From owner-freebsd-bugs@FreeBSD.ORG  Fri Feb 15 11:40:02 2013
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 8B1D4DA1
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Fri, 15 Feb 2013 11:40:02 +0000 (UTC)
 (envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id 5F0382DD
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Fri, 15 Feb 2013 11:40:02 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r1FBe22Z086079
 for <freebsd-bugs@freefall.freebsd.org>; Fri, 15 Feb 2013 11:40:02 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r1FBe2v2086078;
 Fri, 15 Feb 2013 11:40:02 GMT (envelope-from gnats)
Resent-Date: Fri, 15 Feb 2013 11:40:02 GMT
Resent-Message-Id: <201302151140.r1FBe2v2086078@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
 "Andrew A. Khlebutin" <ak@dartit.ru>
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 15FA0BD7
 for <freebsd-gnats-submit@FreeBSD.org>; Fri, 15 Feb 2013 11:32:19 +0000 (UTC)
 (envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
 by mx1.freebsd.org (Postfix) with ESMTP id EB6B92A3
 for <freebsd-gnats-submit@FreeBSD.org>; Fri, 15 Feb 2013 11:32:18 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
 by red.freebsd.org (8.14.5/8.14.5) with ESMTP id r1FBWHVB069304
 for <freebsd-gnats-submit@FreeBSD.org>; Fri, 15 Feb 2013 11:32:17 GMT
 (envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
 by red.freebsd.org (8.14.5/8.14.5/Submit) id r1FBWH8i069303;
 Fri, 15 Feb 2013 11:32:17 GMT (envelope-from nobody)
Message-Id: <201302151132.r1FBWH8i069303@red.freebsd.org>
Date: Fri, 15 Feb 2013 11:32:17 GMT
From: "Andrew A. Khlebutin" <ak@dartit.ru>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Subject: kern/176167: [ipsec][lagg] using lagg and ipsec causes immediate panic
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Feb 2013 11:40:02 -0000


>Number:         176167
>Category:       kern
>Synopsis:       [ipsec][lagg] using lagg and ipsec causes immediate panic
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 15 11:40:01 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Andrew A. Khlebutin
>Release:        FreeBSD 9.1-STABLE #0 r246709
>Organization:
JSC DartIT
>Environment:
FreeBSD smfd-app-1 9.1-STABLE FreeBSD 9.1-STABLE #0 r246709: Tue Feb 12 17:39:19 YEKT 2013     root@smfd-app-1:/usr/obj/usr/src/sys/smfd-app  amd64
>Description:
Using ipsec with lagg causes my server to panic. The crash is reproducible. IPSEC (transport mode) is used to encrypt tunnel (gif) over lagg.

Turn off ipsec and there is no problem, everything is working fine.

current process        = 1577 (ping)
trap number            = 12
panic: page fault
cpuid = 11
KDB: stack backtrace:
#0 0xffffffff8050acd6 at kdb_backtrace+0x66
#1 0xffffffff804d441e at panic+0x1ce
#2 0xffffffff8074dea0 at trap_fatal+0x290
#3 0xffffffff8074e1d8 at trap_pfault+0x1e8
#4 0xffffffff8074e7de at trap+0x3be
#5 0xffffffff80737f7f at calltrap+0x8
#6 0xffffffff805d8db3 at ip_ipsec_output+0x173
#7 0xffffffff805da991 at ip_output+0x531
#8 0xffffffff805cb72f at in_gif_output+ox47f
#9 0xffffffff8059596f at gif_output+ox28f
#10 0xffffffff805dab59 at ip_output+ox6f9
#11 0xffffffff805dc679 at rip_output+0x229
#12 0xffffffff80540cf6 at sosend_generic+0x3f6
#13 0xffffffff805445c3 at kern_sendit+0x1a3
#14 0xffffffff8054587c at sendit+0xdc
#15 0xffffffff8054496d at sys_sendto+0x4d
#16 0xffffffff8074d780 at amd64_syscall+0x540
#17 0xffffffff80738267 at Xfast_syscall+0xf7

# ifconfig
igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=401bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO>
        ether c8:60:00:46:bc:5f
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
igb1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=401bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO>
        ether c8:60:00:46:bc:5f
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
igb2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=401bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO>
        ether c8:60:00:46:bc:5f
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
igb3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=401bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO>
        ether c8:60:00:46:bc:5f
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet 127.0.0.1 netmask 0xff000000 
lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=401bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO>
        ether c8:60:00:46:bc:5f
        inet x.x.x.x netmask 0xffffffe0 broadcast x.x.x.255
        media: Ethernet autoselect
        status: active
        laggproto lacp lagghash l2,l3,l4
        laggport: igb3 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
        laggport: igb2 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
        laggport: igb1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
        laggport: igb0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=103<RXCSUM,TXCSUM,TSO4>
        ether c8:60:00:46:bc:5f
        inet 192.168.253.1 netmask 0xffffff00 broadcast 192.168.253.255
        inet 192.168.253.129 netmask 0xffffffff broadcast 192.168.253.129
        media: Ethernet autoselect
        status: active
        vlan: 2 parent interface: lagg0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
        tunnel inet x.x.x.x --> y.y.y.y
        inet 172.16.0.22 --> 172.16.0.21 netmask 0xfffffffc 
        options=1<ACCEPT_REV_ETHIP_VER>


IPSEC:
spdadd y.y.y.y x.x.x.x ipencap -P in ipsec esp/transport//require ah/transport//require;
spdadd x.x.x.x y.y.y.y ipencap -P out  ipsec esp/transport//require ah/transport//require;


racoon.conf:

path    certificate     "/usr/local/etc/racoon/certs";
log     debug;

padding {
        maximum_length  20;
        randomize       off;
        strict_check    off;
        exclusive_tail  off;
}

listen {
        isakmp          x.x.x.x [500];
}

timer   # timing options. change as needed
{
        counter         5;
        interval        20 sec;
        persend         1;
        phase1          30 sec;
        phase2          15 sec;
}

remote y.y.y.y {
        exchange_mode aggressive, main;
        doi ipsec_doi;
        situation identity_only;
        my_identifier asn1dn;
        peers_identifier asn1dn;
        verify_identifier on;
        certificate_type x509 "smfd-app-1.crt" "smfd-app-1.key";
        ca_type x509 "ca.crt";
        ike_frag on;
        lifetime time 1 hour;

        proposal {
                encryption_algorithm aes;
                hash_algorithm sha256;
                authentication_method rsasig;
                dh_group 2;
        }
}

sainfo anonymous {
        pfs_group 2;
        lifetime time 1 hour;
        encryption_algorithm aes;
        authentication_algorithm hmac_sha256;
        compression_algorithm deflate;
}
>How-To-Repeat:
ping another end of a tunnel
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted: