Kernel's iptables crash unexpectedly
Username: Soberia
Origin: https://bugs.openwrt.org/index.php?do=details&task_id=2316
<Xiaomi Mi Router 3G / OpenWrt SNAPSHOT, r10173-6b762dd7>
My router sometimes restart unexpectedly with no reason. Here’s the kernel’s crash log (/sys/kernel/debug/crashlog)
<0>[12930.571103] usercopy: kernel memory overwrite attempt detected to c2651000 (kmalloc-2048) (5408 bytes) <4>[12930.580437] Kernel bug detected[#1]: <4>[12930.584007] CPU: 2 PID: 28709 Comm: iptables Not tainted 4.14.123 #0 <4>[12930.590333] task: 8186ddc0 task.stack: 81fe4000 <4>[12930.594840] $ 0 : 00000000 00000001 0000005a 00000000 <4>[12930.600054] $ 4 : 8122d33c 8122d33c 81231e78 00007388 <4>[12930.605266] $ 8 : 00000000 00000194 00000008 00000000 <4>[12930.610476] $12 : 00000000 805c0000 0008b6df 00000000 <4>[12930.615697] $16 : c2651000 00001520 00000000 c2652520 <4>[12930.620906] $20 : 006678e0 00001548 00000000 77fca000 <4>[12930.626115] $24 : 00000001 802ab558 <4>[12930.631326] $28 : 81fe4000 81fe5dc0 00000000 80116360 <4>[12930.636539] Hi : 00000124 <4>[12930.639403] Lo : 74e58000 <4>[12930.642286] epc : 80116360 __check_object_size+0x1b0/0x1e0 <4>[12930.647921] ra : 80116360 __check_object_size+0x1b0/0x1e0 <4>[12930.653549] Status: 11007c03 KERNEL EXL IE <4>[12930.657721] Cause : 50800024 (ExcCode 09) <4>[12930.661707] PrId : 0001992f (MIPS 1004Kc) <4>[12930.665796] Modules linked in: pppoe ppp_async pptp pppox ppp_mppe ppp_generic nf_nat_pptp nf_conntrack_pptp nf_conntrack_ipv6 mt76x2e mt76x2_common mt76x02_lib mt7603e mt76 mac80211 iptable_nat ipt_REJECT ipt_MASQUERADE cfg80211 xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY ts_fsm ts_bm slhc nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_amanda nf_nat nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp <4>[12930.736837] nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_broadcast ts_kmp nf_conntrack_amanda iptable_raw iptable_mangle iptable_filter ipt_ECN ip_tables crc_ccitt compat fuse sch_cake nf_conntrack sch_tbf sch_ingress sch_htb sch_hfsc em_u32 cls_u32 cls_tcindex cls_route cls_matchall cls_fw cls_flow cls_basic act_skbedit act_mirred ledtrig_usbport xt_set ip_set_list_set ip_set_hash_netportnet ip_set_hash_netport ip_set_hash_netnet ip_set_hash_netiface ip_set_hash_net ip_set_hash_mac ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_port ip_set_bitmap_ipmac ip_set_bitmap_ip ip_set nfnetlink nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter <4>[12930.808159] ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 ip_gre gre ifb ip_tunnel tun vfat fat nls_utf8 nls_iso8859_1 nls_cp437 sha1_generic ecb usb_storage sd_mod scsi_mod ext4 mbcache jbd2 crc32c_generic leds_gpio xhci_plat_hcd xhci_pci xhci_mtk xhci_hcd gpio_button_hotplug usbcore nls_base usb_common <4>[12930.835248] Process iptables (pid: 28709, threadinfo=81fe4000, task=8186ddc0, tls=77fd8eb8) <4>[12930.843554] Stack : 818c0040 8055090c 8055e4c8 c2651000 8054f124 00001520 00000000 00001520 <4>[12930.851887] c2651000 00667908 805d9980 8ead1c3c 818c0000 818c0040 c264e000 805b0000 <4>[12930.860223] 805b0000 805e0000 00000041 8f1b9c98 805d9980 c264e000 0066a000 81fe5e34 <4>[12930.868560] 8adcd004 006663b0 81840040 805d9980 00000000 00000000 746c6966 00007265 <4>[12930.876894] 00000000 00000000 00000000 00000000 00000000 00000000 00000152 00000000 <4>[12930.885244] ... <4>[12930.887733] Call Trace: <4>[12930.890172] [<80116360>] __check_object_size+0x1b0/0x1e0 <4>[12930.895540] [<8ead1c3c>] xt_copy_counters_from_user+0xac/0x158 [x_tables] <4>[12930.902322] [<8f1b9c98>] ipt_register_table+0x508/0xdf8 [ip_tables] <4>[12930.908568] Code: 02003825 0c01d530 24840924 <000c000d> 8fb30028 8fb20024 8fb10020 8fb0001c 03e00008 <4>[12930.918296] <4>[12930.920137] ---[ end trace 0d59c51a87e12512 ]---