From owner-freebsd-current@FreeBSD.ORG Wed Mar 10 23:19:15 2010 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5A276106566C for ; Wed, 10 Mar 2010 23:19:15 +0000 (UTC) (envelope-from rfarmer@predatorlabs.net) Received: from qw-out-2122.google.com (qw-out-2122.google.com [74.125.92.26]) by mx1.freebsd.org (Postfix) with ESMTP id 1D75E8FC22 for ; Wed, 10 Mar 2010 23:19:14 +0000 (UTC) Received: by qw-out-2122.google.com with SMTP id 5so546901qwi.7 for ; Wed, 10 Mar 2010 15:19:14 -0800 (PST) MIME-Version: 1.0 Received: by 10.224.59.96 with SMTP id k32mr352274qah.261.1268263150699; Wed, 10 Mar 2010 15:19:10 -0800 (PST) X-Originating-IP: [128.95.133.64] In-Reply-To: References: Date: Wed, 10 Mar 2010 15:19:10 -0800 Message-ID: From: Rob Farmer To: current@freebsd.org, qingli@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Subject: Re: PF not working, with lock order reversal X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Mar 2010 23:19:15 -0000 On Wed, Mar 10, 2010 at 8:43 AM, Rob Farmer wrot= e: > Hi, > > I just updated a sparc64 Sun Netra X1 running current. I am using PF > (built into the kernel) and now I cannot connect to the machine while > PF is enabled (but outbound traffic from the machine works). The same > ruleset has worked fine for me for several years on this and other > systems. I'm getting the following LOR at boot and wonder if it is > related? > > lock order reversal: > =A01st 0xc0424d28 pf task mtx (pf task mtx) @ > /usr/src/sys/contrib/pf/net/pf.c:6929 > =A02nd 0xfffff800011954f8 radix node head (radix node head) @ > /usr/src/sys/net/route.c:360 > KDB: stack backtrace: > _witness_debugger() at _witness_debugger+0x84 > witness_checkorder() at witness_checkorder+0xafc > _rw_rlock() at _rw_rlock+0x44 > rtalloc1_fib() at rtalloc1_fib+0x124 > rtalloc_ign_fib() at rtalloc_ign_fib+0xac > pf_calc_mss() at pf_calc_mss+0xbc > pf_test_tcp() at pf_test_tcp+0xf04 > pf_test() at pf_test+0x10e8 > pf_check_in() at pf_check_in+0x14 > pfil_run_hooks() at pfil_run_hooks+0xb8 > ip_input() at ip_input+0x488 > netisr_dispatch_src() at netisr_dispatch_src+0xf0 > ether_demux() at ether_demux+0x2ac > ether_input() at ether_input+0x24c > dc_rxeof() at dc_rxeof+0x350 > dc_intr() at dc_intr+0x310 > intr_event_execute_handlers() at intr_event_execute_handlers+0xc4 > ithread_loop() at ithread_loop+0xe4 > fork_exit() at fork_exit+0x6c > fork_trampoline() at fork_trampoline+0x8 > > My pf.conf: > http://www.predatorlabs.net/dl/pf.conf > My kernel config: > http://www.predatorlabs.net/dl/NETRA > > Thanks, > -- > Rob Farmer > To follow up on this issue: I tried using the route.h patch Qing Li posted in another thread and I can access the system now with PF running. I still get the LOR but otherwise everything is working normally. --=20 Rob Farmer