From nobody Fri Dec 1 12:46:35 2023 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ShXqv4Mt0z52YyZ for ; Fri, 1 Dec 2023 12:46:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ShXqv0ghQz4dtY for ; Fri, 1 Dec 2023 12:46:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1701434795; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tlqsFcXL7HSFKUp7Yo31RYcYRJsQBc5JuXPJnU60bEY=; b=s05delccHujGrADFk7hEm6Kz/DHZp2QaQ6Wh3nTUEiGv1X7lb61E7+VIlzgxDyXa7Wn8f7 lpbz4WtzTKgHN6EL9CiyS3FFQ4N9vq0CVSRjjXniI9j6e/M1aK1u/ufTtQ1mjnz0MeR52Z 1tIFJjmudxyus6XiyqwPih9ioZ8al2rVZ3gceD8IRGe6lR8l71U6Uxy5sziAUcJBZEI/tn KIAG3QxoNLjgwMnjW/s8nMzw22CyA3BV9ZsBeBOuby9a9/rsiUxffML2zIXiWdIgjS48za kxM1IAC0Y0Lu80fpWtMvnHcVbsdGPhJq4B81Uh4iCFRz/FFkaWweeqq0hEgbnA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1701434795; a=rsa-sha256; cv=none; b=hMkWmWP2YCch010EKvQr9iCVDLPWGPTRYZ15jH0JpsW25mMCBzV1RglQe6nJRn2TfGfRNf 3R7s3wKo4N+PE5vwFjiU3tzNPGMzAa8lXOg0XdsygLf/6BYY2yvx9Z7lWa7X4Q3h85xsh1 4KeoCJvcmUEuNDAEdnMHyAKXvUKVGPfzgYqBtvJaAFmKFDX2do1STrnMvslworbAOGs7be MO+013D3mk1m9MzRimtLlE58jMx0Un0TZRM/Fo+HaYHFFl9Pg2QbOdZgmU1Xqo2b695F70 h4NEwoEkKTnzhHuR8P3exIep2HRzSODgfu3KBrWtn5p5Yn75uHzikW2DcIjC5g== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ShXqt6lF5zZWv for ; Fri, 1 Dec 2023 12:46:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3B1CkYtd013488 for ; Fri, 1 Dec 2023 12:46:34 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3B1CkYLM013487 for bugs@FreeBSD.org; Fri, 1 Dec 2023 12:46:34 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 275470] Kernel Panic in IPFW when adding entries to table Date: Fri, 01 Dec 2023 12:46:35 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: thierry.dussuet@protonmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275470 Bug ID: 275470 Summary: Kernel Panic in IPFW when adding entries to table Product: Base System Version: 14.0-RELEASE Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: thierry.dussuet@protonmail.com Hi everyone when adding entries to an ipfw table through a cron job, after a few days (8-9 days) it triggers a kernel panic: Fatal trap 12: page fault while in kernel mode cpuid =3D 11; apic id =3D 0b fault virtual address =3D 0x2c fault code =3D supervisor write data, page not present instruction pointer =3D 0x20:0xffffffff81f5daf2 stack pointer =3D 0x28:0xfffffe016860c800 frame pointer =3D 0x28:0xfffffe016860c900 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 78144 (ipfw) rdi: fffff800050f8000 rsi: 0000000000000000 rdx: 0000000000001000 rcx: 0000000000000040 r8: fffffe01c1a59000 r9: 0000000000000b40 rax: 000000000000f4fd rbx: fffff800050f8000 rbp: fffffe016860c900 r10: 4000000000000000 r11: fffffe0167fcd540 r12: fffff802f021d700 r13: 0000000000000002 r14: fffffe016860c958 r15: fffffe016860c888 trap number =3D 12 panic: page fault cpuid =3D 11 time =3D 1701385226 KDB: stack backtrace: #0 0xffffffff80b9002d at kdb_backtrace+0x5d #1 0xffffffff80b43132 at vpanic+0x132 #2 0xffffffff80b42ff3 at panic+0x43 #3 0xffffffff8100c85c at trap_fatal+0x40c #4 0xffffffff8100c8af at trap_pfault+0x4f #5 0xffffffff80fe3828 at calltrap+0x8 #6 0xffffffff81f530bb at add_table_entry+0x54b #7 0xffffffff81f572e0 at manage_table_ent_v1+0x1c0 #8 0xffffffff81f4d069 at ipfw_ctl3+0x689 #9 0xffffffff80beadc3 at sogetopt+0xd3 #10 0xffffffff80bef79f at kern_getsockopt+0xaf #11 0xffffffff80bef6c2 at sys_getsockopt+0x52 #12 0xffffffff8100d119 at amd64_syscall+0x109 #13 0xffffffff80fe413b at fast_syscall_common+0xf8 Uptime: 8d23h59m54s # uname -v FreeBSD 14.0-RELEASE #0 releng/14.0-n265380-f9716eee8ab4: Fri Nov 10 05:57:= 23 UTC 2023=20=20=20=20 root@releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC The cron job does: rsync -aqz rsync-mirrors.uceprotect.net::RBLDNSD-ALL /tmp/dnsbl/ awk '/^[0-9]/ && !/127.0.0/ {print $1}' /tmp/dnsbl/dnsbl-1.uceprotect.net | xargs -n10 -P1 ipfw -q table 53 add # wc -l /tmp/dnsbl/dnsbl-1.uceprotect.net 99568 /tmp/dnsbl/dnsbl-1.uceprotect.net The ipfw tables in use: 00001 deny ip from table(1) to me 00002 deny ip from table(22) to me 00003 deny ip from table(42) to me 00004 deny ip from table(53) to me (and then other rules including nat) # ipfw table 53 detail --- table(53), set(0) --- kindex: 4, type: addr references: 1, valtype: legacy algorithm: addr:radix items: 49760, size: 5971496 IPv4 algorithm radix info items: 49760 itemsize: 120 IPv6 algorithm radix info items: 0 itemsize: 128 The -n10 and -P1 arguments for xargs were a try to reduce parallel calls to ipfw, it seems to have delayed the panics by a few days but I can not say f= or certain. Is there any missing information, or action, which could help track down wh= at is happening? Also willing to switch to -CURRENT and try any patches if that might help. (Found #272073 with the workaround of setting sysctl kern.ipc.mb_use_ext_pg= s=3D0 for what seems like a similar kernel panic reason, although from a different path inside ipfw) --=20 You are receiving this mail because: You are the assignee for the bug.=