Re: Stopped at pf_test_rule+0xa87 [again]
On Tue, Mar 9, 2010 at 22:25, Price, Joe jpr...@ceccontrols.com wrote: In summary, it sounds like Henning may have fixed it from this post: http://marc.info/?l=openbsd-cvsm=124955744915786w=2 From the message you quoted and seeing r1.655.4.1, it seems the fixes you refer to made it into 4.6-stable. You may want to run 4.6-stable to fix your problem; see release(8) on how to build that. Also, why didn't this make it to an errata reliability fix? I don't know, but the following could be an explanation. To quote the FAQ [1]: Note, however, that patches aren't made for new additions to OpenBSD, and are only done for important reliability fixes or security problems that should be addressed right away on impacted systems (which is often NOT all systems, depending on their purpose). Regards, Rogier References 1. OpenBSD FAQ 10 http://www.openbsd.org/faq/faq10.html#Patches
Stopped at pf_test_rule+0xa87 [again]
Two different hardware firewall 4.6 machines in the last 24 hours have
produced the following:
UVM_fault(0xd0891180, 0x0, 0, 3) - e
Kernel: page fault trap, code = 0
Stopped at pf_test_rule+0xa87: movl%ecx,0x4(%ecx)
Ddb{0}
Frozen, couldn't type anything...
Now, I did some research and found this thread:
http://www.mail-archive.com/misc@openbsd.org/msg83853.html from late last
year. In summary, it sounds like Henning may have fixed it from this post:
http://marc.info/?l=openbsd-cvsm=124955744915786w=2
My question is: should I just make my own patch and roll out changes to all
our firewalls in our enterprise from some revision of pf.c (1.656, 1.657,
1.??? *which one*) to minimize risk of this crash happening again. We have
only had 4.6 in production on one of the two machines [above] for a week and
the other about a month, we have about half a dozen other firewalls at 4.6
just in the last week.
Also, why didn't this make it to an errata reliability fix?
