From owner-freebsd-net@freebsd.org Fri Aug 3 15:36:03 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B35DB106CF66 for ; Fri, 3 Aug 2018 15:36:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 5076888D79 for ; Fri, 3 Aug 2018 15:36:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 14AA7106CF65; Fri, 3 Aug 2018 15:36:03 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E6E73106CF64 for ; Fri, 3 Aug 2018 15:36:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8836B88D75 for ; Fri, 3 Aug 2018 15:36:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id D645AE27C for ; Fri, 3 Aug 2018 15:36:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w73Fa1Hn087495 for ; Fri, 3 Aug 2018 15:36:01 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w73Fa1V6087494 for net@FreeBSD.org; Fri, 3 Aug 2018 15:36:01 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Fri, 03 Aug 2018 15:36:02 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Aug 2018 15:36:03 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 --- Comment #6 from Kajetan Staszkiewicz --- I don't use rc system to configure carps at all. They are done dynamically whenever required by new configuraion from some external system. I'm not ru= nnig a clean 11.2-RELEASE. There are some custom patches for pf and backports fr= om HEAD, please check here: https://github.com/innogames/freebsd/commits/iglb/11.2/SomethingCompletelyD= ifferent I wrote this script in an attempt to provide carp misconfiguration: ---------- 8< ---------- #!/bin/sh IFACE=3Dinternal4027 VHID=3D27 ADDR_BASE=3D'2a00:f00:42:0000' if [ -z "$1" ]; then for SUBNET in $(seq 10); do SUBNET=3D$(printf '%04x' $SUBNET) sh $(dirname $0)/break_carps.sh $SUBNET & sh $(dirname $0)/break_carps.sh $SUBNET & done else echo "Spawned child for subnet $1" for i in $(seq 10); do ADDR_LAST=3D$(printf '%04x' $i) ADDR=3D"$ADDR_BASE:$1::$ADDR_LAST" ifconfig $IFACE inet6 $ADDR/128 vhid $VHID alias sleep 0.5 ifconfig $IFACE inet6 $ADDR/128 vhid $VHID -alias done fi wait ---------- >8 ---------- Even better than misconfiguration, I got this nice panic: Fatal trap 12: page fault while in kernel mode #13 0xffffffff8159a8d7 in carp_hmac_prepare (sc=3D0xfffff80008599000) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/netinet/ip_carp.c:384 #14 0xffffffff8159a531 in carp_ioctl (ifr=3D, cmd=3D, td=3D) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/netinet/ip_carp.c:1698 #15 0xffffffff8072732f in ifioctl (so=3D0xfffff80011f61000, cmd=3D322334974= 9, data=3D0xfffffe0666e5e9d0 "internal4027", td=3D0xfffff80102a8b620) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/net/if.c:3041 #16 0xffffffff8069736d in kern_ioctl (td=3D0xfffff80102a8b620, fd=3D3, com=3D3223349749, data=3D) at file.h:323 Then I compiled kernel with INVARIANTS and INVARIANT_SUPPORT. I tried somet= hing even less ugly than the script above, that is I just added same IPv6 carp address twice (one which is *not* in any network available on iface). This resulted in: panic: carp_attach: ifa 0xfffff80095390000 attached #11 0xffffffff815b3675 in carp_attach (ifa=3D0xfffff80095390000, vhid=3D27) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/netinet/ip_carp.c:1809 #12 0xffffffff807e8ff2 in in6_control (so=3D, cmd=3D, data=3D, ifp=3D, td=3D) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/netinet6/in6.c:572 #13 0xffffffff80713b19 in ifioctl (so=3D0xfffff80011eeb360, cmd=3D215642345= 1, data=3D, td=3D0xfffff80095861620) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/net/if.c:3071 #14 0xffffffff80688729 in kern_ioctl (td=3D0xfffff80095861620, fd=3D, com=3D, data=3D) at file.h:323 While browsing kernel source on Github I've come accross 5bd3158a3b7184c65d3e1b6d96faf0dd720eb6ac (Which is in master branch but not= in 11.2-RELEASE). This indeed solves issues on adding same CARP address twice,= but the script above still kills system: panic: Bad link elm 0xfffff800a44c3c00 prev->next !=3D elm #11 0xffffffff807eb33d in in6_unlink_ifa (ia=3D, ifp=3D) at fnv_hash.h:29 #12 0xffffffff807e8b2d in in6_control (so=3D, cmd=3D2166384921, data=3D, ifp=3D, td=3D) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/netinet6/in6.c:701 #13 0xffffffff80713b19 in ifioctl (so=3D0xfffff80011ee6000, cmd=3D216638492= 1, data=3D, td=3D0xfffff8002f61b620) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/net/if.c:3071 #14 0xffffffff80688729 in kern_ioctl (td=3D0xfffff8002f61b620, fd=3D, com=3D, data=3D) at file.h:323 I'll put kernel with 5bd3158a3b7184c65d3e1b6d96faf0dd720eb6ac on production= and see if that solves issue reported in this ticket. But obviously there are m= ore issues deeper. --=20 You are receiving this mail because: You are the assignee for the bug.=