kernel: RIP: > 0010:__list_del_entry_valid.cold.1+0x34/0x4c > Sep 10 20:53:35 buster-test kernel: Code: ae c9 9e e8 78 96 d0 ff 0f 0b 48 c7 > c7 c8 ae c9 9e e8 6a 96 d0 ff 0f 0b 48 89 f2 48 89 fe 48 c7 c7 88 ae c9 9e e8 > 56 96 d0 ff <0f> 0b 48 89 fe 48 c7 c7 50 ae c9 9e e8 45 96 d0 ff 0f 0b 90 90 > 90 > Sep 10 20:53:35 buster-test kernel: RSP: 0018:ffffb031804bb968 EFLAGS: > 00010246 > Sep 10 20:53:35 buster-test kernel: RAX: 0000000000000054 RBX: > ffff9dbc35e56260 RCX: 0000000000000000 > Sep 10 20:53:35 buster-test kernel: RDX: 0000000000000000 RSI: > ffff9dbc3aa166b8 RDI: ffff9dbc3aa166b8 > Sep 10 20:53:35 buster-test kernel: RBP: ffff9dbc35050000 R08: > 00000000000001c4 R09: 0000000000000007 > Sep 10 20:53:35 buster-test kernel: R10: 0000000000000738 R11: > ffffffff9f3f26ed R12: 0000000000000000 > Sep 10 20:53:35 buster-test kernel: R13: ffffb031804bb9f8 R14: > 000000000000000c R15: ffff9dbc353386c8 > Sep 10 20:53:35 buster-test kernel: FS: 00007f1eafda3200(0000) > GS:ffff9dbc3aa00000(0000) knlGS:0000000000000000 > Sep 10 20:53:35 buster-test kernel: CS: 0010 DS: 0000 ES: 0000 CR0: > 0000000080050033 > Sep 10 20:53:35 buster-test kernel: CR2: 00007f49072a8114 CR3: > 0000000076502004 CR4: 00000000003606f0 > Sep 10 20:53:35 buster-test kernel: DR0: 0000000000000000 DR1: > 0000000000000000 DR2: 0000000000000000 > Sep 10 20:53:35 buster-test kernel: DR3: 0000000000000000 DR6: > 00000000fffe0ff0 DR7: 0000000000000400 Best regards Tim Düsterhus
