NetBSD Problem Report #49412

From kardel@gateway.kardel.name  Sun Nov 23 19:16:43 2014
Return-Path: <kardel@gateway.kardel.name>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 76282A65B6
	for <gnats-bugs@gnats.NetBSD.org>; Sun, 23 Nov 2014 19:16:43 +0000 (UTC)
Message-Id: <20141123191638.10523571107@gateway.kardel.name>
Date: Sun, 23 Nov 2014 19:16:37 +0000 (UTC)
From: kardel@netbsd.org
Reply-To: kardel@netbsd.org
To: gnats-bugs@NetBSD.org
Subject: npf reload triggers panic
X-Send-Pr-Version: 3.95

>Number:         49412
>Category:       kern
>Synopsis:       npf reload triggers panic
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    rmind
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Nov 23 19:20:00 +0000 2014
>Closed-Date:    Sun Nov 30 13:43:04 +0000 2014
>Last-Modified:  Mon Dec 01 09:05:00 +0000 2014
>Originator:     kardel@netbsd.org
>Release:        NetBSD 7.99.1
>Organization:

>Environment:


System: NetBSD gateway.kardel.name 7.99.1 NetBSD 7.99.1 (GATEWAY) #3: Sun Nov 23 12:22:30 CET 2014 xxx@xxx:/fs/raid1a/src/NetBSD/cur/src/obj.amd64/sys/arch/amd64/compile/GATEWAY amd64
Architecture: x86_64
Machine: amd64
>Description:
	Using /etc/rc.d/npf reload will trigger a panic
gateway# /etc/rc.d/npf reload
Reloading NPF ruleset.
gateway# fatal page fault in supervisor mode
trap type 6 code 0 rip ffffffff813c1702 cs 8 rflags 10202 cr2 ffff800003b75044 ilevel 4 rsp fffffe80439e4bf8
curlwp 0xfffffe807fd11420 pid 0.3 lowest kstack 0xfffffe80439e12c0
panic: trap
cpu0: Begin traceback...
vpanic() at netbsd:vpanic+0x13c
snprintf() at netbsd:snprintf
startlwp() at netbsd:startlwp
alltraps() at netbsd:alltraps+0x9e
npf_packet_handler() at npf:npf_packet_handler+0x1ad
pfil_run_hooks() at netbsd:pfil_run_hooks+0xc4
ip_output() at netbsd:ip_output+0x3ed
ip_forward() at netbsd:ip_forward+0x18c
ipintr() at netbsd:ipintr+0xcb7
softint_dispatch() at netbsd:softint_dispatch+0xd3
DDB lost frame for netbsd:Xsoftintr+0x4f, trying 0xfffffe80439e4ff0
Xsoftintr() at netbsd:Xsoftintr+0x4f
--- interrupt ---
0:
cpu0: End traceback...

>How-To-Repeat:
	Use a -current as of 20141123. Have NPF running and actively filtering. Do an /etc/rc.d/npf reload.
	Watch the panic shortly after the reload
>Fix:

>Release-Note:

>Audit-Trail:
From: Mindaugas Rasiukevicius <rmind@netbsd.org>
To: kardel@netbsd.org
Cc: gnats-bugs@NetBSD.org, kern-bug-people@netbsd.org,
 gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: kern/49412: npf reload triggers panic
Date: Sun, 23 Nov 2014 19:36:39 +0000

 kardel@netbsd.org wrote:
 > System: NetBSD gateway.kardel.name 7.99.1 NetBSD 7.99.1 (GATEWAY) #3: Sun
 > Nov 23 12:22:30 CET 2014
 > xxx@xxx:/fs/raid1a/src/NetBSD/cur/src/obj.amd64/sys/arch/amd64/compile/GATEWAY
 > amd64 Architecture: x86_64 Machine: amd64
 > >Description:
 > 	Using /etc/rc.d/npf reload will trigger a panic
 > gateway# /etc/rc.d/npf reload
 > Reloading NPF ruleset.
 > gateway# fatal page fault in supervisor mode
 > trap type 6 code 0 rip ffffffff813c1702 cs 8 rflags 10202 cr2
 > ffff800003b75044 ilevel 4 rsp fffffe80439e4bf8 curlwp 0xfffffe807fd11420
 > pid 0.3 lowest kstack 0xfffffe80439e12c0 panic: trap
 > cpu0: Begin traceback...
 > vpanic() at netbsd:vpanic+0x13c
 > snprintf() at netbsd:snprintf
 > startlwp() at netbsd:startlwp
 > alltraps() at netbsd:alltraps+0x9e
 > npf_packet_handler() at npf:npf_packet_handler+0x1ad
 > pfil_run_hooks() at netbsd:pfil_run_hooks+0xc4
 > ip_output() at netbsd:ip_output+0x3ed
 > ip_forward() at netbsd:ip_forward+0x18c
 > ipintr() at netbsd:ipintr+0xcb7
 > softint_dispatch() at netbsd:softint_dispatch+0xd3
 > DDB lost frame for netbsd:Xsoftintr+0x4f, trying 0xfffffe80439e4ff0
 > Xsoftintr() at netbsd:Xsoftintr+0x4f

 Can you objdump -D your kernel image to see what is at
 npf_packet_handler+0x1ad ?

 Thanks.

 -- 
 Mindaugas

Responsible-Changed-From-To: kern-bug-people->rmind
Responsible-Changed-By: rmind@NetBSD.org
Responsible-Changed-When: Sun, 23 Nov 2014 22:10:44 +0000
Responsible-Changed-Why:
take


From: "Mindaugas Rasiukevicius" <rmind@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/49412 CVS commit: src/sys/net/npf
Date: Wed, 26 Nov 2014 21:25:35 +0000

 Module Name:	src
 Committed By:	rmind
 Date:		Wed Nov 26 21:25:35 UTC 2014

 Modified Files:
 	src/sys/net/npf: npf_nat.c npf_ruleset.c

 Log Message:
 NPF: fix the reference counting and share the active NAT portmap correctly
 when performing the reload.  Should fixes PR/49412, reported by kardel@.


 To generate a diff of this commit:
 cvs rdiff -u -r1.34 -r1.35 src/sys/net/npf/npf_nat.c
 cvs rdiff -u -r1.37 -r1.38 src/sys/net/npf/npf_ruleset.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->feedback
State-Changed-By: rmind@NetBSD.org
State-Changed-When: Fri, 28 Nov 2014 21:24:40 +0000
State-Changed-Why:
Duplicate of PR/49412.  There are fixes in -current, yet to be pulled up
to the netbsd-7 branch.


From: Frank Kardel <kardel@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: kern/49412 (npf reload triggers panic)
Date: Fri, 28 Nov 2014 22:51:24 +0100

 On 11/28/14 22:24, rmind@NetBSD.org wrote:
 > Synopsis: npf reload triggers panic
 >
 > State-Changed-From-To: open->feedback
 > State-Changed-By: rmind@NetBSD.org
 > State-Changed-When: Fri, 28 Nov 2014 21:24:40 +0000
 > State-Changed-Why:
 > Duplicate of PR/49412.  There are fixes in -current, yet to be pulled up
 > to the netbsd-7 branch.
 >
 >
 The checked-in version survives the reload with nat mappings and 
 continues to
 function. So from my point of view this issue seems to be solved.

 Thanks.

State-Changed-From-To: feedback->closed
State-Changed-By: rmind@NetBSD.org
State-Changed-When: Sun, 30 Nov 2014 13:43:04 +0000
State-Changed-Why:
Fixed.


From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/49412 CVS commit: [netbsd-7] src/sys/net/npf
Date: Mon, 1 Dec 2014 09:02:26 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Mon Dec  1 09:02:26 UTC 2014

 Modified Files:
 	src/sys/net/npf [netbsd-7]: npf_nat.c npf_ruleset.c

 Log Message:
 Pull up following revision(s) (requested by rmind in ticket #274):
 	sys/net/npf/npf_nat.c: revision 1.35
 	sys/net/npf/npf_ruleset.c: revision 1.38
 NPF: fix the reference counting and share the active NAT portmap correctly
 when performing the reload.  Should fixes PR/49412, reported by kardel@.


 To generate a diff of this commit:
 cvs rdiff -u -r1.32.2.1 -r1.32.2.2 src/sys/net/npf/npf_nat.c
 cvs rdiff -u -r1.37 -r1.37.2.1 src/sys/net/npf/npf_ruleset.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.