Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#2297 - kernel crash - iptables - reboot all the time .... #7218

Closed
openwrt-bot opened this issue May 28, 2019 · 31 comments
Closed

FS#2297 - kernel crash - iptables - reboot all the time .... #7218

openwrt-bot opened this issue May 28, 2019 · 31 comments
Labels

Comments

@openwrt-bot
Copy link

openwrt-bot commented May 28, 2019

camel:

Hello,
tested mondays trunk for mt7620 (we 826 16MB ... and it is rebooting all the time .. seems to be anything related to iptables....
and is rebooting all the time ....
yes, i have many things related to iptables installed.
(mwan3, keepalived, firewall)

trunk version: Powered by LuCI Master (f138fc93) / OpenWrt SNAPSHOT r10078-7d77879236

root@router03.dreamteam:/root # cat /sys/kernel/debug/crashlog
Time: 1559067166.707780
Modules: rt2800soc@86c1f000+a00 rt2800mmio@8735e000+1814 rt2800lib@86c00000+1dcf2 p ppoe@87340000+2130 ppp_async@87350000+1af0 option@87240000+7930 usb_wwan@873fe000+1207 rt2x 00soc@873fd000+4d2 rt2x00mmio@873f3000+9b0 rt2x00lib@87330000+95b9 pptp@87224000+35c0 pppo x@87266000+56a ppp_mppe@8728c000+1640 ppp_generic@87228000+58a2 nf_nat_pptp@8732b000+730 n f_conntrack_pptp@872fb000+ef0 nf_conntrack_ipv6@872ac000+1580 mt76x2e@872fc000+28f1 mt76x2_commo n@87288000+2d48 mt76x02_lib@872a0000+9c91 mt76@87280000+67a4 mac80211@87380000+6fc26 ipta ble_nat@8726d000+2f0 ipt_REJECT@8726a000+3f0 ipt_MASQUERADE@8728e000+2d0 cfg80211@872c0000+38 b00 xt_time@87220000+710 xt_tcpudp@8721e000+730 xt_tcpmss@8721b000+450 xt_statistic@8721700 0+370 xt_state@87212000+2f0 xt_recent@871fa000+1be0 xt_nat@87209000+630 xt_multiport@8720e00 0+530 xt_mark@8720a000+2d0 xt_mac@87206000+290 xt_limit@87207000+4d0 xt_length@87204000+2 f0 xt_hl@87201000+350 xt_helper@871ef000+390 xt_ecn@871fc000+570 xt_dscp@871e6000+410 xt_conntrack@871ee000+930 xt_connmark@871f5000+510 xt_connlimit@871f6000+11cd xt_c onnbytes@871f0000+670 xt_comment@871e9000+210 xt_TCPMSS@871ec000+b10 xt_REDIRECT@871e8000+2f0 x t_NETMAP@871e4000+630 xt_LOG@871e1000+330 xt_HL@871ce000+570 xt_FLOWOFFLOAD@871dd000+b40x t_DSCP@871cf000+610 xt_CT@871c3000+a90 xt_CLASSIFY@871d0000+270 usbserial@871d8000+4 8ab ts_fsm@871c9000+a90 ts_bm@871c1000+5b0 slhc@871c4000+147b nf_reject_ipv4@871c0 000+903 nf_nat_tftp@8719f000+250 nf_nat_snmp_basic@871be000+18e0 nf_nat_sip@871b0000+1f70 n f_nat_redirect@8719a000+5db nf_nat_proto_gre@87118000+3c0 nf_nat_masquerade_ipv4@871a6000+65cn f_nat_irc@87190000+430 nf_conntrack_ipv4@871bc000+1410 nf_nat_ipv4@871ac000+1031 nf_nat_h323@ 871a8000+1550 nf_nat_amanda@87199000+330 nf_nat@871a0000+2a9c nf_log_ipv4@87189000+db0 n f_flow_table_hw@875cd000+870 nf_flow_table@87194000+35df nf_defrag_ipv6@8718e000+135e nf_d efrag_ipv4@8714e000+496 nf_conntrack_tftp@8713b000+b10 nf_conntrack_snmp@8715b000+320 nf_conntrack sip@87180000+49bd nf_conntrack_rtcache@87139000+a70 nf_conntrack_proto_gre@87141000+a9en f_conntrack_netlink@87148000+5760 nf_conntrack_irc@8711c000+b80 nf_conntrack_h323@87150000+8 adf nf_conntrack_broadcast@8713d000+39d ts_kmp@87140000+550 nf_conntrack_amanda@87102000 +6f0 macvlan@87104000+31c2 iptable_raw@875dc000+290 iptable_mangle@875e3000+3b0 ipta ble_filter@875fb000+2b0 ipt_ECN@875f7000+5b0 ip_tables@87108000+2a0d crc_ccitt@875fa000+40b comp at@875f4000+1977 br_netfilter@87134000+2f51 sch_cake@87110000+7540 nf_conntrack@8712000 0+1001a sch_tbf@875f2000+16d0 sch_ingress@875cc000+4f0 sch_htb@875e8000+3720 sch_hfsc@875 e4000+3a30 em_u32@875c6000+250 cls_u32@875d8000+2260 cls_tcindex@875d4000+14b0 cls route@875d6000+1470 cls_matchall@875cb000+9d0 cls_fw@87587000+f10 cls_flow@875ce000+16 b0 cls_basic@875c4000+c30 act_skbedit@874f6000+9c0 act_mirred@8751a000+e20 xt_set@875c2 000+1b50 ip_set_list_set@87630000+1c70 ip_set_hash_netportnet@875b8000+6bf0 ip_set_hash_ netport@875b0000+61d0 ip_set_hash_netnet@875a8000+66d0 ip_set_hash_netiface@875a0000+62b0 i p_set_hash_net@87598000+5bf0 ip_set_hash_mac@87510000+28f0 ip_set_hash_ipportnet@87590000+6730i p_set_hash_ipportip@87588000+5470 ip_set_hash_ipport@87580000+5110 ip_set_hash_ipmark@8 7538000+4e30 ip_set_hash_ip@87530000+4d50 ip_set_bitmap_port@87522000+1810 ip_set_bitma p_ipmac@874e4000+1b90 ip_set_bitmap_ip@874fe000+1af0 ip_set@87508000+58ea nfnetlink@8752c000+1 1a7 nf_log_ipv6@87518000+1050 nf_log_common@874fd000+b6f ip6table_mangle@87501000+4b0 ip6table_filter@87504000+2b0 ip6_tables@87524000+2921 ip6t_REJECT@870fe000+430 x_ta bles@874f0000+368f nf_reject_ipv6@87500000+aa8 nfsv4@87560000+1f64b nfsv3@874f8000+463bn fs@87540000+1cc68 ip_gre@874a8000+3475 gre@870f0000+873 ifb@8763a000+c30 ip_t unnel@8763c000+2dd0 tun@87628000+53d1 vfat@87070000+2190 fat@874d0000+ca1e lock d@874b0000+cdbf sunrpc@87480000+275b1 grace@870eb000+561 dns_resolver@870e6000+efa dm_m irror@87028000+2f50 dm_region_hash@87626000+19b4 dm_log@87616000+1d91 dm_crypt@87618000+61 a0 dm_mod@87600000+15358 dax@87024000+2142 nls_utf8@87044000+370 nls_iso8859_1@870480 00+b50 nls_cp437@8707e000+1150 sha1_generic@87455000+8d5 ecb@87452000+590 usb_storage@ 877f0000+a38b sd_mod@87018000+7680 scsi_mod@87000000+17bb2 ext4@87080000+5c06e mbcache@876b c000+c6e jbd2@877d0000+cc82 crc16@876b4000+407 cryptomgr@87720000+7b9 aead@8772200 0+e61 crypto_null@876ad000+c22 crc32c_generic@87746000+590 crypto_hash@87468000+2752 m mc_block@87ff8000+5786 mtk_sd@8742c000+3ae0 mmc_core@87fe0000+14e9d leds_gpio@87f99000+b70 ohci platform@87f9e000+1030 ohci_hcd@87fb8000+5c7f ehci_platform@87422000+1230 ehci_hcd@87fa0000+88 f7 gpio_button_hotplug@87f86000+1930 usbcore@87400000+20b91 nls_base@87f8c000+1420 usb common@87f85000+9f7
<5>[ 16.752226] sd 0:0:0:0: [sda] 30533632 512-byte logical blocks: (15.6 GB/14.6 GiB)
<5>[ 16.764557] sd 0:0:0:0: [sda] Write Protect is off
<7>[ 16.769495] sd 0:0:0:0: [sda] Mode Sense: 43 00 00 00
<5>[ 16.775906] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO o r FUA
<6>[ 16.859226] sda:
<5>[ 16.877408] sd 0:0:0:0: [sda] Attached SCSI removable disk
<14>[ 17.347078] procd: - early -
<14>[ 17.350254] procd: - watchdog -
<14>[ 18.114371] procd: - watchdog -
<14>[ 18.117898] procd: - ubus -
<5>[ 18.332800] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[ 18.353783] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[ 18.370730] random: ubusd: uninitialized urandom read (4 bytes read)
<14>[ 18.391408] procd: - init -
<14>[ 23.845249] kmodloader: loading kernel modules from /etc/modules.d/*
<6>[ 24.016719] device-mapper: ioctl: 4.37.0-ioctl (2017-09-20) initialised: dm-devel@redhat.com
<5>[ 24.083642] Key type dns_resolver registered
<6>[ 24.359301] RPC: Registered named UNIX socket transport module.
<6>[ 24.365437] RPC: Registered udp transport module.
<6>[ 24.370245] RPC: Registered tcp transport module.
<6>[ 24.375039] RPC: Registered tcp NFSv4.1 backchannel transport module.
<6>[ 24.583828] tun: Universal TUN/TAP device driver, 1.6
<6>[ 24.612134] gre: GRE over IPv4 demultiplexor driver
<6>[ 24.652451] ip_gre: GRE over IPv4 tunneling driver
<5>[ 25.601898] NFS: Registering the id_resolver key type
<5>[ 25.607093] Key type id_resolver registered
<5>[ 25.611440] Key type id_legacy registered
<6>[ 25.626628] ip6_tables: (C) 2000-2006 Netfilter Core Team
<6>[ 25.642235] Netfilter messages via NETLINK v0.30.
<6>[ 25.675131] ip_set: protocol 6
<6>[ 26.029446] Mirror/redirect action on
<6>[ 26.054756] u32 classifier
<6>[ 26.057528] input device check on
<6>[ 26.061334] Actions configured
<6>[ 26.117925] nf_conntrack version 0.5.0 (2048 buckets, 8192 max)
<5>[ 26.176413] Bridge firewalling registered
<6>[ 26.183640] Loading modules backported from Linux version v4.19.32-0-g3a2156c839c7
<6>[ 26.191427] Backport generated by backports.git v4.19.32-1-0-g1c4f7569
<6>[ 26.202727] ip_tables: (C) 2000-2006 Netfilter Core Team
<6>[ 26.369559] ctnetlink v0.93: registering with nfnetlink.
<6>[ 26.545409] usbcore: registered new interface driver usbserial
<6>[ 26.551539] usbcore: registered new interface driver usbserial_generic
<6>[ 26.558276] usbserial: USB Serial support registered for generic
<6>[ 26.621121] xt_time: kernel timezone is -0000
<6>[ 26.775613] PPP generic driver version 2.4.2
<6>[ 26.783639] PPP MPPE Compression module registered
<6>[ 26.790929] NET: Registered protocol family 24
<6>[ 26.799245] PPTP driver version 0.8.5
<6>[ 26.840923] usbcore: registered new interface driver option
<6>[ 26.846719] usbserial: USB Serial support registered for GSM modem (1-port)
<6>[ 26.854855] option 1-1.2:2.2: GSM modem (1-port) converter detected
<6>[ 26.861588] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB0
<6>[ 26.868920] option 1-1.2:2.3: GSM modem (1-port) converter detected
<6>[ 26.875687] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB1
<6>[ 26.883116] option 1-1.2:2.4: GSM modem (1-port) converter detected
<6>[ 26.889853] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB2
<6>[ 26.897277] option 1-1.2:2.5: GSM modem (1-port) converter detected
<6>[ 26.904029] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB3
<6>[ 27.125486] rt2800_wmac 10180000.wmac: loaded eeprom from mtd device "factory"
<6>[ 27.132966] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 6352, rev 0500 detected
<6>[ 27.140894] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 7620 detected
<7>[ 27.148641] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
<14>[ 27.159865] kmodloader: done loading kernel modules from /etc/modules.d/*
<4>[ 28.605580] urandom_read: 5 callbacks suppressed
<5>[ 28.605590] random: jshn: uninitialized urandom read (4 bytes read)
<6>[ 48.273992] 8021q: adding VLAN 0 to HW filter on device eth0
<6>[ 48.286689] br-lan: port 1(eth0.1) entered blocking state
<6>[ 48.292292] br-lan: port 1(eth0.1) entered disabled state
<6>[ 48.298149] device eth0.1 entered promiscuous mode
<6>[ 48.303233] device eth0 entered promiscuous mode
<6>[ 48.345911] br-lan: port 1(eth0.1) entered blocking state
<6>[ 48.351508] br-lan: port 1(eth0.1) entered forwarding state
<6>[ 48.357351] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
<6>[ 48.492114] IPv6: ADDRCONF(NETDEV_UP): br-lan_guest: link is not ready
<6>[ 49.320540] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
<6>[ 57.686945] 3g-4G: renamed from ppp0
<6>[ 66.992794] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration start
<6>[ 67.001632] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration end
<5>[ 69.032135] random: crng init done
<6>[ 69.765391] ieee80211 phy0: rt2800_loft_iq_calibration: Info - LOFT Calibration Done!
<6>[ 69.777369] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[ 69.798240] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 0, (gain= 3, pha se=3b)
<6>[ 69.808475] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[ 69.829777] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 1, (gain= 0, pha se=3f)
<6>[ 69.839131] ieee80211 phy0: rt2800_loft_iq_calibration: Info - TX IQ Calibration Done!
<6>[ 70.312550] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=-1, Ph_rx=0
<6>[ 70.330571] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=0, Ph_rx=2
<6>[ 70.423759] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
<6>[ 70.434552] br-lan: port 2(wlan0) entered blocking state
<6>[ 70.439989] br-lan: port 2(wlan0) entered disabled state
<6>[ 70.445852] device wlan0 entered promiscuous mode
<6>[ 70.450903] br-lan: port 2(wlan0) entered blocking state
<6>[ 70.456330] br-lan: port 2(wlan0) entered forwarding state
<6>[ 70.469216] br-lan: port 2(wlan0) entered disabled state
<6>[ 72.886588] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
<6>[ 72.893380] br-lan: port 2(wlan0) entered blocking state
<6>[ 72.898839] br-lan: port 2(wlan0) entered forwarding state
<6>[ 72.914668] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[ 72.921379] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[ 72.928206] device wlan0_guest entered promiscuous mode
<6>[ 73.027386] IPv6: ADDRCONF(NETDEV_UP): wlan0_guest: link is not ready
<6>[ 73.034205] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[ 73.040724] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<6>[ 73.048201] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan_guest: link becomes ready
<6>[ 73.961957] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[ 75.241683] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0_guest: link becomes ready
<6>[ 75.248926] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[ 75.255489] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<0>[ 147.533588] usercopy: kernel memory exposure attempt detected from c1433000 (kmalloc-2048) (60 16 bytes)
<4>[ 147.543242] Kernel bug detected[#1]:
<4>[ 147.546895] CPU: 0 PID: 5029 Comm: iptables Not tainted 4.14.120 #0
<4>[ 147.553288] task: 87e01080 task.stack: 815be000
<4>[ 147.557904] $ 0 : 00000000 00000001 0000005b 00000000
<4>[ 147.563242] $ 4 : 804c2398 804c2398 804d1090 000050d0
<4>[ 147.568577] $ 8 : 00000000 0000010b 00000008 00000000
<4>[ 147.573913] $12 : 00000000 804c0000 00082454 00000000
<4>[ 147.579248] $16 : c1433000 00001780 00000001 c1434780
<4>[ 147.584585] $20 : c1433000 00001780 8710bd00 86cf8b10
<4>[ 147.589920] $24 : 00000002 802143dc
<4>[ 147.595257] $28 : 815be000 815bfde0 86ce0000 800df4a0
<4>[ 147.600593] Hi : 00000000
<4>[ 147.603527] Lo : ec4e4000
<4>[ 147.606493] epc : 800df4a0 __check_object_size+0x1b0/0x1e0
<4>[ 147.612267] ra : 800df4a0 _check_object_size+0x1b0/0x1e0
<4>[ 147.618034] Status: 1100e403 KERNEL EXL IE
<4>[ 147.622308] Cause : 50800024 (ExcCode 09)
<4>[ 147.626393] PrId : 00019650 (MIPS 24KEc)
<4>[ 147.630475] Modules linked in: rt2800soc rt2800mmio rt2800lib pppoe ppp_async option usb_wwan rt2x00soc rt2x00mmio rt2x00lib pptp pppox ppp_mppe ppp_generic nf_nat_pptp nf_conntrack_pptp nf_conn track_ipv6 mt76x2e mt76x2_common mt76x02_lib mt76 mac80211 iptable_nat ipt_REJECT ipt_MASQUERADE cfg 80211 xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbyte s xt_comment xt_TCPMSS xt_REDIRECT xt_NETMAP xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY u sbserial ts_fsm ts_bm slhc nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect n f_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_a manda nf_nat
<4>[ 147.702548] nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_connt rack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrac k_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_broadcast ts_kmp nf_conntrack_amanda macvl an iptable_raw iptable_mangle iptable_filter ipt_ECN ip_tables crc_ccitt compat br_netfilter sch_cak e nf_conntrack sch_tbf sch_ingress sch_htb sch_hfsc em_u32 cls_u32 cls_tcindex cls_route cls_matchal l cls_fw cls_flow cls_basic act_skbedit act_mirred xt_set ip_set_list_set ip_set_hash_netportnet ip
set_hash_netport ip_set_hash_netnet ip_set_hash_netiface ip_set_hash_net ip_set_hash_mac ip_set_hash ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_p ort ip_set_bitmap_ipmac
<4>[ 147.775543] ip_set_bitmap_ip ip_set nfnetlink nf_log_ipv6 nf_log_common ip6table_mangle ip6ta ble_filter ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 nfsv4 nfsv3 nfs ip_gre gre ifb ip_tunnel t un vfat fat lockd sunrpc grace dns_resolver dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax nls
utf8 nls_iso8859_1 nls_cp437 sha1_generic ecb usb_storage sd_mod scsi_mod ext4 mbcache jbd2 crc16 cr yptomgr aead crypto_null crc32c_generic crypto_hash mmc_block mtk_sd mmc_core leds_gpio ohci_platfor m ohci_hcd ehci_platform ehci_hcd gpio_button_hotplug usbcore nls_base usb_common
<4>[ 147.827120] Process iptables (pid: 5029, threadinfo=815be000, task=87e01080, tls=77f99eb8)
<4>[ 147.835542] Stack : c1434770 8046f078 8046514c c1433000 8046d884 00001780 c1433000 804c0000
<4>[ 147.844080] 804e0000 81600000 81600040 87109a40 804d9c88 0000095c 0095c000 815dc008
<4>[ 147.852615] 815dc008 0095ab50 86ce0040 804d9c88 00000000 00000000 746c6966 00007265
<4>[ 147.861151] 00000000 00000000 00000000 00000000 00000000 00000000 0000000e 00000177
<4>[ 147.869686] 00018a38 00000000 00000000 00002088 000054f0 00000000 00000000 00001ff0
<4>[ 147.878219] ...
<4>[ 147.880714] Call Trace:
<4>[ 147.883216] [<800df4a0>] __check_object_size+0x1b0/0x1e0
<4>[ 147.888685] [<87109a40>] ipt_register_table+0x420/0xd88 [ip_tables]
<4>[ 147.895084] Code: 02003825 0c016478 2484f084 <000c000d> 8fb30028 8fb20024 8fb10020 8fb000 1c 03e00008
<4>[ 147.905047]
<4>[ 147.906757] ---[ end trace 59f8aeb2ee4d9251 ]---

@openwrt-bot
Copy link
Author

openwrt-bot commented May 28, 2019

ynezz:

cat /sys/kernel/debug/crashlog

Can you please 'cat /sys/kernel/debug/crashlog > /tmp/crashlog' and attach(upload not copy&paste) this file here? It seems like it got corrupted somewhere in the transit.

tested mondays trunk for mt7620

Do you know the last working version?

yes, i have many things related to iptables installed. (mwan3, keepalived, firewall)

Can you perhaps try to isolate this problem somehow? Ideally provide some steps how could I reproduce it here on my mt7620 device.

@openwrt-bot
Copy link
Author

openwrt-bot commented May 29, 2019

camel:

well, it is hard to say ...
last working version was on TRUNK from 2019-01-15

i use interfaces: lan, pptp, tun(openvpn), 3g-4G(ppp)
if you give me your address, then i can give you the full backup + explaination to install and which packages I'm using...

i played now 24 hours to isolate ....
it is not related to: (tried to disable this services ...)
dnsmasq
mwan3
odhcpd
softflowd
sqm
uhttpd
vsftpd
nlbwmon
pptpd
keepalived
luci_statistics
collectd
openvpn
wrtbwmon
ddns
sysntpd
3ginfo
smstools3
vnstat

but what i have seen, if i disable all the interfaces (tun, pptp, ppp(3g-4G) and not reloading firewall, then it would be stable

so, i guess the problem is related to iptables and reloading rules and to use the network devices again ..

@openwrt-bot
Copy link
Author

openwrt-bot commented May 29, 2019

camel:

oh, 1 more .... it is not happening on the mt7621 (zbt wg2526), only having this problem on the mt7620 (ZBT WE826 16MB)
so, it must be something related to the mt7620 device i guess

and with mwan3 (which is loading massive fw rules again on up/down internfaces, it is going faster to crash ...
without it takes longer ....

@openwrt-bot
Copy link
Author

openwrt-bot commented May 29, 2019

camel:

hmm, i really have no clue, but i guess it is something related to ip6tables ...
as:
1.) it is always a "ExcCode 09"
additional, doesn't care if it is on 3G(pppd) or TUN(openvpn) device ....
strange ...
there must be something changed on the ipv6 stuf in the least 3 months as it is funny ,...
tested it with 2 different providers:
1x provider which not collecting ipv6 -> no problem
1x provider which collecting ipv6 -> crashing
really strange ...

@openwrt-bot
Copy link
Author

openwrt-bot commented May 29, 2019

camel:

tested now the 18.06
which is working fine ...
root@router03.dreamteam:/tmp # uname -a
Linux router03.dreamteam 4.14.95 #0 Mon Jan 28 08:54:32 2019 mips GNU/Linux

@openwrt-bot
Copy link
Author

openwrt-bot commented May 29, 2019

ynezz:

tested now the 18.06, which is working fine ...

Ok, that's good to know.

if you give me your address, then i can give you the full backup + explaination to install and which packages I'm using...

Please send me the minimal config which exhibits this problem + steps to reproduce it to my email ynezz@true.cz

@openwrt-bot
Copy link
Author

openwrt-bot commented May 29, 2019

camel:

well, the problem will be:
1.) are you having more devices to test ? as you would need server and client ...
2.) if not, are you having a modem on it ? as many often time it happens when 3G connection is trying to established.

as told ... i can give you how to setup mine, but I'm a power user, and not sure if you have the same behavior

is it not anyhow possible to see which changes are done related on ip6tables to see what can be the problem ?
or where can i check all commits for the iptable related stuff ?

@openwrt-bot
Copy link
Author

openwrt-bot commented May 29, 2019

ynezz:

I'm not able to reproduce it. Please try following:

mv /usr/sbin/iptables /usr/sbin/iptables.real
echo -e '#!/bin/sh\necho "ipt: $@" > /dev/kmsg\n/usr/sbin/iptables.real iptables $@' > /usr/sbin/iptables
chmod +x /usr/sbin/iptables

This should log all iptables commands, so they should appear in the crashlog as well.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 9, 2019

Hauke:

Please try if this patch fixes your problem and report back:
https://patchwork.ozlabs.org/patch/1112640/

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 9, 2019

camel:

thx hauke, but i can't built my own with a patch. only can test trunk
having no possibilities to do it on my location :(

for now, i had to wait to test again with your recommendation to get more log detail on crash ...i will do in coming week,

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 10, 2019

camel:

or do you know if the given "patch" was already added in tnew trunk versions ?

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 11, 2019

Soberia:

Same problem here, using MT7621, no MWAN3 or PPTP
No problem with 18.06
[[https://bugs.openwrt.org/index.php?do=details&task_id=2316&order=dateopened&sort=desc]]

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 11, 2019

moeller0:

Same issue, applying https://patchwork.ozlabs.org/patch/1112640/ might have solved the issue. I performed two hard dsl line disconnects, in the recent past upon resyncing and establishing a new ppp connection the router pretty reliably rebooted with a:
usercopy: kernel memory exposure attempt detected from
type error messages in the crashlog, now after patching it surbvived two dsl-unplug/re-plug cycles. I will monitor it further but this looks at least like it is going in the right direction ;)

As far as I can tell the patch is not yet in trunk, as I had to add it myself...

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 12, 2019

camel:

the real question would be, what was changed related to this bug from 18.01 to the trunk, so that it will be fixed on the root ... hmm ?

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 12, 2019

moeller0:

I believe the root cause is the backport of the hardened usercopy:
https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=9b1239451d6598f39b3689c8c6e0d6147965e601 on the 11th of May. So far no reboots with the patch, but too early to declare mission accomplished.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 13, 2019

moeller0:

So, the patch actually made it into 4.14.125, see https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=a7e68927d047c5c979a2bf7e9203e9da72ee80e7

That means this issue should be gone in trunk soon. Even though Koen writes:
"This bump contains upstream commits which seem to avoid (not properly fix)
the errors as seen in FS#2305 and FS#2297"

So this might be a temporary measure...

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 13, 2019

Borromini:

I suspect I got bitten by this bug too. I started building off the 19.07 branch and wanted to migrate my mt7621 DIR-860L B1, but it choked on both the sysupgrade and factory image (my 18.06 HEAD images work fine). Device seems to keep powercycling and is completely unreachable. Will report back once I tried 4.14.125.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 13, 2019

Borromini:

Alright, so... I built 19.07 HEAD, following behaviour:

  • 19.07 HEAD as-is (with kernel 4.14.125): seems to keep powercycling; completely unusable.
  • 19.07 HEAD with 9b12394 reverted: works fine, just like 18.06 HEAD.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 14, 2019

camel:

sorry, but now not clear for me :(
what is now the status ?
should it be solved in current trunk or not ?

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 14, 2019

moeller0:

@Borromini I believe I also once observed a prolonged boot in which the un-patched master build rebooted for a few minutes before it managed to fully boot (due to a lack of a serial console I have no information about the root cause). I assumed this to be related to this issue as well. How long did you give the system for power cycling? It would be quite interesting, I believe, to see the crashlog after the powercycling stops (assuming it will stop at one point)...

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 14, 2019

Borromini:

@Camel, at least for me, it seems to come down to this:

  • The [[https://patchwork.ozlabs.org/patch/1112640/|patch]] Hauke linked to got integrated (that patch itself, or a similar one) into the upstream 4.14.125 kernel bump and was said to mitigate this issue (but not solve it, as per the OpenWrt commit message).
  • For me, on an MT7621 platform (DIR-860L B1), bumping to the latest 19.07 HEAD with 4.14.125 (19.07 and master should be identical at this point) does not solve the issue.
  • Reverting [[https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=9b1239451d6598f39b3689c8c6e0d6147965e601|commit 9b12394]] does however, which of course is not a final solution, but for me is a viable workaround.

@moeller0: I didn't give it a lot of time. The DIR-860L just shows a steady orange light during boot, it's not clear whether it's really doing anything. I have let it sit there for a few minutes a few times though, I think I gave it a shot like three or four times (two sysupgrades, two factory flashes from the bootloader), the router is a bit difficult to get to so I waited a bit, but not more than 10 mins. Static link on my desktop seemed to come up once in a while then disappear quickly again, that suggests it got through at some point but it was not possible to get a ping or other sign of life out of it.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 14, 2019

moeller0:

@Borromini, okay, I guess it really really does not want to start-up then ;) Interesting that reverting the hardened usercopy commit gets rid of the issue though, which confirms the "avoid but not properly fix" assessment of Koen....

I will see over the weekend, whether I can force a few DSL-resyncs (in the past these almost always resulted in a reboot of the router once the pppoe-link got re-established and fw3 was starting again). I will only upgrade from r10199 once I either see a crash or if I do not see a crash in at least 10 resyncs (currently the count is at 2 resyncs)).

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 14, 2019

camel:

tested again, my device is doing reboot around 15 hours, now seeme to be longer up
(normally reboot is within 80sec ...

root@router04.dreamteam:/root # cat /sys/kernel/debug/crashlog
Time: 1560533039.209713
Modules: rt2800soc@86c1f000+a00 rt2800mmio@87356000+1814 rt2800lib@86c00000+1dcf2 pppoe@87340000+2130 ppp_async@87350000+1af0 option@872a8000+7930 usb_wwan@8730e000+1207 rt2x00soc@872a1000+4d2 rt2x00mmio@87309000+9b0 rt2x00lib@87330000+95b9 pptp@8731c000+35c0 pppox@87319000+56a ppp_mppe@872fe000+1640 ppp_generic@87228000+58a2 nf_nat_pptp@8728e000+730 nf_conntrack_pptp@872fc000+ef0 nf_conntrack_ipv6@8732c000+1580 mt76x2e@87288000+28f1 mt76x2_common@8726c000+2d48 mt76x02_lib@87290000+9c91 mt76@87260000+67a4 mac80211@87380000+6fc26 iptable_nat@8728d000+2f0 ipt_REJECT@87283000+3f0 ipt_MASQUERADE@8721e000+2d0 cfg80211@872c0000+38b00 xt_time@87225000+710 xt_tcpudp@87223000+730 xt_tcpmss@87221000+450 xt_statistic@8721c000+370 xt_state@87218000+2f0 xt_recent@87216000+1be0 xt_nat@87215000+630 xt_multiport@87212000+530 xt_mark@87201000+2d0 xt_mac@8720e000+290 xt_limit@8720c000+4d0 xt_length@87205000+2f0 xt_hl@87208000+350 xt_helper@87206000+390 xt_ecn@87204000+570 xt_dscp@871f9000+410xt_conntrack@871fb000+930 xt_connmark@871f8000+510 xt_connlimit@871dc000+11cd xt_connbytes@871ec000+670 xt_comment@871ef000+210 xt_TCPMSS@871f2000+b10 xt_REDIRECT@871ee000+2f0 xt_NETMAP@871eb000+630 xt_LOG@871ce000+330 xt_HL@871e7000+570 xt_FLOWOFFLOAD@871d9000+b40xt_DSCP@871d4000+610 xt_CT@871cc000+a90 xt_CLASSIFY@871d5000+270 usbserial@871e0000+48ab ts_fsm@871cd000+a90 ts_bm@871c4000+5b0 slhc@871c8000+147b nf_reject_ipv4@871c3000+903 nf_nat_tftp@871b9000+250 nf_nat_snmp_basic@871be000+18e0 nf_nat_sip@871c6000+1f70 nf_nat_redirect@871b0000+5db nf_nat_proto_gre@871a1000+3c0 nf_nat_masquerade_ipv4@87192000+65cnf_nat_irc@871ac000+430 nf_conntrack_ipv4@871b2000+1410 nf_nat_ipv4@871b4000+1031 nf_nat_h323@8714c000+1550 nf_nat_amanda@87199000+330 nf_nat@871a4000+2a9c nf_log_ipv4@87196000+db0 nf_flow_table_hw@8715f000+870 nf_flow_table@8719c000+35df nf_defrag_ipv6@8714e000+135e nf_defrag_ipv4@87136000+496 nf_conntrack_tftp@87139000+b10 nf_conntrack_snmp@87186000+320 nf_conntrack_sip@87188000+49bd nf_conntrack_rtcache@87138000+a70 nf_conntrack_proto_gre@8713d000+a9enf_conntrack_netlink@87180000+5760 nf_conntrack_irc@87135000+b80 nf_conntrack_h323@87150000+8adf nf_conntrack_broadcast@8713b000+39d ts_kmp@87144000+550 nf_conntrack_amanda@87105000+6f0 macvlan@87140000+31c2 iptable_raw@875dd000+290 iptable_mangle@875ed000+3b0 iptable_filter@875f5000+2b0 ipt_ECN@875f4000+5b0 ip_tables@8711c000+2a0d crc_ccitt@875fc000+40b compat@87132000+1977 br_netfilter@87118000+2f51 sch_cake@87110000+7540 nf_conntrack@87120000+1001a sch_tbf@875f8000+16d0 sch_ingress@875d6000+4f0 sch_htb@875f0000+3720 sch_hfsc@875e4000+3a30 em_u32@87631000+250 cls_u32@875e0000+2260 cls_tcindex@875da000+14b0 cls_route@875ce000+1470 cls_matchall@875d5000+9d0 cls_fw@87525000+f10 cls_flow@875d0000+16b0 cls_basic@87526000+c30 act_skbedit@87507000+9c0 act_mirred@8763f000+e20 xt_set@875c8000+1b50 ip_set_list_set@875ca000+1c70 ip_set_hash_netportnet@875c0000+6bf0 ip_set_hash_netport@875b8000+61d0 ip_set_hash_netnet@875b0000+66d0 ip_set_hash_netiface@875a8000+62b0 ip_set_hash_net@875a0000+5bf0 ip_set_hash_mac@87504000+28f0 ip_set_hash_ipportnet@87598000+6730ip_set_hash_ipportip@87590000+5470 ip_set_hash_ipport@87588000+5110 ip_set_hash_ipmark@87580000+4e30 ip_set_hash_ip@87518000+4d50 ip_set_bitmap_port@874ec000+1810 ip_set_bitmap_ipmac@87638000+1b90 ip_set_bitmap_ip@8750c000+1af0 ip_set@87510000+58ea nfnetlink@8755e000+11a7 nf_log_ipv6@87636000+1050 nf_log_common@874b4000+b6f ip6table_mangle@87630000+4b0ip6table_filter@87524000+2b0 ip6_tables@87500000+2921 ip6t_REJECT@8752d000+430 x_tables@87528000+368f nf_reject_ipv6@87521000+aa8 nfsv4@87560000+1f64b nfsv3@87538000+463bnfs@87540000+1cc68 ip_gre@87600000+3475 gre@874bb000+873 ifb@8745f000+c30 ip_tunnel@870fc000+2dd0 tun@874a8000+53d1 vfat@870e8000+2190 fat@87610000+ca1e lockd@874f0000+cdbf sunrpc@874c0000+275b1 grace@8704b000+561 dns_resolver@870ee000+efa dm_mirror@87048000+2f50 dm_region_hash@874a6000+19b4 dm_log@87076000+1d91 dm_crypt@87078000+61a0 dm_mod@87060000+15358 dax@8704c000+2142 nls_utf8@87026000+370 nls_iso8859_1@87043000+b50 nls_cp437@8745a000+1150 sha1_generic@87027000+8d5 ecb@87028000+590 usb_storage@877f0000+a38b sd_mod@87018000+7680 scsi_mod@87000000+17bb2 ext4@87080000+5c06e mbcache@876e0000+c6e jbd2@877e0000+cc82 crc16@8769a000+407 cryptomgr@877bf000+7b9 aead@877cf000+e61 crypto_null@87799000+c22 crc32c_generic@876b6000+590 crypto_hash@877cc000+2752 mmc_block@87ff8000+5786 mtk_sd@87fa8000+3ae0 mmc_core@87fe0000+14e9d leds_gpio@87f8f000+b70 ohci_platform@87fba000+1030 ohci_hcd@87fa0000+5c7f ehci_platform@87422000+1230 ehci_hcd@87f90000+88f7 gpio_button_hotplug@87f86000+1930 usbcore@87400000+20b91 nls_base@87f8c000+1420 usb_common@87f84000+9f7
<5>[ 17.156491] scsi 0:0:0:0: Direct-Access Intenso Micro Line 1100 PQ: 0 ANSI: 4
<5>[ 17.174920] sd 0:0:0:0: [sda] 30515200 512-byte logical blocks: (15.6 GB/14.6 GiB)
<5>[ 17.188904] sd 0:0:0:0: [sda] Write Protect is off
<7>[ 17.193874] sd 0:0:0:0: [sda] Mode Sense: 43 00 00 00
<5>[ 17.200474] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
<6>[ 17.274366] sda:
<5>[ 17.285777] sd 0:0:0:0: [sda] Attached SCSI removable disk
<14>[ 17.753155] procd: - early -
<14>[ 17.756221] procd: - watchdog -
<14>[ 18.519273] procd: - watchdog -
<14>[ 18.522930] procd: - ubus -
<5>[ 18.724893] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[ 18.736499] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[ 18.752753] random: ubusd: uninitialized urandom read (4 bytes read)
<14>[ 18.768928] procd: - init -
<14>[ 23.943885] kmodloader: loading kernel modules from /etc/modules.d/*
<6>[ 24.138328] device-mapper: ioctl: 4.37.0-ioctl (2017-09-20) initialised: dm-devel@redhat.com
<5>[ 24.202085] Key type dns_resolver registered
<6>[ 24.483983] RPC: Registered named UNIX socket transport module.
<6>[ 24.490034] RPC: Registered udp transport module.
<6>[ 24.494899] RPC: Registered tcp transport module.
<6>[ 24.499695] RPC: Registered tcp NFSv4.1 backchannel transport module.
<6>[ 24.711120] tun: Universal TUN/TAP device driver, 1.6
<6>[ 24.736833] gre: GRE over IPv4 demultiplexor driver
<6>[ 24.775263] ip_gre: GRE over IPv4 tunneling driver
<5>[ 25.710211] NFS: Registering the id_resolver key type
<5>[ 25.715487] Key type id_resolver registered
<5>[ 25.719773] Key type id_legacy registered
<6>[ 25.734854] ip6_tables: (C) 2000-2006 Netfilter Core Team
<6>[ 25.750415] Netfilter messages via NETLINK v0.30.
<6>[ 25.784428] ip_set: protocol 6
<6>[ 26.133242] Mirror/redirect action on
<6>[ 26.159707] u32 classifier
<6>[ 26.162550] input device check on
<6>[ 26.166280] Actions configured
<6>[ 26.224594] nf_conntrack version 0.5.0 (2048 buckets, 8192 max)
<5>[ 26.283900] Bridge firewalling registered
<6>[ 26.291457] Loading modules backported from Linux version v4.19.32-0-g3a2156c839c7
<6>[ 26.299269] Backport generated by backports.git v4.19.32-1-0-g1c4f7569
<6>[ 26.310497] ip_tables: (C) 2000-2006 Netfilter Core Team
<6>[ 26.499463] ctnetlink v0.93: registering with nfnetlink.
<6>[ 26.675542] usbcore: registered new interface driver usbserial
<6>[ 26.681592] usbcore: registered new interface driver usbserial_generic
<6>[ 26.688395] usbserial: USB Serial support registered for generic
<6>[ 26.748100] xt_time: kernel timezone is -0000
<6>[ 26.889319] PPP generic driver version 2.4.2
<6>[ 26.897406] PPP MPPE Compression module registered
<6>[ 26.905898] NET: Registered protocol family 24
<6>[ 26.912922] PPTP driver version 0.8.5
<6>[ 26.949193] usbcore: registered new interface driver option
<6>[ 26.955083] usbserial: USB Serial support registered for GSM modem (1-port)
<6>[ 26.963192] option 1-1.2:2.2: GSM modem (1-port) converter detected
<6>[ 26.969881] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB0
<6>[ 26.977291] option 1-1.2:2.3: GSM modem (1-port) converter detected
<6>[ 26.984036] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB1
<6>[ 26.991392] option 1-1.2:2.4: GSM modem (1-port) converter detected
<6>[ 26.998163] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB2
<6>[ 27.005573] option 1-1.2:2.5: GSM modem (1-port) converter detected
<6>[ 27.012330] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB3
<6>[ 27.173614] rt2800_wmac 10180000.wmac: loaded eeprom from mtd device "factory"
<6>[ 27.181009] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 6352, rev 0500 detected
<6>[ 27.188975] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 7620 detected
<7>[ 27.196746] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
<14>[ 27.225050] kmodloader: done loading kernel modules from /etc/modules.d/*
<4>[ 28.041240] urandom_read: 5 callbacks suppressed
<5>[ 28.041250] random: jshn: uninitialized urandom read (4 bytes read)
<6>[ 47.827061] 8021q: adding VLAN 0 to HW filter on device eth0
<6>[ 47.846763] br-lan: port 1(eth0.1) entered blocking state
<6>[ 47.852365] br-lan: port 1(eth0.1) entered disabled state
<6>[ 47.858247] device eth0.1 entered promiscuous mode
<6>[ 47.863336] device eth0 entered promiscuous mode
<6>[ 47.914903] br-lan: port 1(eth0.1) entered blocking state
<6>[ 47.920430] br-lan: port 1(eth0.1) entered forwarding state
<6>[ 47.926366] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
<6>[ 48.046336] IPv6: ADDRCONF(NETDEV_UP): br-lan_guest: link is not ready
<6>[ 48.902638] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
<6>[ 56.961391] 3g-4G: renamed from ppp0
<6>[ 70.864641] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration start
<6>[ 70.873456] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration end
<5>[ 74.370136] random: crng init done
<6>[ 76.625562] ieee80211 phy0: rt2800_loft_iq_calibration: Info - LOFT Calibration Done!
<6>[ 76.637445] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[ 76.658779] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 0, (gain= f, phase=3d)
<6>[ 76.669028] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[ 76.690333] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 1, (gain= 0, phase= 0)
<6>[ 76.699689] ieee80211 phy0: rt2800_loft_iq_calibration: Info - TX IQ Calibration Done!
<6>[ 77.090306] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=-1, Ph_rx=3
<6>[ 77.108328] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=1, Ph_rx=2
<6>[ 77.168478] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
<6>[ 77.186695] br-lan: port 2(wlan0) entered blocking state
<6>[ 77.192211] br-lan: port 2(wlan0) entered disabled state
<6>[ 77.198027] device wlan0 entered promiscuous mode
<6>[ 78.871533] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
<6>[ 78.878322] br-lan: port 2(wlan0) entered blocking state
<6>[ 78.883798] br-lan: port 2(wlan0) entered forwarding state
<6>[ 78.913412] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[ 78.919912] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[ 78.927187] device wlan0_guest entered promiscuous mode
<6>[ 79.019397] IPv6: ADDRCONF(NETDEV_UP): wlan0_guest: link is not ready
<6>[ 79.026072] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[ 79.032578] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<6>[ 79.040912] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan_guest: link becomes ready
<6>[ 79.944618] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[ 81.636294] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0_guest: link becomes ready
<6>[ 81.643623] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[ 81.650124] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<0>[ 134.310980] usercopy: kernel memory overwrite attempt detected to c1810000 (sighand_cache) (1120 bytes)
<4>[ 134.320680] Kernel bug detected[#1]:
<4>[ 134.324332] CPU: 0 PID: 5825 Comm: iptables Not tainted 4.14.120 #0
<4>[ 134.330724] task: 85fea680 task.stack: 85f5a000
<4>[ 134.335339] $ 0 : 00000000 00000001 0000005b 00000000
<4>[ 134.340678] $ 4 : 804c2398 804c2398 804d1090 00005010
<4>[ 134.346015] $ 8 : 00000000 00000108 00000008 00000000
<4>[ 134.351350] $12 : 00000000 804c0000 0004bec4 00000000
<4>[ 134.356685] $16 : c1810000 00000460 00000000 c1810460
<4>[ 134.362022] $20 : 77fca880 00000488 00000000 77fc6000
<4>[ 134.367358] $24 : 00000002 802143dc
<4>[ 134.372694] $28 : 85f5a000 85f5bdc0 00000000 800df4a0
<4>[ 134.378031] Hi : 00000000
<4>[ 134.380964] Lo : ec4e4000
<4>[ 134.383932] epc : 800df4a0 __check_object_size+0x1b0/0x1e0
<4>[ 134.389705] ra : 800df4a0 __check_object_size+0x1b0/0x1e0
<4>[ 134.395472] Status: 1100e403 KERNEL EXL IE
<4>[ 134.399744] Cause : 50800024 (ExcCode 09)
<4>[ 134.403829] PrId : 00019650 (MIPS 24KEc)
<4>[ 134.407911] Modules linked in: rt2800soc rt2800mmio rt2800lib pppoe ppp_async option usb_wwan rt2x00soc rt2x00mmio rt2x00lib pptp pppox ppp_mppe ppp_generic nf_nat_pptp nf_conntrack_pptp nf_conntrack_ipv6 mt76x2e mt76x2_common mt76x02_lib mt76 mac80211 iptable_nat ipt_REJECT ipt_MASQUERADE cfg80211 xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_NETMAP xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY usbserial ts_fsm ts_bm slhc nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_amanda nf_nat
<4>[ 134.479984] nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_broadcast ts_kmp nf_conntrack_amanda macvlan iptable_raw iptable_mangle iptable_filter ipt_ECN ip_tables crc_ccitt compat br_netfilter sch_cake nf_conntrack sch_tbf sch_ingress sch_htb sch_hfsc em_u32 cls_u32 cls_tcindex cls_route cls_matchall cls_fw cls_flow cls_basic act_skbedit act_mirred xt_set ip_set_list_set ip_set_hash_netportnet ip_set_hash_netport ip_set_hash_netnet ip_set_hash_netiface ip_set_hash_net ip_set_hash_mac ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_port ip_set_bitmap_ipmac
<4>[ 134.552981] ip_set_bitmap_ip ip_set nfnetlink nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 nfsv4 nfsv3 nfs ip_gre gre ifb ip_tunnel tun vfat fat lockd sunrpc grace dns_resolver dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax nls_utf8 nls_iso8859_1 nls_cp437 sha1_generic ecb usb_storage sd_mod scsi_mod ext4 mbcache jbd2 crc16 cryptomgr aead crypto_null crc32c_generic crypto_hash mmc_block mtk_sd mmc_core leds_gpio ohci_platform ohci_hcd ehci_platform ehci_hcd gpio_button_hotplug usbcore nls_base usb_common
<4>[ 134.604561] Process iptables (pid: 5825, threadinfo=85f5a000, task=85fea680, tls=77fd4eb8)
<4>[ 134.612984] Stack : 804e0000 8046f06c 80477a08 c1810000 80465a74 00000460 00000000 00000460
<4>[ 134.621520] c1810000 77fca8a8 804d9c88 87529eec 86d30000 86d30040 c180e000 804c0000
<4>[ 134.630057] 804c0000 804e0000 00000041 8711db28 804d9c88 00000991 00991000 86066008
<4>[ 134.638594] 86066008 77fca420 818a8040 804d9c88 00000000 00000000 676e616d 0000656c
<4>[ 134.647129] 00000000 00000000 00000000 00000000 00000000 00000000 00000046 00000000
<4>[ 134.655662] ...
<4>[ 134.658156] Call Trace:
<4>[ 134.660657] [<800df4a0>] __check_object_size+0x1b0/0x1e0
<4>[ 134.666160] [<87529eec>] xt_copy_counters_from_user+0xac/0x1bc [x_tables]
<4>[ 134.673129] [<8711db28>] ipt_register_table+0x508/0xd88 [ip_tables]
<4>[ 134.679527] Code: 02003825 0c016478 2484f084 <000c000d> 8fb30028 8fb20024 8fb10020 8fb0001c 03e00008
<4>[ 134.689493]
<4>[ 134.691332] ---[ end trace 79d314d42d999c7b ]---

=================================root@router04.dreamteam:/root

stil with the old trunk tested
/root # uptime
11:53:50 up 29 min, load average: 0.44, 0.19, 0.25
root@router04.dreamteam:/root #

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 14, 2019

camel:

what is for me not clear, if that is since the hardcopy changes on the newer kernel, why not do a rollback to solve it ?
as it seems to be, that these changes are not OK.
So, that would be logically to revert/rollback to the working version, and then devs can play around to implement the new changes, isn't it ?
currently it is a showstopper, and trunk is useless ....

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 14, 2019

Borromini:

Master implies breaking changes, it's its very nature that things break.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 17, 2019

Hauke:

The patch I linked here was integrated in Linux 5.2-rc4 and 4.14.125, this is the reason it was linked in the kernel update commit.

The "fix" is not so nice, I proposed a fix here: https://patchwork.kernel.org/patch/10997683/ it should show up in in one of the next 5.2-rcX and then in some stable kernel versions.

This problem was happening when I activated the user copy hardening, I tried it on some devices, but I do not own every device. I didn't do the revert because there was a fix already available.

Borromini, your problem looks different.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 21, 2019

camel:

it would be interested tio know when the patch should be in the trunk version compiled into - can anyone tell me that ? as i will then try if the patch works or not.

@openwrt-bot
Copy link
Author

openwrt-bot commented Jun 26, 2019

camel:

sorry to repeat my question, but currently i can't use the trunk since 1 months, and i had to go back to 18.06, and there are many other issues and many things not supported. so i would be nesty to know ...when will it be fixed in TRUNK ? still noone which can tell me more ? ETA ?

@openwrt-bot
Copy link
Author

openwrt-bot commented Jul 9, 2019

camel:

hmm, seems to be fixed. currently not having anymore that problem.
pls close ticket

@openwrt-bot
Copy link
Author

openwrt-bot commented Jul 9, 2019

ynezz:

hmm, seems to be fixed. currently not having anymore that problem.

what has changed?

@openwrt-bot
Copy link
Author

openwrt-bot commented Jul 9, 2019

camel:

newest trunk that has changed on my routers :)
Master (f138fc93) / OpenWrt SNAPSHOT r10444-5c094ff660
Kernel Version - 4.14.131

and on the error - it was ~ 4.14.120
but in detail, which changes related on that problem was done ? ... i have no clue.

cu

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant