[Bug 255775] panic with ipfw turned on at boot time

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue May 11 05:09:26 UTC 2021 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255775

            Bug ID: 255775
           Summary: panic with ipfw turned on at boot time
           Product: Base System
           Version: 13.0-STABLE
          Hardware: amd64
                OS: Any
            Status: New
          Keywords: crash, ipfilter
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs at FreeBSD.org
          Reporter: michael at meiszl.de

as suggested by Mark Johnson, I add this as a "new" bug because it does not
seem to be related to #255104 after some tests.

Description: 13.0 stock Kernel crashes within a few mins if ipfw has been
turned on in rc.conf.
If turned off in rc.conf and started later on by root manually, ipfw works
flawlessly and the machine is stable for weeks!

There is no fancy setup for ipfw, no divert, no nat, just plain "deny if it
comes from addr x" rules.

As I have been told already, I created a kernel with latest patches (including
255104) and turned on INVARIANTS.

I attach the core.txt file at the end, a brief summary is here:

panic: Assertion m->m_nextpkt == NULL failed at /root/src/sys/net/iflib.c:4087
cpuid = 0
time = 1620674444
KDB: stack backtrace:
#0 0xffffffff80c400e5 at kdb_backtrace+0x65
#1 0xffffffff80bf5be1 at vpanic+0x181
#2 0xffffffff80bf59b3 at panic+0x43
#3 0xffffffff80d29c5b at iflib_if_transmit+0x15b
#4 0xffffffff80d0fb9b at ether_output_frame+0xab
#5 0xffffffff80d0faa1 at ether_output+0x6b1
#6 0xffffffff80da58ef at ip_output_send+0x8f
#7 0xffffffff80da55a5 at ip_output+0x1495
#8 0xffffffff80d12350 at gif_transmit+0x2f0
#9 0xffffffff80df2b9b at ip6_forward+0x95b
#10 0xffffffff80df4414 at ip6_input+0xf04
#11 0xffffffff80d2cb11 at netisr_dispatch_src+0xb1
#12 0xffffffff80d0fd3e at ether_demux+0x17e
#13 0xffffffff80d113cc at ether_nh_input+0x40c
#14 0xffffffff80d2cb11 at netisr_dispatch_src+0xb1
#15 0xffffffff80d10231 at ether_input+0xa1
#16 0xffffffff80d28bd7 at iflib_rxeof+0xe07
#17 0xffffffff80d2274a at _task_fn_rx+0x7a
Uptime: 25s
Dumping 1160 out of 32617 MB:..2%..12%..21%..31%..42%..51%..61%..71%..82%..91%

__curthread () at /root/src/sys/amd64/include/pcpu_aux.h:55
55              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) #0  __curthread () at /root/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=<optimized out>)
    at /root/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80bf580b in kern_reboot (howto=260)
    at /root/src/sys/kern/kern_shutdown.c:486
#3  0xffffffff80bf5c50 in vpanic (fmt=<optimized out>, ap=<optimized out>)
    at /root/src/sys/kern/kern_shutdown.c:919
#4  0xffffffff80bf59b3 in panic (fmt=<unavailable>)
    at /root/src/sys/kern/kern_shutdown.c:843
#5  0xffffffff80d29c5b in iflib_if_transmit (ifp=0xfffff80003dff800, 
    m=0xfffff8005ce3ce00) at /root/src/sys/net/iflib.c:4087
#6  0xffffffff80d0fb9b in ether_output_frame (
    ifp=ifp at entry=0xfffff80003dff800, m=<unavailable>)
    at /root/src/sys/net/if_ethersubr.c:511
#7  0xffffffff80d0faa1 in ether_output (ifp=<optimized out>, 
    ifp at entry=<error reading variable: value is not available>, 
    m=<unavailable>, 
    m at entry=<error reading variable: value is not available>, 
    dst=0xfffffe003499c5a0, 
    dst at entry=<error reading variable: value is not available>, 
    ro=<optimized out>, 
    ro at entry=<error reading variable: value is not available>)
    at /root/src/sys/net/if_ethersubr.c:438
#8  0xffffffff80da58ef in ip_output_send (inp=inp at entry=0x0, 
    ifp=<unavailable>, ifp at entry=0xfffff80003dff800, 
    m=m at entry=0xfffff8005ce3ce00, gw=gw at entry=0xfffffe003499c5a0, 
    ro=<unavailable>, ro at entry=0x0, stamp_tag=<optimized out>)
    at /root/src/sys/netinet/ip_output.c:275
#9  0xffffffff80da55a5 in ip_output (m=0xfffff8005ce3ce00, m at entry=0x0, 
    opt=opt at entry=0x0, ro=<optimized out>, ro at entry=0x0, 
    flags=<optimized out>, flags at entry=0, imo=imo at entry=0x0, 
    inp=<optimized out>, inp at entry=0x0)
    at /root/src/sys/netinet/ip_output.c:812
#10 0xffffffff80d92c59 in in_gif_output (ifp=ifp at entry=0xfffff80134802000, 
    m=<optimized out>, m at entry=0xfffff8005cc87200, proto=<optimized out>, 
    ecn=<optimized out>) at /root/src/sys/netinet/in_gif.c:306
#11 0xffffffff80d12350 in gif_transmit (ifp=0xfffff80134802000, 
    m=0xfffff8005cc87200) at /root/src/sys/net/if_gif.c:380
#12 0xffffffff80df2b9b in ip6_forward (m=<unavailable>, srcrt=srcrt at entry=0)
    at /root/src/sys/netinet6/ip6_forward.c:387
#13 0xffffffff80df4414 in ip6_input (m=<unavailable>, 
    m at entry=<error reading variable: value is not available>)
    at /root/src/sys/netinet6/ip6_input.c:897
#14 0xffffffff80d2cb11 in netisr_dispatch_src (proto=6, 
    source=source at entry=0, m=0xfffff8005cc87200)
    at /root/src/sys/net/netisr.c:1143
#15 0xffffffff80d2ce5f in netisr_dispatch (proto=<unavailable>, 
    m=<unavailable>) at /root/src/sys/net/netisr.c:1234
#16 0xffffffff80d0fd3e in ether_demux (ifp=ifp at entry=0xfffff80003dff800, 
    m=<unavailable>) at /root/src/sys/net/if_ethersubr.c:923
#17 0xffffffff80d113cc in ether_input_internal (ifp=0xfffff80003dff800, 
    m=<unavailable>) at /root/src/sys/net/if_ethersubr.c:709
#18 ether_nh_input (m=<optimized out>, 
    m at entry=<error reading variable: value is not available>)
    at /root/src/sys/net/if_ethersubr.c:739
#19 0xffffffff80d2cb11 in netisr_dispatch_src (proto=proto at entry=5, 
    source=source at entry=0, m=m at entry=0xfffff8005cc87200)
    at /root/src/sys/net/netisr.c:1143
#20 0xffffffff80d2ce5f in netisr_dispatch (proto=<unavailable>, 
    proto at entry=5, m=<unavailable>, m at entry=0xfffff8005cc87200)
    at /root/src/sys/net/netisr.c:1234
#21 0xffffffff80d10231 in ether_input (ifp=0xfffff80003dff800, 
    ifp at entry=<error reading variable: value is not available>, 
    m=0xfffff8005cc87200, 
    m at entry=<error reading variable: value is not available>)
    at /root/src/sys/net/if_ethersubr.c:830
#22 0xffffffff80d28bd7 in iflib_rxeof (rxq=<optimized out>, 
    rxq at entry=0xfffff80003dcc000, budget=<optimized out>)
    at /root/src/sys/net/iflib.c:3006
#23 0xffffffff80d2274a in _task_fn_rx (context=0xfffff80003dcc000)
    at /root/src/sys/net/iflib.c:3949
#24 0xffffffff80c3ea77 in gtaskqueue_run_locked (
    queue=queue at entry=0xfffff80003988100)
    at /root/src/sys/kern/subr_gtaskqueue.c:371
#25 0xffffffff80c3e874 in gtaskqueue_thread_loop (
    arg=arg at entry=0xfffffe00379de008)
    at /root/src/sys/kern/subr_gtaskqueue.c:547
#26 0xffffffff80bb1f00 in fork_exit (
    callout=0xffffffff80c3e7e0 <gtaskqueue_thread_loop>, 
    arg=0xfffffe00379de008, frame=0xfffffe003499cc00)
    at /root/src/sys/kern/kern_fork.c:1069
#27 <signal handler called>
(kgdb)

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list