From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751915AbbJYJqp (ORCPT ); Sun, 25 Oct 2015 05:46:45 -0400 Received: from wtarreau.pck.nerim.net ([62.212.114.60]:17899 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750934AbbJYJqn (ORCPT ); Sun, 25 Oct 2015 05:46:43 -0400 Date: Sun, 25 Oct 2015 10:46:34 +0100 From: Willy Tarreau To: Gerhard Wiesinger Cc: Greg KH , linux-kernel@vger.kernel.org, Andrew Morton , torvalds@linux-foundation.org, stable@vger.kernel.org, lwn@lwn.net, Jiri Slaby Subject: Re: Linux 4.2.4 Message-ID: <20151025094634.GA6832@1wt.eu> References: <20151023003306.GA25388@kroah.com> <562C83FD.6010402@wiesinger.com> <20151025082547.GA22300@kroah.com> <20151025090308.GA17656@1wt.eu> <562CA13C.90500@wiesinger.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <562CA13C.90500@wiesinger.com> User-Agent: Mutt/1.4.2.3i Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Oct 25, 2015 at 10:30:36AM +0100, Gerhard Wiesinger wrote: > On 25.10.2015 10:03, Willy Tarreau wrote: > >On Sun, Oct 25, 2015 at 01:25:47AM -0700, Greg KH wrote: > >>On Sun, Oct 25, 2015 at 08:25:49AM +0100, Gerhard Wiesinger wrote: > >>>On 23.10.2015 02:33, Greg KH wrote: > >>>>I'm announcing the release of the 4.2.4 kernel. > >>>> > >>>>All users of the 4.2 kernel series must upgrade. > >>>> > >>>>The updated 4.2.y git tree can be found at: > >>>> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.2.y > >>>>and can be browsed at the normal kernel.org git web browser: > >>>> http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary > >>>> > >>>>thanks, > >>>> > >>>>greg k-h > >>>> > >>>Hello Greg, > >>> > >>>Kernel 4.2.4 is still broken regarding iptables/ipset: > >>>https://bugzilla.redhat.com/show_bug.cgi?id=1272645 > >>> > >>>Kernel 4.1.10 works well. > >>> > >>>Please fix it ASAP. > >>Fix it with what patch? > >It's not even sure there's a patch for this. There were numerous changes > >to ipset between 4.1 and 4.2 and very few in 4.3-rc, any you backported > >them all. Also, Gerhard's trace in the bugzilla report above is very > >poor, there's just one line of the panic, nothing exploitable at all, > >nothing even indicates that it is related to ipset at all. > > Sorry, don't have any more information. From the bugzilla report: > Message from syslogd@arm at Oct 24 20:05:09 ... > kernel:Process ipset (pid: 2055, stack limit = 0xe8404220) > > So ipset has a problem ... ipset *triggered* the problem. The whole stack dump would tell more. > >Gerhard, it would be easier if you could bisect between 4.1 and 4.2 to > >find what patch introduced the regression if you can easily reproduce > >the issue. That would make it more obvious what to look at and the > >patch author might have some ideas about the real problem. > > > > > > The device is in production so I can't play around here. Nevertheless I > can try a patch. But should be easy to reproduce in developers testing > environment with shorewall/netfilter and ipset. As shorewall6 is > activated it might also be an IPv6 issue. The problem is that without providing the rules that allow the issue to be reliably reproduced, it's unlikely that a developer will trigger the same issue, or the problem would have been fixed before the patch got merged. > Kernel 4.2 seems to me not well tested in the netfilter parts at all > (Bug with already known bugfix > https://lists.debian.org/debian-kernel/2015/10/msg00034.html was > triggered on 2 of 3 of my machines, the new bug on 1 of 1 tested machine). There's a reason why Greg maintains stable and LTS kernels :-) Willy