Description of problem: If memory allocation fails during the setup of dl_seq_start(), in the teardown section of the code, attempting to free the memory will cause an oops. Version-Release number of selected component (if applicable): kernel-2.6.18-207 I wasn't able to reproduce it, but I imagine that it is possible. Steps to Reproduce: 1. Use all available system memory. 2. Insert iptables rule ( iptables -A INPUT -m hashlimit --hashlimit 10 --hashlimit-mode dstport --hashlimit-name test) Actual results: Oops. Expected results: No oops. Additional info: I've been unable to reproduce this specific problem, but I can see how it can happen. Upstream has already fixed this bug in the commit: http://git.kernel.org/linus/55e0d7cf279177dfe320f54816320558bc370f24
Created attachment 440919 [details] proposed patch
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
in kernel-2.6.18-219.el5 You can download this test kernel from http://people.redhat.com/jwilson/el5 Detailed testing feedback is always welcomed.
Tried with kernel 2.6.18-194.el5 bud didn't trigger the oops. Did code review with kernel 2.6.18-235.el5, the patch was included and applied in kernel 2.6.18-235.el5: [root@intel-s3e8132-01 SPECS]# grep 615229 kernel-2.6.spec - [net] hashlimit: check allocation before freeing memory (Wade Mealing) [615229] [root@intel-s3e8132-01 SPECS]# grep -i "Patch25560" kernel-2.6.spec Patch25560: linux-2.6-net-hashlimit-check-allocation-before-freeing-memory.patch %patch25560 -p1
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0017.html