SKB BUG

Thanks for taking the time to report this bug and helping to make Ubuntu better. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

Beginning with the Hardy Heron 8.04 development cycle, all open Ubuntu kernel bugs need to be reported against the "linux" kernel package. We are automatically migrating this bug to the new "linux" package. However, development has already began for the upcoming Intrepid Ibex 8.10 release. It would be helpful if you could test the upcoming release and verify if this is still an issue - http://www.ubuntu.com/testing . If the issue still exists, please update this report by changing the Status of the "linux" task from "Incomplete" to "New". We appreciate your patience and understanding as we make this transition. Thanks!

The Ubuntu Kernel Team is planning to move to the 2.6.27 kernel for the upcoming Intrepid Ibex 8.10 release. As a result, the kernel team would appreciate it if you could please test this newer 2.6.27 Ubuntu kernel. There are one of two ways you should be able to test:

1) If you are comfortable installing packages on your own, the linux-image-2.6.27-* package is currently available for you to install and test.

--or--

2) The upcoming Alpha5 for Intrepid Ibex 8.10 will contain this newer 2.6.27 Ubuntu kernel. Alpha5 is set to be released Thursday Sept 4. Please watch http://www.ubuntu.com/testing for Alpha5 to be announced. You should then be able to test via a LiveCD.

Please let us know immediately if this newer 2.6.27 kernel resolves the bug reported here or if the issue remains. More importantly, please open a new bug report for each new bug/regression introduced by the 2.6.27 kernel and tag the bug report with 'linux-2.6.27'. Also, please specifically note if the issue does or does not appear in the 2.6.26 kernel. Thanks again, we really appreicate your help and feedback.

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again!

Hi,

I am using Jaunty alpha 5 (fully updated as of today), and I am seeing these error messages as well. dmesg gives call traces as well, here is one:

[ 3732.349097] ------------[ cut here ]------------
[ 3732.349105] WARNING: at /build/buildd/linux-2.6.28/net/core/skbuff.c:150 skb_truesize_bug+0x46/0x50()
[ 3732.349110] SKB BUG: Invalid truesize (488) len=266, sizeof(sk_buff)=232
[ 3732.349185] Modules linked in: xt_tcpudp xt_state ipt_REJECT iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 iptable_filter ip_tables x_tables nfsd auth_rpcgss exportfs nfs lockd nfs_acl sunrpc ppdev parport_pc lp parport arc4 ecb ath9k lbm_cw_mac80211 serio_raw led_class k8temp psmouse pcspkr shpchp snd_hda_intel lbm_cw_cfg80211 snd_pcm snd_timer snd soundcore snd_page_alloc usbhid ohci1394 ieee1394 forcedeth b44 ssb pcmcia pcmcia_core mii ehci_hcd ohci_hcd fbcon tileblit font bitblit softcursor
[ 3732.349248] Pid: 3098, comm: hostapd Tainted: G W 2.6.28-8-server #28-Ubuntu
[ 3732.349252] Call Trace:
[ 3732.349265] [<ffffffff802508d7>] warn_slowpath+0xb7/0xf0
[ 3732.349274] [<ffffffff80268b56>] ? remove_wait_queue+0x46/0x60
[ 3732.349282] [<ffffffff802f75ef>] ? poll_freewait+0x4f/0xc0
[ 3732.349289] [<ffffffff802f8172>] ? do_select+0x622/0x6a0
[ 3732.349294] [<ffffffff802f81f0>] ? __pollwait+0x0/0x120
[ 3732.349301] [<ffffffff8022f619>] ? default_spin_lock_flags+0x9/0x10
[ 3732.349309] [<ffffffff8041b385>] ? __ratelimit+0xa5/0xf0
[ 3732.349314] [<ffffffff8059cec6>] skb_truesize_bug+0x46/0x50
[ 3732.349321] [<ffffffff80598cc5>] sock_rfree+0x65/0x70
[ 3732.349327] [<ffffffff8059c8a4>] skb_release_head_state+0x54/0xf0
[ 3732.349332] [<ffffffff8059c951>] skb_release_all+0x11/0x20
[ 3732.349336] [<ffffffff8059c1d1>] __kfree_skb+0x11/0xa0
[ 3732.349341] [<ffffffff8059c277>] kfree_skb+0x17/0x40
[ 3732.349347] [<ffffffff8059fc84>] skb_free_datagram+0x14/0x40
[ 3732.349353] [<ffffffff806503ed>] packet_recvmsg+0xcd/0x1f0
[ 3732.349360] [<ffffffff80596f38>] sock_recvmsg+0x118/0x150
[ 3732.349367] [<ffffffff80268860>] ? autoremove_wake_function+0x0/0x40
[ 3732.349373] [<ffffffff802f7505>] ? set_fd_set+0x25/0x30
[ 3732.349378] [<ffffffff802f84f0>] ? core_sys_select+0x1e0/0x2a0
[ 3732.349384] [<ffffffff8059732e>] sys_recvfrom+0xae/0x110
[ 3732.349391] [<ffffffff8026c599>] ? ktime_get_ts+0x59/0x60
[ 3732.349397] [<ffffffff802f70a7>] ? poll_select_copy_remaining+0xf7/0x150
[ 3732.349404] [<ffffffff8021253a>] system_call_fastpath+0x16/0x1b
[ 3732.349408] ---[ end trace 66b086b355836042 ]---

This seems to happen when a client connects through hostapd, which I installed from here:
https://edge.launchpad.net/~hermansson-per/+archive/ppa

For more details about my exotic AP installation, please see that post:
http://ubuntu-utah.ubuntuforums.org/showpost.php?p=6840592&postcount=17

Maybe the problem is with hostapd, but since it is the kernel that reports the bug, I decided to reopen that old report.

Let me know if any more information is required.

Fixed by upgrading to hostapd 0.6.8.