PF not working, with lock order reversal

Rob Farmer rfarmer at predatorlabs.net
Wed Mar 10 16:43:36 UTC 2010


Hi,

I just updated a sparc64 Sun Netra X1 running current. I am using PF
(built into the kernel) and now I cannot connect to the machine while
PF is enabled (but outbound traffic from the machine works). The same
ruleset has worked fine for me for several years on this and other
systems. I'm getting the following LOR at boot and wonder if it is
related?

lock order reversal:
 1st 0xc0424d28 pf task mtx (pf task mtx) @
/usr/src/sys/contrib/pf/net/pf.c:6929
 2nd 0xfffff800011954f8 radix node head (radix node head) @
/usr/src/sys/net/route.c:360
KDB: stack backtrace:
_witness_debugger() at _witness_debugger+0x84
witness_checkorder() at witness_checkorder+0xafc
_rw_rlock() at _rw_rlock+0x44
rtalloc1_fib() at rtalloc1_fib+0x124
rtalloc_ign_fib() at rtalloc_ign_fib+0xac
pf_calc_mss() at pf_calc_mss+0xbc
pf_test_tcp() at pf_test_tcp+0xf04
pf_test() at pf_test+0x10e8
pf_check_in() at pf_check_in+0x14
pfil_run_hooks() at pfil_run_hooks+0xb8
ip_input() at ip_input+0x488
netisr_dispatch_src() at netisr_dispatch_src+0xf0
ether_demux() at ether_demux+0x2ac
ether_input() at ether_input+0x24c
dc_rxeof() at dc_rxeof+0x350
dc_intr() at dc_intr+0x310
intr_event_execute_handlers() at intr_event_execute_handlers+0xc4
ithread_loop() at ithread_loop+0xe4
fork_exit() at fork_exit+0x6c
fork_trampoline() at fork_trampoline+0x8

My pf.conf:
http://www.predatorlabs.net/dl/pf.conf
My kernel config:
http://www.predatorlabs.net/dl/NETRA

Thanks,
-- 
Rob Farmer


More information about the freebsd-current mailing list