May 19 20:29:11 black-chii kernel: [80523.252968] ------------[ cut here ]------------ May 19 20:29:11 black-chii kernel: [80523.252975] WARNING: CPU: 0 PID: 14343 at net/core/dev.c:2238 skb_warn_bad_offload+0xc1/0xd2() May 19 20:29:11 black-chii kernel: [80523.252977] : caps=(0x0000000000000000, 0x0000000000000000) len=1260 data_len=1232 gso_size=576 gso_type=2 ip_summed=3 May 19 20:29:11 black-chii kernel: [80523.252978] Modules linked in: esp6 xfrm6_mode_transport vhost_net vhost macvtap macvlan tun deflate ecb af_key bnep iptable_filter iptable_mangle ipt_MA SQUERADE iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 iptable_raw ip_tables xt_LOG xt_pkttype xt_hashlimit xt_owner xt_conntrack ip6table_filter xt_CHECKSUM ip6table_mangle ip6tab le_raw ip6t_MASQUERADE ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 nf_nat ip6_tables ebtable_broute bridge stp llc ebtable_nat ebtable_filter ebtables nls_iso8859_15 nls_cp850 v fat fat nct6775 hwmon_vid ipv6 uvcvideo snd_usb_audio snd_usbmidi_lib snd_rawmidi videobuf2_vmalloc videobuf2_memops videobuf2_core videodev hid_g19(O) hid_gfb(O) hid_ginput(O) syscopyarea sy sfillrect sysimgblt btusb fb_sys_fops bluetooth snd_seq_device iTCO_wdt snd_hda_codec_realtek snd_hda_codec_generic snd_hda_codec_hdmi 6lowpan_iphc iTCO_vendor_support snd_hda_intel snd_hda_c odec snd_hwdep snd_pcm snd_timer snd mei_me mei soundcore i2c_i801 lpc_ich e1000e mfd_core x86_pkg_temp_thermal coretemp battery usb_storage usbhid ehci_pci xhci_hcd ehci_hcd usbcore usb_comm on [last unloaded: microcode] May 19 20:29:11 black-chii kernel: [80523.253016] CPU: 0 PID: 14343 Comm: java Tainted: G O 3.14.3-hardened-r3 #1 May 19 20:29:11 black-chii kernel: [80523.253017] Hardware name: ASUS All Series/SABERTOOTH Z87, BIOS 1901 03/31/2014 May 19 20:29:11 black-chii kernel: [80523.253018] 0000000000000000 0000000000000000 0000000000000009 ffffffff8166aeb0 May 19 20:29:11 black-chii kernel: [80523.253020] ffff8807c989d8a0 ffffffff810ac91d ffffffff819b3db7 ffff8807c989d908 May 19 20:29:11 black-chii kernel: [80523.253021] 00000000000008be ffffffff819bb648 ffff8807fd1bb210 ffffffff810ac99b May 19 20:29:11 black-chii kernel: [80523.253023] Call Trace: May 19 20:29:11 black-chii kernel: [80523.253026] [<ffffffff8166aeb0>] ? dump_stack+0x49/0x70 May 19 20:29:11 black-chii kernel: [80523.253029] [<ffffffff810ac91d>] ? warn_slowpath_common+0x6d/0x90 May 19 20:29:11 black-chii kernel: [80523.253030] [<ffffffff810ac99b>] ? warn_slowpath_fmt+0x5b/0x70 May 19 20:29:11 black-chii kernel: [80523.253032] [<ffffffff8166ef46>] ? skb_warn_bad_offload+0xc1/0xd2 May 19 20:29:11 black-chii kernel: [80523.253036] [<ffffffff815abb37>] ? skb_checksum_help+0x187/0x1e0 May 19 20:29:11 black-chii kernel: [80523.253039] [<ffffffffa0466078>] ? checksum_tg+0x28/0x2a [xt_CHECKSUM] May 19 20:29:11 black-chii kernel: [80523.253041] [<ffffffffa049531d>] ? ipt_do_table+0x2ad/0x3e0 [ip_tables] May 19 20:29:11 black-chii kernel: [80523.253043] [<ffffffffa04c40cf>] ? iptable_mangle_hook+0xcf/0x130 [iptable_mangle] May 19 20:29:11 black-chii kernel: [80523.253046] [<ffffffff815ee3f0>] ? ip_forward_options+0x1f0/0x1f0 May 19 20:29:11 black-chii kernel: [80523.253048] [<ffffffff815d7145>] ? nf_iterate+0xa5/0xb0 May 19 20:29:11 black-chii kernel: [80523.253050] [<ffffffff815ee3f0>] ? ip_forward_options+0x1f0/0x1f0 May 19 20:29:11 black-chii kernel: [80523.253051] [<ffffffff815d71c6>] ? nf_hook_slow+0x76/0x120 May 19 20:29:11 black-chii kernel: [80523.253053] [<ffffffff815ee3f0>] ? ip_forward_options+0x1f0/0x1f0 May 19 20:29:11 black-chii kernel: [80523.253054] [<ffffffff815f03ea>] ? __ip_local_out+0xaa/0xb0 May 19 20:29:11 black-chii kernel: [80523.253056] [<ffffffff815f03fc>] ? ip_local_out+0xc/0x40 May 19 20:29:11 black-chii kernel: [80523.253057] [<ffffffff815f1960>] ? ip_send_skb+0x10/0x50 May 19 20:29:11 black-chii kernel: [80523.253060] [<ffffffff816180f4>] ? udp_send_skb+0x304/0x3c0 May 19 20:29:11 black-chii kernel: [80523.253061] [<ffffffff815ee6d0>] ? ip_copy_metadata+0x130/0x130 May 19 20:29:11 black-chii kernel: [80523.253063] [<ffffffff816184c6>] ? udp_sendmsg+0x2b6/0x8f0 May 19 20:29:11 black-chii kernel: [80523.253067] [<ffffffff8158f4f8>] ? sock_sendmsg+0x98/0xd0 May 19 20:29:11 black-chii kernel: [80523.253069] [<ffffffff811b3860>] ? __check_object_size.part.32+0x30/0x1a0 May 19 20:29:11 black-chii kernel: [80523.253071] [<ffffffff8158fd9d>] ? move_addr_to_kernel.part.23+0x10d/0x190 May 19 20:29:11 black-chii kernel: [80523.253074] [<ffffffff811cd086>] ? __fget_light+0x26/0x70 May 19 20:29:11 black-chii kernel: [80523.253076] [<ffffffff8159015f>] ? SYSC_sendto+0xff/0x180 May 19 20:29:11 black-chii kernel: [80523.253079] [<ffffffff816795d3>] ? system_call_fastpath+0x16/0x1b May 19 20:29:11 black-chii kernel: [80523.253080] ---[ end trace 7376512ab3ffdce5 ]--- Reproducible: Always Steps to Reproduce: 1. Boot the machine, 2. have traffic go through the machine 3. eventually randomly get this oops Actual Results: Oopses in a 1-second-loop after a while, without apparent reason Expected Results: No oopses I had this oops only once yet, but as I have other crashes in ipv6 kernel code where I can't export the console output to another machine due to local limitations, I better start with this one.
can you try hardened-sources-3.14.4 which is based on the latest grsec/pax patches and see ifyou get the oops.
it's not an oops but a WARN, not an oops and i'm wondering if you have the size overflow plugin enabled and if so, could you try without it?
I've just compiled and booted 3.14.4. Meanwhile I studied my iptables rules and found a "iptables -t mangle -A POSTROUTING|OUTPUT -o virbr0 -j CHECKSUM --checksum-fill" (set by libvirtd) which seems obviously related. Unfortunately I don't have a way to trigger the bug manually, but to keep waiting for it to reappear. I've built the new kernel (as the old) with CONFIG_PAX_SIZE_OVERFLOW=y.
(In reply to satmd from comment #3) > I've just compiled and booted 3.14.4. Meanwhile I studied my iptables rules > and found a "iptables -t mangle -A POSTROUTING|OUTPUT -o virbr0 -j CHECKSUM > --checksum-fill" (set by libvirtd) which seems obviously related. > > Unfortunately I don't have a way to trigger the bug manually, but to keep > waiting for it to reappear. > > I've built the new kernel (as the old) with CONFIG_PAX_SIZE_OVERFLOW=y. Is this still an issue?
(In reply to satmd from comment #3) > Unfortunately I don't have a way to trigger the bug manually, but to keep > waiting for it to reappear. Please reopen if you get more information about this bug.