Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Nov 2015 18:01:44 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 204437] 10.2 STABLE Crashing with IPSec Support
Message-ID:  <bug-204437-8@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204437

            Bug ID: 204437
           Summary: 10.2 STABLE Crashing with IPSec Support
           Product: Base System
           Version: 10.2-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: peixotocassiano@gmail.com

I think there is a serious bug with IPSec compiled on kernel. It didn't happen
with 10.1-STABLE. This machine is running squid, c-icap and ipsec. About 10
minutes it just crash and reboot all the time.

I've turned on debug kernel mode to get more details. Let me know if you need
any other info. Here it is:

# kgdb kernel.debug /var/crash/vmcore.0
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 4; apic id = 32
fault virtual address    = 0x0
fault code        = supervisor read data, page not present
instruction pointer    = 0x20:0xffffffff80ac9cbe
stack pointer            = 0x28:0xfffffe02ebd758b0
frame pointer            = 0x28:0xfffffe02ebd758f0
code segment        = base 0x0, limit 0xfffff, type 0x1b
            = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags    = interrupt enabled, resume, IOPL = 0
current process        = 12 (swi1: netisr 0)
trap number        = 12
panic: page fault
cpuid = 4
KDB: stack backtrace:
#0 0xffffffff808fc8e0 at kdb_backtrace+0x60
#1 0xffffffff808c0526 at vpanic+0x126
#2 0xffffffff808c03f3 at panic+0x43
#3 0xffffffff80d48e7b at trap_fatal+0x36b
#4 0xffffffff80d4917d at trap_pfault+0x2ed
#5 0xffffffff80d4881a at trap+0x47a
#6 0xffffffff80d2e8c2 at calltrap+0x8
#7 0xffffffff80acaa7a at ipsec4_in_reject+0x2a
#8 0xffffffff80a73b3b at tcp_input+0x89b
#9 0xffffffff80a0484b at ip_input+0xab
#10 0xffffffff8099efb3 at swi_net+0x143
#11 0xffffffff80890d6b at intr_event_execute_handlers+0xab
#12 0xffffffff808911b6 at ithread_loop+0x96
#13 0xffffffff8088e8aa at fork_exit+0x9a
#14 0xffffffff80d2edfe at fork_trampoline+0xe
Uptime: 24m15s
Dumping 807 out of 12248 MB:..2%..12%..22%..32%..42%..52%..62%..72%..82%..92%

Reading symbols from /boot/kernel/zfs.ko.symbols...done.
Loaded symbols for /boot/kernel/zfs.ko.symbols
Reading symbols from /boot/kernel/opensolaris.ko.symbols...done.
Loaded symbols for /boot/kernel/opensolaris.ko.symbols
Reading symbols from /boot/kernel/if_lagg.ko.symbols...done.
Loaded symbols for /boot/kernel/if_lagg.ko.symbols
Reading symbols from /boot/kernel/coretemp.ko.symbols...done.
Loaded symbols for /boot/kernel/coretemp.ko.symbols
Reading symbols from /boot/modules/plcm.ko...done.
Loaded symbols for /boot/modules/plcm.ko
Reading symbols from /boot/kernel/ums.ko.symbols...done.
Loaded symbols for /boot/kernel/ums.ko.symbols
#0  doadump (textdump=<value optimized out>) at pcpu.h:219
219        __asm("movq %%gs:%1,%0" : "=r" (td)
(kgdb) list *0xffffffff80ac9cbe
0xffffffff80ac9cbe is in ipsec_getpolicybysock
(/usr/src/sys/netipsec/ipsec.c:502).
497        IPSEC_ASSERT(inp != NULL, ("null inp"));
498        IPSEC_ASSERT(inp->inp_sp != NULL, ("null inp_sp"));
499        IPSEC_ASSERT(inp->inp_sp->sp_out != NULL && inp->inp_sp->sp_in !=
NULL,
500            ("null sp_in || sp_out"));
501    
502        error = ipsec_setspidx(m, &inp->inp_sp->sp_in->spidx, 1);
503        if (error == 0) {
504            inp->inp_sp->sp_in->spidx.dir = IPSEC_DIR_INBOUND;
505            inp->inp_sp->sp_out->spidx = inp->inp_sp->sp_in->spidx;
506            inp->inp_sp->sp_out->spidx.dir = IPSEC_DIR_OUTBOUND;
Current language:  auto; currently minimal

-- 
You are receiving this mail because:
You are the assignee for the bug.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-204437-8>