Created attachment 274713 [details] Logs of dmesg and "strace -f ipset list" If I massively work with "ipset" utility then I get a NULL pointer dereference and netfilter hangs after that. The logs are attached.
The command causes the bug (I mean the last command before the bug) in my case is: /sbin/ipset add ACL.IN.ALL_PERMIT 0.0.0.0/0,kaf_54 timeout 0 -exist
To repeat the bug on my machine it's enough just to copy this into the root terminal: ipset create ACL.IN.ALL_PERMIT hash:net,iface hashsize 1048576 timeout 0 for i in $(seq 0 100); do /sbin/ipset add ACL.IN.ALL_PERMIT 0.0.0.0/0,kaf_$i timeout 0 -exist done
It seems problems appears when I add the 65th such row into a set.
I've tuned some constants in the code and it helped: linux-4.14.26/net/netfilter/ipset/ip_set_core.c: #define IP_SET_INC 2048 linux-4.14.26/net/netfilter/ipset/ip_set_hash_gen.h: #define AHASH_MAX_TUNED 2048
However it works quite strange. It claims that there're 101 entry, however doesn't display any member: # ipset list ACL.IN.ALL_PERMIT Name: ACL.IN.ALL_PERMIT Type: hash:net,iface Revision: 6 Header: family inet hashsize 2097152 maxelem 65536 timeout 0 Size in memory: 10984 References: 0 Number of entries: 101 Members: #
Hit same issue as well. Testing / analysis points to https://github.com/torvalds/linux/commit/2b33d6ffa9e38f344418976b06 as the fix.