Re: 10.2-RELEASE-p12 pf+GRE crashing
On 2/3/2016 6:47 PM, Matthew Grooms wrote: This turned out to be another issue that was patched in head but not back ported to stable. I can't explain why it didn't get tripped when GRE tunnels were disabled. With the patch applied, I can reload my rule sets again without crashing ... https://svnweb.freebsd.org/base?view=revision=264689 I wanted to clarify in case another user runs into this issue and searches the mailing list history for a solution: The patch I applied to fix this particular kernel crash wasn't 264689, it was ... https://svnweb.freebsd.org/base?view=revision=264915 Sorry for the misinformation. I cut and pasted the wrong link. -Matthew (kgdb) bt #0 doadump (textdump=) at pcpu.h:219 #1 0x807c81f2 in kern_reboot (howto=260) at ../../../kern/kern_shutdown.c:451 #2 0x807c85d5 in vpanic (fmt=, ap=optimized out>) at ../../../kern/kern_shutdown.c:758 #3 0x807c8463 in panic (fmt=0x0) at ../../../kern/kern_shutdown.c:687 #4 0x80bdc10b in trap_fatal (frame=, eva=) at ../../../amd64/amd64/trap.c:851 #5 0x80bdc40d in trap_pfault (frame=0xfe233a80, usermode=) at ../../../amd64/amd64/trap.c:674 #6 0x80bdbaaa in trap (frame=0xfe233a80) at ../../../amd64/amd64/trap.c:440 #7 0x80bc1fa2 in calltrap () at ../../../amd64/amd64/exception.S:236 #8 0x809c07f4 in pfr_detach_table (kt=0x0) at ../../../netpfil/pf/pf_table.c:2047 #9 0x809a91f4 in pf_empty_pool (poola=0x813c3d68) at ../../../netpfil/pf/pf_ioctl.c:354 #10 0x809ab3e5 in pfioctl (dev=, cmd=, addr=0xf8005eaf6800 "", flags=, td=optimized out>) at ../../../netpfil/pf/pf_ioctl.c:2189 #11 0x806b5659 in devfs_ioctl_f (fp=0xf8000a2927d0, com=3295691827, data=0xf8005eaf6800, cred=, td=0xf8000a25f000) at ../../../fs/devfs/devfs_vnops.c:785 #12 0x8081b805 in kern_ioctl (td=0xf8000a25f000, fd=optimized out>, com=2) at file.h:320 #13 0x8081b500 in sys_ioctl (td=0xf8000a25f000, uap=0xfe234b40) at ../../../kern/sys_generic.c:718 #14 0x80bdca27 in amd64_syscall (td=0xf8000a25f000, traced=0) at subr_syscall.c:134 #15 0x80bc228b in Xfast_syscall () at ../../../amd64/amd64/exception.S:396 #16 0x000800dd9fda in ?? () Previous frame inner to this frame (corrupt stack?) Current language: auto; currently minimal -Matthew ___ freebsd-...@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: 10.2-RELEASE-p12 pf+GRE crashing
On 2/3/2016 4:56 PM, Matthew Grooms wrote: All, I recently upgraded a pair of 10.0-RELEASE firewalls in the hope that I could avoid the local patching required to keep it up and running. Unfortunately, it crashes whenever I reload my pf firewall rule set. If I remove the GRE tunnel configurations from rc.conf, it happily reloads the rule set all day long. The kernel config is mostly GENERIC with the following additions ... # Packet Filter device pf # PF OpenBSD packet-filter firewall device pflog # Logging support interface for PF device pfsync # Synchronization interface for PF device carp# Common Address Redundancy Protocol # IPsec device crypto device enc options IPSEC The crash is easy to reproduce as pfctl -f /etc/pf.conf does it every time. I should also mention that I tried with and without the following additional commits applied, but get the same result ... https://svnweb.freebsd.org/base?view=revision=272695 https://svnweb.freebsd.org/base?view=revision=288529 I'm also a bit confused as to why these patches haven't made it into 10 STABLE yet. The former doesn't mention an MFC and the latter has an MFC of 1 week, but was never done. In any case, here is the output from kgdb ... This turned out to be another issue that was patched in head but not back ported to stable. I can't explain why it didn't get tripped when GRE tunnels were disabled. With the patch applied, I can reload my rule sets again without crashing ... https://svnweb.freebsd.org/base?view=revision=264689 (kgdb) bt #0 doadump (textdump=) at pcpu.h:219 #1 0x807c81f2 in kern_reboot (howto=260) at ../../../kern/kern_shutdown.c:451 #2 0x807c85d5 in vpanic (fmt=, ap=optimized out>) at ../../../kern/kern_shutdown.c:758 #3 0x807c8463 in panic (fmt=0x0) at ../../../kern/kern_shutdown.c:687 #4 0x80bdc10b in trap_fatal (frame=, eva=) at ../../../amd64/amd64/trap.c:851 #5 0x80bdc40d in trap_pfault (frame=0xfe233a80, usermode=) at ../../../amd64/amd64/trap.c:674 #6 0x80bdbaaa in trap (frame=0xfe233a80) at ../../../amd64/amd64/trap.c:440 #7 0x80bc1fa2 in calltrap () at ../../../amd64/amd64/exception.S:236 #8 0x809c07f4 in pfr_detach_table (kt=0x0) at ../../../netpfil/pf/pf_table.c:2047 #9 0x809a91f4 in pf_empty_pool (poola=0x813c3d68) at ../../../netpfil/pf/pf_ioctl.c:354 #10 0x809ab3e5 in pfioctl (dev=, cmd=optimized out>, addr=0xf8005eaf6800 "", flags=, td=optimized out>) at ../../../netpfil/pf/pf_ioctl.c:2189 #11 0x806b5659 in devfs_ioctl_f (fp=0xf8000a2927d0, com=3295691827, data=0xf8005eaf6800, cred=, td=0xf8000a25f000) at ../../../fs/devfs/devfs_vnops.c:785 #12 0x8081b805 in kern_ioctl (td=0xf8000a25f000, fd=optimized out>, com=2) at file.h:320 #13 0x8081b500 in sys_ioctl (td=0xf8000a25f000, uap=0xfe234b40) at ../../../kern/sys_generic.c:718 #14 0x80bdca27 in amd64_syscall (td=0xf8000a25f000, traced=0) at subr_syscall.c:134 #15 0x80bc228b in Xfast_syscall () at ../../../amd64/amd64/exception.S:396 #16 0x000800dd9fda in ?? () Previous frame inner to this frame (corrupt stack?) Current language: auto; currently minimal -Matthew ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
10.2-RELEASE-p12 pf+GRE crashing
All, I recently upgraded a pair of 10.0-RELEASE firewalls in the hope that I could avoid the local patching required to keep it up and running. Unfortunately, it crashes whenever I reload my pf firewall rule set. If I remove the GRE tunnel configurations from rc.conf, it happily reloads the rule set all day long. The kernel config is mostly GENERIC with the following additions ... # Packet Filter device pf # PF OpenBSD packet-filter firewall device pflog # Logging support interface for PF device pfsync # Synchronization interface for PF device carp# Common Address Redundancy Protocol # IPsec device crypto device enc options IPSEC The crash is easy to reproduce as pfctl -f /etc/pf.conf does it every time. I should also mention that I tried with and without the following additional commits applied, but get the same result ... https://svnweb.freebsd.org/base?view=revision=272695 https://svnweb.freebsd.org/base?view=revision=288529 I'm also a bit confused as to why these patches haven't made it into 10 STABLE yet. The former doesn't mention an MFC and the latter has an MFC of 1 week, but was never done. In any case, here is the output from kgdb ... [root@fw2 /var/crash]# kgdb /boot/kernel/kernel vmcore.3 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x4a4 fault code = supervisor write data, page not present instruction pointer = 0x20:0x809c07f4 stack pointer = 0x28:0xfe233b30 frame pointer = 0x28:0xfe233b40 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags= interrupt enabled, resume, IOPL = 0 current process = 1990 (pfctl) trap number = 12 panic: page fault cpuid = 1 KDB: stack backtrace: #0 0x808048c0 at kdb_backtrace+0x60 #1 0x807c8596 at vpanic+0x126 #2 0x807c8463 at panic+0x43 #3 0x80bdc10b at trap_fatal+0x36b #4 0x80bdc40d at trap_pfault+0x2ed #5 0x80bdbaaa at trap+0x47a #6 0x80bc1fa2 at calltrap+0x8 #7 0x809a91f4 at pf_empty_pool+0x44 #8 0x809ab3e5 at pfioctl+0x805 #9 0x806b5659 at devfs_ioctl_f+0x139 #10 0x8081b805 at kern_ioctl+0x255 #11 0x8081b500 at sys_ioctl+0x140 #12 0x80bdca27 at amd64_syscall+0x357 #13 0x80bc228b at Xfast_syscall+0xfb Uptime: 1m1s Dumping 156 out of 2025 MB:..11%..21%..31%..42%..52%..62%..72%..83%..93% Reading symbols from /boot/kernel/if_lagg.ko.symbols...done. Loaded symbols for /boot/kernel/if_lagg.ko.symbols Reading symbols from /boot/kernel/if_gre.ko.symbols...done. Loaded symbols for /boot/kernel/if_gre.ko.symbols #0 doadump (textdump=) at pcpu.h:219 219 pcpu.h: No such file or directory. in pcpu.h Any help in resolving this would be greatly appreciated. -Matthew ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
