From owner-freebsd-current@FreeBSD.ORG Sun Apr 5 10:47:12 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6D227106566B for ; Sun, 5 Apr 2009 10:47:12 +0000 (UTC) (envelope-from stb@lassitu.de) Received: from koef.zs64.net (koef.zs64.net [212.12.50.230]) by mx1.freebsd.org (Postfix) with ESMTP id 0209D8FC0A for ; Sun, 5 Apr 2009 10:47:11 +0000 (UTC) (envelope-from stb@lassitu.de) Received: from localhost by koef.zs64.net (8.14.3/8.14.3) with ESMTP id n35Al6hS049426 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sun, 5 Apr 2009 12:47:07 +0200 (CEST) (envelope-from stb@lassitu.de) (authenticated as stb) Message-Id: <1EB12CA7-D811-434D-8F21-BFDB819918CB@lassitu.de> From: Stefan Bethke To: Stefan Bethke In-Reply-To: <4A766A21-7E01-46DF-98EB-A8BABC248AAD@lassitu.de> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v930.3) Date: Sun, 5 Apr 2009 12:47:06 +0200 References: <4A766A21-7E01-46DF-98EB-A8BABC248AAD@lassitu.de> X-Mailer: Apple Mail (2.930.3) Cc: FreeBSD Current Subject: Re: enabling pf causes socket panics? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Apr 2009 10:47:12 -0000 Am 28.03.2009 um 10:44 schrieb Stefan Bethke: > With pf enabled, I get panics after only a few minutes of light > traffic trought the machine. These two I could capture on the > console (no dumps written because of mirrored swap): > > panic: sbsndptr: sockbuf 0xffffff0010005b60 and mbuf > 0xffffff0004cdfe00 clashing > cpuid = 1 > KDB: enter: panic > [thread pid 739 tid 100148 ] > Stopped at kdb_enter+0x3d: movq $0,0x47ed48(%rip) > db> > > panic: sbflush_internal: cc 60 || mb 0 || mbcnt 0 > cpuid = 0 > KDB: enter: panic > [thread pid 1696 tid 100125 ] > Stopped at kdb_enter+0x3d: movq $0,0x47ed48(%rip) > db> bt > Tracing pid 1696 tid 100125 td 0xffffff000499a000 > kdb_enter() at kdb_enter+0x3d > panic() at panic+0x17b > sbflush_internal() at sbflush_internal+0x64 > sbrelease_internal() at sbrelease_internal+0x1c > sofree() at sofree+0x107 > soclose() at soclose+0x118 > _fdrop() at _fdrop+0x23 > closef() at closef+0x4c > kern_close() at kern_close+0x110 > syscall() at syscall+0x1a5 > Xfast_syscall() at Xfast_syscall+0xab > --- syscall (6, FreeBSD ELF64, close), rip = 0x800d3c89c, rsp = > 0x7fffffffcbc8, rbp = 0x1b --- > > Before enabling pf, the system ran fully stable for two weeks. > Disabling pf again (pfctl -d) makes it stable again. I've made two changes which apparently stop the panic from triggering. This system has a bridge(4) consisting of one vlan(4) and one tap(4) interface; the bridge has the IP address assigned (instead of one of the member interfaces). I've disabled net.link.bridge.pfil_member=0, so that packets are not filtered twice (once on the member interface and once on the bridge interface). I've also removed rules from pf.conf that referenced the vlan and the tap interface. Stefan -- Stefan Bethke Fon +49 151 14070811