PF not working, with lock order reversal

Rob Farmer rfarmer at predatorlabs.net
Wed Mar 10 23:19:15 UTC 2010


On Wed, Mar 10, 2010 at 8:43 AM, Rob Farmer <rfarmer at predatorlabs.net> wrote:
> Hi,
>
> I just updated a sparc64 Sun Netra X1 running current. I am using PF
> (built into the kernel) and now I cannot connect to the machine while
> PF is enabled (but outbound traffic from the machine works). The same
> ruleset has worked fine for me for several years on this and other
> systems. I'm getting the following LOR at boot and wonder if it is
> related?
>
> lock order reversal:
>  1st 0xc0424d28 pf task mtx (pf task mtx) @
> /usr/src/sys/contrib/pf/net/pf.c:6929
>  2nd 0xfffff800011954f8 radix node head (radix node head) @
> /usr/src/sys/net/route.c:360
> KDB: stack backtrace:
> _witness_debugger() at _witness_debugger+0x84
> witness_checkorder() at witness_checkorder+0xafc
> _rw_rlock() at _rw_rlock+0x44
> rtalloc1_fib() at rtalloc1_fib+0x124
> rtalloc_ign_fib() at rtalloc_ign_fib+0xac
> pf_calc_mss() at pf_calc_mss+0xbc
> pf_test_tcp() at pf_test_tcp+0xf04
> pf_test() at pf_test+0x10e8
> pf_check_in() at pf_check_in+0x14
> pfil_run_hooks() at pfil_run_hooks+0xb8
> ip_input() at ip_input+0x488
> netisr_dispatch_src() at netisr_dispatch_src+0xf0
> ether_demux() at ether_demux+0x2ac
> ether_input() at ether_input+0x24c
> dc_rxeof() at dc_rxeof+0x350
> dc_intr() at dc_intr+0x310
> intr_event_execute_handlers() at intr_event_execute_handlers+0xc4
> ithread_loop() at ithread_loop+0xe4
> fork_exit() at fork_exit+0x6c
> fork_trampoline() at fork_trampoline+0x8
>
> My pf.conf:
> http://www.predatorlabs.net/dl/pf.conf
> My kernel config:
> http://www.predatorlabs.net/dl/NETRA
>
> Thanks,
> --
> Rob Farmer
>

To follow up on this issue: I tried using the route.h patch Qing Li
posted in another thread and I can access the system now with PF
running. I still get the LOR but otherwise everything is working
normally.

-- 
Rob Farmer


More information about the freebsd-current mailing list