From owner-freebsd-net@freebsd.org Wed Feb 3 23:15:22 2016 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 11954A9B939; Wed, 3 Feb 2016 23:15:22 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from mx1.shrew.net (mx1.shrew.net [38.97.5.131]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DAFAA1C03; Wed, 3 Feb 2016 23:15:21 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from mail.shrew.net (mail.shrew.prv [10.24.10.20]) by mx1.shrew.net (8.14.7/8.14.7) with ESMTP id u13MsL71064482; Wed, 3 Feb 2016 16:54:21 -0600 (CST) (envelope-from mgrooms@shrew.net) Received: from [10.16.48.132] (67-198-50-4.static.grandenetworks.net [67.198.50.4]) by mail.shrew.net (Postfix) with ESMTPSA id C270218C848; Wed, 3 Feb 2016 16:54:15 -0600 (CST) Message-ID: <56B285B0.8010306@shrew.net> Date: Wed, 03 Feb 2016 16:56:48 -0600 From: Matthew Grooms User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-stable@freebsd.org, freebsd-net@freebsd.org Subject: 10.2-RELEASE-p12 pf+GRE crashing Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (mx1.shrew.net [10.24.10.10]); Wed, 03 Feb 2016 16:54:21 -0600 (CST) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2016 23:15:22 -0000 All, I recently upgraded a pair of 10.0-RELEASE firewalls in the hope that I could avoid the local patching required to keep it up and running. Unfortunately, it crashes whenever I reload my pf firewall rule set. If I remove the GRE tunnel configurations from rc.conf, it happily reloads the rule set all day long. The kernel config is mostly GENERIC with the following additions ... # Packet Filter device pf # PF OpenBSD packet-filter firewall device pflog # Logging support interface for PF device pfsync # Synchronization interface for PF device carp # Common Address Redundancy Protocol # IPsec device crypto device enc options IPSEC The crash is easy to reproduce as pfctl -f /etc/pf.conf does it every time. I should also mention that I tried with and without the following additional commits applied, but get the same result ... https://svnweb.freebsd.org/base?view=revision&revision=272695 https://svnweb.freebsd.org/base?view=revision&revision=288529 I'm also a bit confused as to why these patches haven't made it into 10 STABLE yet. The former doesn't mention an MFC and the latter has an MFC of 1 week, but was never done. In any case, here is the output from kgdb ... [root@fw2 /var/crash]# kgdb /boot/kernel/kernel vmcore.3 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x4a4 fault code = supervisor write data, page not present instruction pointer = 0x20:0xffffffff809c07f4 stack pointer = 0x28:0xfffffe0000233b30 frame pointer = 0x28:0xfffffe0000233b40 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 1990 (pfctl) trap number = 12 panic: page fault cpuid = 1 KDB: stack backtrace: #0 0xffffffff808048c0 at kdb_backtrace+0x60 #1 0xffffffff807c8596 at vpanic+0x126 #2 0xffffffff807c8463 at panic+0x43 #3 0xffffffff80bdc10b at trap_fatal+0x36b #4 0xffffffff80bdc40d at trap_pfault+0x2ed #5 0xffffffff80bdbaaa at trap+0x47a #6 0xffffffff80bc1fa2 at calltrap+0x8 #7 0xffffffff809a91f4 at pf_empty_pool+0x44 #8 0xffffffff809ab3e5 at pfioctl+0x805 #9 0xffffffff806b5659 at devfs_ioctl_f+0x139 #10 0xffffffff8081b805 at kern_ioctl+0x255 #11 0xffffffff8081b500 at sys_ioctl+0x140 #12 0xffffffff80bdca27 at amd64_syscall+0x357 #13 0xffffffff80bc228b at Xfast_syscall+0xfb Uptime: 1m1s Dumping 156 out of 2025 MB:..11%..21%..31%..42%..52%..62%..72%..83%..93% Reading symbols from /boot/kernel/if_lagg.ko.symbols...done. Loaded symbols for /boot/kernel/if_lagg.ko.symbols Reading symbols from /boot/kernel/if_gre.ko.symbols...done. Loaded symbols for /boot/kernel/if_gre.ko.symbols #0 doadump (textdump=) at pcpu.h:219 219 pcpu.h: No such file or directory. in pcpu.h Any help in resolving this would be greatly appreciated. -Matthew