Date: Sun, 5 Apr 2009 12:47:06 +0200 From: Stefan Bethke <stb@lassitu.de> To: Stefan Bethke <stb@lassitu.de> Cc: FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: enabling pf causes socket panics? Message-ID: <1EB12CA7-D811-434D-8F21-BFDB819918CB@lassitu.de> In-Reply-To: <4A766A21-7E01-46DF-98EB-A8BABC248AAD@lassitu.de> References: <4A766A21-7E01-46DF-98EB-A8BABC248AAD@lassitu.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 28.03.2009 um 10:44 schrieb Stefan Bethke: > With pf enabled, I get panics after only a few minutes of light > traffic trought the machine. These two I could capture on the > console (no dumps written because of mirrored swap): > > panic: sbsndptr: sockbuf 0xffffff0010005b60 and mbuf > 0xffffff0004cdfe00 clashing > cpuid = 1 > KDB: enter: panic > [thread pid 739 tid 100148 ] > Stopped at kdb_enter+0x3d: movq $0,0x47ed48(%rip) > db> > > panic: sbflush_internal: cc 60 || mb 0 || mbcnt 0 > cpuid = 0 > KDB: enter: panic > [thread pid 1696 tid 100125 ] > Stopped at kdb_enter+0x3d: movq $0,0x47ed48(%rip) > db> bt > Tracing pid 1696 tid 100125 td 0xffffff000499a000 > kdb_enter() at kdb_enter+0x3d > panic() at panic+0x17b > sbflush_internal() at sbflush_internal+0x64 > sbrelease_internal() at sbrelease_internal+0x1c > sofree() at sofree+0x107 > soclose() at soclose+0x118 > _fdrop() at _fdrop+0x23 > closef() at closef+0x4c > kern_close() at kern_close+0x110 > syscall() at syscall+0x1a5 > Xfast_syscall() at Xfast_syscall+0xab > --- syscall (6, FreeBSD ELF64, close), rip = 0x800d3c89c, rsp = > 0x7fffffffcbc8, rbp = 0x1b --- > > Before enabling pf, the system ran fully stable for two weeks. > Disabling pf again (pfctl -d) makes it stable again. I've made two changes which apparently stop the panic from triggering. This system has a bridge(4) consisting of one vlan(4) and one tap(4) interface; the bridge has the IP address assigned (instead of one of the member interfaces). I've disabled net.link.bridge.pfil_member=0, so that packets are not filtered twice (once on the member interface and once on the bridge interface). I've also removed rules from pf.conf that referenced the vlan and the tap interface. Stefan -- Stefan Bethke <stb@lassitu.de> Fon +49 151 14070811
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1EB12CA7-D811-434D-8F21-BFDB819918CB>