OpenWrt/LEDE Project

  • Status Closed
  • Percent Complete
    100%
  • Task Type Bug Report
  • Category Base system
  • Assigned To
    Petr Štetiar
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by camel - 28.05.2019
Last edited by Petr Štetiar - 09.07.2019

FS#2297 - kernel crash - iptables - reboot all the time ....

Hello,
tested mondays trunk for mt7620 (we 826 16MB ... and it is rebooting all the time .. seems to be anything related to iptables....
and is rebooting all the time ....
yes, i have many things related to iptables installed.
(mwan3, keepalived, firewall)

trunk version: Powered by LuCI Master (f138fc93) / OpenWrt SNAPSHOT r10078-7d77879236

root@router03.dreamteam:/root # cat /sys/kernel/debug/crashlog
Time: 1559067166.707780
Modules:        rt2800soc@86c1f000+a00  rt2800mmio@8735e000+1814        rt2800lib@86c00000+1dcf2   p                                                                                                                                     ppoe@87340000+2130      ppp_async@87350000+1af0 option@87240000+7930    usb_wwan@873fe000+1207  rt2x                                                                                                                                     00soc@873fd000+4d2      rt2x00mmio@873f3000+9b0 rt2x00lib@87330000+95b9 pptp@87224000+35c0      pppo                                                                                                                                     x@87266000+56a  ppp_mppe@8728c000+1640  ppp_generic@87228000+58a2       nf_nat_pptp@8732b000+730   n                                                                                                                                     f_conntrack_pptp@872fb000+ef0   nf_conntrack_ipv6@872ac000+1580 mt76x2e@872fc000+28f1   mt76x2_commo                                                                                                                                     n@87288000+2d48 mt76x02_lib@872a0000+9c91       mt76@87280000+67a4      mac80211@87380000+6fc26 ipta                                                                                                                                     ble_nat@8726d000+2f0    ipt_REJECT@8726a000+3f0 ipt_MASQUERADE@8728e000+2d0     cfg80211@872c0000+38                                                                                                                                     b00     xt_time@87220000+710    xt_tcpudp@8721e000+730  xt_tcpmss@8721b000+450  xt_statistic@8721700                                                                                                                                     0+370   xt_state@87212000+2f0   xt_recent@871fa000+1be0 xt_nat@87209000+630     xt_multiport@8720e00                                                                                                                                     0+530   xt_mark@8720a000+2d0    xt_mac@87206000+290     xt_limit@87207000+4d0   xt_length@87204000+2                                                                                                                                     f0      xt_hl@87201000+350      xt_helper@871ef000+390  xt_ecn@871fc000+570     xt_dscp@871e6000+410                                                                                                                                     xt_conntrack@871ee000+930       xt_connmark@871f5000+510        xt_connlimit@871f6000+11cd      xt_c                                                                                                                                     onnbytes@871f0000+670   xt_comment@871e9000+210 xt_TCPMSS@871ec000+b10  xt_REDIRECT@871e8000+2f0   x                                                                                                                                     t_NETMAP@871e4000+630   xt_LOG@871e1000+330     xt_HL@871ce000+570      xt_FLOWOFFLOAD@871dd000+b40x                                                                                                                                     t_DSCP@871cf000+610     xt_CT@871c3000+a90      xt_CLASSIFY@871d0000+270        usbserial@871d8000+4                                                                                                                                     8ab     ts_fsm@871c9000+a90     ts_bm@871c1000+5b0      slhc@871c4000+147b      nf_reject_ipv4@871c0                                                                                                                                     000+903 nf_nat_tftp@8719f000+250        nf_nat_snmp_basic@871be000+18e0 nf_nat_sip@871b0000+1f70   n                                                                                                                                     f_nat_redirect@8719a000+5db     nf_nat_proto_gre@87118000+3c0   nf_nat_masquerade_ipv4@871a6000+65cn                                                                                                                                     f_nat_irc@87190000+430  nf_conntrack_ipv4@871bc000+1410 nf_nat_ipv4@871ac000+1031       nf_nat_h323@                                                                                                                                     871a8000+1550   nf_nat_amanda@87199000+330      nf_nat@871a0000+2a9c    nf_log_ipv4@87189000+db0   n                                                                                                                                     f_flow_table_hw@875cd000+870    nf_flow_table@87194000+35df     nf_defrag_ipv6@8718e000+135e    nf_d                                                                                                                                     efrag_ipv4@8714e000+496 nf_conntrack_tftp@8713b000+b10  nf_conntrack_snmp@8715b000+320  nf_conntrack                                                                                                                                     _sip@87180000+49bd      nf_conntrack_rtcache@87139000+a70       nf_conntrack_proto_gre@87141000+a9en                                                                                                                                     f_conntrack_netlink@87148000+5760       nf_conntrack_irc@8711c000+b80   nf_conntrack_h323@87150000+8                                                                                                                                     adf     nf_conntrack_broadcast@8713d000+39d     ts_kmp@87140000+550     nf_conntrack_amanda@87102000                                                                                                                                     +6f0    macvlan@87104000+31c2   iptable_raw@875dc000+290        iptable_mangle@875e3000+3b0     ipta                                                                                                                                     ble_filter@875fb000+2b0 ipt_ECN@875f7000+5b0    ip_tables@87108000+2a0d crc_ccitt@875fa000+40b  comp                                                                                                                                     at@875f4000+1977        br_netfilter@87134000+2f51      sch_cake@87110000+7540  nf_conntrack@8712000                                                                                                                                     0+1001a sch_tbf@875f2000+16d0   sch_ingress@875cc000+4f0        sch_htb@875e8000+3720   sch_hfsc@875                                                                                                                                     e4000+3a30      em_u32@875c6000+250     cls_u32@875d8000+2260   cls_tcindex@875d4000+14b0       cls_                                                                                                                                     route@875d6000+1470     cls_matchall@875cb000+9d0       cls_fw@87587000+f10     cls_flow@875ce000+16                                                                                                                                     b0      cls_basic@875c4000+c30  act_skbedit@874f6000+9c0        act_mirred@8751a000+e20 xt_set@875c2                                                                                                                                     000+1b50        ip_set_list_set@87630000+1c70   ip_set_hash_netportnet@875b8000+6bf0    ip_set_hash_                                                                                                                                     netport@875b0000+61d0   ip_set_hash_netnet@875a8000+66d0        ip_set_hash_netiface@875a0000+62b0 i                                                                                                                                     p_set_hash_net@87598000+5bf0    ip_set_hash_mac@87510000+28f0   ip_set_hash_ipportnet@87590000+6730i                                                                                                                                     p_set_hash_ipportip@87588000+5470       ip_set_hash_ipport@87580000+5110        ip_set_hash_ipmark@8                                                                                                                                     7538000+4e30    ip_set_hash_ip@87530000+4d50    ip_set_bitmap_port@87522000+1810        ip_set_bitma                                                                                                                                     p_ipmac@874e4000+1b90   ip_set_bitmap_ip@874fe000+1af0  ip_set@87508000+58ea    nfnetlink@8752c000+1                                                                                                                                     1a7     nf_log_ipv6@87518000+1050       nf_log_common@874fd000+b6f      ip6table_mangle@87501000+4b0                                                                                                                                     ip6table_filter@87504000+2b0    ip6_tables@87524000+2921        ip6t_REJECT@870fe000+430        x_ta                                                                                                                                     bles@874f0000+368f      nf_reject_ipv6@87500000+aa8     nfsv4@87560000+1f64b    nfsv3@874f8000+463bn                                                                                                                                     fs@87540000+1cc68       ip_gre@874a8000+3475    gre@870f0000+873        ifb@8763a000+c30        ip_t                                                                                                                                     unnel@8763c000+2dd0     tun@87628000+53d1       vfat@87070000+2190      fat@874d0000+ca1e       lock                                                                                                                                     d@874b0000+cdbf sunrpc@87480000+275b1   grace@870eb000+561      dns_resolver@870e6000+efa       dm_m                                                                                                                                     irror@87028000+2f50     dm_region_hash@87626000+19b4    dm_log@87616000+1d91    dm_crypt@87618000+61                                                                                                                                     a0      dm_mod@87600000+15358   dax@87024000+2142       nls_utf8@87044000+370   nls_iso8859_1@870480                                                                                                                                     00+b50  nls_cp437@8707e000+1150 sha1_generic@87455000+8d5       ecb@87452000+590        usb_storage@                                                                                                                                     877f0000+a38b   sd_mod@87018000+7680    scsi_mod@87000000+17bb2 ext4@87080000+5c06e     mbcache@876b                                                                                                                                     c000+c6e        jbd2@877d0000+cc82      crc16@876b4000+407      cryptomgr@87720000+7b9  aead@8772200                                                                                                                                     0+e61   crypto_null@876ad000+c22        crc32c_generic@87746000+590     crypto_hash@87468000+2752  m                                                                                                                                     mc_block@87ff8000+5786  mtk_sd@8742c000+3ae0    mmc_core@87fe0000+14e9d leds_gpio@87f99000+b70  ohci                                                                                                                                     _platform@87f9e000+1030 ohci_hcd@87fb8000+5c7f  ehci_platform@87422000+1230     ehci_hcd@87fa0000+88                                                                                                                                     f7      gpio_button_hotplug@87f86000+1930       usbcore@87400000+20b91  nls_base@87f8c000+1420  usb_                                                                                                                                     common@87f85000+9f7
<5>[   16.752226] sd 0:0:0:0: [sda] 30533632 512-byte logical blocks: (15.6 GB/14.6 GiB)
<5>[   16.764557] sd 0:0:0:0: [sda] Write Protect is off
<7>[   16.769495] sd 0:0:0:0: [sda] Mode Sense: 43 00 00 00
<5>[   16.775906] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO o                                                                                                                                     r FUA
<6>[   16.859226]  sda:
<5>[   16.877408] sd 0:0:0:0: [sda] Attached SCSI removable disk
<14>[   17.347078] procd: - early -
<14>[   17.350254] procd: - watchdog -
<14>[   18.114371] procd: - watchdog -
<14>[   18.117898] procd: - ubus -
<5>[   18.332800] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[   18.353783] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[   18.370730] random: ubusd: uninitialized urandom read (4 bytes read)
<14>[   18.391408] procd: - init -
<14>[   23.845249] kmodloader: loading kernel modules from /etc/modules.d/*
<6>[   24.016719] device-mapper: ioctl: 4.37.0-ioctl (2017-09-20) initialised: dm-devel@redhat.com
<5>[   24.083642] Key type dns_resolver registered
<6>[   24.359301] RPC: Registered named UNIX socket transport module.
<6>[   24.365437] RPC: Registered udp transport module.
<6>[   24.370245] RPC: Registered tcp transport module.
<6>[   24.375039] RPC: Registered tcp NFSv4.1 backchannel transport module.
<6>[   24.583828] tun: Universal TUN/TAP device driver, 1.6
<6>[   24.612134] gre: GRE over IPv4 demultiplexor driver
<6>[   24.652451] ip_gre: GRE over IPv4 tunneling driver
<5>[   25.601898] NFS: Registering the id_resolver key type
<5>[   25.607093] Key type id_resolver registered
<5>[   25.611440] Key type id_legacy registered
<6>[   25.626628] ip6_tables: (C) 2000-2006 Netfilter Core Team
<6>[   25.642235] Netfilter messages via NETLINK v0.30.
<6>[   25.675131] ip_set: protocol 6
<6>[   26.029446] Mirror/redirect action on
<6>[   26.054756] u32 classifier
<6>[   26.057528]     input device check on
<6>[   26.061334]     Actions configured
<6>[   26.117925] nf_conntrack version 0.5.0 (2048 buckets, 8192 max)
<5>[   26.176413] Bridge firewalling registered
<6>[   26.183640] Loading modules backported from Linux version v4.19.32-0-g3a2156c839c7
<6>[   26.191427] Backport generated by backports.git v4.19.32-1-0-g1c4f7569
<6>[   26.202727] ip_tables: (C) 2000-2006 Netfilter Core Team
<6>[   26.369559] ctnetlink v0.93: registering with nfnetlink.
<6>[   26.545409] usbcore: registered new interface driver usbserial
<6>[   26.551539] usbcore: registered new interface driver usbserial_generic
<6>[   26.558276] usbserial: USB Serial support registered for generic
<6>[   26.621121] xt_time: kernel timezone is -0000
<6>[   26.775613] PPP generic driver version 2.4.2
<6>[   26.783639] PPP MPPE Compression module registered
<6>[   26.790929] NET: Registered protocol family 24
<6>[   26.799245] PPTP driver version 0.8.5
<6>[   26.840923] usbcore: registered new interface driver option
<6>[   26.846719] usbserial: USB Serial support registered for GSM modem (1-port)
<6>[   26.854855] option 1-1.2:2.2: GSM modem (1-port) converter detected
<6>[   26.861588] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB0
<6>[   26.868920] option 1-1.2:2.3: GSM modem (1-port) converter detected
<6>[   26.875687] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB1
<6>[   26.883116] option 1-1.2:2.4: GSM modem (1-port) converter detected
<6>[   26.889853] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB2
<6>[   26.897277] option 1-1.2:2.5: GSM modem (1-port) converter detected
<6>[   26.904029] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB3
<6>[   27.125486] rt2800_wmac 10180000.wmac: loaded eeprom from mtd device "factory"
<6>[   27.132966] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 6352, rev 0500 detected
<6>[   27.140894] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 7620 detected
<7>[   27.148641] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
<14>[   27.159865] kmodloader: done loading kernel modules from /etc/modules.d/*
<4>[   28.605580] urandom_read: 5 callbacks suppressed
<5>[   28.605590] random: jshn: uninitialized urandom read (4 bytes read)
<6>[   48.273992] 8021q: adding VLAN 0 to HW filter on device eth0
<6>[   48.286689] br-lan: port 1(eth0.1) entered blocking state
<6>[   48.292292] br-lan: port 1(eth0.1) entered disabled state
<6>[   48.298149] device eth0.1 entered promiscuous mode
<6>[   48.303233] device eth0 entered promiscuous mode
<6>[   48.345911] br-lan: port 1(eth0.1) entered blocking state
<6>[   48.351508] br-lan: port 1(eth0.1) entered forwarding state
<6>[   48.357351] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
<6>[   48.492114] IPv6: ADDRCONF(NETDEV_UP): br-lan_guest: link is not ready
<6>[   49.320540] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
<6>[   57.686945] 3g-4G: renamed from ppp0
<6>[   66.992794] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration start
<6>[   67.001632] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration end
<5>[   69.032135] random: crng init done
<6>[   69.765391] ieee80211 phy0: rt2800_loft_iq_calibration: Info - LOFT Calibration Done!
<6>[   69.777369] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[   69.798240] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 0, (gain= 3, pha                                                                                                                                     se=3b)
<6>[   69.808475] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[   69.829777] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 1, (gain= 0, pha                                                                                                                                     se=3f)
<6>[   69.839131] ieee80211 phy0: rt2800_loft_iq_calibration: Info - TX IQ Calibration Done!
<6>[   70.312550] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=-1, Ph_rx=0
<6>[   70.330571] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=0, Ph_rx=2
<6>[   70.423759] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
<6>[   70.434552] br-lan: port 2(wlan0) entered blocking state
<6>[   70.439989] br-lan: port 2(wlan0) entered disabled state
<6>[   70.445852] device wlan0 entered promiscuous mode
<6>[   70.450903] br-lan: port 2(wlan0) entered blocking state
<6>[   70.456330] br-lan: port 2(wlan0) entered forwarding state
<6>[   70.469216] br-lan: port 2(wlan0) entered disabled state
<6>[   72.886588] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
<6>[   72.893380] br-lan: port 2(wlan0) entered blocking state
<6>[   72.898839] br-lan: port 2(wlan0) entered forwarding state
<6>[   72.914668] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[   72.921379] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[   72.928206] device wlan0_guest entered promiscuous mode
<6>[   73.027386] IPv6: ADDRCONF(NETDEV_UP): wlan0_guest: link is not ready
<6>[   73.034205] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[   73.040724] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<6>[   73.048201] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan_guest: link becomes ready
<6>[   73.961957] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[   75.241683] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0_guest: link becomes ready
<6>[   75.248926] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[   75.255489] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<0>[  147.533588] usercopy: kernel memory exposure attempt detected from c1433000 (kmalloc-2048) (60                                                                                                                                     16 bytes)
<4>[  147.543242] Kernel bug detected[#1]:
<4>[  147.546895] CPU: 0 PID: 5029 Comm: iptables Not tainted 4.14.120 #0
<4>[  147.553288] task: 87e01080 task.stack: 815be000
<4>[  147.557904] $ 0   : 00000000 00000001 0000005b 00000000
<4>[  147.563242] $ 4   : 804c2398 804c2398 804d1090 000050d0
<4>[  147.568577] $ 8   : 00000000 0000010b 00000008 00000000
<4>[  147.573913] $12   : 00000000 804c0000 00082454 00000000
<4>[  147.579248] $16   : c1433000 00001780 00000001 c1434780
<4>[  147.584585] $20   : c1433000 00001780 8710bd00 86cf8b10
<4>[  147.589920] $24   : 00000002 802143dc
<4>[  147.595257] $28   : 815be000 815bfde0 86ce0000 800df4a0
<4>[  147.600593] Hi    : 00000000
<4>[  147.603527] Lo    : ec4e4000
<4>[  147.606493] epc   : 800df4a0 __check_object_size+0x1b0/0x1e0
<4>[  147.612267] ra    : 800df4a0 __check_object_size+0x1b0/0x1e0
<4>[  147.618034] Status: 1100e403      KERNEL EXL IE
<4>[  147.622308] Cause : 50800024 (ExcCode 09)
<4>[  147.626393] PrId  : 00019650 (MIPS 24KEc)
<4>[  147.630475] Modules linked in: rt2800soc rt2800mmio rt2800lib pppoe ppp_async option usb_wwan                                                                                                                                      rt2x00soc rt2x00mmio rt2x00lib pptp pppox ppp_mppe ppp_generic nf_nat_pptp nf_conntrack_pptp nf_conn                                                                                                                                     track_ipv6 mt76x2e mt76x2_common mt76x02_lib mt76 mac80211 iptable_nat ipt_REJECT ipt_MASQUERADE cfg                                                                                                                                     80211 xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac                                                                                                                                      xt_limit xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbyte                                                                                                                                     s xt_comment xt_TCPMSS xt_REDIRECT xt_NETMAP xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY u                                                                                                                                     sbserial ts_fsm ts_bm slhc nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect n                                                                                                                                     f_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_a                                                                                                                                     manda nf_nat
<4>[  147.702548]  nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_connt                                                                                                                                     rack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrac                                                                                                                                     k_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_broadcast ts_kmp nf_conntrack_amanda macvl                                                                                                                                     an iptable_raw iptable_mangle iptable_filter ipt_ECN ip_tables crc_ccitt compat br_netfilter sch_cak                                                                                                                                     e nf_conntrack sch_tbf sch_ingress sch_htb sch_hfsc em_u32 cls_u32 cls_tcindex cls_route cls_matchal                                                                                                                                     l cls_fw cls_flow cls_basic act_skbedit act_mirred xt_set ip_set_list_set ip_set_hash_netportnet ip_                                                                                                                                     set_hash_netport ip_set_hash_netnet ip_set_hash_netiface ip_set_hash_net ip_set_hash_mac ip_set_hash                                                                                                                                     _ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_p                                                                                                                                     ort ip_set_bitmap_ipmac
<4>[  147.775543]  ip_set_bitmap_ip ip_set nfnetlink nf_log_ipv6 nf_log_common ip6table_mangle ip6ta                                                                                                                                     ble_filter ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 nfsv4 nfsv3 nfs ip_gre gre ifb ip_tunnel t                                                                                                                                     un vfat fat lockd sunrpc grace dns_resolver dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax nls_                                                                                                                                     utf8 nls_iso8859_1 nls_cp437 sha1_generic ecb usb_storage sd_mod scsi_mod ext4 mbcache jbd2 crc16 cr                                                                                                                                     yptomgr aead crypto_null crc32c_generic crypto_hash mmc_block mtk_sd mmc_core leds_gpio ohci_platfor                                                                                                                                     m ohci_hcd ehci_platform ehci_hcd gpio_button_hotplug usbcore nls_base usb_common
<4>[  147.827120] Process iptables (pid: 5029, threadinfo=815be000, task=87e01080, tls=77f99eb8)
<4>[  147.835542] Stack : c1434770 8046f078 8046514c c1433000 8046d884 00001780 c1433000 804c0000
<4>[  147.844080]         804e0000 81600000 81600040 87109a40 804d9c88 0000095c 0095c000 815dc008
<4>[  147.852615]         815dc008 0095ab50 86ce0040 804d9c88 00000000 00000000 746c6966 00007265
<4>[  147.861151]         00000000 00000000 00000000 00000000 00000000 00000000 0000000e 00000177
<4>[  147.869686]         00018a38 00000000 00000000 00002088 000054f0 00000000 00000000 00001ff0
<4>[  147.878219]         ...
<4>[  147.880714] Call Trace:
<4>[  147.883216] [<800df4a0>] __check_object_size+0x1b0/0x1e0
<4>[  147.888685] [<87109a40>] ipt_register_table+0x420/0xd88 [ip_tables]
<4>[  147.895084] Code: 02003825  0c016478  2484f084 <000c000d> 8fb30028  8fb20024  8fb10020  8fb000                                                                                                                                     1c  03e00008
<4>[  147.905047]
<4>[  147.906757] ---[ end trace 59f8aeb2ee4d9251 ]---
Closed by  Petr Štetiar
09.07.2019 21:36
Reason for closing:  Fixed
Additional comments about closing:  

Fixed in latest master.

Admin
Petr Štetiar commented on 28.05.2019 19:46
cat /sys/kernel/debug/crashlog

Can you please 'cat /sys/kernel/debug/crashlog > /tmp/crashlog' and attach(upload not copy&paste) this file here? It seems like it got corrupted somewhere in the transit.

tested mondays trunk for mt7620

Do you know the last working version?

yes, i have many things related to iptables installed. (mwan3, keepalived, firewall)

Can you perhaps try to isolate this problem somehow? Ideally provide some steps how could I reproduce it here on my mt7620 device.

camel commented on 29.05.2019 02:57

well, it is hard to say ...
last working version was on TRUNK from 2019-01-15

i use interfaces: lan, pptp, tun(openvpn), 3g-4G(ppp)
if you give me your address, then i can give you the full backup + explaination to install and which packages I'm using...

i played now 24 hours to isolate ....
it is not related to: (tried to disable this services ...)
dnsmasq
mwan3
odhcpd
softflowd
sqm
uhttpd
vsftpd
nlbwmon
pptpd
keepalived
luci_statistics
collectd
openvpn
wrtbwmon
ddns
sysntpd
3ginfo
smstools3
vnstat

but what i have seen, if i disable all the interfaces (tun, pptp, ppp(3g-4G) and not reloading firewall, then it would be stable

so, i guess the problem is related to iptables and reloading rules and to use the network devices again ..

camel commented on 29.05.2019 03:02

oh, 1 more .... it is not happening on the mt7621 (zbt wg2526), only having this problem on the mt7620 (ZBT WE826 16MB)
so, it must be something related to the mt7620 device i guess

and with mwan3 (which is loading massive fw rules again on up/down internfaces, it is going faster to crash ...
without it takes longer ....

camel commented on 29.05.2019 05:01

hmm, i really have no clue, but i guess it is something related to ip6tables ...
as:
1.) it is always a "ExcCode 09"
additional, doesn't care if it is on 3G(pppd) or TUN(openvpn) device ....
strange ...
there must be something changed on the ipv6 stuf in the least 3 months as it is funny ,...
tested it with 2 different providers:
1x provider which not collecting ipv6 → no problem
1x provider which collecting ipv6 → crashing
really strange ...

camel commented on 29.05.2019 08:13

tested now the 18.06
which is working fine ...
root@router03.dreamteam:/tmp # uname -a
Linux router03.dreamteam 4.14.95 #0 Mon Jan 28 08:54:32 2019 mips GNU/Linux

Admin
Petr Štetiar commented on 29.05.2019 09:17
tested now the 18.06, which is working fine ...

Ok, that's good to know.

if you give me your address, then i can give you the full backup + explaination to install and which packages I'm using...

Please send me the minimal config which exhibits this problem + steps to reproduce it to my email ynezz@true.cz

camel commented on 29.05.2019 16:40

well, the problem will be:
1.) are you having more devices to test ? as you would need server and client ...
2.) if not, are you having a modem on it ? as many often time it happens when 3G connection is trying to established.

as told ... i can give you how to setup mine, but I'm a power user, and not sure if you have the same behavior

is it not anyhow possible to see which changes are done related on ip6tables to see what can be the problem ?
or where can i check all commits for the iptable related stuff ?

Admin
Petr Štetiar commented on 29.05.2019 18:51

I'm not able to reproduce it. Please try following:

mv /usr/sbin/iptables /usr/sbin/iptables.real
echo -e '#!/bin/sh\necho "ipt: $@" > /dev/kmsg\n/usr/sbin/iptables.real iptables $@' > /usr/sbin/iptables
chmod +x /usr/sbin/iptables

This should log all iptables commands, so they should appear in the crashlog as well.

Project Manager
Hauke Mehrtens commented on 09.06.2019 13:54

Please try if this patch fixes your problem and report back:
https://patchwork.ozlabs.org/patch/1112640/

camel commented on 09.06.2019 14:41

thx hauke, but i can't built my own with a patch. only can test trunk
having no possibilities to do it on my location :(

for now, i had to wait to test again with your recommendation to get more log detail on crash ...i will do in coming week,

camel commented on 10.06.2019 14:43

or do you know if the given "patch" was already added in tnew trunk versions ?

Soberia commented on 11.06.2019 21:02

Same problem here, using MT7621, no MWAN3 or PPTP
No problem with 18.06
https://bugs.openwrt.org/index.php?do=details&task_id=2316&order=dateopened&sort=desc

moeller0 commented on 11.06.2019 21:28

Same issue, applying https://patchwork.ozlabs.org/patch/1112640/ might have solved the issue. I performed two hard dsl line disconnects, in the recent past upon resyncing and establishing a new ppp connection the router pretty reliably rebooted with a:
usercopy: kernel memory exposure attempt detected from
type error messages in the crashlog, now after patching it surbvived two dsl-unplug/re-plug cycles. I will monitor it further but this looks at least like it is going in the right direction ;)

As far as I can tell the patch is not yet in trunk, as I had to add it myself...

camel commented on 12.06.2019 02:40

the real question would be, what was changed related to this bug from 18.01 to the trunk, so that it will be fixed on the root ... hmm ?

moeller0 commented on 12.06.2019 05:02

I believe the root cause is the backport of the hardened usercopy:
https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=9b1239451d6598f39b3689c8c6e0d6147965e601 on the 11th of May. So far no reboots with the patch, but too early to declare mission accomplished.

moeller0 commented on 13.06.2019 06:07

So, the patch actually made it into 4.14.125, see https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=a7e68927d047c5c979a2bf7e9203e9da72ee80e7

That means this issue should be gone in trunk soon. Even though Koen writes:
"This bump contains upstream commits which seem to avoid (not properly fix)
the errors as seen in FS#2305 and  FS#2297 "

So this might be a temporary measure...

Borromini commented on 13.06.2019 08:12

I suspect I got bitten by this bug too. I started building off the 19.07 branch and wanted to migrate my mt7621 DIR-860L B1, but it choked on both the sysupgrade and factory image (my 18.06 HEAD images work fine). Device seems to keep powercycling and is completely unreachable. Will report back once I tried 4.14.125.

Borromini commented on 13.06.2019 20:20

Alright, so... I built 19.07 HEAD, following behaviour:

  • 19.07 HEAD as-is (with kernel 4.14.125): seems to keep powercycling; completely unusable.
  • 19.07 HEAD with 9b1239451d6598f39b3689c8c6e0d6147965e601 reverted: works fine, just like 18.06 HEAD.
camel commented on 14.06.2019 07:47

sorry, but now not clear for me :(
what is now the status ?
should it be solved in current trunk or not ?

moeller0 commented on 14.06.2019 09:26

@Borromini I believe I also once observed a prolonged boot in which the un-patched master build rebooted for a few minutes before it managed to fully boot (due to a lack of a serial console I have no information about the root cause). I assumed this to be related to this issue as well. How long did you give the system for power cycling? It would be quite interesting, I believe, to see the crashlog after the powercycling stops (assuming it will stop at one point)...

Borromini commented on 14.06.2019 09:35

@Camel, at least for me, it seems to come down to this:

  • The patch Hauke linked to got integrated (that patch itself, or a similar one) into the upstream 4.14.125 kernel bump and was said to mitigate this issue (but not solve it, as per the OpenWrt commit message).
  • For me, on an MT7621 platform (DIR-860L B1), bumping to the latest 19.07 HEAD with 4.14.125 (19.07 and master should be identical at this point) does not solve the issue.
  • Reverting commit 9b1239451d6598f39b3689c8c6e0d6147965e601 does however, which of course is not a final solution, but for me is a viable workaround.

@moeller0: I didn't give it a lot of time. The DIR-860L just shows a steady orange light during boot, it's not clear whether it's really doing anything. I have let it sit there for a few minutes a few times though, I think I gave it a shot like three or four times (two sysupgrades, two factory flashes from the bootloader), the router is a bit difficult to get to so I waited a bit, but not more than 10 mins. Static link on my desktop seemed to come up once in a while then disappear quickly again, that suggests it got through at some point but it was not possible to get a ping or other sign of life out of it.

moeller0 commented on 14.06.2019 10:44

@Borromini, okay, I guess it really really does not want to start-up then ;) Interesting that reverting the hardened usercopy commit gets rid of the issue though, which confirms the "avoid but not properly fix" assessment of Koen....

I will see over the weekend, whether I can force a few DSL-resyncs (in the past these almost always resulted in a reboot of the router once the pppoe-link got re-established and fw3 was starting again). I will only upgrade from r10199 once I either see a crash or if I do not see a crash in at least 10 resyncs (currently the count is at 2 resyncs)).

camel commented on 14.06.2019 17:54

tested again, my device is doing reboot around 15 hours, now seeme to be longer up
(normally reboot is within 80sec ...

root@router04.dreamteam:/root # cat /sys/kernel/debug/crashlog
Time: 1560533039.209713
Modules:        rt2800soc@86c1f000+a00  rt2800mmio@87356000+1814        rt2800lib@86c00000+1dcf2   pppoe@87340000+2130      ppp_async@87350000+1af0 option@872a8000+7930    usb_wwan@8730e000+1207  rt2x00soc@872a1000+4d2      rt2x00mmio@87309000+9b0 rt2x00lib@87330000+95b9 pptp@8731c000+35c0      pppox@87319000+56a  ppp_mppe@872fe000+1640  ppp_generic@87228000+58a2       nf_nat_pptp@8728e000+730   nf_conntrack_pptp@872fc000+ef0   nf_conntrack_ipv6@8732c000+1580 mt76x2e@87288000+28f1   mt76x2_common@8726c000+2d48 mt76x02_lib@87290000+9c91       mt76@87260000+67a4      mac80211@87380000+6fc26 iptable_nat@8728d000+2f0    ipt_REJECT@87283000+3f0 ipt_MASQUERADE@8721e000+2d0     cfg80211@872c0000+38b00     xt_time@87225000+710    xt_tcpudp@87223000+730  xt_tcpmss@87221000+450  xt_statistic@8721c000+370   xt_state@87218000+2f0   xt_recent@87216000+1be0 xt_nat@87215000+630     xt_multiport@87212000+530   xt_mark@87201000+2d0    xt_mac@8720e000+290     xt_limit@8720c000+4d0   xt_length@87205000+2f0      xt_hl@87208000+350      xt_helper@87206000+390  xt_ecn@87204000+570     xt_dscp@871f9000+410xt_conntrack@871fb000+930       xt_connmark@871f8000+510        xt_connlimit@871dc000+11cd      xt_connbytes@871ec000+670   xt_comment@871ef000+210 xt_TCPMSS@871f2000+b10  xt_REDIRECT@871ee000+2f0   xt_NETMAP@871eb000+630   xt_LOG@871ce000+330     xt_HL@871e7000+570      xt_FLOWOFFLOAD@871d9000+b40xt_DSCP@871d4000+610     xt_CT@871cc000+a90      xt_CLASSIFY@871d5000+270        usbserial@871e0000+48ab     ts_fsm@871cd000+a90     ts_bm@871c4000+5b0      slhc@871c8000+147b      nf_reject_ipv4@871c3000+903 nf_nat_tftp@871b9000+250        nf_nat_snmp_basic@871be000+18e0 nf_nat_sip@871c6000+1f70   nf_nat_redirect@871b0000+5db     nf_nat_proto_gre@871a1000+3c0   nf_nat_masquerade_ipv4@87192000+65cnf_nat_irc@871ac000+430  nf_conntrack_ipv4@871b2000+1410 nf_nat_ipv4@871b4000+1031       nf_nat_h323@8714c000+1550   nf_nat_amanda@87199000+330      nf_nat@871a4000+2a9c    nf_log_ipv4@87196000+db0   nf_flow_table_hw@8715f000+870    nf_flow_table@8719c000+35df     nf_defrag_ipv6@8714e000+135e    nf_defrag_ipv4@87136000+496 nf_conntrack_tftp@87139000+b10  nf_conntrack_snmp@87186000+320  nf_conntrack_sip@87188000+49bd      nf_conntrack_rtcache@87138000+a70       nf_conntrack_proto_gre@8713d000+a9enf_conntrack_netlink@87180000+5760       nf_conntrack_irc@87135000+b80   nf_conntrack_h323@87150000+8adf     nf_conntrack_broadcast@8713b000+39d     ts_kmp@87144000+550     nf_conntrack_amanda@87105000+6f0    macvlan@87140000+31c2   iptable_raw@875dd000+290        iptable_mangle@875ed000+3b0     iptable_filter@875f5000+2b0 ipt_ECN@875f4000+5b0    ip_tables@8711c000+2a0d crc_ccitt@875fc000+40b  compat@87132000+1977        br_netfilter@87118000+2f51      sch_cake@87110000+7540  nf_conntrack@87120000+1001a sch_tbf@875f8000+16d0   sch_ingress@875d6000+4f0        sch_htb@875f0000+3720   sch_hfsc@875e4000+3a30      em_u32@87631000+250     cls_u32@875e0000+2260   cls_tcindex@875da000+14b0       cls_route@875ce000+1470     cls_matchall@875d5000+9d0       cls_fw@87525000+f10     cls_flow@875d0000+16b0      cls_basic@87526000+c30  act_skbedit@87507000+9c0        act_mirred@8763f000+e20 xt_set@875c8000+1b50        ip_set_list_set@875ca000+1c70   ip_set_hash_netportnet@875c0000+6bf0    ip_set_hash_netport@875b8000+61d0   ip_set_hash_netnet@875b0000+66d0        ip_set_hash_netiface@875a8000+62b0 ip_set_hash_net@875a0000+5bf0    ip_set_hash_mac@87504000+28f0   ip_set_hash_ipportnet@87598000+6730ip_set_hash_ipportip@87590000+5470       ip_set_hash_ipport@87588000+5110        ip_set_hash_ipmark@87580000+4e30    ip_set_hash_ip@87518000+4d50    ip_set_bitmap_port@874ec000+1810        ip_set_bitmap_ipmac@87638000+1b90   ip_set_bitmap_ip@8750c000+1af0  ip_set@87510000+58ea    nfnetlink@8755e000+11a7     nf_log_ipv6@87636000+1050       nf_log_common@874b4000+b6f      ip6table_mangle@87630000+4b0ip6table_filter@87524000+2b0    ip6_tables@87500000+2921        ip6t_REJECT@8752d000+430        x_tables@87528000+368f      nf_reject_ipv6@87521000+aa8     nfsv4@87560000+1f64b    nfsv3@87538000+463bnfs@87540000+1cc68       ip_gre@87600000+3475    gre@874bb000+873        ifb@8745f000+c30        ip_tunnel@870fc000+2dd0     tun@874a8000+53d1       vfat@870e8000+2190      fat@87610000+ca1e       lockd@874f0000+cdbf sunrpc@874c0000+275b1   grace@8704b000+561      dns_resolver@870ee000+efa       dm_mirror@87048000+2f50     dm_region_hash@874a6000+19b4    dm_log@87076000+1d91    dm_crypt@87078000+61a0      dm_mod@87060000+15358   dax@8704c000+2142       nls_utf8@87026000+370   nls_iso8859_1@87043000+b50  nls_cp437@8745a000+1150 sha1_generic@87027000+8d5       ecb@87028000+590        usb_storage@877f0000+a38b   sd_mod@87018000+7680    scsi_mod@87000000+17bb2 ext4@87080000+5c06e     mbcache@876e0000+c6e        jbd2@877e0000+cc82      crc16@8769a000+407      cryptomgr@877bf000+7b9  aead@877cf000+e61   crypto_null@87799000+c22        crc32c_generic@876b6000+590     crypto_hash@877cc000+2752  mmc_block@87ff8000+5786  mtk_sd@87fa8000+3ae0    mmc_core@87fe0000+14e9d leds_gpio@87f8f000+b70  ohci_platform@87fba000+1030 ohci_hcd@87fa0000+5c7f  ehci_platform@87422000+1230     ehci_hcd@87f90000+88f7      gpio_button_hotplug@87f86000+1930       usbcore@87400000+20b91  nls_base@87f8c000+1420  usb_common@87f84000+9f7
<5>[   17.156491] scsi 0:0:0:0: Direct-Access     Intenso  Micro Line       1100 PQ: 0 ANSI: 4
<5>[   17.174920] sd 0:0:0:0: [sda] 30515200 512-byte logical blocks: (15.6 GB/14.6 GiB)
<5>[   17.188904] sd 0:0:0:0: [sda] Write Protect is off
<7>[   17.193874] sd 0:0:0:0: [sda] Mode Sense: 43 00 00 00
<5>[   17.200474] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
<6>[   17.274366]  sda:
<5>[   17.285777] sd 0:0:0:0: [sda] Attached SCSI removable disk
<14>[   17.753155] procd: - early -
<14>[   17.756221] procd: - watchdog -
<14>[   18.519273] procd: - watchdog -
<14>[   18.522930] procd: - ubus -
<5>[   18.724893] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[   18.736499] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[   18.752753] random: ubusd: uninitialized urandom read (4 bytes read)
<14>[   18.768928] procd: - init -
<14>[   23.943885] kmodloader: loading kernel modules from /etc/modules.d/*
<6>[   24.138328] device-mapper: ioctl: 4.37.0-ioctl (2017-09-20) initialised: dm-devel@redhat.com
<5>[   24.202085] Key type dns_resolver registered
<6>[   24.483983] RPC: Registered named UNIX socket transport module.
<6>[   24.490034] RPC: Registered udp transport module.
<6>[   24.494899] RPC: Registered tcp transport module.
<6>[   24.499695] RPC: Registered tcp NFSv4.1 backchannel transport module.
<6>[   24.711120] tun: Universal TUN/TAP device driver, 1.6
<6>[   24.736833] gre: GRE over IPv4 demultiplexor driver
<6>[   24.775263] ip_gre: GRE over IPv4 tunneling driver
<5>[   25.710211] NFS: Registering the id_resolver key type
<5>[   25.715487] Key type id_resolver registered
<5>[   25.719773] Key type id_legacy registered
<6>[   25.734854] ip6_tables: (C) 2000-2006 Netfilter Core Team
<6>[   25.750415] Netfilter messages via NETLINK v0.30.
<6>[   25.784428] ip_set: protocol 6
<6>[   26.133242] Mirror/redirect action on
<6>[   26.159707] u32 classifier
<6>[   26.162550]     input device check on
<6>[   26.166280]     Actions configured
<6>[   26.224594] nf_conntrack version 0.5.0 (2048 buckets, 8192 max)
<5>[   26.283900] Bridge firewalling registered
<6>[   26.291457] Loading modules backported from Linux version v4.19.32-0-g3a2156c839c7
<6>[   26.299269] Backport generated by backports.git v4.19.32-1-0-g1c4f7569
<6>[   26.310497] ip_tables: (C) 2000-2006 Netfilter Core Team
<6>[   26.499463] ctnetlink v0.93: registering with nfnetlink.
<6>[   26.675542] usbcore: registered new interface driver usbserial
<6>[   26.681592] usbcore: registered new interface driver usbserial_generic
<6>[   26.688395] usbserial: USB Serial support registered for generic
<6>[   26.748100] xt_time: kernel timezone is -0000
<6>[   26.889319] PPP generic driver version 2.4.2
<6>[   26.897406] PPP MPPE Compression module registered
<6>[   26.905898] NET: Registered protocol family 24
<6>[   26.912922] PPTP driver version 0.8.5
<6>[   26.949193] usbcore: registered new interface driver option
<6>[   26.955083] usbserial: USB Serial support registered for GSM modem (1-port)
<6>[   26.963192] option 1-1.2:2.2: GSM modem (1-port) converter detected
<6>[   26.969881] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB0
<6>[   26.977291] option 1-1.2:2.3: GSM modem (1-port) converter detected
<6>[   26.984036] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB1
<6>[   26.991392] option 1-1.2:2.4: GSM modem (1-port) converter detected
<6>[   26.998163] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB2
<6>[   27.005573] option 1-1.2:2.5: GSM modem (1-port) converter detected
<6>[   27.012330] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB3
<6>[   27.173614] rt2800_wmac 10180000.wmac: loaded eeprom from mtd device "factory"
<6>[   27.181009] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 6352, rev 0500 detected
<6>[   27.188975] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 7620 detected
<7>[   27.196746] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
<14>[   27.225050] kmodloader: done loading kernel modules from /etc/modules.d/*
<4>[   28.041240] urandom_read: 5 callbacks suppressed
<5>[   28.041250] random: jshn: uninitialized urandom read (4 bytes read)
<6>[   47.827061] 8021q: adding VLAN 0 to HW filter on device eth0
<6>[   47.846763] br-lan: port 1(eth0.1) entered blocking state
<6>[   47.852365] br-lan: port 1(eth0.1) entered disabled state
<6>[   47.858247] device eth0.1 entered promiscuous mode
<6>[   47.863336] device eth0 entered promiscuous mode
<6>[   47.914903] br-lan: port 1(eth0.1) entered blocking state
<6>[   47.920430] br-lan: port 1(eth0.1) entered forwarding state
<6>[   47.926366] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
<6>[   48.046336] IPv6: ADDRCONF(NETDEV_UP): br-lan_guest: link is not ready
<6>[   48.902638] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
<6>[   56.961391] 3g-4G: renamed from ppp0
<6>[   70.864641] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration start
<6>[   70.873456] ieee80211 phy0: rt2800_rf_self_txdc_cal: Info - RF Tx self calibration end
<5>[   74.370136] random: crng init done
<6>[   76.625562] ieee80211 phy0: rt2800_loft_iq_calibration: Info - LOFT Calibration Done!
<6>[   76.637445] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[   76.658779] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 0, (gain= f, phase=3d)
<6>[   76.669028] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Start!
<6>[   76.690333] ieee80211 phy0: rt2800_iq_search: Info - IQCalibration Done! CH = 1, (gain= 0, phase= 0)
<6>[   76.699689] ieee80211 phy0: rt2800_loft_iq_calibration: Info - TX IQ Calibration Done!
<6>[   77.090306] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=-1, Ph_rx=3
<6>[   77.108328] ieee80211 phy0: rt2800_rxiq_calibration: Info - RXIQ G_imb=1, Ph_rx=2
<6>[   77.168478] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
<6>[   77.186695] br-lan: port 2(wlan0) entered blocking state
<6>[   77.192211] br-lan: port 2(wlan0) entered disabled state
<6>[   77.198027] device wlan0 entered promiscuous mode
<6>[   78.871533] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
<6>[   78.878322] br-lan: port 2(wlan0) entered blocking state
<6>[   78.883798] br-lan: port 2(wlan0) entered forwarding state
<6>[   78.913412] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[   78.919912] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[   78.927187] device wlan0_guest entered promiscuous mode
<6>[   79.019397] IPv6: ADDRCONF(NETDEV_UP): wlan0_guest: link is not ready
<6>[   79.026072] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[   79.032578] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<6>[   79.040912] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan_guest: link becomes ready
<6>[   79.944618] br-lan_guest: port 1(wlan0_guest) entered disabled state
<6>[   81.636294] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0_guest: link becomes ready
<6>[   81.643623] br-lan_guest: port 1(wlan0_guest) entered blocking state
<6>[   81.650124] br-lan_guest: port 1(wlan0_guest) entered forwarding state
<0>[  134.310980] usercopy: kernel memory overwrite attempt detected to c1810000 (sighand_cache) (1120 bytes)
<4>[  134.320680] Kernel bug detected[#1]:
<4>[  134.324332] CPU: 0 PID: 5825 Comm: iptables Not tainted 4.14.120 #0
<4>[  134.330724] task: 85fea680 task.stack: 85f5a000
<4>[  134.335339] $ 0   : 00000000 00000001 0000005b 00000000
<4>[  134.340678] $ 4   : 804c2398 804c2398 804d1090 00005010
<4>[  134.346015] $ 8   : 00000000 00000108 00000008 00000000
<4>[  134.351350] $12   : 00000000 804c0000 0004bec4 00000000
<4>[  134.356685] $16   : c1810000 00000460 00000000 c1810460
<4>[  134.362022] $20   : 77fca880 00000488 00000000 77fc6000
<4>[  134.367358] $24   : 00000002 802143dc
<4>[  134.372694] $28   : 85f5a000 85f5bdc0 00000000 800df4a0
<4>[  134.378031] Hi    : 00000000
<4>[  134.380964] Lo    : ec4e4000
<4>[  134.383932] epc   : 800df4a0 __check_object_size+0x1b0/0x1e0
<4>[  134.389705] ra    : 800df4a0 __check_object_size+0x1b0/0x1e0
<4>[  134.395472] Status: 1100e403      KERNEL EXL IE
<4>[  134.399744] Cause : 50800024 (ExcCode 09)
<4>[  134.403829] PrId  : 00019650 (MIPS 24KEc)
<4>[  134.407911] Modules linked in: rt2800soc rt2800mmio rt2800lib pppoe ppp_async option usb_wwan rt2x00soc rt2x00mmio rt2x00lib pptp pppox ppp_mppe ppp_generic nf_nat_pptp nf_conntrack_pptp nf_conntrack_ipv6 mt76x2e mt76x2_common mt76x02_lib mt76 mac80211 iptable_nat ipt_REJECT ipt_MASQUERADE cfg80211 xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_NETMAP xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY usbserial ts_fsm ts_bm slhc nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_amanda nf_nat
<4>[  134.479984]  nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_broadcast ts_kmp nf_conntrack_amanda macvlan iptable_raw iptable_mangle iptable_filter ipt_ECN ip_tables crc_ccitt compat br_netfilter sch_cake nf_conntrack sch_tbf sch_ingress sch_htb sch_hfsc em_u32 cls_u32 cls_tcindex cls_route cls_matchall cls_fw cls_flow cls_basic act_skbedit act_mirred xt_set ip_set_list_set ip_set_hash_netportnet ip_set_hash_netport ip_set_hash_netnet ip_set_hash_netiface ip_set_hash_net ip_set_hash_mac ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_port ip_set_bitmap_ipmac
<4>[  134.552981]  ip_set_bitmap_ip ip_set nfnetlink nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 nfsv4 nfsv3 nfs ip_gre gre ifb ip_tunnel tun vfat fat lockd sunrpc grace dns_resolver dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax nls_utf8 nls_iso8859_1 nls_cp437 sha1_generic ecb usb_storage sd_mod scsi_mod ext4 mbcache jbd2 crc16 cryptomgr aead crypto_null crc32c_generic crypto_hash mmc_block mtk_sd mmc_core leds_gpio ohci_platform ohci_hcd ehci_platform ehci_hcd gpio_button_hotplug usbcore nls_base usb_common
<4>[  134.604561] Process iptables (pid: 5825, threadinfo=85f5a000, task=85fea680, tls=77fd4eb8)
<4>[  134.612984] Stack : 804e0000 8046f06c 80477a08 c1810000 80465a74 00000460 00000000 00000460
<4>[  134.621520]         c1810000 77fca8a8 804d9c88 87529eec 86d30000 86d30040 c180e000 804c0000
<4>[  134.630057]         804c0000 804e0000 00000041 8711db28 804d9c88 00000991 00991000 86066008
<4>[  134.638594]         86066008 77fca420 818a8040 804d9c88 00000000 00000000 676e616d 0000656c
<4>[  134.647129]         00000000 00000000 00000000 00000000 00000000 00000000 00000046 00000000
<4>[  134.655662]         ...
<4>[  134.658156] Call Trace:
<4>[  134.660657] [<800df4a0>] __check_object_size+0x1b0/0x1e0
<4>[  134.666160] [<87529eec>] xt_copy_counters_from_user+0xac/0x1bc [x_tables]
<4>[  134.673129] [<8711db28>] ipt_register_table+0x508/0xd88 [ip_tables]
<4>[  134.679527] Code: 02003825  0c016478  2484f084 <000c000d> 8fb30028  8fb20024  8fb10020  8fb0001c  03e00008
<4>[  134.689493]
<4>[  134.691332] ---[ end trace 79d314d42d999c7b ]---

=================================root@router04.dreamteam:/root 

stil with the old trunk tested
/root # uptime
11:53:50 up 29 min, load average: 0.44, 0.19, 0.25
root@router04.dreamteam:/root #

camel commented on 14.06.2019 18:50

what is for me not clear, if that is since the hardcopy changes on the newer kernel, why not do a rollback to solve it ?
as it seems to be, that these changes are not OK.
So, that would be logically to revert/rollback to the working version, and then devs can play around to implement the new changes, isn't it ?
currently it is a showstopper, and trunk is useless ....

Borromini commented on 14.06.2019 19:07

Master implies breaking changes, it's its very nature that things break.

Project Manager
Hauke Mehrtens commented on 17.06.2019 21:09

The patch I linked here was integrated in Linux 5.2-rc4 and 4.14.125, this is the reason it was linked in the kernel update commit.

The "fix" is not so nice, I proposed a fix here: https://patchwork.kernel.org/patch/10997683/ it should show up in in one of the next 5.2-rcX and then in some stable kernel versions.

This problem was happening when I activated the user copy hardening, I tried it on some devices, but I do not own every device. I didn't do the revert because there was a fix already available.

Borromini, your problem looks different.

camel commented on 21.06.2019 22:13

it would be interested tio know when the patch should be in the trunk version compiled into - can anyone tell me that ? as i will then try if the patch works or not.

camel commented on 26.06.2019 01:32

sorry to repeat my question, but currently i can't use the trunk since 1 months, and i had to go back to 18.06, and there are many other issues and many things not supported. so i would be nesty to know ...when will it be fixed in TRUNK ? still noone which can tell me more ? ETA ?

camel commented on 09.07.2019 09:56

hmm, seems to be fixed. currently not having anymore that problem.
pls close ticket

Admin
Petr Štetiar commented on 09.07.2019 10:31
hmm, seems to be fixed. currently not having anymore that problem.

what has changed?

camel commented on 09.07.2019 14:58

newest trunk that has changed on my routers :)
Master (f138fc93) / OpenWrt SNAPSHOT r10444-5c094ff660
Kernel Version - 4.14.131

and on the error - it was ~ 4.14.120
but in detail, which changes related on that problem was done ? ... i have no clue.

cu

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing