Hello Johan, On Wed, Nov 29, 2023 at 11:24:59PM -0500, Johan Huldtgren wrote: > > so my machine paniced today, but the panic this time is completely different. > I don't know if it's related to this issue, the patch, or a completely new > issue, but I figured I'd start reporting it here. Unfortuntately when I tried > to swap CPU to collect traces from the other ones the machine froze and I was > forced to power cycle it. So I have the panic and initial trace but that's > it. > > panic: ip_output no HDR > Stopped at db_enter+0x14: popq %rbp > TID PID UID PRFLAGS PFLAGS CPU COMMAND > 74003 25022 0 0x10 0 2 afpd > 355827 29745 107 0x1100002 0x4000000 3 vmd > 451006 29745 107 0x1100002 0x4000000 4 vmd > 131508 78367 107 0x1100002 0x4000000 5 vmd > 112644 78367 107 0x1100002 0x4000000 1 vmd > *133058 91446 0 0x14000 0x200 0 softnet0 > db_enter() at db_enter+0x14 > panic(ffffffff820c20df) at panic+0xc3 > ip_output(fffffd8076b76e00,0,fffffd9c9e59e708,0,0,fffffd9c9e59e690,e4a23bf8c0204936) > at ip_output+0xa26 > udp_output(fffffd9c9e59e690,fffffd8076b76e00,fffffd8079d14b00,0) at > udp_output+0x3be > sosend(fffffd9c9e59f000,fffffd8079d14b00,0,fffffd8076b76e00,0,0) at > sosend+0x37f > pflow_output_process(ffff8000011a0800) at pflow_output_process+0x67 > taskq_thread(ffff800000035200) at taskq_thread+0x100 > end trace frame: 0x0, count: 8 > https://www.openbsd.org/ddb.html describes the minimum info required in bug > reports. Insufficient info makes it difficult to find and fix bugs. > ddb{0}> > > ddb{0}> show panic > *cpu0: ip_output no HDR > > ddb{0}> trace > db_enter() at db_enter+0x14 > panic(ffffffff820c20df) at panic+0xc3 > ip_output(fffffd8076b76e00,0,fffffd9c9e59e708,0,0,fffffd9c9e59e690,e4a23bf8c0204936) > at ip_output+0xa26 > udp_output(fffffd9c9e59e690,fffffd8076b76e00,fffffd8079d14b00,0) at > udp_output+0x3be > sosend(fffffd9c9e59f000,fffffd8079d14b00,0,fffffd8076b76e00,0,0) at > sosend+0x37f > pflow_output_process(ffff8000011a0800) at pflow_output_process+0x67 > taskq_thread(ffff800000035200) at taskq_thread+0x100 > end trace frame: 0x0, count: -7 >
This is a different issue to what we were seeing. The panic indicates the ip_output() function deals with packet buffer which contains no ip header. How it could happen that's the question... I'm going to ask for OKs to commit fix for pf. There were like 4 or 5 reports for this already. thanks and regards sashan